Tech

February 25, 2022

Small Business Tech Trends of 2022

When you think of small businesses, you may think of classic mom-and-pop, Main Street stores with just a few employees, and even fewer expenditures. Even TV and movies love to paint small businesses as old-fashioned shops with carefree owners who spend their time lounging and chatting up regulars. While this rosy picture may be accurate for a few small business owners, for the vast majority, this couldn’t be further from the truth.

Small businesses and their owners face unique, difficult challenges that have no clear solution. This was especially clear when the COVID-19 pandemic began to rage in early 2020. While big businesses had the technological infrastructure to weather the storm, many small businesses simply couldn’t survive, through no fault of their own. For the businesses whose doors didn’t shutter in the early months of the pandemic, they soon found that innovation was the only way they could survive. From Zoom meetings to online ordering, COVID-19 forced small businesses to evolve. And even as the pandemic reaches its two-year anniversary, these involuntary changes aren’t leaving any time soon. As the country (and the world) continue to live with the pandemic, more small businesses are beginning to utilize these new technology trends to survive in this new normal.

Automation and Artificial Intelligence

When it comes to saving time, there is no better tool for small businesses than automation. Automation can complete many of the small, minute tasks that add up. Things like welcome emails, communications with leads, and inventory management can all be automized, allowing more time for business owners to focus on profit-driven tasks. Best of all, there are useful automation software for nearly every facet of business. Spending a lot of time setting up meetings? Try out Calendly, a useful tool that minimizes the time-consuming back-and-forth of arranging appointments. Want to set your social media posts weeks in advance? Try Hootsuite or Sprout, two programs that can post to your company’s social pages automatically. More and more small businesses are utilizing tools like these to cut down time spent on tasks that don’t affect the bottom line.

This increased adoption of tech shouldn’t come as a surprise. After all, small businesses that extensively utilize digital tools earn twice as much revenue per employee than businesses that don’t^[1]. It’s simple: When businesses let technology handle small, everyday tasks, they become more successful. However, this doesn’t mean that once a business automizes some things, it’ll magically increase profits. Small businesses have to constantly be on the lookout for programs that give them an advantage over their big-business competitors. One of these programs is quickly growing in popularity, and could even be considered an evolution of automation: Artificial Intelligence (AI).

One of the most popular AI programs for small businesses is chatbots. With these bots, businesses can communicate with web visitors and determine if they need help automatically. More uses include creating marketing content and streamlining inventory management^[2]. Although similar to automation, AI goes one step further: It can analyze data and make logical decisions for your specific situation. From resume scanners to employee schedulers, Artificial Intelligence is becoming more useful (and more affordable) for small businesses that seek to prioritize their efficiency.

Digital Advertising is Changing

For the past decade, there has been a single, dominant platform in the social media advertising business: Facebook. It has long been known that advertisements are the lifeblood of the world’s most popular social media site. In fact, Facebook makes a whopping 98% of its revenue from ads^[3]. Because of its unending data collection, Facebook can target ads at the micro-level, allowing them to charge advertisers even more. However, extensive data collection and ad-supported social media aren’t exclusive to Facebook anymore. While the company is still making a gaudy amount of money from ads, cracks are beginning to show.

One thing is certain: Facebook is getting older. Now, if your business’s target demographic is 45+, you won’t have much of a problem. But if your business is targeting the coveted 18 to 34 demographic, you may need a more complex marketing strategy. That’s because young people simply don’t use Facebook as much as they used to. In 2016, 60% of teens used Facebook at least once a month. In 2021, that number dropped to 27%^[4]. Apps like Snapchat, Instagram, especially TikTok are simply more popular with young people, creating the need for multi-front digital marketing strategies.

Software Integration

The great thing about tech is that there are a virtually infinite number of programs that can help increase efficiency and revenue at small businesses. The bad thing is that, sometimes, too many programs can cause diminishing returns. After all, if you’re uploading data to a dozen different software programs every day, are you really saving time? Additionally, if you’re uploading the same data, over and over again, there’s a higher likelihood of data errors as well. That’s why small business owners have begun to embrace software integration. With integration, not only does software help you complete tasks, but it also communicates with your other software programs. Uploading information from a new lead? With software integration, you can simply add the information once, and it’ll be available on all your integrated programs. Employees need to communicate in order to get work done efficiently. Why can’t software do it too?

While the dream of completely seamless integrated software isn’t quite here yet, there are a number of programs tailored for small businesses that are incredibly convenient. Software like Quickbooks and Xero integrate accounting, expenses, and even employee scheduling. With these tools, small business owners are realizing just how much time, money, and effort they can save by utilizing software integration.

Cybersecurity Risks

By now, you’ve almost certainly heard the risks of having poor cybersecurity infrastructure. Without protection, small businesses put themselves, their data, and their customers at risk every day. Thankfully, more and more small businesses have realized this risk, and have taken steps to minimize their chances of a catastrophic data breach. In fact, over half of small and medium-sized businesses now have a cybersecurity plan in place^[5]. And as cybersecurity programs continue to become more available and affordable, this number is certain to rise in the coming years. While cybersecurity risks are, of course, ever-present, the rising popularity of cybersecurity solutions among small businesses is incredibly promising. Cybercrime risks are unlikely to completely disappear any time soon, but if more and more businesses begin to prioritize cybersecurity, nefarious cybercriminals will have to work harder to wreak their havoc.

Unfortunately, reality isn’t that rosy, at least not yet. While some small businesses have finally taken action to protect their cybersecurity, for many businesses, there’s still work to do. Only 9% of small businesses have cyber liability insurance. Therefore, it’s no surprise that 83% of small and medium-sized businesses are not prepared for the financial consequences of a cyberattack^[5]. Ultimately, many small businesses have not reached true cybersecurity protection. While it’s great to see more small businesses finally begin to take cybercrime seriously, there’s still a long way to go. And while companies that have invested in cybersecurity can do business with peace of mind, those that haven’t will be at risk every single day.

About AXEL

No matter what industry your business is in, cybercrime poses a very real threat. At AXEL, we want to help you keep yourself (and your customers) safe from the threats of ransomware and data breaches. That’s why we created AXEL Go. AXEL Go uses military-grade encryption, blockchain technology, and decentralized servers to ensure it’s the most secure file transfer software on the market. Whether you need to transfer large files or send files online, AXEL Go is the best cloud storage solution. If you’re ready to try the most secure file-sharing app for PC and mobile devices, download AXEL Go for free here.

