Have You Gotten Hacked Recently? Here's Why.
Are You Ready For the Next Slack Outage?
Thousands of workplaces were stymied by a Slack outage earlier this week. While representatives from the company have yet to provide a reason for the downtime, it provided a sobering warning for its 12 million daily active users: You need to have a backup plan.
The centralized nature of most communication platforms, however, has meant that any downtime makes its clients come to a screeching halt.
Businesses, especially those that rely on a distributed or remote workforce should learn from its recent outage and adopt a strategy for the next time it goes down:
Set up a phone tree: It sounds outdated, but keeping a chart of the contact information of both employees and contractors within your company can be crucial to preventing the ensuing chaos from an outage of Slack, Google, Microsoft or any other office communication provider. Find one point of contact for at least two other points of contact to cascade the message if office communications are down.
Create a mailing list: Email has been around since the 1970s when the first purpose of the internet was to help government agencies and universities communicate in the event of nuclear war. It’s resilient in a way that internet-based applications can only dream of being. Keep a list of clients, contractors, employees and anyone else who may be affected by a service outage up to date and on-hand to respond first thing so as to prevent confusion and lost time.
Provide tasks lists ahead of time: In most VFX agencies, there’s always something for someone to be working on. Keeping an organized list of tasks and priorities means having a set of clear instructions on hand even if the standard methods of communication aren’t immediately available. Consider using a project management system with clearly defined tasks, due dates and objectives to make sure everyone can continue to operate without a central hub of communication. At Nodal, we like Asana and Monday, but there are several alternatives that may be better suited for your workflow.
The Hazards Posed by Smishing Attacks
When it comes to vectors for hackers to launch a cyber attack, phishing is still the primary format. Sending malicious attachments or misleading emails has been attributed to roughly 90% of successful infiltrations or companies, and the numbers keep increasing.
A lesser-known but potentially equally effective avenue for hackers to infiltrate organizations does so via SMS (or text) messages. Known as smishing, or SMS phishing, this form of attack is less common than phishing (for now), but can be harder to detect than more run-of-the-mill email campaigns.
One of the reasons why smishing messages can be hard to identify at first glance is that text messages, by their nature, tend to be brief and provide minimal detail. Whereas a phishing email can have several telltale signs of foul play, including suspicious email addresses or typos, text messages are typically one to two sentences long and contain a link, often minified.
Adding to the hazard is that legitimate services and texts often come from unidentifiable or unrecognizable phone numbers.
The following message is legitimate:
The following message is not:
In the former case, the link may lead you to Xfinity’s payment portal. The second has the potential to lead you to a site that looks exactly like Xfinity’s payment portal to capture your login and password, or ask you to “re-enter” your payment method. It could also just download malware to your mobile device.
While many smishing attacks are meant to scam or compromise individual recipients, they also represent a hazard to organizations. Compromised login credentials can be leveraged to gain access to a company’s networks, send internal phishing messages, or spread malware.
There are best practices a company can put into place to defend against some of these, but the first line of defense in cybersecurity is usually their employees. Well-trained employees may be able to detect suspicious activity and know how to avoid unnecessary risks. Employees unaware of the basics of data hygiene and security can leave the door open to all manner of cyber threats, smishing included.
Wondering how to train your staff in how to defend against smishing attacks? Contact Nodal today to inquire about our IT Security Awareness Education, Training & Testing program.
QNAP Forces Update in Response to Ransomware Attack
Owners of QNAP network attached storage (NAS) devices received a one-two punch this week in the form of a ransomware attack and a forced update.
A relatively new ransomware gang named Deadbolt made waves earlier this week by exploiting a zero-day vulnerability in QNAP devices that allowed them to encrypt some 3600 devices that were accessible via the internet. In response, QNAP created a firmware patch and forced it to install on all NAS devices, even in instances where auto-updates were disabled.
The forced update rebooted QNAP’s NAS devices, leading to widespread confusion among IT professionals who had no context for the unexpected downtime. It also disrupted the decryption process for device owners who opted to pay the Deadbolt gang the demanded ransom for access to their files (roughly $1000 in bitcoin).
While the actions of QNAP seemed both disruptive and perhaps even heavy-handed at first, it highlights the unenviable conflict many hardware and software companies are faced with when major vulnerabilities are exposed in their products.
Many companies and organizations are lax at best when it comes to installing patches to critical vulnerabilities, and the discovery of said vulnerabilities automatically puts a target on the backs of their customer bases. In this respect, issuing forced updates with patches the moment they’re released helps mitigate potentially disastrous scenarios for their customer base.
On the other hand, as we’ve seen with both QNAP and the recent woes caused by Microsoft’s January security update, forced downloads to devices ultimately takes control out of the hands of customers, often to disastrous effect.
In either case, owners of NAS devices (QNAP or no) are encouraged to ensure that their drives aren’t accessible via the internet and that any potentially vulnerable ports are closed and secured.
Not sure whether or not your NAS is protected from outside threats? Contact Nodal today!