Tag Archives: prevention

Top 5 Priorities for State and Local Government Technology

State and Local Governments have found that in recent years it is becoming easier to serve citizens and enhance the way of life in their cities by utilizing technology. Officials have seen much better city management and planning when they implement new tech. Government offices are also relying more on their IT infrastructure to keep their employees productive in order to better serve their communities. With the recent cyber breach that affected the entire city of Atlanta, state and local governments are starting to realize they are just as vulnerable to cyber attacks just like anyone else. Government offices hold a lot of valuable information and are relied upon to maintain not only their local economies but the safety and standard of living for their residents. This year governments are going to have to prioritize their technology and develop plans that will maintain their IT infrastructure, here are the top 5 things State and Local Governments should consider.

1. The Internet of Things Enhancing Communities

The Internet of things, or (IoT) has been a trending topic in the news recently.  But what is the IoT?  Simply put, it is connecting any device with an on/off switch to the internet. This includes, any household items, fridges, microwaves, to washing machines, lamps, wearable devices and the list can go on forever.  But what does this have to do with State and Local Government one may ask? Well, a whole lot. On a broad scale the IoT can be applied to things like transportation networks and can help create “smart cities” that can help us reduce waste and improve efficiency for thing such as energy use.  Check out the graphic below that shows how a smart city would work. (The graphic below provided by Libelium who specializes in IoT devices.)

2. Beefing Up Cyber Security

The IoT can do great things for a city, however without the right security measures, it could also make a city extremely vulnerable. State and Local governments need to have fail safe back up and disaster recovery plan for all departments to ensure the cities network is protected and does not get compromised. In the face of evolving threats, cities have already fallen victim like the case of Atlanta.  Atlanta has recently fallen victim to a ransomware attack in which the hacker demanded over $51,000 USD in the form of bitcoins. The ransomware stole information and locked out government officials from files and software needed to run city operations. Cyber security is a very sensitive topic for government because when compromised, like a business, people begin to lose trust, which is the opposite of what any local government wants for its residents.

3. Cloud Solutions for Data

Cloud solutions are no more a far-fetched concept.  Migrating data to the cloud is providing a way that government can bypass restrictions created by tightening budgets. More governments are moving their data to the cloud, however with the migration comes some planning. Local governments must consider their environment to ensure they pick the right model, whether being a public, private or hybrid cloud. Moreover, data management can prove itself an issue if governments are relying on multiple cloud management providers.

4. Consolidation and Cutting Redundant Costs

Finding saving and efficiencies is extremely important to governments. When there are too many separate entities all with their own network trying to work together, this can create many holes in a governments system, where one infection can spread like wildfire. In the case of the state of Ohio just five years ago, 26 agencies were using close to 9,000 servers to support more than 32 data centers that were only running at less than 10 percent capacity.  By consolidating and reconstructing these servers the state was able to save more than $100 million and avoid close to $60 million is added costs. Governments will need to look into simplifying their infrastructure to their best ability, not only will it be able to help with costs, but also with security.

5. Collaborating with the Right Tools

Managing and thinking about all of these technical items is the last thing an elected official wants to think about when they run for office. Especially to local governments who focus on their residents and improving their cities. Technology problems are the last on their priority lists, local governments should look to invest in managed service providers that will focus on the technology side, making sure it is safe and reliable, while the government focuses on more pressing community tasks. ECMSI in northeast Ohio can do just that for any local government. If you are a part of a local government that needs IT help. Please feel free to call us today at 330-750-9412. We are always here trying to Make IT Easy!

 

How to Avoid Becoming the Next Hacking Victim

Cyber attacks are so common now that hardly a week passes without news of another major network security breach involving a high-profile company. Well-known brands like Target, Sony and Yahoo have all fallen victim to security breaches in the last few years.

But hackers don’t just limit themselves the market’s major players – they will, and do, attack companies of all sizes, exploiting their weak defenses to infiltrate and steal valuable corporate data. In fact, smaller businesses are seen as much easier targets, because they usually lack the robust defenses that large enterprises routinely use.

So why should you worry about being next? The costs of a network security breach can be enormous, sometimes even crippling. One study from the National Cyber Security Alliance reports that around 20 percent of small businesses fall victim to a cyber attack each year, and of these, just 40 percent are still around six months later.

Can your business foot the bill from a major cyber security breach? Not likely.

Keep the bandits out

At ECMSI, our overriding goal is to help your company thrive, but you won’t stand a chance of doing that if your servers are leaking corporate and customer data all over the place. That’s why we make your network security such a big priority. We want to see our customers to succeed — and enjoy longer-lasting relationships with them.

As one of the leading Managed Services Providers, we’ll strive to protect your network against everything attackers can throw at it.

Our big secret is that unlike other MSPs, we take time to get to know our clients and help them understand how to take full advantage of their technology.

When we uncover your unique risks and concerns, we prepare a plan to help you defend against the wide variety of cyber threats that could slow down and damage your business — and your reputation — including ransomware, insider attacks and other viruses.

And we go further to proactively avoid these threats by teaching you best practices to minimize the risk of becoming a victim in the first place. We’ll also help get you up and running with the latest antivirus software, firewalls and threat detection software to ensure your network security is as tight as it’s possible to be.

Your depend on your business technology to be successful, that much you know already. But it can also become your Achilles’ heel if your network defenses aren’t up to scratch. Contact ECMSI today and we’ll show you how to avoid becoming headline news for the wrong reasons.