^[1] “Small Business Technology Trends: Deloitte Us.” Deloitte United States, May 20, 2020. https://www2.deloitte.com/us/en/pages/technology-media-and-telecommunications/articles/connected-small-businesses.html

^[2] Rist, Oliver. “Small Businesses Are Using AI-Sometimes.” PCMAG. PCMag, December 7, 2021. https://www.pcmag.com/news/small-businesses-are-using-ai-sometimes

^[3] “Facebook Ad Revenue 2009-2020.” Statista, February 18, 2022. https://www.statista.com/statistics/271258/facebooks-advertising-revenue-worldwide/

^[4] Leonhardt, Megan. “Teens Have Been Losing Interest in Facebook for Years.” Fortune. Fortune, October 26, 2021. https://fortune.com/2021/10/25/facebook-teens-usage-harm-studies/

^[5] “10 Small Business Cyber Security Statistics That You Should Know – and How to Improve Them.” Cybersecurity Magazine, May 20, 2021. https://cybersecurity-magazine.com/10-small-business-cyber-security-statistics-that-you-should-know-and-how-to-improve-them/

January 7, 2022

National Technology Day: How Tech has Changed the Way We Live

What was life like twenty years ago? What technology did we use? How did we get work done in 2002? While twenty years may seem like a relatively short period of time, our everyday lives have drastically changed over the past two decades. We went from flip phones to iPhones, from CDs to music and video streaming, from printed-out MapQuest papers to instant GPS directions. In the past twenty years, modern technology has changed nearly every aspect of our lives.

Because of the incredible technological advances we’ve seen in the past twenty years, AXEL founded National Technology Day, a holiday celebrated every year on January 6th. On National Technology Day, we encourage everyone to reflect on the advances made in business, culture, and entertainment. From maximizing efficiency at the office to sharing your own media online, technology has changed the way we live and will continue to change our lives in the future. While it’s unclear what the world will look like in twenty years, we do know one thing: Technology will continue to innovate.

With that said, here are a few ways how recent technological advances have radically impacted our everyday lives:

How Tech Changed Public Health

Undoubtedly, one of the greatest technological triumphs in public health in the past twenty years has been the widespread use of messenger RNA (mRNA) vaccines. Most COVID-19 vaccines are mRNA vaccines, and with billions of doses administered in one year, these high-tech vaccines have saved countless lives. But how are mRNA vaccines different from traditional vaccines? With an mRNA vaccine, a weakened pathogen isn’t injected into your body like with traditional vaccines. An mRNA vaccine delivers “coded” mRNA to your immune cells, and using that code, your immune cells can produce proteins that are found on the specific pathogen [1].

The development of mRNA vaccines was made possible by technological advances in the pharmaceutical industry. Although they are relatively new today, mRNA vaccines have been studied and theorized for decades. Finally, modern technology caught up with researchers, and a new soldier in the war on infectious diseases was created.

While vaccines have certainly had a massive impact on the world, they aren’t the only way that technology has changed public health. An obvious example is the rise of fitness and health trackers. Today, about one in five Americans use a fitness tracker and corresponding app [2]. With these trackers, users can track their steps taken, calories burned, steps climbed, blood pressure, sleep quality, and dozens of other metrics. While research on their effectiveness has been mixed, fitness trackers give people fun, convenient ways to check on their health [3].

How Tech Changed Education

If the pandemic taught us one thing, it’s that technology allows us to be connected, even when we can’t be physically present together. This was particularly apparent when schools across the world were closed and classes were taught online. Although there are certainly valid criticisms of e-learning, the fact that instruction was able to continue in the midst of a pandemic highlights just how much technology allowed education to evolve. Now, almost every lecture or assignment can be completed online, ensuring that education can continue even after future pandemics or natural disasters.

While e-learning is certainly new, the advancement of technology has always correlated with expanded access to education [4]. Think about it: 500 years ago, the only educational materials were books, and books were only available to the extremely well-off. However, the technological innovation of the printing press made books far more available for middle and lower-class people. Now, thanks to the Internet, there are millions of educational websites and videos available to all. Today, a student can learn calculus or biology from reliable sources on their own time, for free. While some may criticize technology for “dumbing down” our youth, it’s a simple fact: Technological progress leads to greater access to education.

How Tech Changed Business

Even before the pandemic, technology was radically changing the modern office. One of the biggest changes in the past twenty years has been the way employees share information with each other. Although email existed twenty years ago, it was certainly in its infancy, and when files needed to be shared, physical documents were printed off and delivered. Now, most documents are shared electronically, without the need for paper and ink, helping to save businesses time and money. Outside of file-sharing, even the way workers communicate with each other has greatly changed. Today, software applications like Slack make it easy for employees to communicate without anyone being left out of the loop. Technological advances have made office communication digital and instantaneous, making the necessary transition to remote work during the pandemic relatively simple.

Outside of office communication, technology has allowed businesses to increase efficiency in nearly every department. From resumé software to digital marketing, technology has greatly changed the way businesses operate. Unfortunately, this also means that the businesses that haven’t embraced technology are at risk of going under. After all, if your business doesn’t have a digital presence, such as social media or a simple website, it may as well not exist.

Technology has fundamentally changed the way work gets done in the United States, and it’s not done changing either. In twenty years, Mark Zuckerberg’s vision of the “Metaverse” may become our everyday office. One thing is known: If it can save money, businesses will continue to test and use innovative modern technology.

How Tech Changed Cybersecurity

Twenty years ago, “cybersecurity” was little more than simply having a password. Unfortunately, as technology has progressed, so have cybercriminals. Today, features like encryption, multi-factor authorization, and artificial intelligence are the norm when it comes to cybersecurity.

It’s no coincidence that the technological advancement of computers and their related technologies is correlated with the number of cybercriminal attacks [5].

