Posts

Ransomware Attacks Scale Up As Hackers Go After Remote Workers

While the switch to home working has allowed many organizations and employees to remain productive, it has also brought additional risk as IT and security teams try to deal with overlapping personal and corporate networks.

Ransomware attacks soared during the first half of 2020, as cyber criminals looked to spread their file-encrypting malware as millions of people shifted to work from home.

According to an analysis of collected malicious activity published in Skybox Security’s 2020 Vulnerability and Threat Trends Report, ransomware has proliferated, with a 72% increase in new file-encrypting malware.

Security vulnerabilities in remote-desktop protocols – combined with the use of weak passwords by staff – have provided cyber attackers with easy access into many IT networks.

Home workers who have not been provided with clear cybersecurity training are even more vulnerable, and smart hackers know that IT teams are already bogged down trying to support remote working.

To protect against ransomware attacks during the pandemic – and beyond – it’s vital to close any vulnerabilities that could be exploited by hackers. This includes having a full view of all connected corporate IT assets so gaps can be identified and remediated.

Need help safeguarding your mobile workforce technology? Contact TCI today at (703) 321-3030 or info@tcicomm.com.

 

Did You Know TCI Provides Infrastructure as a Service… Managed Wi-Fi, Cabling, Security & More?

Infrastructure as a Service (IaaS) is a computing environment that is provisioned and managed by your provider. IaaS simplifies your life. You avoid the complexity of buying and managing your own infrastructure.

Rather than paying a big upfront capital expense, you pay an affordable monthly subscription that scales up and down based on what you need. TCI’s experienced experts can design, build and support all of your infrastructure needs…

  • Structured Cabling
  • LAN/WAN
  • Wi-Fi
  • Security

When it comes to financing, we’re flexible… You can own any aspect of your IT environment and subscribe to IaaS for other elements. When we manage the infrastructure, you get…

  • End-to end setup, implementation, and testing
  • Ongoing monitoring and support, including a 24×7 help desk
  • Upgrades included and new equipment as technology evolves

Talk to our certified network engineers. We offer the best in specialized expertise, project assistance, and development help. Contact TCI today: (703) 321-3030 or info@tcicomm.com.

 

We’re All Human… Why Your Employees are the Greatest Risk to Your IT Security

The greatest threat to the security of any organization is often traced to employees who inadvertently allow confidential data to be accessed and stolen. The latest estimates indicate that more than 90% of cyber attacks can be attributed to human error.

Social engineering attacks such as phishing and spoofing continue to grow in frequency and sophistication at alarming rates. With people’s interests publicly available on social media, hackers often use this information to manipulate an unsuspecting target into handing over or revealing sensitive data.

As attackers constantly employ new and innovative methods, companies are hard pressed to stop them. This is because even with excellent security tools and knowledgeable security teams in place, the weakest link is often a user within the company who has unknowingly fallen victim to an attacker.

The best security intervention is to raise the awareness of staff. 

When your employees understand the mechanisms of spam, phishing, spear phishing, malware, ransomware and social engineering, they can apply this knowledge in their day-to-day job.

Even when you raise cyber security awareness among your employees, they can still make mistakes. We’re all human.

TCI offers expert assessments, mitigation recommendations and innovative IT security solutions to help you better protect your organization. Contact TCI today at (703) 321-3030 or info@tcicomm.com.

What to Know About Communications Security in the Age of Artificial Intelligence

Unified Communications enables your employees to communicate and collaborate more effectively through screen sharing, video meetings, mobile apps and more. But adding AI to the mix promises to send productivity through the roof, so it’s not surprising that over 40% of enterprises plan to incorporate AI into their UC systems by the end of 2019.

Still, even as AI transforms communications, it also raises new security concerns. Let’s take a deeper dive to understand how AI enhances UC and what you need to do to maintain a secure communications environment.

Artificial Intelligence – Emphasizing the Unified In UC

If you thought unified communications was great for efficiency and collaboration, just wait until you see how AI enhances it…

  • Improved collaboration – Integration of AI chatbots into UC apps opens new doors for collaboration by gathering status updates from team members and even alerting members via an app, email, SMS or push notification. When chatbots keep everyone and everything connected, your teams can more easily troubleshoot together, keep track of each other’s progress on projects and share ideas and information.
  • Easier access and use of data – AI virtual assistants improve access to documents and other information, automatically gathering and distributing data to your team’s devices — whether it be a PDF or a video. If questions on a prior discussion arise during a meeting, the assistant retrieves pertinent emails, messages or documents. Attendees stay focused and engaged in the conversation, with all information at their fingertips.
  • Increased productivity – Chatbots field straightforward calls and online chats with your customers, allowing your customer service team to focus on more complex calls and issues. In meetings, attendees concentrate on the content and discussion rather than on the communications tools. The AI assistant even initiates the conference automatically.
  • Better efficiencies – Wouldn’t it be great to have someone else send meeting notes, assign action items and schedule follow-up calls? The AI assistant handles all of it, allowing human attendees to spend their time on more complex and higher value activities. AI also simplifies scheduling by identifying times that work for everyone.

