Ransomware, Macs, and LockBit: A Common Misconception

There is a common misconception that Macs don’t get malware. While Macs are generally considered to be more secure than Windows PCs, they are not immune to malware. Like any operating system, Macs can be vulnerable to security flaws and can be compromised by malware if they are not properly protected. As the popularity of Macs has grown, so has the interest of cybercriminals in targeting them with malware. With more people using Macs, there is a larger pool of potential victims for malware attacks.

A recent example of Macs being targeted by malicious actors is in the discovery of the LockBit ransomware group’s Mac-based encryptors. LockBit is a notorious ransomware gang that operates by encrypting victims’ files and demanding payment in exchange for the decryption key. The group is known for its sophisticated tactics, including using advanced encryption methods and targeting large organizations. The LockBit gang has been linked to numerous high-profile attacks, including attacks against critical infrastructure, healthcare providers, and financial institutions. Security researchers discovered the Mac-specific encryptors in a location containing most of the currently available LockBit encryptors. “Historically, the LockBit operation uses encryptors designed for attacks on Windows, Linux, and VMware ESXi servers. However, this archive also contained previously unknown encryptors for macOS, ARM, FreeBSD, MIPS, and SPARC CPUs.” (Bleeping Computer, https://bit.ly/3Lcpfgd) The consensus right now is that the Mac encryptors are still in the testing phase, but it seems to indicate that the group is expanding their target base to include Apple devices.

While Macs may be less vulnerable to malware attacks than Windows PCs, they are not immune to malware, and Mac users should take steps to protect their devices from cyber threats, just like Windows users do. This includes using antivirus software, keeping software up to date, being cautious when clicking on links or downloading files, and being aware of the latest cybersecurity threats.

Sign up for our monthly Timely Tech Tips: https://bit.ly/CBTech-Tips. For weekly tips like these, follow us on Facebook: http://bit.ly/2sCMb30 LinkedIn: http://bit.ly/375e6HB Twitter: http://bit.ly/3ajca0n

April Fool’s Phishing (how to avoid getting pranked)

April Fool’s is fast approaching (where has this year gone?!?!?!), so it seems like a good time to review some phishing email tips so the joke isn’t on you.

Email is still the number one communication method, which makes it the perfect avenue for scammers and other malicious actors looking to get the highest return on their activities. One of the simplest methods for checking an email is called “SLAM”:

  • Sender – look at the sender of the email address by hovering over the From: name. If the email address does not match the name, that is a red flag; also, are you expecting an email from this sender?
  • Links – look at any links in the email by hovering over them. Are they pointing to something different than what the text in the email says? That is another red flag.
  • Attachments – Are there any attachments, and if so, are you expecting this sender to send you a document or file?
  • Message – look at the wording of the message in the email. Does the wording make it seem like a consequence is imminent if you do not act? Is it asking you to do something and not tell anyone else? These are both red flags.

Keep in mind that world events (like the recent bank collapses) and holidays (like April Fool’s and Easter) are often good disguises for malicious actors to send out emails. That link to a funny April Fool’s prank may not be from your friend or coworker and the joke might be on you, so keep an eye out!

Sign up for our monthly Timely Tech Tips: https://bit.ly/CBTech-Tips. For weekly tips like these, follow us on Facebook: http://bit.ly/2sCMb30 LinkedIn: http://bit.ly/375e6HB Twitter: http://bit.ly/3ajca0n

Tax Time Scams and How To Avoid Them

As we head into tax season, we’ll see an influx of tax-related scams. Here is some information on what to keep an eye out for as well as some resources from the IRS regarding tax-related scams.

Phishing email is still the biggest attack avenue, as it is cheap and easy. Use the SLAM (Sender, Links, Attachments, Message) method to assess any suspicious emails:

  1. Check the Sender address
  2. Hover over any Links to see if they match the text
  3. Be wary of Attachments
  4. Check the Message. Red flags are a sense of urgency, consequences if something isn’t immediately done, or requests for payment in odd forms

The IRS compiles a list of its “Dirty Dozen” scams each year. It can be accessed here: https://www.irs.gov/newsroom/dirty-dozen. They also have a webpage dedicated to specific tax scams and consumer alerts: https://www.irs.gov/newsroom/tax-scams-consumer-alerts. It is a good place to learn about common scams and how to identify them. And for the low tech scams, here is a page dedicated to helping you determine if the IRS is really on the phone or knocking at your door: https://www.irs.gov/newsroom/how-to-know-its-really-the-irs-calling-or-knocking-on-your-door.

The IRS will never:

  • Call to demand immediate payment using a specific payment method such as a prepaid debit card, gift card or wire transfer. Generally, the IRS will first mail a bill to any taxpayer who owes taxes.
  • Threaten to immediately bring in local police or other law-enforcement groups to have the taxpayer arrested for not paying.
  • Demand that taxes be paid without giving taxpayers the opportunity to question or appeal the amount owed.
  • Ask for credit or debit card numbers over the phone.
  • Call you about an unexpected refund.

