AXEL.org

cybersecurity

A Story of Data Custody in the Modern Age: Part II

Lucas does more research

When we last left our favorite 25-year old IT specialist, Lucas, he wasn’t feeling too hopeful. He had learned about the status quo of corporate data collection and felt powerless to stop it. But, he didn’t give up. He decided to educate himself more thoroughly on how the big players in Silicon Valley viewed their users’ privacy. He was especially interested in their responses to recent privacy legislation such as the California Consumer Privacy Act (CCPA) and the European General Data Protection Regulation (GDRP).

“I had read dozens of articles about the subject but never got any information straight from the big tech firms themselves. I thought that maybe with the adoption of the CCPA and GDRP, they might have changed their tunes. So, I did something drastic. Something I’m not sure anyone else in the world did. I read through their updated privacy policies.”

Now that’s dedication to the cause! What did Lucas find after slogging through multiple privacy policies?

“It was certainly an improvement. At least now, they had to tell you what info they collect and broadly how they use it. But, they are still hoarding your personal information. You have to opt-out of most of it, and how many people do you see doing that? I had to put on a pot of coffee to get through these privacy policies. And I hate coffee! Most people I know just clicked “Accept” on the popup and kept going about their regular routines.”

Lucas found that even with the new regulatory frameworks in place, companies still frequently had access to information such as your stored files, contact networks, GPS locations, other websites visited, and third-party advertising data.

“They’re still watching you. They’re still developing their models of you to sell to advertisers or manipulate behavior.”

So, what now?

It was apparent to Lucas that waiting on the well-known tech companies to hop aboard the privacy train wouldn’t cut it. But what options did he have?

“Unfortunately, there aren’t any mainstream alternatives to the big players when it comes to social media. If I want to stay in touch with friends and family without resorting to an old-fashioned phone call, it’s tough. I recommend going into your account and digging into the privacy settings. Opt-out of what you can and just know that you’re analyzed continuously. With other applications, luckily, you fare much better.”

This is where Lucas and AXEL finally cross paths!

“I love to store and share files in the cloud. It’s so convenient to have all my important content wherever I need it. But I wasn’t impressed with the popular cloud storage services out there due to privacy concerns. And that includes their security features too. Because even if your privacy policy is decent, if you’re storing all my documents on an insecure server, it doesn’t really matter. So I looked into what else was out there that might better fit my needs. That’s when AXEL popped up.”

A perfect match

In part three of this blog series about Lucas’ journey, we’ll delve into what attracted him to our company and AXEL Go. Check back soon for an exciting conclusion about how AXEL strives to make the internet a better place for everyone.

A Story of Data Custody in the Modern Age: Part I

Meet Lucas

Lucas is a 25-year old tech support specialist for a medium-sized company in Richmond, Virginia. He’s worked there for the last three years and has risen from a junior employee to his current salaried position. Throughout his time at the company, he’s learned a great deal about computing technology and general cybersecurity best practices. He now reads popular cybersecurity blogs to stay up-to-date and knowledgeable about his field.

“To be honest, in college, I never really kept up on cybersecurity trends. I guess I was too busy keeping tabs on who was attending what party. But after I graduated and got my first real job, I started paying more attention.”

While doing this, however, he has discovered some concerning trends.

“That’s when I noticed two things: 1) Hacks and breaches occur WAY more often than I thought; and 2) Companies are tracking, buying, and selling a LOT of personal data.

When you start following these cybersecurity blogs, there are articles almost every day about massive data breaches or hacks fetching million-dollar ransoms. Then, when you get into the details, you see 10 million, 40 million, 200 million personal records breached. It’s crazy!”

Upon further inspection, Lucas found the sheer number of records breached to be less troublesome than other aspects.

“But that’s only the beginning of the rabbit hole. You start to unpack these breaches and find that the company that left hundreds of millions of personal records vulnerable didn’t have hundreds of millions of users. So, where did those records come from?  Well, they bought them from other giant companies that are doing the same thing they’re doing; mining their users for advertising information. It gets really gross. You finally realize that the individual has no clue about who has their data or how it’s being used and sold.”

“And, it’s kind of a sad progression. You go from feeling shocked, to upset, to powerless in a short period of time. It’s difficult to know where to start in the fight against these kinds of data collection policies. You eventually settle into a hopeless feeling of acceptance. The companies responsible make too much money for anything to change.”

The end of the story?

