Menu

PAY MY BILL

Cybercrime is the greatest threat to every company in the world.” During the next five years, cybercrime might become the greatest threat to every person, place and thing in the world. With evolving technology comes evolving hackers, and 60% of network users are behind in their cyber security. Municipalities, small Governments and MSP's are among the most vulnerable..... 
 
How can Abadata help? Call us at 989 883 3411 and ask for help. We can offer a range of services designed to to take the worry out of your business, leaving you to engage in your area of expertise whilst we take care of the IT!
 
The cybersecurity industry is rapidly growing every day. Although more resources are being deployed to counter cyber attacks, the nature of the industry still has a long way to go before we can, as a whole, catch up with these threats. It’s important for us to define what the current information security and cybersecurity industry looks like with these alarming 15 Cyber Security Facts and Stats.
 

1. 95% of breached records came from only three industries in 2016

Government, retail, and technology. The reason isn’t necessarily because those industries are less diligent in their protection of customer records. They’re just very popular targets because of the high level of personal identifying information contained in their records.

 

2. There is a hacker attack every 39 seconds

A Clark School study at the University of Maryland is one of the first to quantify the near-constant rate of hacker attacks of computers with Internet access— every 39 seconds on average, affecting one in three Americans every year —and the non-secure usernames and passwords we use that give attackers more chance of success.

 

3. 43% of cyber attacks target small business

64% of companies have experienced web-based attacks.  62% experienced phishing & social engineering attacks. 59% of companies experienced malicious code and botnets and 51% experienced denial of service attacks.

 

4. The average cost of a data breach in 2020 will exceed $150 million

As more business infrastructure gets connected, Juniper Research data suggests that cybercrime will cost businesses over $2 trillion total in 2019.

 

5. In 2018 hackers stole half a billion personal records

This was a 126% jump from 2017. Since 2013 there are approximately 3,809,448 records stolen from breaches every day.. 158,727 per hour, 2,645 per minute and 44 every second of every day reports Cybersecurity Ventures.

 

6. Over 75% of healthcare industry has been infected with malware over last year

The study examined 700 healthcare organizations including medical treatment facilities, health insurance agencies and healthcare manufacturing companies.

 

7. Large-scale DDoS attacks increase in size by 500%

According to the Q2 2018 Threat ReportNexusguard’s quarterly report, the average distributed denial-of-service (DDoS) attack grew to more than 26Gbps, increasing in size by 500%.

 

8. Approximately $6 trillion is expected to be spent globally on cybersecurity by 2021

Organizations need to make a fundamental change in their approach to cybersecurity and reprioritize budgets to align with this newly defined reality of our modern society.

 

9. By 2020 there will be roughly 200 billion connected devices

The risk is real with IoT and its growing. According to figures compiled within a recent Symantec Internet Security Threat Report, there are 25 connected devices per 100 inhabitants in the US.

 

10. Unfilled cybersecurity jobs worldwide will reach 3.5 million by 2021

More than 300,000 cybersecurity jobs in the U.S. are unfilled, and postings are up 74% over the past five years.

 

11. 95% of cybersecurity breaches are due to human error

Cyber-criminals and hackers will infiltrate your company through your weakest link, which is almost never in the IT department.

 

12. More than 77% of organizations do not have a Cyber Security Incident Response plan

What’s worse? An estimated 54% of companies say they have experienced one or more attacks in the last 12 months.

 

13. Most companies take nearly 6 months to detect a data breach, even major ones

Equifax, Capital One, and Facebook just to name a few. Information such as passwords, credit card details, and social security numbers may already be compromised by the time you’re notified.

 

14. 46% of all Bitcoin transactions involve illegal online activity

Cryptocurrency is becoming one of the largest unregulated markets in the world. A recent study shows that around $76 billion in cryptocurrency is used in criminal activity every year.

 

15. Total cost for cybercrime committed globally has added up to over $1 trillion dollars in  2018

Don’t think that all that money comes from hackers targeting corporations, banks or wealthy celebrities. Individual users like you and me are also targets. As long as you’re connected to the Internet, you can become a victim of cyber attacks.

 

What does it all mean?

Ginni Rometty, IBM’s chairman, president and CEO, said: “Cybercrime is the greatest threat to every company in the world.” And she was right. During the next five years, cybercrime might become the greatest threat to every person, place and thing in the world. With evolving technology comes evolving hackers, and we are behind in security.

 
Understanding the cyber terminology, threats and opportunities is critical for every person in every business across all industries. By providing advanced cyber training and education solutions in all departments of your business, from marketing and sales to IT and InfoSec, you are investing in your company’s protection against cyber threats.
 
 
Article reproduced courtesy of Cybint (Cyber Solutions) written by Devon Milkovich September 23rd 2019......

 

73% of users have the same password for multiple sites, 33% use the same password every time!

Every extra character in your password increases the difficulty for hackers to crack it!

Multi-factor authentication adds an extra layer of security that is difficult for hackers to crack!

Secure passwords are part of HIPAA privacy compliance!

What can happen to my password if it is stolen? Once an attack has happened and the criminal has your data, he or she likely runs through the following steps, which we like to call, “A Hacker’s Post Breach Checklist:”The hacker will:
  • Inventory the stolen data: Hackers will look through the stolen data files for authentication credentials, personal information like names, addresses and phone numbers, and financial information like credit card details.
  • Sell personal information:Next, the hacker will package up personal information like names, addresses, phone numbers, and email addresses and sell them, typically in bulk. These are more valuable the more recent they are. According to Quartz, a full set of someone’s personal information including identification number, address, birthdate, and possibly credit card info costs between $1 and $450 with a media cost of $21.35.
 