(taken from their website: http://bit.ly/2AQf8cF)

Sign up for our monthly Timely Tech Tips: https://bit.ly/CBTech-Tips. For weekly tips like these, follow us on Facebook: http://bit.ly/2sCMb30 LinkedIn: http://bit.ly/375e6HB Twitter: http://bit.ly/3ajca0n

You Should Implement Security Awareness Training Now

Security awareness training, when provided on a weekly or monthly recurring basis, helps users understand different threats they might be exposed to during their personal and work lives. The training typically focuses on the digital realm, though it might include scams that operate via face-to-face or postal service methods. The goal of the training is to elevate users’ awareness of these threats so they can recognize them before falling victim to them, or at least help them mitigate any damage if they do fall victim.

So why should your company implement this training, and why more often than just once a year or quarter? In short, human nature. Without delving in to the psychological, here are a few key points:

  • humans are creatures of habit
  • we all have a natural tendency to want to help
  • as humans we have a natural fear of the unknown or unexpected
  • we all have short memories and shorter attention spans

A great example of why regular training is necessary: a user was selling something on Facebook Marketplace and started a texting conversation with a potential buyer. The potential buyer asked the user to provide a Google authentication code to verify the user was a “trusted account”. The user received a text message from Google with a 6-digit code and provided this code to the potential buyer. The buyer came back and said the code didn’t work and asked the user to provide the code again. At that point the user became suspicious and ended the conversation. Unfortunately, the user had unknowingly bypassed the multi-factor authentication on their Google account by providing that code to the potential buyer.

Implementing a training program that regularly educates users about threats, tests their knowledge, offers additional training when necessary, and is engaging, will help your company avoid many common threats that technology alone cannot mitigate while not impacting users’ productivity. This article points out why security awareness training is more important than ever as phishing attacks are the top avenue for ransomware delivery: http://bit.ly/3IUAdWX.

If you have questions about implementing security awareness training in your company, contact us here: https://bit.ly/CBTech-contact

Sign up for our monthly Timely Tech Tips: https://bit.ly/CBTech-Tips

For weekly tips like these, follow us on Facebook: http://bit.ly/2sCMb30 LinkedIn: http://bit.ly/375e6HB Twitter: http://bit.ly/3ajca0n

End of Year Planning: Are You Ready for 2023?

Can you believe we’re already near the end of 2022?!?! In between scrambling to get ready for Thanksgiving and thinking about all the Black Friday deals you need to get, have you thought about planning out the next year for your business? Now is a good time to start the planning process, even if it’s just jotting down some goals and targets for next year.

Now you might ask “why is a technology company writing about business planning?”. Great question. Business planning is an important part of the CBTech Support process. CBTech Support evaluates its clients’ environments on a regular basis and uses that information to help inform the business planning process. As part of the planning process, you’re looking at what you want to accomplish in your business next year, and technology will play a part in that. It’s important to know what areas of technology will have the biggest impact on your business, such as where there is a large security gap or a disconnect in your workflow, or even something as simple as when you want to replace some old computers. It’s also important to know what you want to achieve so that you can make sure your current technology can help you get there; and if not, what might be needed to make it happen. The good news is you can start with small steps just to get the ball rolling. Feel free to reach out to us with any questions or if you would like an introduction to someone who can help with the business planning.

Sign up for our monthly Timely Tech Tips: https://bit.ly/CBTech-Tips

For weekly tips like these, follow us on Facebook: https://bit.ly/2sCMb30 LinkedIn: https://bit.ly/375e6HB Twitter: https://bit.ly/3ajca0n

National Cybersecurity Awareness Month 2022

October is National Cybersecurity Awareness Month. In keeping with this theme, let’s talk about the upcoming holidays and some common scams to keep an eye out for.

One of the more popular scams during the holidays is to play on the search for the year’s “hottest” toy. Every year there is at least one toy that seems to go “viral” and become the must have for every child. It then becomes nearly impossible to find at all the mainstream retailers, so you start searching online to try to find it. This is what the scammers count on, as it’s easy for them to place ads advertising too good to be true deals that lead to phishing or other malicious sites. If it seems too good to be true, it probably is.

During the holidays we all get requests from charities to donate while we’re feeling the holiday spirit. This is another place where scammers can take advantage of our human nature. If you receive unsolicited phone calls requesting donations that turn into high pressure pitches, just hang up. If you’re donating online, make sure to research the charity you’re thinking of giving to in order to make sure it’s reputable. The IRS has a database of charitable organizations that is a good starting point: https://www.irs.gov/charities-non-profits/search-for-tax-exempt-organizations.

National Cybersecurity Awareness Month is all about raising awareness, and education is key. You can also take advantage of a wealth of information available online such as:

Sign up for our monthly Timely Tech Tips: https://bit.ly/CBTech-Tips

For weekly tips like these, follow us on Facebook: https://bit.ly/2sCMb30 LinkedIn: https://bit.ly/375e6HB Twitter: https://bit.ly/3ajca0n

Uber was hacked again; why does it matter to me?

On Thursday September 15 Uber announced that they had been the victim of a hacker. Details are still unfolding, but initial reports suggest the hacker had complete access to almost all of Uber’s internal systems (https://www.wired.com/story/uber-hack-mfa-phishing/). This kind of announcement has, unfortunately, become quite common. Let’s look at how this happened (with what we know so far), some possible preventative measures, and why all this matters to you as a business owner or computer user.