In 2002, cybercriminals mostly utilized phishing attacks to make their money. Cybercriminals used fake emails and pop-ups to trick users into divulging their names, addresses, credit card information, or even Social Security numbers. Thankfully, most of these phishing attacks were easy to identify [5]. However, cybercriminals quickly learned even more efficient methods of making money. Today, ransomware is the main tool that cybercriminal organizations use to wreak havoc around the world. Much more efficient than individual phishing emails, ransomware can shut down an entire business, forcing executives to pay millions in order to get their data back. Put simply, as technology has advanced, so too have cybercriminals. It’s an unfortunate fact, but all hope is not lost.

While cybercriminals are taking advantage of modern technology for a quick buck, more savory organizations are also working to prioritize security. Even AXEL is utilizing modern cybersecurity technology in innovative ways to protect users. One of AXEL’s patents, US11159306B2, describes a token identification system that allows users to perform transactions privately, while making the transaction verification public. This technology prioritizes the digital privacy of users, secures the specific aspects of the transaction, and offers public verification. Patents like this are being presented, approved, and utilized every day, creating a more private, secure Internet. So while cybercriminals may be quick to exploit technological flaws, an army of individuals and businesses are ready to fight for digital security.

About AXEL

Technology will continue to advance, and our lives will become more digitized than ever before. That’s why data security and user privacy remain as important as ever. At AXEL we believe that privacy is a human right, and that your information deserves the best protection. That’s why we created AXEL Go. AXEL Go uses military-grade encryption, blockchain technology and decentralized servers to ensure it’s the best file transfer software on the market. Whether you need cloud video storage or cloud file management, AXEL Go is the secure file hosting solution. If you’re ready to try the best file sharing app for PC and mobile devices, try two free weeks of AXEL Go here.

[1] Dolgin, Elie. “The Tangled History of mRNA Vaccines.” Nature News. Nature Publishing Group, September 14, 2021. https://www.nature.com/articles/d41586-021-02483-w

[2] “19% Of Americans Use Wearable Fitness Trackers and MHealth Apps.” Mercom Capital Group, October 13, 2021. https://mercomcapital.com/90-americans-wearable-mhealth-apps/#:~:text=According%20to%20a%20new%20survey,or%20tablet%20app%20(32%25)

[3] Marks, Adam. “Do Exercise Trackers Make You Healthier?” Ace.edu, February 16, 2021. https://www.ace.edu/blog/post/2021/02/16/do-exercise-trackers-make-you-healthier

[4] “How Has Technology Changed Education?” Purdue University Online.. https://online.purdue.edu/blog/education/how-has-technology-changed-education

[5] Acharjee, Sauvik. “The Evolution of Cybercrime: An Easy Guide (2021).” Jigsaw Academy, February 13, 2021. https://www.jigsawacademy.com/blogs/cyber-security/evolution-of-cybercrime/

December 30, 2021

The World’s Top Hacking Groups – Part 2

In Part 1 of AXEL’s feature on the world’s top hacking groups, we featured some of the leading cultivators of chaos in the world. From state-sponsored groups like Bureau 121 to leaderless hacktivist organizations like Anonymous, no two hacking groups are the same. Each organization has different personnel, goals, and methods of achieving those goals, with some more successful than others. In a way, these criminal syndicates are extremely similar to traditional businesses: If you’re financially successful, your group will flourish. If you struggle to make steady income, you’ll lose employees and, eventually, your entire company.

However, just as it is in the business world, there are some hacking groups that are seemingly too big to fail. Typically, these groups are state-sponsored, and receive oodles of cash for security purposes. While these state-sponsored groups may rarely grab headlines, these are the syndicates that truly hold the most power. After all, an independent hacker group can be taken down with a thorough investigation. A hacker group supported by a powerful nation is extremely unlikely to ever face investigations or oversight from other nations.

These four groups represent some of the most powerful hacking organizations in the world:

Cozy Bear

Cozy Bear is yet another Russian state-sponsored hacking group that focuses on attacking Western governments and media [1]. This group, however, seemingly has an intense focus on the United States. In 2014, the group hacked the State Department and the White House’s email systems, and in 2020, breached the Commerce and Treasury departments [2]. As part of Russia’s foreign intelligence service, Cozy Bear, along with sibling hacking group Fancy Bear, hacked into the Democratic National Committee (DNC) in 2016. Oddly enough, Cozy Bear and Fancy Bear were unaware of each other’s activities, and both independently hacked the political committee [3].

Although Cozy Bear and Fancy Bear both breached the DNC’s servers in 2016, Cozy Bear’s latest actions show that these hacks aren’t done for partisan purposes. In July 2021, the group breached the servers of the Republican National Committee (RNC) [4]. Ultimately this highlights Russia’s main strategy regarding cyberwarfare. The goal isn’t to make sure a certain candidate wins; it’s to undermine faith in the electoral process, thus lowering confidence in the nation itself. While Russia may have a preferred candidate every four years, it’s cybersecurity actions show a clear, nonpartisan strategy to simply embarrass the United States and decrease faith in its political processes. And Cozy Bear is just one of many groups Russia uses to further this goal.

REvil

One of the newest hacking groups in the world is also one of the most notorious. REvil is a private Russian group that makes millions from its ransomware attacks on businesses. The group initially gained attention in May 2020, when it hacked an entertainment-focused law firm and stole a number of files from the firm. REvil threatened then-President Donald Trump to release compromising documents unless the group received a massive USD $42 million ransom [5]. However, cybersecurity researchers quickly believed that this was a bluff, and no compromising documents were ever released by REvil [6].

Unfortunately, REvil’s initial failure did not deter the group. In 2021, the group was responsible for two massive cyberattacks. First, in May 2021, REvil breached JBS Foods, the world’s largest beef producer. This attack forced the company to shut down some of its food processing plants, threatening a potential beef shortage. However, just one day after the initial attack, JBS paid a USD $11 million ransom to REvil to decrypt its servers [7]. While the quick payment ensured there would be no major shortages, it showed how desperate businesses can be if hit with a devastating ransomware attack. Just a month later, REvil attacked Kaseya, a networks, systems, and IT software company. This attack shut down Kaseya’s main software, ultimately affecting up to 1,500 businesses worldwide. The impacts of this attack were felt worldwide, with a Swedish grocery store chain closed because of inoperable cash registers, and New Zealand schools being taken offline [8].

