8 Signs Your Employees Have Been Hacked

With more than half of malware attacks now targeting small businesses, every employee in your organization, regardless of title or seniority, needs to play a role in protecting your digital turf. While education is an important first step when it comes to thwarting cyberattacks, not even your most protective, cyber-savvy employees are unassailable.

Modern hacking efforts are crafty and well-disguised. Malware is delivered in everything from email attachments and browser toolbars; to pop-up ads and free software. In other words, there’s only so much “defense” you can play.

As important as knowing how cybercriminals attack is knowing when they have attacked. The sooner your employees recognize that a potential breach has occurred, the sooner your IT staff or cybersecurity partner can triage the threat and intervene.

Keep your employees on their toes by educating them on these 8 “OMG, I’ve been hacked” warning signs.

  1. Your device is suddenly slower: Speedy devices that are suddenly acting slowly and sluggishly can often blame their behavior on malicious software running in the background that’s consuming all of their processing power. Open up your device’s task manager — if there’s an application you don’t recognize eating an inordinate amount of memory, it could be a virus.
  2. Your cursor has gone rogue: While random mouse movements can often be attributed to faulty hardware, they may also indicate that your device has been hacked and is now being controlled by someone else. The key is to pay attention to the mouse movement. If the cursor drifts to a “clickable” area, such as a web browser, you’ve almost certainly been hacked.
  3. Your trusted websites are suddenly littered with pop-ups: Arguably the most annoying of all the malware hacks, random pop-ups from websites that don’t typically produce them should arouse your suspicion — especially if they’re bypassing your pop-up blocker. Be especially wary of messages that claim you’ve won something, or attempt to scare you into thinking you’ve been hacked. Needless to say, ignore all suspicious pop-up messages.
  4. Your password isn’t working: If your password isn’t working — and you’re certain you’re entering it correctly — a hacker may have accessed your device or account and changed the password to keep you out. This is one of the most dangerous cyberattacks because the hacker can now not only steal your credit card numbers and other sensitive data, but also exploit your business contacts by pretending to be you. If your password is stolen, inform your company immediately. Then, change ALL of your passwords across all of your other accounts and devices, even if the password is different than the one that was breached.
  5. Your internet searches are being redirected: If your internet searches are being rerouted from your intended website to a sketchy URL, that’s a pretty clear sign you’ve been hacked. Why would a cybercriminal want to direct you to a specific website? In most cases, to generate revenue from third-party search engines such as Google. For hackers, hijacking your browser can be a quick way to earn a payday.
  6. Your device suddenly restarts: Although automatic restarts are common when installing new software and authorizing routine system updates, random restarts that occur without warning should raise suspicion. It’s possible that malware was just installed on your device, and the restart was triggered to complete the process. While it’s more likely that your malware-laced device will slow down versus flat-out restarting, this possible outcome should be on your radar.
  7. You notice random browser toolbars and add-ons: Toolbars and add-ons offer a number of benefits, shortcuts and other efficiencies, but they’re also popular ways for hackers to discreetly embed malware. Periodically open your web browser and check your toolbar and add-ons. If you see something you don’t remember installing, err on the side of caution and remove it.
  8. Your antivirus is disabled: If your antivirus scanner abruptly stops working, malware is likely the culprit. When malware penetrates your system, one of the first things it does is disable your device’s antivirus software and block your access to antivirus update servers. Here are some helpful tips to make sure your antivirus software is working.

If your small or mid-sized business is overwhelmed by the relentless threat of cyberattacks, our cybersecurity experts are here to help. Unfortunately, hackers will never stop trying to breach your system. Their tactics will continue to evolve and their breaches will become harder and harder to detect. You need an experienced cybersecurity expert in your corner to defend your business from these potentially catastrophic attacks.

Contact BrevAll Technologies today and let us prove that we’re the answer to your cybersecurity needs.