Luckily, this story does not have to end on such a sour note. There are other tech companies out there, fighting for data privacy and protection. You just have to know where to look!

In an upcoming article, we’ll follow Lucas on his journey as he searches for alternative ways to utilize modern technology. Will Lucas have his hope rekindled? Is there a plausible future that treats individuals like people and not statistics? Check back soon to see how the next chapter plays out.

Phishing: Not as Relaxing as it Sounds

Phishing is a common form of cybercrime that has been around for decades. While there have been many permutations throughout the years (nobody wants your AOL passwords anymore), the basic concept remains the same.

For such a prominent tactic, it still works well enough for criminals to send off three billion phishing emails every day in hopes of catching the big one[1]! So, dust off the oars and make sure the rowboat isn’t leaking because it’s time to visit the phishing hole.

The basics of phishing

The term “phishing” refers to when cybercriminals deceive unsuspecting people to extract sensitive personal information or deploy malicious software payloads. It relates to traditional fishing in that a fisherman tricks the fish into thinking they will get a delicious meal, when in fact, they are the meal!

There are two main end goals for phishing attacks. These are:

Identity theft. In 2019, over 5% of consumers experienced some form of identity theft and suffered nearly $17 billion in losses due to it[2]. That’s more than the total GDP of Jamaica! Phishing attacks can procure the necessary information (names. addresses, social security numbers, etc.) for thieves to open fraudulent credit cards or apply for loans under their victims’ names.

Malware infection. Many phishing attempts lure unsuspecting victims into clicking a malicious link containing a virus or ransomware. Your computer could even be taken over entirely and added to a botnet to carry out DDOS attacks.

Different types of phishing

Spear phishing. These are more advanced, targeted phishing attacks. Whereas a typical phishing attempt may be mass-emailed out to millions of people hoping to snag a few victims, spear phishers strike specific companies, departments, or individuals. They send tailored messages designed to appear authoritative and legitimate. It has a much higher chance of success but takes more research to develop.

Vishing. Also known as Voice Phishing, here, the scammer calls the intended individual and poses as an authority figure. A common example is a visher calling an employee of a company as someone from IT. They try to get the employee to install “security updates,” which actually end up being malware.

It doesn’t have to be related to business, however. Another popular scenario is contacting older people as law enforcement to gain personal information for identity theft or extort payments for fake fines.  Sadly, criminals go to great lengths to achieve their fraudulent intentions.

Smishing. Since spam emails are frequent and well-documented, many people have caught on to blatant email phishing attempts. That must mean the swindlers have accepted defeat, right? No way. They are always coming up with different ways to deceive. That includes smishing, where phishers utilize SMS text messaging to carry out their schemes. People think text messages are more trustworthy than emails and are therefore more likely to click a bad link.

Whaling. Whaling is a subcategory of spear phishing where the mark is a high-level executive at a company. They have access to the most confidential data, and therefore, make for attractive targets.

Clone phishing. If a hacker accesses one person’s email, they can see who they’ve emailed. Clone phishing is where the bad actor sends an email to someone that’s identical to one they’ve already received. Except, the cloned email contains a malicious link or attachment.

Signs of phishing

Strange URLs from trusted brands. Phishers disguise themselves as trusted brands. Always check to make sure the links you’re following from brand emails are legitimate. We recommend copying and pasting links into your web browser bar instead of clicking them directly. This way, you have a better idea about whether or not the link looks suspicious.

Personal information requests. Companies and government agencies usually won’t require anyone to provide personal information via email or text. Err on the side of caution and refuse any such requests. If necessary, find the organization’s legitimate contact information from their verified website and call a representative.

Urgent, time-sensitive language. Phishers sometimes utilize scare tactics to make their targets feel like they need to act or risk enormous consequences. This is especially common when the phishers pose as law enforcement or legal professionals. Never pay for “fines” or “settlements” you had no idea about previously.

Too good to be true claims. Another classic phishing strategy! We’ve all likely received an email claiming we’ve won a lottery we never participated in, or been contacted by a “Nigerian Prince” who wants to reward us with untold riches. The old adage “If it sounds too good to be true, it probably is,” applies here.

Poor grammar or spelling. Many phishing attacks originate from outside the Western world. If the recent email from your boss is riddled with spelling or grammatical errors, you need to verify it came from a legitimate sender before you reply.