Thankfully, in October 2021, REvil itself was forced offline by a multi-country operation led by the United States [9]. While this doesn’t mean REvil will never pop up again, the crackdown on ransomware shows that even the most notorious private hacking groups can be stopped.

Chinese Cyber Operations

While not much is known about China’s cyber operations, we do know that their attacks have been effective. In 2010, China was the culprit behind Operation Aurora, an advanced, highly-sophisticated attack on dozens of American companies, including Google and Adobe [10]. In the attack, China stole intellectual property, along with access to the Gmail accounts of two high-profile human rights activists.

Following this complex cyberattack, China was accused of executing one of the worst cyberattacks of all time: The Equifax data breach. In February 2020, the United States charged four members of China’s People’s Liberation Army with the 2017 hack that leaked personal information of over 150 million Americans [11]. While the United States has no way of extraditing the four soldiers for trial, this claim highlighted the sheer power of state cyber operations groups. The Equifax hack had a profound effect on everyday Americans, and caused concern that extremely effective and damaging cyberattacks could become commonplace in the future.

In the present, China’s cyber operations have expanded. This escalation is fueled by the desire for more intelligence, particularly from the United States amid rising tensions between the two global superpowers [12]. In fact, Western governments have accused China of hacking into Microsoft’s Exchange company server. This hack affected about 250,000 organizations worldwide, allowing Chinese hackers to pilfer through company emails for intelligence. While this hack was not nearly as impactful as the Equifax breach, it highlights China’s renewed focus on gathering massive amounts of intelligence on the United States and other Western nations.

NSA Tailored Access Operations

While many of the world’s top hacking groups operate far from North America, the world’s most powerful group is undoubtedly within American borders. The National Security Administration’s (NSA) Tailored Access Operations group gathers intelligence from foreign targets by hacking into devices, stealing data, and monitoring communications. Additionally, the group develops software that can destroy a foreign target’s computer and networks [13]. The group is responsible for developing malware that targeted Iran’s nuclear program, along with regularly breaching Chinese computer networks for gathering intelligence.

The United States’ targeted surveillance capabilities should come as no surprise. After all, the NSA is well-known for its mass surveillance techniques. Tailored Access Operations is relatively similar to other state cyber operations groups: It uses targeted surveillance to gather intelligence, and uses sophisticated malware to attack its targets. Of course, because it’s the NSA, there is the possibility that the group has even more publicly unknown high-tech resources for cyberattacks. While Tailored Access Operations works in the shadows, the strength of the NSA, and the United States in general, make this group the most powerful hackers in the world.

About AXEL

Some of these powerful hacking groups will, unfortunately, continue to wreak havoc in 2022. That’s why data security and user privacy remain as important as ever. At AXEL we believe that privacy is a human right, and that your information deserves the best protection. That’s why we created AXEL Go. AXEL Go uses 256-bit encryption, blockchain technology and decentralized servers to ensure it’s the best file transfer software on the market. Whether you need cloud video storage or cloud file management, AXEL Go is the secure file hosting solution. If you’re ready to try the best file sharing app for PC and mobile devices, try two free weeks of AXEL Go here.

[1] Meyer, Josh. “Cozy Bear Explained: What You Need to Know about the Russian Hacks.” NBCNews.com. NBCUniversal News Group, September 15, 2016. https://www.nbcnews.com/storyline/hacking-in-america/cozy-bear-explained-what-you-need-know-about-russian-hacks-n648541

[2] Nakashima, Ellen, and Craig Timberg. “Russian Government Hackers Are behind a Broad Espionage Campaign That Has Compromised U.S. Agencies, Including Treasury and Commerce.” The Washington Post. WP Company, December 14, 2020. https://www.washingtonpost.com/national-security/russian-government-spies-are-behind-a-broad-hacking-campaign-that-has-breached-us-agencies-and-a-top-cyber-firm/2020/12/13/d5a53b88-3d7d-11eb-9453-fc36ba051781_story.html

[3] “Bear on Bear.” The Economist. The Economist Newspaper, September 22, 2016. https://www.economist.com/united-states/2016/09/22/bear-on-bear

[4] Turton, William, and Jennifer Jacobs. “Russia ‘Cozy Bear’ Breached GOP as Ransomware Attack Hit.” Bloomberg.com. Bloomberg, July 6, 2021. https://www.bloomberg.com/news/articles/2021-07-06/russian-state-hackers-breached-republican-national-committee

[5] Collier, Kevin, and Diana Dasrath. “Criminal Group That Hacked Law Firm Threatens to Release Trump Documents.” NBCNews.com. NBCUniversal News Group, May 16, 2020. https://www.nbcnews.com/tech/security/criminal-group-hacked-law-firm-threatens-release-trump-documents-n1208366

[6] Vanian, Jonathan. “Everything to Know about Revil, the Group behind Several Devastating Ransomware Attacks.” Fortune. Fortune, July 8, 2021. https://fortune.com/2021/07/07/what-is-revil-ransomware-attack-kaseya/

[7] Abrams, Lawrence. “JBS Paid $11 Million to REvil Ransomware, $22.5m First Demanded.” BleepingComputer. BleepingComputer, June 10, 2021. https://www.bleepingcomputer.com/news/security/jbs-paid-11-million-to-revil-ransomware-225m-first-demanded/

[8] Satter, Raphael. “Up to 1,500 Businesses Affected by Ransomware Attack, U.S. Firm’s CEO Says.” Reuters. Thomson Reuters, July 6, 2021. https://www.reuters.com/technology/hackers-demand-70-million-liberate-data-held-by-companies-hit-mass-cyberattack-2021-07-05/

[9] Bing, Christopher, and Joseph Menn. “Exclusive Governments Turn Tables on Ransomware Gang Revil by Pushing It Offline.” Reuters. Thomson Reuters, October 21, 2021. https://www.reuters.com/technology/exclusive-governments-turn-tables-ransomware-gang-revil-by-pushing-it-offline-2021-10-21/

[10] Zetter, Kim. “Google Hack Attack Was Ultra Sophisticated, New Details Show.” Wired. Conde Nast, January 15, 2010. https://www.wired.com/2010/01/operation-aurora/

[11] Perez, Evan, and Zachary Cohen. “US Charges 4 Members of Chinese Military with Equifax Hack.” CNN. Cable News Network, February 11, 2020. https://www.cnn.com/2020/02/10/politics/equifax-chinese-military-justice-department/index.html