Why Dark Web Monitoring is Essential in 2018

Dark Web Security Threats

Dark Web Security Threats
To the everyday person, the mere thought of the “Dark Web” sends chills up the spine. It makes you think of hooded people in shadowy lairs, hacking sophisticated systems and monetizing from society’s most nefarious underground industries.

The Dark Web’s association with drug dealing, human trafficking and other heinous ventures has made its threat to legitimate businesses seem almost like an afterthought. Some small business owners can’t fathom why a cybercriminal capable of hacking a giant corporation or cashing in on other illicit activities would waste time hacking their relatively fruitless company.

The truth is, no business, no matter the size, is beneath the threat of attack. Not when you consider the Dark Web’s emergence over the last few years as an information superhighway and marketplace, where all stolen data, big and small, can be seamlessly sold in exchange for untraceable cryptocurrency.

In 2018, the threat of the Dark Web is greater than ever. Some experts estimate the deep web, which encompasses anything that a search engine can’t find, is about 400 to 500 times larger than the common internet.
Cybercriminals are scouring the Internet looking for easy targets. If you don’t have a plan in place to neutralize the threat, your business could pay a steep price.

What is the Dark Web?

The Dark Web can best be described as the “underbelly” of the Internet; a shrouded place that’s only accessible via special software. Comprised of a series of encrypted networks that mask users’ names, locations and IP addresses, the Dark Web essentially paves the way for people to commit crimes with little risk of being personally identified.

Over the last decade, businesses everywhere have been engulfed by the Dark Web. When Target was hacked in 2013, 40 million debit and credit cards belonging to shoppers were discovered on the Dark Web, according to CNET. The same publication reported that 200 million stolen Yahoo! logins were marketed on the Dark Web in 2016.

Just a few months ago, a notorious cybercriminal in the U.K. was found to have allegedly breached 17 different companies, including Uber and Groupon, and sold their stolen customer data on the Dark Web. There are countless other stories of big and seemingly secure corporations falling victim to such types of attacks.

The risk to small business

While large-scale data breaches dominate the headlines, small businesses are an even more tantalizing target for some cybercriminals. According to Symantec’s 2016 Internet Security Threat Report, 43 percent of cyber attacks are lodged against small businesses — a 9 percent increase compared to 2014, according to Fortune.It goes to show that cybercriminals don’t discriminate based on the size of a business; they only care about its vulnerability. This makes small businesses a prime target, since many don’t have the resources or expertise to combat or even recognize an attack when it occurs.

It’s imperative that all small businesses take their security seriously, especially those that store passwords, financial data and other compromising personal data. If your business is hacked, your customers’ data could end up for sale on the Dark Web. And that would be very bad for everybody. Fortunately, there’s an affordable way to guard against these attacks.

Take a Proactive Approach

The most fundamental mistake small businesses make when it comes to security? Being reactive instead of proactive. They ignore Dark Web threats until they’ve been attacked, and then they’re left scrambling to solve a problem for which there may not be an immediate
solution.

The key is to assume a breach will eventually happen, so that when one does occur, you already have safeguards in place to neutralize the attack, as well as protocols for reporting the attack, which small businesses owners are required to do in the event of a data breach.

The best way to be proactive is to invest in Dark Web Monitoring from a security expert like BrevAll Technologies. A perfect alternative for companies that don’t have the resources to invest in onsite IT staff, we will monitor the Dark Web 24/7 for compromised information associated with your business. And if there’s been a breach, we will jump in before that
information can be used for identity theft and other crimes.

The Dark Web is only getting darker. It’s time to step up and make sure your customers’ information — and business’s reputation — is protected. Otherwise, it could be lights out.

5 Ways Blockchain is Disrupting Cybersecurity

Blockchain Diagram

Blockchain was invented in 2008 to serve as the public transaction ledger for the cryptocurrency bitcoin. A decade later, the technology is revolutionizing more than just the financial industry. It’s shaking up the entire economy.