High-profile phishing incidents

Phishing has higher stakes than your Grandmother paying a fake parking ticket over the phone (as unfortunate as that is.) Here are a few high-profile incidents that made national news throughout the years.

Ukrainian Power Grid Attack. In December 2015, a spear phisher gained control of a portion of Ukraine’s power grid and caused an outage for over 225,000 people. Russian hackers were suspected to be the culprits[3].

Mia Ash. Throughout 2016-2017, a state-sponsored hacker group in Iran used the fake LinkedIn and Facebook profiles of Mia Ash to spear phish high-priority targets. Posing as a British photographer, the group friended senior employees in the region’s energy, tech, and telecommunications sectors. After lengthy conversations, “Mia” would send excel documents disguised as surveys that secretly contained malware[4].

The Walter Stephan Incident. In 2016, a major aerospace parts manufacturer, FACC, lost $47 million due to phishing. The malicious agent posed as FACC CEO, Walter Stephan, and demanded an employee transfer the enormous sum to a new account for an “acquisition project.” The project was fake, and the phisher made off with the largest known payout ever. Unsurprisingly, FACC later fired the CEO and CFO for the mishap[5].

How to prevent phishing

Never click strange links. If there’s even a passing thought of “Hmm. I wonder if I should click this,” Don’t! Hackers can compromise trusted friends and colleagues. Call and talk in person for verification if there’s a hint of fraud.

Ensure URL is https with a lock beside it. When browsing the internet, ensure the sites you visit are HTTPS (the “S” stands for “Secure”) and that there is a lock icon to the left of the web address. This means the site is safe. Stay away from websites still using the outdated HTTP protocol.

Use firewalls and antivirus software. Modern operating systems come standard with antivirus and firewall software. Use them and keep them updated to the most current versions. Hackers can breach older versions with known vulnerabilities, so it’s a good idea to activate their “auto-update” options.

Don’t put personal info online publicly. Spear phishers and whalers use readily available information found online to plan their attacks. This is why it’s important to consider everything you’re putting out to the world. Social media is a part of our lives, but being too transparent is dangerous. Find the right balance.

Block popups. Popups can be more than minor annoyances. Sometimes, ads with malware or cryptocurrency miners can sneak through and infect the devices of people who click them. Luckily, popular browsers have extensions that block all popups. Less annoyance. Less chance of a malware infection.

Secure your data

Phishing attacks won’t stop until they become ineffective. Hopefully, through education on the tactics phishers use, more people can protect themselves from identity theft and malware. Mistakes happen, however, and it’s challenging to account for all potential methods of attack. That’s why it’s vital to safeguard your data in other ways as well.

AXEL specializes in securing data at rest and in motion. Our file storage and sharing platform, AXEL Go, utilizes a system of decentralized servers to transfer your documents. This means there is no single point of failure like there is in a traditional server farm. It’s harder to pinpoint areas to attack in a decentralized system, and even if a particular node is compromised, we remove it from the system without affecting your files. Content can also be password protected using AES 256-bit encryption to provide an additional layer of security. Hackers can’t crack the encryption and thus aren’t able to access useful data. It’s the safest way to store and share your files. Visit axelgo.app today to learn more and signup for a  free, full-featured account with 2GB of storage.

[1] “More Than Three Billion Fake Emails are Sent Worldwide Every Day”, Security Magazine, June 11, 2019, https://www.securitymagazine.com/articles/90345-more-than-three-billion-fake-emails-are-sent-worldwide-every-day

[2] Krista Tedder, John Buzzard, “2020 Identity Fraud Study: Genesis of the Identity Fraud Crisis”,  Javelin Strategy, April 7, 2020, https://www.javelinstrategy.com/coverage-area/2020-identity-fraud-study-genesis-identity-fraud-crisis

[3] Kim Zetter, “Inside the Cunning, Unprecedented Hack of Ukraine’s Power Grid”, Wired, March 3, 2016, https://www.wired.com/2016/03/inside-cunning-unprecedented-hack-ukraines-power-grid/

[4] Danny Palmer, “How these fake Facebook and LinkedIn profiles tricked people into friending state-backed hackers”, ZDNet, July 27, 2017, https://www.zdnet.com/article/how-these-fake-facebook-and-linkedin-profiles-tricked-people-into-friending-state-backed-hackers/

[5] Reuters Staff, “Austria’s FACC, hit by cyber fraud, fires CEO”, Reuters, May 25, 2016, https://www.reuters.com/article/us-facc-ceo-idUSKCN0YG0ZF

Ransomware: Give us back our files!

