If you don’t where it is, you can’t protect it.
Do you know where ALL your organisation’s data is – not physically, but on which web and cloud services?
Here’s the problem. If you don’t where it is, then you can’t protect it. The secondary problem is finding out, because not everyone in your organisation will be onboard. It is common for people to sign up to web services because they offer something useful that helps them do their job.
They sign up using their email address and creating a password. There is the first headache – how does anyone track what has been signed up to across your organisation, let alone who has access to it? If that person leaves, no one will change the account credentials if they don’t know about it, but your ex-colleague still has access.
Secondly, what data do they upload? Is that data that you have a legal or moral responsibility for?
There’s nothing noble about Nobelium.
This isn’t theory – it’s real. USAID is a pretty important US organisation – promoting democracy and human rights around the world. Turns out, someone there was using a well-known email database tool called Constant Contact. But their account wasn’t well protected. Worse still, their account had a huge mailing set up, and of course, it had all the official USAID templates.
So, these Nobelium people, allegedly a Russian state-sponsored hacker group, compromised the Constant Contact account and sent a bulletin out. The bulletin contained malware that allowed the hackers to take command and control over victims computers. Ironically the fake email alleged interference in the US federal elections.
So, what can you do?
The first step is knowing what SaaS tools your people are using. We call this SHADOW IT and it is inevitable. Rather than stopping it, the job IT has is to identify it and manage it. The second step is to secure those platforms. That’s why our KARE for Security S2 plan contains a useful tool to help you identify what services your people are using.
Refer : What We Know About The Apparent Russian Hack Exploiting USAID : NPR
Beware of Clipper Malware: A Sneaky Threat to Cryptocurrency Users
If you're into cryptocurrency, this one's for you. Recently, there's been a buzz about a sneaky hack that's targeting crypto users, and it's something you should definitely be aware of. Here is how it works: You download some software or a plugin, maybe from an...
Webinar Replay: How does AI change what to look for in your next PC purchase?
If your KiwiSaver includes Nvidia shares, then you'll be delighted to see they've jumped 161% in 12 months. It's great growth and it's because Nvidia are the secret weapon for powering AI in the world's data centres. It is now becoming an option for your next PC. Next...
New! Secure online payments
At Kinetics Group, we are always looking for ways to make things easier for our customers, which is why we have partnered up with Wise-Pay. Wise-Pay is an online payment portal for Kinetics clients From Wise-Pay, you can: View and download invoices Securely...
What is Malvertising?
Malvertising is appearing more frequently on search engines. More people are starting to experience frustration with search engines, partly due to occasional inaccuracies in AI-driven overlays and an excess of advertisements. Another emerging concern is “malvertising”...
Check out the NZ 2024 SME Cyber Behaviour Tracker
As cyber threats proliferate, small businesses find themselves not just in the crosshairs but also facing the daunting financial repercussions of a breach. There is an urgent need for robust cyber security measures. With the staggering average cost of $173,000 per...
What’s the latest new AI features in Copilot?
In today's data-driven world, it's essential to streamline how we interact with business data, documents, and presentations. We're excited to introduce several new features in Copilot that will transform your workflow and enhance productivity across Excel, Word, and...
Why does my organisation need an AI Usage Policy?
In the rapidly evolving landscape of technology, businesses of all sizes are increasingly integrating artificial intelligence (AI) tools into their operations. From enhancing customer service to optimising workflows, AI offers a plethora of benefits that can drive...
Hands on Copilot Workshop Registration Confirmation
We're looking forward to seeing you at the Copilot AI WorkshopThank you for registering!Registration SuccessfulWe look forward to seeing you there and helping you get more from Copilot!Workshop Details Date: Thursday 23rd October Time: 8.45 coffee ahead of a 9.00am...
Deepfakes: Understanding and Detecting AI-Generated Media
The line between what's real and what's not can be super thin, and nothing shows this more than deepfakes. Deepfakes are incredibly realistic digital fakes made using artificial intelligence (AI) that can show people saying or doing things they never actually did....
Webinar Replay – Lessons from the recent “Largest Global IT outage in history”
Free Webinar Replay - What lessons can we learn from the recent outage?What lessons can we learn from the recent outage? How can we prevent these situations from happening to us? Join Kinetics CTO Bill Lunam and ConnectWsie's Leon Friend as they unpack what happened,...