Fight Back! How to Scam an Email Scammer

Wouldn’t it be nice if the Nigerian Prince that just so happened to email you would actually deliver on his promise of depositing that “$2,000,000 USD” into your bank account? Hopefully you know that this is just a scam to steal your financial information, however, many people around the world have fallen into the traps of these phishing emails.

“The idea is to waste their time and make it impossible for scammers to turn out a profit, it also delivers satisfying karma and allows you to scam a scam.”

These scams are so well known that they do not fool many people anymore, but it can be quite annoying when we receive these emails. If you’re one of those people that enjoy a good prank and like to humor an obvious scam, then look no further. A new service from NetSafe called Re:Scam can help you waste the time of email scammers to prevent them from moving forward to another victim. So just how does this service waste the time of “Nigerian Princes” and “UN Bureaucrats”? In the funniest way possible.

Re:Scam is a AI-powered chatbot designed to draw out the conversation and exchange as long as possible. All you do is forward an email from a scammer to [email protected], the chatbot then uses a proxy email address to communicate with the crook. The idea is to waste their time and make it impossible for scammers to turn out a profit, it also delivers satisfying karma and allows you to scam a scam. Some of the funniest interactions go something like this:

Scammer: “Do you wish to be a member of the great Illuminati family? Do you want to be payment $5,000,000 weekly? Let us now if you are interested in success.”

Chatbot: “Dear Illuminati, What a wonderful surprise. I’d love to join your secret club. Do you do a bingo night?”

Scammer: There is not bingo night. Please complete attached form with bank details for your receive full payment of 5 million.

Chatbot: Terrific! But to avoid detection I’m going to send my bank account details through one number at a time.  Ready? 4.

Scammer: “This is not necessary”

Chatbot: “7”

The full video from Netsafe can be found here

The video mentions that email scamming is a billion dollar industry, and it is time to fight back with a sort of eye for eye treatment. If these scammers are going to try to waste our time we might as well waste theirs. If everyone began using this service we can help prevent them from moving forward and soon enough stop these emails by making these scams completely useless to attempt.

 

Equifax Breach! Get the Facts

On September 7th the consumer credit reporting giant, Equifax, announced a cyber security incident that could have potentially impacted over 143 million U.S. consumers. The company discovered the unauthorized access on July 29th of this year and believes it may have been occurring from mid- May through July 2017. The information accessed includes names, Social Security numbers, birth dates, addresses and driver’s license numbers as well as credit card numbers for over 209,000 U.S. consumers.

Now before the panic ensues, the company acted immediately to stop the intrusion and utilized the help of an independent cyber security firm to conduct an in depth forensic review to determine the impact of the breach. While Equifax reported unauthorized access to limited personal information for some U.K and Canadian residents, the company found no evidence that personal information of consumers in other countries have been impacted. There was also NO evidence of unauthorized access to core consumers or commercial credit reporting databases.

If this issue concerns you, or you think you may have been one of those consumers effected, Equifax has launched a website dedicated to informing users if their information could have been impacted. Which can be found here.  On this site Equifax offers an opportunity to find out if your information was potentially hacked into as well as a chance to enroll in their TrustedID Premier, that the company is offering to every US Consumer for free for a year. This service includes 3-Bureau credit monitoring of Equifax, Experian and Transunion credit reports, copies of Equifax credit reports, the ability to lock and unlock Equifax credit reports, identity theft insurance and Internet scanning for social security numbers.

This incident is not the first of its kind and will sadly not be the last. It is important for consumers to protect themselves as much as they can when handling their personal information online. This breach is also a lesson to all businesses, no matter how big or small that their IT security is one of the most important aspects to their business and core activities. A situation like this can leave a bad stigma on your businesses reputation for the future. The CEO of Equifax stated, “Confronting cybersecurity risks is a daily fight. While we’ve made significant investments in data security, we recognize we must do more. And we will.”

How to Identify a Phishing Email

You wake up and like many of us today, you immediately check your phone. Scrolling through your email you see a message in your inbox that reads “Microsoft account security alert” this email then goes on to explain how someone might have accessed your account and how they may have your password and access to personal information. The email then contains a button you can click through to “recover your account”. This email looks a little something like this.

Seems normal enough right? WRONG. This email contains an abundance of red flags that to someone not so tech savvy could fall victim to. This email is meant to be malicious and ironically while it is trying to get you worried about your information getting hacked into. It is trying to hack into your information. Let’s dive into what these red flags are so that others do not fall victims to these malicious emails.

To begin with, this email claims it is from the Microsoft team, however within the email itself we see no Microsoft branding of any kind, and is overall poorly designed. The next indicator of suspicious activity is that the email keeps mentioning a Microsoft account has been accessed, but shows a Yahoo email address. The person who received this email knew that their email address was not registered with any Microsoft account, especially being that they were a Mac only user. There was also not enough characters or asterisks that reflected any email this user had.

This is just one example of a phishing email and there are many more, some are formatted well, others are blatantly a scam, but paying close attention and really evaluating each point the email is trying to make is extremely important. Be sure to be on the lookout for other signs such as:

  1.  You are asked to send money to cover expenses.
  2. The message asks for personal information.
  3. The message contains poor spelling and grammar.
  4. The email contains mismatched URL’s.
  5. The offer of the email seems too good to be true.

Finally, if something in that email just does not seem right to you, there is most likely a reason why and immediately. If an email looks suspicious and catches you off guard or does not relate to any recent activity you have done online, it is best to not act upon that email and flag it as spam and delete the email immediately. Clicking through could cause major issues to your computer system or others if it happens in your workplace. Be sure to always be attentive, be curious and ask questions and stay protected!