Although blockchain’s roots are in digital currency, its core technology has countless other applications, from logging data to cataloging intellectual property. As a result, business owners everywhere are scrambling to figure out how they can leverage blockchain technology to protect their data and thwart cybercriminal activity.

Given the ever-increasing threat of cybercriminals, it’s no surprise that cybersecurity is top of mind for businesses everywhere — or that demand for blockchain engineers has skyrocketed in recent years. According to the publication CSO, cybercrime is projected to cost the world $6 trillion in damages annually by 2021, up from $3 trillion in 2015. As a result, cybersecurity spending is expected to exceed $1 trillion from now until 2021.

While Blockchain is relatively new technology that’s still evolving, its ability to encrypt, validate and protect data already makes it a viable candidate to solve the cybercriminal scourge. Here are five ways blockchain is helping businesses shore up their cybersecurity.

Hard to Hack: Blockchain is structured in a way that makes it virtually impossible to corrupt. Unlike traditional servers, which store information in a single repository, blockchain data is stored on a decentralized P2P network comprised of thousands of computers. Every computer that participates in the node has a copy of all transactions made on the blockchain. Since there’s no “official” copy of this ledger, tampering with it would require hacking multiple computers at once. This would be extremely difficult for even the most sophisticated hacker, considering the immense computing power it would require.

Anonymous: While all blockchain transactions are transparent, individual users get to maintain their anonymity. Here’s how: when a user completes a transaction (i.e. Jon sends bitcoin to Jill), the details are published on the blockchain. However, personal details such as the user’s name are concealed. Instead, the transaction record is attributed to an auto-generated private key, which is virtually impossible to trace back to the user. This allows transactions to be transparent, while at the same time protective of a user’s sensitive personal information.

Validation: To ensure the integrity of a blockchain, every transaction is validated by every computer in the node. Once a transaction is validated, it’s stored in a block and permanently sealed. Now part of the blockchain, the transaction cannot be altered. Consider the benefits blockchain has over traditional databases, which can be destroyed or tampered with — intentionally or unintentionally — by anyone with an access key.

Battle Ransomware: Last year’s infamous WannaCry attack not only pushed the threat of ransomware into the public consciousness, it also served as proof of concept for other cybercriminals. While many ransomware operators request their payment via digital currencies such as bitcoin due to the anonymity it affords, blockchain can also help investigators find the perpetrators behind the attack. As SecurityIntelligence explains: “To use extorted bitcoins, fraudsters must transfer them to a third-party address, possibly a bitcoin register or wallet, where service providers process a flat currency exchange. These suppliers can identify bitcoin addresses associated with ransomware campaigns and quickly notify cybersecurity specialists.”

Prevent DDoS Attacks: A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt a web property, such as a server or website, by overwhelming it with traffic from multiple sources. DDoS attacks have victimized a number of well-known companies over the last few years, including Twitter and Spotify. Since Blockchain distributes data throughout a large P2P network — as opposed to storing all data in a single repository — it’s in many ways the perfect solution for preventing costly DDoS attacks.

To learn how you can leverage blockchain for your business, contact the cybersecurity experts at BrevAll Technologies. Call us at (800) 838-0911 or email info@brevall.com.

15 Cybersecurity Tips for Small Businesses

Small businesses are becoming a bigger target for cyber-criminals.

According to the Ponemon Institute Research Report, 61% of small businesses were attacked from October 2016 to September 2017, and 54% experienced data breaches involving customer and employee information. Both numbers were up from the previous 12 months.

If you own one of America’s 28 million small businesses, here are 15 minimally expensive steps you can take right now to strengthen your cybersecurity and protect your business.

1) Secure your Wi-Fi Network: One of the easiest ways for cybercriminals to hack your network is via Wi-Fi. Defend against this by hiding your Wi-Fi network to all non-authorized personnel. To hide your Wi-Fi network, set up an encrypted wireless access point and disable outside network access.