Ransomware attacks are on the rise. By 2021 they’re expected to cost companies over $20 billion per year[1]. With that kind of money at stake, it becomes evident that prevention is crucial. Let’s look into some background on ransomware and what companies can do to prevent catastrophic hacks.

What is ransomware?

Ransomware is a type of malware that has gained popularity over the past five years. The general progression of a ransomware attack goes like this:

  1. The targeted computer network is delivered a malicious payload. The majority of the time, this means an employee falls for a phishing scam, clicks a bad link, and accidentally opens access to the system.
  2. The computer virus maps out the connected drives (both local and networked) and encrypts data as it goes. Depending on the strain of malware, the infected computers may transmit the encrypted data back to the hackers.
  3. The hackers contact the company to inform them about their misdeeds and demand a ransom to unlock the files. Usually, this is on a strict time limit, and the demand increases if not met promptly. If the bad actors stole the data and not just encrypted it, they also threaten to leak or sell it on the Dark Web when no payment is received.

The encryption used in ransomware attacks is practically impossible to brute force crack. If there are no backups, or the organization doesn’t want the information leaked and sold, favorable response options are limited.

Common types of ransomware in 2020

There are many different flavors of ransomware, and all of them are disgusting. But, the most popular versions in 2020 include:

Sodinokibi. Also known as REvil, this malware comprised up to 29% of ransomware attacks this year[2]. It is thought to be a ransomware-as-a-service (RaaS) package that different affiliated hacker groups purchase. These groups focus on U.S. businesses and have demanded ransoms of up to $42 million. Analysts estimate this virus has generated approximately $81 million in profit through September.

Maze. Here’s another RaaS. Maze made up 12% of ransomware attacks so far this year. It incorporates similar tactics to Sodinokibi but, starting recently, is known to utilize a program called the Buer Loader. The Buer loader is especially insidious. Once installed on the target network, it can execute additional malicious payloads while establishing persistence in the system. This means that while the infected computers remained attached to the network, that entire system is compromised.

EKANS. Let EKANS slither into your network, and you’re in for an awful time. Discovered in late 2019, it’s involved in 6% of ransomware attacks in 2020. It’s unique in that it can terminate critical processes, including some Industrial Control System (ICS) functions. This makes it very dangerous to industrial organizations that rely on automation.

Ways to prevent attacks

The best way to protect yourself from ransomware is to build a strong defense plan against it. Doing so puts you well ahead of most companies, as a recent survey concludes 77% of IT professionals feel their organizations don’t have consistent response plans[3]. Here are our top six tips:

Maintain current offline backups. It may be a pain to set up redundant backup file storage, but it’s well worth the effort to prevent a successful ransomware attack. You should back up your important files regularly to offline hard disks. This allows you to wipe infected systems and reload your sensitive information back onto the clean drives. This alone offers full protection against many attacks, although if the hackers obtained the data for themselves and threaten to sell it online, you still have problems.

Implement quarterly phishing training. As previously stated, phishing is responsible for the majority of data breaches. It’s doubtful you will prevent all phishing, but providing the proper training will help. Employees should take mandatory quarterly classes that inform them about new phishing techniques and how to spot fraudulent communications.

Test the system to find weaknesses. We recommend frequent penetration tests from internal or third-party experts. Consider penetration testers ethical hackers. They will poke and prod your network to expose vulnerabilities. Once they are known, your company can fix the issues and solidify your defenses against the unethical hackers out there.

Monitor file systems and mail servers to pinpoint suspicious activity. With recent advances in AI solutions, monitoring network traffic is easier than ever. Block unknown or suspicious connections immediately. You can always unblock connections after they are confirmed safe. Email is the primary attack vector for phishing, so ensure that you monitor it sufficiently as well.

Use up-to-date, patched antivirus software. Antivirus programs are critical defenses against ransomware, but you should update them frequently to their current versions. Hackers continuously attempt to find new exploits that can go undetected by older software. They also develop new ransomware to evade antivirus programs. Be as safe as possible by keeping things patched.

Do not pay ransoms. This advice may not seem preventative, but it is in the longer term. If you ever do get attacked, we recommend not paying the ransom unless absolutely necessary. Paying criminals will put a bigger target on you for other cyber thieves in the future. Furthermore, if businesses worldwide stopped paying altogether, the market would dry up, and the malicious actors would have no incentive to keep trying. We understand that not all circumstances are created equal, but as a general rule, you should not negotiate with crooks. Can you even trust them to do what they say they’ll do after you pay the ransom? Think about it.