[12] Sabbagh, Dan. “Experts Say China’s Low-Level Cyberwar Is Becoming Severe Threat.” The Guardian. Guardian News and Media, September 23, 2021. https://www.theguardian.com/world/2021/sep/23/experts-china-low-level-cyber-war-severe-threat

[13] Peterson, Andrea. “The NSA Has Its Own Team of Elite Hackers.” The Washington Post. WP Company, August 29, 2013. https://www.washingtonpost.com/news/the-switch/wp/2013/08/29/the-nsa-has-its-own-team-of-elite-hackers/

December 23, 2021

The World’s Top Hacking Groups – Part 1

Click here to read Part 2 of AXEL’s blog on the world’s top hacking groups

Ever since the invention of computers, there have been hackers. However, in the early history of computers, “hackers” weren’t seen as shadowy, havoc-wreaking figures, but simply as enthusiasts. These early hackers tinkered with computers, and ended up creating some of the earliest computer programs. But as computers rapidly gained popularity in the 1980s, cybersecurity cracks were starting to show, and skilled individuals took advantage. In 1989, Joseph Popp created the first ransomware device: A floppy disk sent to world health professionals disguised as medical research. When inserted, the disk locked the user’s computer, and demanded the victim mail $189 to a PO Box in Panama [1].

While this early example of hacking is easy-to-understand, modern hacking and ransomware is far more complicated, not just from a technological standpoint, but from an organizational standpoint as well. Gone are the days of individual, hoodie-clad loners furiously typing on their computers in the dark. Today, the people who carry out the world’s worst hacks are part of hacking groups. After all, hackers are smart, and realize that they can do more damage working together, rather than alone. Most of the world’s worst hacks have occurred at the hands of a few hacking organizations, committed to causing chaos around the globe.

These groups have the money and manpower to cause digital devastation on a global scale:

Bureau 121 & Lazarus

North Korea has long been a mysterious, yet aggressive nation, and its state-sponsored hacking group is no exception. Although not much is known about Bureau 121, cybersecurity experts have tied the group to the North Korean government. However, because of the country’s poor infrastructure, experts believe that Bureau 121 plans and executes its operations in Shenyang, China, a city just 100 miles from the North Korean border [2]. The organization mostly targets South Korean businesses, unsurprisingly. One of its biggest attacks was a ransomware attack on South Korea’s Hydro & Nuclear Power Company, resulting in a massive data breach.

While North Korean hackers mostly focus on their South Korean neighbors, it gained worldwide notoriety when Lazarus Group, an affiliate of Bureau 121, attacked Sony Pictures. First, the group leaked thousands of emails between Sony Pictures executives, and leaked unannounced, upcoming films from the studio. More concerningly, the group threatened to commit acts of terrorism at movie theaters unless Sony’s film “The Interview,” a comedy whose plot includes the assassination of Kim Jong-Un, North Korea’s leader, was pulled from theaters [3]. The United States quickly tied the hack to North Korea, but because of the countries’ icy relationship, no arrests have been made.

Syrian Electronic Army

The Syrian Electronic Army (SEA) was formed during the Arab Spring, a series of anti-government protests and uprisings in the Middle East in the early 2010s. It was created to protect controversial Syrian President Bashar al-Assad from Syrian dissidents during the widespread protests [4]. Interestingly, cybersecurity experts are unsure if the group is sponsored by the Syrian government, or is simply a group of pro-Assad hackers [5]. In either case, the SEA is a vehemently pro-Assad organization that has two goals: Punish media organizations that are critical of Assad, and spread Syria’s state-sponsored narrative [4].

One of the SEA’s most famous hacks occurred in 2013, when the group hacked into the Associated Press’ Twitter account and falsely reported that then-President Obama was injured in an explosion at the White House [6]. This single Tweet caused stocks to plummet, highlighting just how much damage can be caused from hackers thousands of miles away. In addition to this notable AP hack, the SEA has hacked Western media organizations, including Facebook, Microsoft, and The New York Times.

Fancy Bear

Although this group may have a cuddly name, its actions are anything but soft. Cybersecurity experts widely believe Fancy Bear to be a Russian-sponsored hacking group responsible for a variety of hacks to advance Russian interests [7]. The group has committed attacks on Germany’s Parliament, French President Emmanuel Macron, and a variety of other Western governments [8]. The group typically uses well-disguised phishing emails to gain access to restricted information.

Fancy Bear used this strategy to pull off its most daring, consequential hack: an attack that leaked thousands of Democratic National Committee (DNC) emails in 2016 [9]. The cyberattack resulted in the public reveal of thousands of DNC emails, many of which were seen as controversial or simply embarrassing. While many countries spy on others during elections, this was one of the first times a foreign country was able to successfully meddle in a United States election. Although it’s impossible to determine if the 2016 Presidential election would have been different if Fancy Bear didn’t commit the attack, this hack showed how valuable, and devastating, cyberattacks can be before elections.

Anonymous

Perhaps the most famous hacking organization in the world, Anonymous is unlike any other group. Anonymous is decentralized, with no leader or physical hub. While this may sound like a disadvantage, this organization ensures that the group can continue its activities even if members drop out or are apprehended. Anonymous is a “hacktivist” group, and does not have specific goals or enemies. However, Anonymous certainly has a broad aspiration to promote freedom of speech and diminish government control [10].

Anonymous gained notoriety during its 2008 cyberattacks on the Church of Scientology, when the group managed to shut down the Church’s website. Following this attack, the organization gained popularity around the world, expanding the group’s hacking capabilities (and potential targets). The group targeted Tunisia’s government during the Arab Spring protests, Visa and MasterCard for declining to do business with WikiLeaks, and Bank of America for its shady mortgage practices [11].

Since 2008, Anonymous has continued to attack governments and organizations that break the group’s core beliefs. However, the long-term impact of these attacks are often negligible. Anonymous’s main strategy is a distributed denial of service (DDoS) attack. While DDoS attacks are successful in shutting down websites and gaining notoriety, once the website is back up, there are few long-term effects of Anonymous’s involvement. So although Anonymous is one of the most notorious hacking collectives in the world, more organized groups are able to cause greater long-term effects with their cyberattacks.