2) Enable HTTPs: Used by financial institutions, “HTTPs” are more secure versions of traditional “HTTP” websites. HTTPs have an SSL/TLS Certificate installed onto their servers that encrypt all communications between your browser and website, ensuring that customer information, such as credit card numbers, cannot be intercepted.

3) Update Your Password: Frustrating? Yes. But demanding employees change their password frequently mitigates the damage is case their original code has been stolen. Strong passwords contain at least 10 characters and include numbers, symbols and upper and lowercase letters. Employees should never write down their passwords or use the same password for multiple company applications.

4) Minimize Password Attempts: Did you know there’s software that can guess your password in a matter of minutes? Guard against this by reducing the number of incorrect passwords an employee can enter. If that number is reached, temporarily freeze the employee’s access until you can verify there was no attempted breach of your network.

5) Multi-Factor Authentication: Another way to secure your network is by enabling multi-factor authentication, which requires more than one method of authentication to verify a user’s identity. Make sure vendors that handle your data also use multi-factor authentication.

6) Update Software: Hackers can enter your network through outdated browsers and applications, so make sure your entire staff is using the most current software available. For the same reason, make sure employees who use mobile devices for work are diligent about downloading the most updated apps and operating systems.

7) Safeguard Payment Cards: Contact your credit card processors to make sure they’re employing the most stringent tools and anti-fraud services to protect your customers’ credit card and/or other financial data.

8) Limit Access to Network: Instruct employees to lock their machines when they’re not using them and establish security checkpoints to inhibit non-authorized personnel from gaining access to areas of the building in which they do not belong.

9) Limit Access to Data and Software: For the same reason you wouldn’t give all of your friends a key to your house, you shouldn’t give employees access to data or software that isn’t germane to their jobs. This will help keep your security tight, as well as troubleshoot any security issues that may materialize.

10) Back Up Data: Frequently back up all essential data and documents and store copies in a different location than the original, such as an external hard drive or the cloud. This will allow you to easily recover data that’s been lost or stolen.

11) Phishing Prevention: Phishing scams affect thousands of organizations every month. Train employees to never open attachments or click links in emails from unrecognized senders, who could be hackers looking to install malware onto your computer.

12) Encourage Open Dialogue: If your employees detect anything suspicious, whether it’s a potential phishing attack or a watering hole, urge them to report it immediately. Senior management should then investigate the incident and, if necessary, notify the entire organization, because chances are multiple employees have been targeted.

13) Social Security: Employees often turn to social media platforms like Facebook and Twitter to blow off steam. In some cases, they may not be aware that they’re divulging trade secrets or sensitive information. Make sure you educate them about what they cannot say on social media — and hold them accountable for breaking the rules.

14) Ban Working in Public Areas: While parks and coffeeshops may seem like harmless places to work remotely, they can actually be quite dangerous. You never know who’s sitting right next to you, sneaking peeks at your computer or eavesdropping on your phone conversation. When it comes to cybersecurity, you can never be too paranoid.

15) Rapid Response Protocol: If your business has been attacked, you don’t want to be caught flat-footed. Develop a proactive plan for how to quickly and effectively respond. Engaging the services of a cybersecurity expert like BrevAll Technologies is always a smart first step.

 

BrevAll Technologies Becomes Virtual CIO for Small to Mid-Sized Businesses

Businessman hand working with modern technology and digital layer effect as business strategy concept.

NORTH RICHLAND HILLS – BrevAll Technologies a leading managed technology services provider, announced today that the company will now be serving as a Virtual CIO (Chief Information Officer) for small to mid-sized business (SMBs) who are looking to focus solely on expansion and revenue
growth. BrevAll Technologies will step forward into a vCIO role elevating its position amongst customers that desire a greater level of strategic business guidance.