What to do if successfully attacked

Nobody wants to boot up their computer to find a ransom demand. However, there are steps you should take if you ever find yourself in this unenviable position, such as:

Isolate infected computers. Figure out which machines have encrypted data and decipher their network connections. Then, disconnect the affected computers as soon as possible. Many ransomwares attempt to connect to peripheral networks, so you want to quarantine them quickly.

Identify the type of ransomware. Hopefully, the malware is known and documented. If it’s older, someone may have leaked the decryption keys online. In these lucky cases, you can decrypt your data within paying a dime. Even if that isn’t the situation, you still want to know exactly which ransomware is infecting your system.

Talk to law enforcement. Contact your local authorities, or if it’s a more considerable ransom, federal law enforcement. Federal agencies especially may have access to common decryption keys and can give more information about the perpetrators’ tactics.

Wipe infected drives and install recent backup data or recover data from damaged drives. Organizations with reliable backups should wipe the compromised drives and reinstall their most current data. Those without backups may have to use specialized IT firms to recover information from damaged and cleaned drives.

Conclusion

To protect your company from ransomware, you need to have robust security and threat response strategies. New file storage solutions like AXEL Go should play a part as well. AXEL Go uses the decentralized AXEL Network to store and transfer files. Instead of holding data on a central server farm, the information gets spread around a vast collection of network participants (Masternodes). This results in data storage without a single point of failure. Even if a particular server gets compromised, your data has redundant backups throughout the world. It makes for a much more secure way to store sensitive information. Visit axelgo.app to learn more about this exciting technology.

[1] Steve Morgan, “Global Cybersecurity Spending Prediected To Exceed $1 Trillion From 2017-2021”, Cybercrime Magazine, June 10, 2019, https://cybersecurityventures.com/cybersecurity-market-report/

[2] Camille Singleton, Christopher Kieer, Ole Villadsen, “Ransomware 2020: Attack Trends Affecting Organizations Worldwide”, Security Intelligence, Sept. 28, 2020, https://securityintelligence.com/posts/ransomware-2020-attack-trends-new-techniques-affecting-organizations-worldwide/

[3] “IBM Study: More Than Half of Organizations with Cybersecurity Incident Response Plans Fail to Test Them”, IBM News Room, April 11, 2019, https://newsroom.ibm.com/2019-04-11-IBM-Study-More-Than-Half-of-Organizations-with-Cybersecurity-Incident-Response-Plans-Fail-to-Test-Them

Think Twice Before Using Email Attachments

Even with the increase in digital communication options nowadays, email continues to be very popular. It may not be the flashiest way to reach out, but over four billion people[1] know it gets the job done.

Unfortunately, however, there is a dark side to this ubiquitous messaging system. And no, it isn’t your mother’s chain letters about the horrible things that will happen to you if you don’t forward them to 10 friends. Somehow, it’s even worse. It is not to say you should stop using email; you just need to use it more intelligently. And that means stop using attachments!

Best reasons to stop sending attachments

Email attachments are dangerous for many reasons, especially if you send or receive sensitive documents.

Significant security risks. 90% of successful cybersecurity incidents take place through email[2]. The vast majority of these get delivered via attachments. In many cases, hackers employ phishing techniques to gain access to susceptible systems.

“Phishing” is when a malicious email looks legitimate. Bad actors research your company or acquaintances and send a phony email disguised as being from someone you trust. Usually, this will include an infected payload as an attachment that they ask you to open. Those not careful or inherently suspicious click it and potentially compromise the entire network. Hackers use phishing in combination with the following forms of malware to achieve their malevolent purposes:

  • Open the wrong attachment, and you could cost your company some serious money. Ransomware is a type of computer virus that maps attached storage drives and encrypts their data. The drives can’t be unencrypted unless the business pays a hefty ransom to the attackers. The estimated average payout for a successful ransomware attack is over $110K in 2020[3], with high-profile incidents fetching multimillion-dollar sums.
  • Zero-day exploits. Zero-day vulnerabilities are the security holes in software that even the developers are unaware exist. Hackers are crafty and find bugs to exploit that nobody else has considered. Obviously, they aren’t going to run and tell the developer about these flaws, so they only become known after an attack. If you run a Zero-day exploit from an attachment, you could give up complete control of your computer.
  • When criminals want to steal employee credentials, they turn to keyloggers. Keyloggers are computer programs that track user keystrokes. Every time the victim types, it is recorded in a separate file and transmitted back to the hacker. If you log in to any of your accounts during this time, the bad actor now has the same information. This can be extremely damaging if the malicious agent targets a high-level executive for keylogging. However, even if the victim is a low-level employee, the information gained from their account is useful for future phishing attacks.