About AXEL

Hacking groups aren’t going away any time soon. That’s why data security and user privacy remain as important as ever. At AXEL we believe that privacy is a human right, and that your information deserves the best protection. That’s why we created AXEL Go. AXEL Go uses 256-bit encryption, blockchain technology and decentralized servers to ensure it’s the best file transfer software on the market. Whether you need cloud video storage or cloud file management, AXEL Go is the secure file hosting solution. If you’re ready to try the best file sharing app for PC and mobile devices, try two free weeks of AXEL Go here.

[1] Kelly, Samantha Murphy. “The Bizarre Story of the Inventor of Ransomware.” CNN. Cable News Network, May 16, 2021. https://www.cnn.com/2021/05/16/tech/ransomware-joseph-popp/index.html

[2] Lee, Dave. “Bureau 121: How Good Are Kim Jong-Un’s Elite Hackers?” BBC News. BBC, May 29, 2015. https://www.bbc.com/news/technology-32925503

[3] VanDerWerff, Emily, and Timothy Lee. “The 2014 Sony Hacks, Explained.” Vox. Vox, January 20, 2015. https://www.vox.com/2015/1/20/18089084/sony-hack-north-korea

[4] Harding, Luke, and Charles Arthur. “Syrian Electronic Army: Assad’s Cyber Warriors.” The Guardian. Guardian News and Media, April 30, 2013. https://www.theguardian.com/technology/2013/apr/29/hacking-guardian-syria-background

[5] Perlroth, Nicole. “Hunting for Syrian Hackers’ Chain of Command.” The New York Times. The New York Times, May 17, 2013. https://www.nytimes.com/2013/05/18/technology/financial-times-site-is-hacked.html?pagewanted=all&_r=0

[6] Moore, Heidi, and Dan Roberts. “AP Twitter Hack Causes Panic on Wall Street and Sends Dow Plunging.” The Guardian. Guardian News and Media, April 23, 2013. https://www.theguardian.com/business/2013/apr/23/ap-tweet-hack-wall-street-freefall

[7] O’Flaherty, Kate. “Midterm Election Hacking — Who Is Fancy Bear?” Forbes. Forbes Magazine, August 23, 2018. https://www.forbes.com/sites/kateoflahertyuk/2018/08/23/midterm-election-hacking-who-is-fancy-bear/?sh=5bccc7aa2325

[8] Hern, Alex. “Macron Hackers Linked to Russian-Affiliated Group behind US Attack.” The Guardian. Guardian News and Media, May 8, 2017. https://www.theguardian.com/world/2017/may/08/macron-hackers-linked-to-russian-affiliated-group-behind-us-attack

[9] Frenkel, Sheera. “Meet Fancy Bear, the Russian Group Hacking the US Election.” BuzzFeed News. BuzzFeed News, October 15, 2016. https://www.buzzfeednews.com/article/sheerafrenkel/meet-fancy-bear-the-russian-group-hacking-the-us-election

[10] Sands, Geneva. “What to Know About the Worldwide Hacker Group ‘Anonymous.’” ABC News. ABC News Network, March 19, 2016. https://abcnews.go.com/US/worldwide-hacker-group-anonymous/story?id=37761302

[11] “The 10 Craziest Hacks Done by Anonymous.” Complex. Complex, May 31, 2020. https://www.complex.com/pop-culture/2011/08/the-10-craziest-anonymous-hacks/

December 17, 2021

2021 Cybersecurity Year in Review

Throughout 2021, cybersecurity incidents have grabbed headlines across the world. Although the topic may not have been at the forefront of most people’s minds in 2021, cybersecurity has greatly affected everyone’s life in some way. From vicious cyberattacks to genuine progress on user privacy, cybersecurity has undoubtedly had a long, eventful year. And although exciting progress has been made in some areas of cybersecurity, cybercrime and other online attacks will, unfortunately, continue into 2022 and beyond.

2021 has been a long year for many, particularly for cybersecurity experts. Here are all the ways cybersecurity has changed for the better (and worse) throughout the past year.

COVID Phishing

Near the beginning of 2021, COVID-19 vaccinations became readily available to people in the United States. While this helped minimize the negative effects of the pandemic, it also offered a new opportunity for scammers. As businesses and governments began to mandate COVID vaccinations, cybercriminals responded by creating phishing emails that disguised themselves as genuine business emails [1]. From fake vaccine-record upload sites to emails from phony public health organizations, scammers used the uncertainty and anxiety of COVID to make a quick buck off of unsuspecting people.

Unfortunately, phishing emails aren’t the trick cybercriminals are using. COVID scams are coming from all angles, including texts, social media posts, and robocalls. In fact, the Federal Trade Commission (FTC) has logged over 600,000 complaints in 2021 regarding COVID-related scams. In all, these scams have cost consumers over USD $600 million [2]. And with COVID remaining in the public spotlight into 2022, these scams are likely to continue. With this in mind, it’s important to brush up on cybersecurity tips. Check out AXEL’s blog, The History of Internet Spam, to learn how to protect yourself from phishing emails, social media spam, and more.

Colonial Pipeline Attack

In May, the Colonial Pipeline, an oil pipeline that supplies much of the gasoline to the Southeastern United States, was struck by a ransomware attack. Interestingly, the cybercriminals attacked the pipeline’s billing system, rather than its operational systems [3]. Because of this, Colonial itself shut down its own pipeline, as the company would have been unable to bill customers with the ransomware. Soon after the sheer scale of the attack was realized, Colonial Pipeline paid the nearly USD $5 million ransom.

While Colonial Pipeline quickly paid the ransom, the negative consequences of the attack were felt by consumers for weeks. States from New Jersey to Texas faced severe gas shortages, causing price jumps and panic buying [4]. In all, the Colonial Pipeline attack affected millions of consumers, and caused a severe breach of trust in Colonial Pipeline. Undoubtedly, 2021’s most memorable cyberattack was a doozy.

Ransomware is Evolving

When thinking of ransomware, many people picture a single offender, causing digital chaos while hunkered in a dark basement. However, this stereotype of modern cybercriminals is far from the truth. In 2021, ransomware groups are practically businesses, regularly recruiting new hackers to join criminal enterprises. Nowadays, just a handful of organizations are the perpetrators of most ransomware attacks [5]. And these shady organizations have ransomware down to a science.

