If you don’t where it is, you can’t protect it.
Do you know where ALL your organisation’s data is – not physically, but on which web and cloud services?
Here’s the problem. If you don’t where it is, then you can’t protect it. The secondary problem is finding out, because not everyone in your organisation will be onboard. It is common for people to sign up to web services because they offer something useful that helps them do their job.
They sign up using their email address and creating a password. There is the first headache – how does anyone track what has been signed up to across your organisation, let alone who has access to it? If that person leaves, no one will change the account credentials if they don’t know about it, but your ex-colleague still has access.
Secondly, what data do they upload? Is that data that you have a legal or moral responsibility for?
There’s nothing noble about Nobelium.
This isn’t theory – it’s real. USAID is a pretty important US organisation – promoting democracy and human rights around the world. Turns out, someone there was using a well-known email database tool called Constant Contact. But their account wasn’t well protected. Worse still, their account had a huge mailing set up, and of course, it had all the official USAID templates.
So, these Nobelium people, allegedly a Russian state-sponsored hacker group, compromised the Constant Contact account and sent a bulletin out. The bulletin contained malware that allowed the hackers to take command and control over victims computers. Ironically the fake email alleged interference in the US federal elections.
So, what can you do?
The first step is knowing what SaaS tools your people are using. We call this SHADOW IT and it is inevitable. Rather than stopping it, the job IT has is to identify it and manage it. The second step is to secure those platforms. That’s why our KARE for Security S2 plan contains a useful tool to help you identify what services your people are using.
Refer : What We Know About The Apparent Russian Hack Exploiting USAID : NPR
Cryptostopper!?
[header2 text="CryptoStopper!?" align="left" color="#336A40" margintop=""] That’s right, a CryptoLocker Stopper. [header2 text="Is there really such a thing?" align="left" color="#336A40" margintop=""] It appears so, at least for some forms of the beast. This amazing...
Update : Spearphishing is now much more aggressive
By now, most of our followers will know what spearphishing is - we've posted before about it [header2 text="Spearphishing just stepped up a notch and no one is immune." align="left" color="#336A40" margintop=""] Most of our client's have now experienced an attack, but...
Beating Cryptolocker – A Comprehensive Guide
CryptoLocker is online extortion. It encrypts your files and then demands a fee to unencrypt them. Paying the fee is no guarantee your files will get unlocked or that they will not get encrypted again. Like traditional extortion, paying the fee only encourages the...
AI is here… and on your phone
The coffee machine is a great place to debate the world’s issues. Of course in a tech business, our discussions tend to dodge sports, politics and philosophy in favour of what’s on our various phones! One of the team was trying to figure out how, when he googled a...
Microsoft’s Learning Partner of the Year!
[header2 text="Microsoft recognises Kinetics and its partners at annual awards" align="left" color="#336A40" margintop=""] Kinetics was among a group of associated companies to win awards at Microsoft New Zealand’s annual awards on 7 April 2016. Winning Learning...
The $30 Virtual Reality Experience – Google Cardboard
Virtual Reality's been grabbing some attention lately. Hololens, Oculus Rift etc are all exciting new technologies to give us this 'virtual reality' world. But they're all still 'coming' and they look expensive. Luckily we don't have to wait, and we don't have to...
Microsoft Surface Power Cord – Voluntary Recall
We've just learned that Microsoft has initiated a voluntary recall for AC power cords (the cord that plugs into an electrical outlet) sold with the Microsoft Surface Pro and Microsoft Surface Pro 2, and with any Microsoft Surface Pro 3 purchased prior to July 15, 2015...
(Yet more) Ransomware Bugs and Virus
While we've been enjoying a great kiwi summer, it seems the virus writers and hackers have been busy. They've unleashed new variant's of the ransomware viruses, but this time the old trick of looking for poor English isn't working - the language looks more credible. ...
Our favourite ‘surviving the madness’ holiday app!
[header2 text="Let Google Maps help you get where you are going on time." align="left" color="#00cfef" margintop=""] With the annual bustle of Christmas upon us, our office conversation turned to mobile phone apps on Friday. The surprise was that some of our...
Keep your OneDrive space
We warned you a few weeks ago about a space reduction coming for OneDrive. [header2 text="Thankfully you can KEEP your bonus space!" align="left" color="#00cfef" margintop=""] All is not lost! With changes coming to reduce the free space you get with OneDrive - you...