Loss of confidentiality. Never use an attachment to transfer confidential material. While most people think of data breaches as being hacks, it’s a more encompassing term. Let’s say you send an email to a colleague containing privileged company financial information. That document is now out of your control.

The employee’s computer could become compromised, or the employee may be disgruntled and distribute it elsewhere. The point is, you cannot track the attachment after you send the email. This means you can never be sure anything sent in an attachment is secure.

Lack of flexibility. Sometimes, the file you want to send is too large to attach. Many email clients have strict maximum attachment sizes. Why deal with this hassle in the first place? Even if you can send large attachments, it’s a good possibility they won’t go through. Many spam filters or malware detectors flag bigger documents. There’s also a chance their email provider blacklists you and prevents future emails! Save yourself the headaches.

Sender’s remorse. You send off important documentation in an attachment only to realize later that you accidentally CC’ed Brian Stahl-a personal contact- rather than Brian Stalder-your CFO. We’ve all been there. Unfortunately, since you used email, you’re out of luck. Better hope Mr. Stahl is a standup guy!

Then, there’s the case of attaching the wrong file. MayEarningsStatement.xls looks so similar to MaysBirthdaySurprise.pdf. You’re busy, and sometimes busy people make mistakes. It shouldn’t be a big deal, but the irrevocability of attachments makes it a big deal.

Steps to improve security

We don’t recommend ever sending attachments, honestly. If you must, however, there are some steps you can take to make it a bit safer.

Authenticate the sender or recipient. Many phishing attempts come from emails that look similar to trusted ones but are slightly different. Before opening any attachment (or sending one), triple-check to ensure the address is valid.

Never open unsolicited email attachments. If you receive an email attachment out of the blue, even from a valid email address, call the person to confirm it’s legitimate. You never know if a cyber attack compromised their account.

Save and scan. Do not open email attachments directly from your inbox. Save them to your drive and scan them with antivirus software beforehand. It isn’t foolproof, but modern antivirus programs will catch the majority of malware.

Turn off automatic downloads. Many popular email clients do not offer automatic attachment downloads these days, but if you run custom or older clients, it’s something to consider. Check your settings to make sure you do not automatically download attachments.

A better way

Hopefully, you understand why you should be wary of email attachments. There are very few benefits and severe risks in ignoring this advice. So, how should you be sending and receiving confidential files? We recommend AXEL Go.

AXEL Go is a secure way to share and store information online. There are no file size limits, so you can send anything you want. More importantly, it provides industry-leading security options to safeguard you against data breaches and cyber-attacks.

With AXEL Go, you’re always in control. You set the expiration dates of your shared files and can prevent recipients from downloading them. This means if you don’t want sensitive documents sitting around on other peoples’ computers, it’s not a problem!  Combined with optional AES 256-bit password encryption, you can trust that important content stays confidential.

To make things even more secure, AXEL Go operates on the InterPlanetary File System (IPFS). It is a decentralized network with servers called nodes that function throughout the world. Files shared on this network are divided into small chunks and distributed to these nodes. It results in a system without a single point of failure. Traditionally, if the server farm holding your documents was under attack, your files were at risk. With IPFS, this isn’t the case. It’s the future of the internet, and AXEL Go runs on one of the largest IPFS networks in the world.

And finally, AXEL Go has full blockchain integration. Blockchain technology is a distributed ledger system where information is unchangeable once written to a block. While our blockchain doesn’t store your files, it does hold transactional details. So every time you share something, that data is timestamped to a block. This is an excellent feature for professionals, as they can transfer time-sensitive content with absolute proof of delivery.

Download today

These capabilities highlight why AXEL Go is the safer, objectively better alternative to email attachments. You can sign up for a free, full-featured Basic account and receive 2GB of storage to try it out for yourself. Download AXEL Go today for desktops or mobile devices and see why email attachments are a thing of the past.

