If you don’t where it is, you can’t protect it.
Do you know where ALL your organisation’s data is – not physically, but on which web and cloud services?
Here’s the problem. If you don’t where it is, then you can’t protect it. The secondary problem is finding out, because not everyone in your organisation will be onboard. It is common for people to sign up to web services because they offer something useful that helps them do their job.
They sign up using their email address and creating a password. There is the first headache – how does anyone track what has been signed up to across your organisation, let alone who has access to it? If that person leaves, no one will change the account credentials if they don’t know about it, but your ex-colleague still has access.
Secondly, what data do they upload? Is that data that you have a legal or moral responsibility for?
There’s nothing noble about Nobelium.
This isn’t theory – it’s real. USAID is a pretty important US organisation – promoting democracy and human rights around the world. Turns out, someone there was using a well-known email database tool called Constant Contact. But their account wasn’t well protected. Worse still, their account had a huge mailing set up, and of course, it had all the official USAID templates.
So, these Nobelium people, allegedly a Russian state-sponsored hacker group, compromised the Constant Contact account and sent a bulletin out. The bulletin contained malware that allowed the hackers to take command and control over victims computers. Ironically the fake email alleged interference in the US federal elections.
So, what can you do?
The first step is knowing what SaaS tools your people are using. We call this SHADOW IT and it is inevitable. Rather than stopping it, the job IT has is to identify it and manage it. The second step is to secure those platforms. That’s why our KARE for Security S2 plan contains a useful tool to help you identify what services your people are using.
Refer : What We Know About The Apparent Russian Hack Exploiting USAID : NPR
New reports in your Kinetics Portal
Thank you for the great feedback about our new client portal. Even so, we're not stopping there! We are already rolling out new capabilities to it. We're adding new reports, scheduled for availabilty in November. When you check your reports in the Client Portal,...
Webinar Replay: Are you (really) insured for a cyber-attack Trends in cyber- insurance and what you can expect
Are you (really) insured for a cyber-attack? Learn the latest trends in cyber- insurance and what you can expect.The latest CertNZ data tells us that 43% of cyber-attacks in NZ were aimed at small business. Even worse is the number of businesses that cease trading as...
Oh no, the worst has happened! Now what?
When we talk to people about the different risks that their organisation might face, one of the events that has the highest likelihood, and would have the biggest impact, is a significant cyber-event. The worst-case scenario would be a ransomware event, where the bad...
What can you expect in Windows 11 Update 24H2?
Enhancing User Experience with the Latest Microsoft Update for Windows 11.Microsoft has recently unveiled a new release that promises to bring a host of improvements and features designed to enhance user experience and performance. This release includes several...
The History and Innovations of Bluetooth and NFC: Understanding Their Potential and Risks
Bluetooth and NFC share several similarities. Both technologies utilise short-range wireless communication to facilitate the exchange of data between devices without the need for physical connectors. They have revolutionised modern conveniences such as contactless...
New Features in Microsoft Teams Whiteboard
Recent updates to the Microsoft Teams Whiteboard app bring whiteboard interactivity to Teams meetings. Sticky Notes: Easily add and move sticky notes around the board to organize thoughts and ideas. This is particularly useful for brainstorming sessions and agile...
Copilot AI Readiness Workshop Registration Successful
Thank you for registering! Workshop Details Date: 1 May (Thursday) Time: 8.45 coffee ahead of a 9.00am start Location: Kinetics Group, Level 1, 11 Leslie Hills Drive, Riccarton, Christchurch 8011 We look forward to seeing you there and helping you get more from...
Is your 365 data ready for Copilot and AI? (Christchurch free event)
Don't miss out - Limited Places Reserve your seat today Date: 22 October (Tuesday) Time: 8.45 coffee ahead of a 9.00am start Location: Kinetics Group, Level 1, 11 Leslie Hills Drive, Riccarton, Christchurch 8011Join us for an interactive free workshop AI and Microsoft...
DEAF Aotearoa’s lasting partnership with Kinetics
Not-For-Profit finds consistent value over time Over the course of more than a decade, not-for-profit Deaf Aotearoa has benefited from consistent value from its relationship with managed services provider Kinetics. Deaf Aotearoa is the national organisation...
What is happening with NZ Cyber crime?
SME Cyber Security InsightsThe National Cyber Security Centre (formerly NZ Cert) sheds light on the cyber security practices of small and medium-sized enterprises (SMEs) in New Zealand. These insights are crucial, especially given the evolving threat landscape. Here...