Some ransomware organizations even offer customer service help desks to help victims pay the ransom and receive the decryption key. This is possible because of skyrocketing ransom demands. In fact, the average ransom payment was over USD $310,000 last year [5]. But because there’s little action that can be taken after being struck with ransomware, businesses and firms are usually forced to pay the extraordinary cost. In 2021, cyberattacks aren’t just individuals wreaking havoc; they’re carried out by well-funded, well-organized criminal syndicates. That’s why it’s vital to stay up to date on the latest strategies to protect yourself, your business, or your firm.

Crackdowns on Russian Cybercrime

One of the most notorious ransomware organizations is REvil, a Russian-based cybercrime syndicate responsible for many of the most expensive ransomware attacks. REvil had a successful first half of 2021, attacking JBS Foods and extracting USD $11 million from the meat-processing giant [6]. However, following this attack, REvil finally began to face crackdowns from law enforcement.

In September, the FBI hacked into REvil’s servers, obtaining a universal decryption key. Even worse for the group, the FBI remained hidden even after gaining access to REvil’s information, giving law enforcement more time to prowl around the servers of the shadowy criminal enterprise [7]. With this information, the United States Department of Justice coordinated arrests against two alleged REvil members, along with retrieving USD $6 million in cryptocurrency from the group [8]. This action greatly impaired REvil’s work, highlighting the strategies law enforcement can take in the future to shut down similar criminal organizations.

The Rise of Multi-Factor Authentication

Whenever you log in to Google, Facebook, or nearly any other secure website, a password simply isn’t enough anymore. Multi-Factor Authentication (MFA) has become the norm among most sites, requiring anything from text authentication to security questions to successfully log in. While this can be a headache for some users, it undoubtedly prevents countless cyberattacks each year. After all, passwords just aren’t the same as they used to be.

In fact, Microsoft is even allowing users to simply not have passwords. Instead, the company offers a mixture of authenticators including security keys, SMS verification, and email verification [9]. While the traditional password is unlikely to go away soon, the pivot to MFA highlights the extra security measures that companies are taking to protect users (and themselves). MFA is one of the cheapest, easiest, and quickest ways to protect user privacy, and its widespread adoption is a positive step toward a more secure digital future.

What to Expect in 2022

While there have been both positive and negative developments for cybersecurity in 2021, the problems that have plagued individuals and businesses are likely to continue into 2022. Ransomware isn’t going away any time soon, even with the crackdown on REvil. Phishing emails will remain, and will simply take advantage of other current events to harm individuals. Finally, MFA will remain widespread, and will hopefully lead businesses to take even more precautions against cybercrime. In 2022, cybersecurity will remain a vital issue for businesses and individuals alike. However, if appropriate precautions are taken by all, we can make 2022 a disastrous year for cybercriminals.

About AXEL

In today’s chaotic Digital Age, hacks, data breaches and ransomware attacks are an everyday occurrence. That’s why data security and user privacy remain as important as ever. At AXEL we believe that privacy is a human right, and that your information deserves the best protection. That’s why we created AXEL Go. AXEL Go uses 256-bit encryption, blockchain technology and decentralized servers to ensure it’s the best file transfer software on the market. Whether you need cloud video storage or cloud file management, AXEL Go is the secure file hosting solution. If you’re ready to try the best file sharing app for PC and mobile devices, try two free weeks of AXEL Go here.

[1] Hunter, Tatum. “That Email Asking for Proof of Vaccination Might Be a Phishing Scam.” The Washington Post. WP Company, September 24, 2021. https://www.washingtonpost.com/technology/2021/08/24/covid-vaccine-proof-scam-email/

[2] Waggoner, John, and Andy Markowitz. “Coronavirus Scams – Beware Fake Claims, Phony Websites.” AARP, December 6, 2021. https://www.aarp.org/money/scams-fraud/info-2020/coronavirus.html

[3] Bertrand, Natasha, Evan Perez, Zachary Cohen, Geneva Sands, and Josh Campbell. “Colonial Pipeline Did Pay Ransom to Hackers, Sources Now Say.” CNN. Cable News Network, May 13, 2021. https://edition.cnn.com/2021/05/12/politics/colonial-pipeline-ransomware-payment/index.html

[4] Bair, Jeffrey, and Javier Blas. “Petrol Shortages Sweep Us as Colonial Pipeline Remains Down.” Oil and Gas News | Al Jazeera. Al Jazeera, May 11, 2021. https://www.aljazeera.com/economy/2021/5/11/petrol-shortages-sweep-us-as-colonial-pipeline-remains-down

[5] Bajak, Frank. “Ransomware, Explained: How the Gangs That Shut down Colonial Pipeline, JBS USA Operate.” USA Today. Gannett Satellite Information Network, June 3, 2021. https://www.usatoday.com/story/tech/2021/06/03/how-does-ransomware-work-colonial-pipeline-jbs-usa-attacks-explainer/7520704002/

[6] Montalbano, Elizabeth. “JBS Paid $11m to Revil Gang Even after Restoring Operations.” Threatpost English, June 10, 2021. https://threatpost.com/jbs-paid-11m/166767/

[7] De Chant, Tim. “FBI, Others Crush Revil Using Ransomware Gang’s Favorite Tactic against It.” Ars Technica, October 22, 2021. https://arstechnica.com/tech-policy/2021/10/fbi-others-crush-revil-using-ransomware-gangs-favorite-tactic-against-it/

[8] “Revil: Day of Reckoning for Notorious Cyber Gang.” BBC News. BBC, November 8, 2021. https://www.bbc.com/news/technology-59215167

[9] Warren, Tom. “Microsoft Accounts Can Now Go Fully Passwordless.” The Verge. The Verge, September 15, 2021. https://www.theverge.com/2021/9/15/22675175/microsoft-account-passwordless-no-password-security-feature

November 24, 2021

The History and Modern Uses of Encryption

Codebreaking has long been a staple of futuristic sci-fi movies. So many times when we go to the movie theater, we’ll see a sunglasses-donned man typing furiously at his computer, trying to break a seemingly unbreakable computer code. And more often than not, the man cracks the code in just a matter of seconds, showing the audience just how astute the man is. However, this stereotypical portrayal of hackers and codebreaking, thankfully, is not grounded in reality.