[1] J. Clement ,“Number of e-mail users worldwide from 2017 to 2024”, statista.com, Mar. 25, 2020, https://www.statista.com/statistics/255080/number-of-e-mail-users-worldwide/

[2] “Report unveils most ulnerable sectors to phishing attacks”, Security Magazine, Sept. 14, 2020, https://www.securitymagazine.com/articles/93347-report-unveils-most-vulnerable-sectors-to-phishing-attacks

[3] Mathew J. Schwartz, “Ransomeware: Average Business Payout Surges to $111, 605”, bankinfosecurity.com, April 30, 2020, https://www.bankinfosecurity.com/ransomware-average-business-payout-surges-to-111605-a-14205

The Effect of COVID-19 on Data Breaches

The ongoing global pandemic has affected nearly all aspects of life as we know it. One area you may not have considered is corporate security. The landscape of data breaches has transformed since the onset of COVID-19. With little hope for a proven vaccine soon, organizations will probably have to deal with these consequences for a while.

A coalescence of factors

COVID-19 has proven to be a perfect storm regarding cybersecurity issues. Many variables have contributed to this.

First, furloughs, layoffs, and sick leave have reduced the human capital organizations have at their disposal. IT departments have not been spared from the chopping block, either[1]. The decrease in cybersecurity professionals combined with the dip in overall revenues for the majority of companies means resources are limited. Prevention systems are weakened, or at least not fortified, providing ample opportunities for malicious agents to prod and pry.

Another important element is the rise of the remote workforce. COVID-19 has accelerated the transition of employees from the office to the home. According to a recent survey by PWC, the percentage of executives who claim that most of their office staff work remotely at least one day per week rose from 39% before the pandemic to 77% after[2]. New security measures may have to be implemented to deal with a flux of new devices, weak remote access policies, and VPN configurations. This is a massive undertaking and further taxes already-strained IT departments.

Finally, general stress and anxiety levels for employees are high. Not only do they have to worry about protecting themselves from a potentially deadly virus, but there is also great economic uncertainty. People aren’t sure whether they’ll have their jobs a month down the line. This may have the unintended effect of making them less focused on maintaining proper cybersecurity protocols.

Data breach trends during COVID-19

Trends have emerged from this strange, new environment.

Perhaps the most insidious is the prevalence of COVID-19-related phishing attacks. Hackers prey on the fears and concerns of everyday people to gain access to networks. According to research from Verizon, people were 30% more likely to click a suspicious link if it was related to the pandemic[3]. Some organizations fared especially bad, with employee click rates ranging between 30-60%. Knowing this, it’s no wonder coronavirus-based spear-phishing attacks have risen in number[4]. Bad actors are utilizing more effective techniques more often.

Another trend is an overall increase in user error. People are adapting to new working conditions and dealing with digital transformation technology they may not be familiar with, all while in the midst of a global health crisis unparalleled in recent times.

Common examples of user error include the misconfiguration of security software, accidental delivery of sensitive documents to unauthorized recipients, or mistakes with file permissions.

Attacks on unsecured remote desktop protocol machines have also spiked since the start of the pandemic[5]. Hackers have more targets now that so many people are working from home on remote desktop software. They use simple brute-force attacks to take over a system. Then, they can install any variety of ransomware, cryptocurrency mining programs, or secret backdoors.

Similarly, Virtual Private Networks (VPNs) are also being targeted[6]. While sometimes mistaken as remote desktops, they are quite different. A VPN creates an encrypted private network on top of a larger network. Remote desktops just allow users to gain access to their computers from a different location. Remote desktops give the user access to the entire computer while VPNs restrict access to the shared folders on a given network.

This, plus the standard encryption make VPNs more secure, generally. It doesn’t mean that VPNs are cannot be hacked, however. A common trend right now is malicious agents using Distributed Denial-of-Service (DDoS) attacks to overwhelm VPN systems, leaving them vulnerable to breaches.

A DDoS attack is when a hacker gains control of a large number of online computers, then uses them to steer traffic to a specific network. The sudden increase in traffic overloads the networks and causes them to crash.

Cloud-based software is being attacked more often as well. Collaborative tools such as Zoom and Slack have seen significant growth in users and therefore, more attention from cyber-thieves. Up to 1350% more attention, depending on the industry[7].