By not only maintaining the IT infrastructure, planning the technology roadmap and identifying new ways to utilize emerging technologies to enhance SMB productivity its consultation will enable leadership of the SMB
to focus exclusively to growth, in order to sustain a competitive advantage. As BrevAll Technologies makes this move,

SMBs of the future will not have to deal with the challenges of technology, its rapid growth and the constant stream of changes.

Now, BrevAll Technologies has the capacity to join forces with SMBs who want a proactive partnership to accelerate organizational growth.

Find out more by reading our latest press release…

BrevAll Technologies Disrupts Cybersecurity Industry with New Program

Virtual Lock

NORTH RICHLAND HILLS – Reducing financial commitments, increasing security coverage and strengthening systems expertise are among the many advantages of the trending Cybersecurity-as-a-Service (CSaaS) model. While CSaaS has typically only been accessible to large-scale businesses, BrevAll Technologies — a leading managed technology services provider — offers the service to the underserved sector of small- and mid-sized businesses.

“From firewalls and antivirus software, to dark web monitoring and phishing prevention, we have a constant eye on our customers’ cybersecurity,” said Paul Enloe, CEO of BrevAll. “Nobody wants to clean up the mess after a breach, so we work with our clients to ensure they have the right security infrastructure in place to meet the specific needs of their business.”

Find out more by reading our latest press release »

BrevAll Technologies Selected to Attend Technology Assurance Group’s Annual Convention

North Richland Hills – February 26, 2018

BrevAll Technologies, a leading managed technology services provider, announced today that the company has been selected to attend Technology Assurance Group’s 18th Annual Convention in San Diego, California on April 28th through May 2nd. TAG is an organization of managed technology services providers (MTSPs) in North America representing $350 million in products and services. The focus of the convention is enhancing the customer experience. An impressive lineup of CEOs, futurists, tech experts, professors, researchers, authors and speakers will share valuable information on this very important theme.

“It is an honor to be selected to attend the industry’s most popular event and share our unique approach to the customer experience with other like minded MTSPs from across North America,” stated Paul Enloe, CEO of BrevAll Technologies. “We believe we offer creative and innovative solutions and look forward to meeting other leaders in the field where we can share new ideas and successes that enhance the service we provide to our customers. In our industry, there is always change, both in what the customer expects and in the new services that we can offer. This is where the great minds come to meet and vet new technology and service experiences.”

The convention will showcase world renowned customer experiece keynote speakers and authors like Shep Hyken, Dr. Jeane Twenge, and Jason Young. These experts will enlighten attendees on how to amaze every customer everytime, leverage the talents of the millinnial and iGen generations to deliver a phenomenal customer experience, and highlight ways to create a customer centric culture to delelop the ideal customer relationship.

“It’s important for us to always be one step ahead,” reiterated Mr. Enloe. “We consider it our obligation to constantly be educating ourselves and discovering new solutions. That’s why we invest in events like these, they give us great ideas, excellent opportunities to collaborate and it helps us maintain our leadership position in our industry.”

State of the Union for Technology In 2018

State of the Union for Technology In 2018

BrevAll Technologies a leader in managed technology services, announced today that the company sharing its predictions for the future of the technology sector. BrevAll Technologies is preparing business owners for the anticipated technology explosion in 2018. One of the bases for this prediction is the growing number of employed individuals and the omnipresent demand for technology in the modern workplace.

According to CNN Money, “Unemployment inched down to 4.1%” which is the lowest unemployment rate in the last 17 years. Furthermore, Goldman Sachs predicts the unemployment rate to tumble to 3.5% by the end of 2019. The last time unemployment was 3.5% was December 1969, according to the Bureau of Labor Statistics.

With more and more tech-savvy Millennials entering the workforce and Baby Boomers retiring, the demand for technology is inevitably on-the-rise. Millennials have been raised with technology as a central part of their environment, and in some cases a central part of their identity, and the progression into the workplace is simply a logical conclusion at this point. “Millennials don’t think of technology as an accessory, in many cases they consider it more important than face-to-face interpersonal skills. There is no doubt that the demand for technological solutions will continue to explode in 2018,” stated Paul Enloe, CEO of BrevAll Technologies.