In the real world, encryption technologies are much more complicated than Hollywood likes to present. No single hacker is ever breaking modern encryption technology by themselves, thanks to its incredible security in the modern-day. But, what exactly is encryption? It’s certainly used as a cybersecurity buzzword, but what about encryption actually keeps your files safe?

Well, simply put, encryption is a code. A user enters legible information, known as plaintext, and then encryption software encodes the plaintext into ciphertext, an illegible string of characters. It can be a code as simple as A=1, B=2, C=3 and so on, or something as complicated as AXEL Go’s 256-bit encryption. After the translation from plaintext into ciphertext, only authorized members with a “key”, a piece of information that decrypts encoded information, can translate the ciphertext back to readable plaintext. This relatively simple process has revolutionized cybersecurity, allowing an extra, vital layer of protection between someone’s information and unauthorized users.

The History of Encryption

Some may believe that encryption started with the invention of the computer. However, the practice of encoding information has been popular (and necessary) long before the Digital Revolution. Encryption was first used by Ancient Greeks and Egyptians to conceal secret information. In fact, the earliest known example of encryption was found in ancient Mesopotamia, when a scribe used symbols to hide a formula for pottery glaze^[1]. Later, this method was used to protect military secrets and strategies, a practice still used today.

Centuries later, encryption technology became much more advanced. By the beginning of World War II, encrypted communications during war was the norm for all nations. The Axis powers used an Enigma machine, an encryption device that used rotating wheels to scramble plaintext into ciphertext. However, the Allied powers quickly learned how to decrypt these messages through brute force, using computers to try all combinations until the key was discovered^[2]. Although computers were just in their infancy during World War II, the successful decryption of the Enigma machine highlighted just how powerful and secure computers can be, especially in the field of encrypted communications.

Following the Allied victory, encryption technology advanced exponentially. Computers gained more and more processing power, making encryption devices, such as the Enigma, artifacts of the past. Now, computers have become so powerful that brute force attacks simply are not feasible. For example, the United States military and AXEL Go use the Advanced Encryption Standard (AES), which contains a 256-bit sized encryption key. While 256 bits may not seem like a lot, this means that there are 2²⁵⁶ possible key combinations, or 1.158 x 10⁷⁷combinations. To put this number in perspective, there are only an estimated 7.5 x 10¹⁸ grains of sand on Earth^[3]. It’s safe to say that modern-day encryption is incredibly secure.

How is Encryption Used Today?

In the earlier days of encryption, cracking encryption keys was difficult, but not impossible. Now, however, cracking modern-day encryption technology is impossible without human error. That’s because it would take the world’s most powerful supercomputer millions of years to go through the number of possible key combinations in AES encryption^[4]. Because of this incredible amount of security, encryption isn’t just used by governments any more. Any large company that stores customer data uses encryption as an extra layer of defense against unauthorized cybercriminals. With encryption, even if attackers gain access to a company’s data, they’d need a key to translate the ciphertext into legible plaintext. And as long as the encryption key is stored safely, no outsiders will be able to decrypt that data.

However, it’s important to note that not all encryption is built the same. In fact, there are two broad categories of encryption: Symmetric Key and Public Key. Symmetric Key encryption uses the same key to encrypt and decrypt the data. This simpler method is the most used, as it executes the encryption quickly^[5]. Public Key, however, uses a public, shared key for encryption, and a different, private key for decryption. Because of the complex logic required for Public Key encryption, it is not as popular^[5].

Unfortunately, some have begun to use the incredible power of encryption for less-than-savory reasons. Cybercriminals typically use encryption during ransomware attacks to encrypt the victim’s files. And because modern-day encryption is so secure, victims typically must either pay the ransom to the cybercriminals in exchange for the decryption key, or simply lose all of their encrypted files forever^[6]. Even worse, the targets of these attacks can range from individuals to entire governments. That’s why it’s important to use cybersecurity strategies when handling any amount of shared cloud files. While encryption technology has done so much good in the fields of secure communications and cybersecurity, it has also been taken advantage of by criminals who wish to harm individuals and businesses for a quick buck.

Why Encryption Matters

From its humble beginnings in Ancient Mesopotamia to its complex usage today, encryption has been a useful tool for centuries because of one simple philosophy: Not everything should be public. Whether you’re handling your government’s top-secret documents or your grandmother’s top-secret pumpkin pie recipe, encryption is the best way to ensure secure communications.

AXEL believes that privacy is a human right, and that your information ought to be protected. Put simply, we believe that you should control your data and who gets access to it. That’s why we created AXEL Go. AXEL Go uses AES encryption, blockchain technology and decentralized servers to ensure it’s the best file transfer software on the market. Whether you need cloud video storage or cloud file management, AXEL Go is the secure file hosting solution. In today’s Digital Age, secure file sharing is a necessity for businesses and individuals. If you’re ready to try the best file sharing app for PC and mobile devices, get two free weeks of AXEL Go here.

[1] “History of Cryptography.” Binance Academy. Binance Academy, August 24, 2021. https://academy.binance.com/en/articles/history-of-cryptography

[2] “Colossus.” The National Museum of Computing. Accessed November 23, 2021. https://www.tnmoc.org/colossus

[3] Dotau, Sean. “All You Need to Know about 2^256.” Talk Crypto Blog, April 8, 2019. http://www.talkcrypto.org/blog/2019/04/08/all-you-need-to-know-about-2256/

[4] Nohe, Patrick. “What Is 256-Bit Encryption? How Long Would It Take to Crack?” Hashed Out by The SSL Store, June 11, 2021. https://www.thesslstore.com/blog/what-is-256-bit-encryption/

[5] “Exploring the Differences between Symmetric and Asymmetric Encryption: Cyware Hacker News.” Cyware Labs. Cyware, November 30, 2019. https://cyware.com/news/exploring-the-differences-between-symmetric-and-asymmetric-encryption-8de86e8a

[6] Johansen, Alison Grace. “What Is Encryption and How Does It Protect Your Data?” Norton, July 24, 2020. https://us.norton.com/internetsecurity-privacy-what-is-encryption.html

Tech

Footer