Popular cloud software is usually developed by large corporations you’d assume would be committed to tight security. The truth is, even if the developer devotes considerable resources to security, vulnerabilities remain. For example, large exploits were found in the Microsoft Azure platform that could have allowed threat actors to gain access to other users’ data[8].

Effects on the healthcare industry

Healthcare providers throughout the world have had a rough year. They are on the frontlines in the fight against COVID-19 and have had their capacities tested. You would hope that they would be able to focus most of their attention on that monumental task, but also, they have had to deal with cybersecurity threats.

For example, in June alone, there were 37 confirmed cases of IT-related data breaches in the healthcare sector[9]. Over a million healthcare records were compromised. These attacks are quite common but pose even larger risks during a pandemic.

Imagine if a busy hospital were to undergo a major hack that left important systems or health records inaccessible. This could have disastrous consequences, especially if the area was in the middle of a spike in virus cases. It could lower the hospital’s capability for patient care, or at least divert important resources.

How can companies be more prepared?

It’s impossible to be completely protected from cyber-attacks, but there are ways to mitigate risk.

The first thing to understand is that you’re only as protected as your weakest link. You may need to do a thorough audit of your network and address the troublesome areas. Perhaps your system is rock solid, but if you have suppliers or outside vendors that have access to the system, you still have potential attack points.

You also need to invest in employee education on best practices. Inform them about the stakes of a breach. Train them on common phishing techniques and proper communication protocol. It needs to be made a priority throughout the entire organization if you want to be as protected as possible.

Ensure your IT department has the resources required to mount a worthy defense. Look into new, exciting security technologies that utilize artificial intelligence and blockchain. AI can act as a constant presence, safeguarding your network and quickly informing administrators about attacks. Blockchain solutions can encrypt sensitive data and protect your file systems from being altered.

Securing data at rest and in motion

It’s disappointing that opportunistic hackers are taking advantage of a fragile moment in time, but not surprising. These malicious agents aren’t interested in doing the right thing. They’re only interested in stealing money and information. Hopefully, through a combination of preventative and mitigating techniques, you can keep your most sensitive data safe.

Axel is dedicated to data security. Our platform, Axel Go, uses blockchain encryption to provide the safest file sharing experience available. If you value privacy and security, download Axel Go today for free and get the peace of mind you need.

 

[1] Galen Gruman, “COVID-related U.S. IT job losses tick up as spike in cases creates uncertainty”, COMPUTERWORLD, Jul. 6 2020, https://www.computerworld.com/article/3542681/covid-related-us-it-job-losses-tick-up-as-spike-in-cases-creates-uncertainty.html

[2] “When everyone can work from home, what’s the office for?”, pwc, Jun. 25 2020, https://www.pwc.com/us/en/library/covid-19/us-remote-work-survey.html

[3] “Analyzing the COVID-19 data breach landscape”, Verizon, Aug. 2020, https://enterprise.verizon.com/resources/articles/analyzing-covid-19-data-breach-landscape/

[4] Fleming Shi, “Threat Spotlight: Coronavirus-Related Phishing”, Barracuda, Mar. 26 2020, https://blog.barracuda.com/2020/03/26/threat-spotlight-coronavirus-related-phishing/

[5] Ondrej Kubovic, “Remote access at risk: Pandemic pulls more cyber-crooks into the brute-forcing game”, We Live Security, Jun. 29 2020, https://www.welivesecurity.com/2020/06/29/remote-access-risk-pandemic-cybercrooks-bruteforcing-game/

[6] Sue Poremba, “Increase in Small DDoS Attacks Could Take Down VPNs”, Security Boulevard, Apr. 7 2020, https://securityboulevard.com/2020/04/increase-in-small-ddos-attacks-could-take-down-vpns/

[7] Lucian Constantin, “Use of cloud collaboration tools surges and so do attacks”, CSO, May 26 2020, https://www.csoonline.com/article/3545775/use-of-cloud-collaboration-tools-surges-and-so-do-the-attacks-report-shows.html

[8] Ronen Shustin, “Remote Cloud Execution – Critical Vulnerabilities in Azure Cloud Infrastructure”, Check Point Research, Jan. 30 2020, https://research.checkpoint.com/2020/remote-cloud-execution-critical-vulnerabilities-in-azure-cloud-infrastructure-part-i/

[9] Steve Alder, “June 2020 Healthcare Data Breach Report” HIPAA Journal, Jul. 24 2020, https://www.hipaajournal.com/june-2020-healthcare-data-breach-report/