Learn More »

Alerting Businesses About PCI Compliance

cyber credit card payment

We are proud to announce an education plan to advise business owners on the potential risks facing any organization that accepts, stores and utilizes customer credit cards. The Payment Card Industry Data Security Standard (PCI DSS) applies to any organization, regardless of size, and it imposes rules on business owners who work with customer credit cards. The intention behind the regulations is to keep customer data secure from breaches; however, businesses that are not in compliance could face up to tens of thousands of dollars in penalties and fines. There are very simple solutions to mitigating these risks, and as fellow business owners, our leadership is sharing these risks and their solutions with the business community in order to keep companies protected from obscene fines.

When accepting sensitive credit card information, businesses need to assess several risks. The first major risk is a disgruntled employee stealing a customer’s credit card and utilizing that information for personal purchases. While these types of infractions are usually caught quickly, especially with the proper monitoring technology in place, customers can be reimbursed for fraudulent purchases. Unfortunately, the damage done to customer trust is often irreparable. The fact of the matter is that customers, who experience a data breach with a merchant, are extremely likely to avoid using that merchant, ever again. In other words, lackluster security measures here could cost a company dearly, not only because of the up-front fines but because of the negative word-of-mouth that usually follows an incident like this. To solve this issue, businesses can follow the comprehensive list of steps laid out in the PCI DSS that explains the measures a business can take to protect themselves from this liability, including actions such as encryption and limited levels of access. “Every single customer we work with is already doing their best to protect customer data; however, they are usually missing key elements that could get them in big trouble,” stated Paul Enloe, CEO of BrevAll Technologies. “Oftentimes we see businesses take customer credit card information over the phone and then write it down so that it can be added to the computer system at a later time. However, one big mistake we’ve been noticing is that businesses are storing customer credit card information for longer than 5 days, which is strictly prohibited by these regulations. This is a perfect example of how business owners with positive intentions, end up paying big fines for being undereducated on these matters,” concluded Enloe.

The greatest risk facing business owners and credit card security is hackers. Their methods are constantly evolving and hackers are always finding new ways to attack businesses, the standards for PCI compliance are always changing as well. “Businesses can go to the PCI Security Standard Council’s website to view a comprehensive list of best practices or if they don’t want to have to comb through all the details, they can call a managed technology services provider, like BrevAll Technologies for example, and they should be able to conduct a PCI network analysis and advise them on a few key areas to pay special attention to,” added Enloe. “If your managed services provider is unaware of PCI compliance, you may want to consider reevaluating your relationship with that provider.”

Protecting Businesses From Cyber Attacks

cyber security

We are certified to provide cybersecurity solutions to SMBs (small to mid-sized businesses) to protect them from the barrage of cyber-attacks that occur every day. Cybercrimes are a serious threat and most businesses cannot afford to become the victim of malware, ransomware, phishing, password attacks, denial-of-service (DOS) attacks or malvertising of any sort for a prolonged period of time. Recent advancements in preventative technology has helped SMBs safeguard themselves from unnecessary attacks, network vulnerabilities and company downtime that can often result from such disruptions.

We have invested heavily in our staff of IT professionals, in order to ensure that everyone is highly trained, highly certified and fully equipped to protect customers from cyber-attacks. “It’s incredibly important to continually invest in our people,” stated Paul Enloe. “When we invest in our technicians’ technical abilities, we are investing in our customers’ safety. This is why we’re constantly watching the technological horizon and educating our team so that when our customers need help, they are working with a world-class expert, not just some person who dabbles in IT.”

By partnering with a trusted IT advisor, whose sole mission is to remain one step ahead of hackers, SMBs can remain focused on their top priorities and continue to grow their organizations to new heights. Learn More »