How To Mitigate AI Security Issues…

While the benefits of AI and UC are many, the security of your communications system will also require more attention. AI technology accesses vast amounts of data on products, processes and customers. If an attack occurs, all of that data becomes vulnerable.

  • New standards and protocols will emerge as AI plays a bigger role in communications systems, so you’ll need to remain vigilant to stay compliant with the latest requirements. You’ll also have an obligation to protect the data gathered about your customers.
  • In addition, there are likely to be security challenges with BYOD, as your employees’ AI-enhanced personal devices enter the workplace. Some organizations are already disabling voice assistants such as Siri in the workplace. But, as employees bring newer devices like the Amazon Echo to the office, organizations will need to assess emerging AI technologies for security threats and establish clear guidelines in a formal security policy.
  • A positive note here is that AI actually enhances data and communications security. It will scan for potential threats and alert IT and security teams when vulnerabilities or possible attacks occur. Security professionals can respond far more quickly with the help of these technologies.

As AI and UC blend, you’ll gain an extremely powerful set of communications and team collaboration tools – productivity will skyrocket and data will be more accessible than ever before. But this architecture must have a stable base, with security as a main priority.

Let’s talk about how your business can reap the benefits of AI and UC, while safeguarding your business from risk. Contact us today at (703) 321-3030 or info@tcicomm.com.

 

Desktop Phone Hacks Happen… Here’s How to Protect Your Business

Many offices have IP phones, but unknown to most users is that hackers can actually listen to everything that’s going on in the room – whether or not you are on a phone call.

Hackers from a remote location have been able to exploit some IP phones’ vulnerable software and firmware to gain access – even phones sitting behind a firewall.

Here’s some of the mischief hackers can do when they ‘tap’ your IP phone:

  • Listen in on your phone conversations and identify who you’re calling.
  • With access to the phone’s microphone, hackers can feed the conversation into a speech-to-text engine and post the transcript to social media.
  • Since the microphone never shuts off, hackers can listen to everything the phone hears, such as conversations in a company’s board room.

IP phones are basically computers and manufacturers periodically issue software and firmware updates to plug security holes. The trouble is that smaller businesses – and many larger ones – are still lax about keeping their systems updated with the latest patches.

The most effective way to stop hackers from taking control of your IP phones – or any other computer – is to keep the software and firmware current with the latest patches from your phone manufacturer.

Ignoring these patches – or waiting too long to implement them – could leave your business exposed to hackers bent on doing it serious harm.

Concerned about possible IP phone vulnerabilities at your location? Reach out to TCI today… We have communication solutions that can protect your business. Contact us today: (703) 321-3030 or info@tcicomm.com.

When Was Your Last Pen Test?

If your response was, “What the heck is a Pen Test?” – your network is probably already harboring dangerous malware.

A penetration test, also known as a pen test, is an authorized simulated attack on a computer system performed to evaluate the security of the system.

The test is performed to identify weaknesses – including the potential for unauthorized parties to gain access to the system’s features and data – as well as strengths, enabling a full risk assessment to be completed.

The process typically identifies the target systems and a particular goal, then reviews available information and undertakes various means to attain the goal.

A penetration test can help determine whether a system is vulnerable to attack, if the defenses were sufficient, and which defenses (if any) the test defeated.

It’s always best to arrange testing with a neutral third-party who IS NOT responsible for the management and support of your network.

TCI offers comprehensive penetration testing and we recommend getting yours at least once a year. To schedule your pen test, contact TCI today at (703) 321-3030 or info@tcicomm.com.

6 Easy Steps to Prevent Phone Hacking

Phone hacking, also known as “phreaking” costs businesses billions of dollars every year.

Decades ago, hackers accessed the public telephone network using a series of tones input via a “blue box” to fool Ma Bell into allowing them to make free long distance calls.  Now hackers can access phone systems through voicemail ports to make free international calls.

The good news is that there are simple measures you can take to ensure your phone system stays well protected.

  • When installing new equipment, always change the access credentials from the default settings.
  • Never use easy passwords such as 1234.
  • Routinely review itemized telephone invoices for any anomalies.
  • Ask your service provider about their fraud monitoring policy.
  • If you have more than one administrator accessing the telephone system, make sure they use unique access credentials.
  • Whenever staff members leave the organization, immediately disable their access credentials.

Your phone and IT systems are essential to your daily operations. Set up time with TCI to talk about implementing best-practice security measures for your business.

Ready to learn more?  Contact us today at (703) 321-3030 or info@tcicomm.com.