  • Look for the good stuff:Hackers will then inventory authentication credentials further and look for potentially lucrative accounts. Government and military addresses are very valuable, as well as company email addresses and passwords for large corporations. Since people often re-use their passwords, hackers can often use credentials for military or corporate accounts to target other companies. For example, Dropbox was breached in 2012 using credentials stolen in the LinkedIn data breach earlier that year. A hacker may plan such a hack himself, or he/she may sell the credentials to others on the dark web for a much higher price.
 
  • Offload the cards: Financial information like credit card numbers are packaged and sold in bundles. An individual with the right knowledge could easily buy credit card information in groups of ten or a hundred. Usually a “broker” buys the card information, then sells them to a “carder” who goes through a shell game of purchases to avoid being detected. First the “carders” use stolen credit card to buy gift cards to stores or to Amazon.com, then use those cards to buy physical items. The carder may then sell the electronics through legitimate channels like eBay, or through an underground dark website.
 
  • Sell in bulk After several months, the hacker will bundle up authentication credentials and sell them in bulk at a discounted price. By now, most of the credentials are worthless since the company has most likely discovered the breach and taken steps to repair it. For example, a database containing the entire LinkedIn credentials dump is still available.
 
How to Create Strong Passwords    
Why are strong passwords needed?    
Good computer security includes the use of strong passwords for all your accounts. Passwords can be the weakest link in a computer security scheme. Strong passwords are important because password cracking tools continue to improve and the computers used to crack passwords are more powerful. Network passwords that once took weeks to break can now be broken in hours.  
Password cracking software uses one of three approaches: intelligent guessing, dictionary attacks, and automation that tries every possible combination of characters. Given enough time, the automated method can crack any password. However, it still can take months to crack a strong password.  
   
For a password to be strong and hard to break, it should:

   Contain 6 or more characters
    Contain characters from each of the following three groups:
    Letters (uppercase and lowercase) A, B, C,...; a, b, c,...
    Numerals 0, 1, 2, 3, 4, 5, 6, 7, 8, 9
    Symbols (all characters not defined as letters or numerals) ` ~ ! @ # $ % ^ & * ( ) _ + - = { } | [ ] \ : " ; ' < > ? , . /
    Have at least one symbol character in the second through sixth positions.
    Be significantly different from prior passwords.
 
   
Try to change your password(s) every 6 months.    
When typing in your password, make sure no one is watching you type. Ask anyone around you to kindly look away.  
     

Mark Laliberte  - WatchGuard’s own Information Security Threat Analyst says:

“Hackers will often start by selling data on military or government accounts,”People are also bad at choosing passwords for individual services and often reuse passwords, which lets hackers try those passwords on the other websites their victims use.”

 

Password reuse, like what Marc is describing above, can create opportunities for more breaches. For example, Dropbox was breached in 2012 because a Dropbox employee’s Expedia password was stolen in a separate data breach and they reused that password for their work account.

 

A strong password policy doesn’t need to be the only line of defense to your systems and network. Adding multi-factor authentication creates multiple layers of security to protect users and resources.

 
     

What can you do to protect yourself?

   

Good passwords are critical to information security. Lack of thought in creating password policies increases the chances of unauthorized access or compromised data. The SANS institute recommends that strong password policy include the following characteristics:

 
  • Contain a mix of uppercase and lowercase letters, punctuation, numbers, and symbols.
  • Contain at least 15 characters.
  • Be unique from other accounts owned by the user.
  • Never include dictionary words
  • Never include patterns of characters
  • Go even further in your password policy by encouraging the use of pass phrases, which use phrases along with the strong password guidelines to add even further difficulty to passwords being compromised.
  • For example: The phrase “iced tea is great for summer” becomes “!cedTisgr84$umm3R”
   
     

The easiest solution - use a password safe

   

Password safes save your passwords securely, allowing you to save the information on your personal computer without opening yourself up to giving away private information advertently. They can also generate random passwords for each of your accounts.  These password safes store all of your passwords in a single account, which has a master password you need to remember. This allows you to use truly random combinations in all of your other passwords,

making them much harder for malicious users or bots to crack. Two examples of such services are: LastPass and Password Gorilla.

 
     
Change your Passwords Regularly!    
The RIT Password Standard requires passwords to be changed annually. . In addition, passwords should be changed:
Whenever a malicious program such as a virus is detected or a machine is compromised insome way.
If there is a job change (job is completed, job is terminated, or a job transfer changes the need for access).
From any default passwords.If they are shared with anyone other than the authorized user(s)
 
     
Don't Use your username or any part thereof:    
These are the don'ts!    
    Name(s) of yourself, family, friends, pets, or co-workers
    Computer terms and names, commands, sites, companies, hardware, or software
    Birthdays or other personal information such as addresses or phone numbers
    A set of characters in alphabetic or numeric order (ex. abcdef), in a row on a keyboard
    (ex. qwerty), or a simple pattern (ex. 123123)
    Words that can be found in a dictionary
    Your UCLA ID number, a bank account PIN, credit card number, etc.
    Any of the above spelled backwards
    Any of the above preceded or followed by a digit (ex. qwerty1, 1qwerty)
 
     
DON’T Reuse passwords. If you do, a hacker who gets just one of your accounts will own them all. (Some systems will not let you reuse passwords.)  
DON’T Use a dictionary word as your password. If you must, then string several together into a pass phrase.  
DON’T Use standard number substitutions. Think “P455w0rd” is a good password? N0p3! Cracking tools now have those built in.  
DON’T Use a short password—no matter how weird. Today’s processing speeds mean that even passwords like “h6!r$q” are quickly crackable. Your best defense is the longest possible password.  
     

Template powered by Abadata.com