The hack started with stolen credentials. The presumption is that the hacker purchased them on the dark web, but how did they wind up there? In most cases they are captured when a user falls for a phishing email, but they can also be guessed if you’re not using a strong, complex password. They could also have been compromised in another breach and the user had the same password across different accounts. Possible preventative measures here would include security training for end users to avoid falling for phishing emails, monitoring the dark web for credentials associated with your accounts, using strong and complex passwords, using a password manager to have unique passwords across all accounts, and having breach alerts to let you know when a service is compromised so you can change those credentials.

After the hacker gained the user’s credentials he attempted to log in to Uber’s systems. Uber has multi-factor authentication (MFA) in place, which typically prevents an unauthorized login attempt like this from succeeding. Unfortunately, in this case, the user fell victim to what is called “MFA fatigue”: the attacker repeatedly sent MFA requests to the user for almost an hour, then contacted the user claiming to be an Uber IT technician and told the user the prompts would stop if the user allowed the login attempt. Possible preventative measures at this point would be educating users on MFA and abnormal behavior like repeated prompts over the course of an hour, as well as the proper communication channels between themselves and IT/technology support personnel.

Once the attacker gained access to Uber’s systems by getting credentials and tricking the user into allowing the attacker’s login attempt, there were several other factors that allowed the attacker to almost compromise Uber’s internal systems completely. Things like administrative credentials stored in file shares or coded into scripts, compromise of management systems that had access to multiple other internal systems and databases, all played a role.

What does all that mean for you as a business owner or a computer user? It means that something as simple as stolen credentials and a text message can lead to your business being hacked. There are steps you can take to mitigate the risk of that happening, as mentioned above. It can all seem overwhelming, but the key is to start with small steps and to keep going. It’s an ongoing, ever-evolving process, but having a good technology partner can make it smoother.

Do you want to have a deeper discussion about this? You can contact us here: https://bit.ly/CBTech-contact.

Sign up for our monthly Timely Tech Tips: https://bit.ly/CBTech-Tips

For weekly tips like these, follow us on Facebook: http://bit.ly/2sCMb30 LinkedIn: http://bit.ly/375e6HB Twitter: http://bit.ly/3ajca0n

Were You Able to Unplug This Summer?

As summer winds down, let’s take some time to assess the screen time habits that we’ve had for the past 8 months. If you’re anything like us, you’ve been glued to your devices, keeping up with news, streaming TV and movies, watching sports, working, working, working… We thought it would be a good time for some tips on how to unplug, whether you’re taking a trip or just want a day away from technology.

Tip 1: Come up with a plan. For example, decide to limit screen time to 10 minutes in the morning to catch up on email. Check out this New York Times article for more: https://www.nytimes.com/2020/11/25/technology/personaltech/digital-detox.html

Tip 2: Leave your devices at home. If you’re going outside, leave the device inside. If you’re taking a trip to the beach, leave them in the car. There are some more good examples in this Wall Street Journal article: https://www.wsj.com/articles/how-to-wean-your-kidsand-yourselfoff-screens-11621080000

Tip 3: Create device-free zones. Set up areas of your house, times of day, or spaces while on vacation that you will not bring a device. This can help reduce the urge to check the device for notifications. Check out this Google article for more: https://wellbeing.google/get-started/unplug-more-often/#top

There is a plethora of articles on unplugging, so definitely take the time to search around if you want more ideas. And enjoy the last remnants of summer!

Sign up for our monthly Timely Tech Tips: https://bit.ly/CBTech-Tips. For weekly tips like these, follow us on Facebook: http://bit.ly/2sCMb30 LinkedIn: http://bit.ly/375e6HB Twitter: http://bit.ly/3ajca0n

How to buy a computer for school

Can you believe we have to start thinking about school again?!?! Didn’t the year just end? Normally, schools require computers to complete classwork, homework, and research. A decent computer is necessary to attend to all that plus the possibility of needing to attend online classes.

The question you should ask when deciding to buy a new computer for school, or for any purpose really, is “what am I going to use it for?”. Some common answers are:

  1. browsing the internet
  2. email
  3. specific applications
  4. attending class remotely
  5. video conferencing

For 1 and 2, the specifications are not demanding. You can get by with a basic computer from almost any store. However, we would still recommend that the processor be an Intel Core i5 or i7. The RAM (or memory) used for browsing the internet will depend on how many browser tabs or windows you have open at one time. The more tabs or windows you anticipate opening the more RAM you should have in your computer. We would recommend at least 8GB.

A computer used for specific applications will need to meet the requirements of the vendor who made the application. All vendors will list minimum and recommended system requirements. You should review those requirements for each and any application you plan on using before buying the new computer. Just as with browser tabs and windows, the more applications you run at one time the more RAM you should have in the computer. Additionally, most schools will have recommended specifications for buying a computer to use at the school.

The last component that should be considered when buying a new computer is the hard drive type and size. You still have two choices for type: traditional spinning drives (often referred to as SATA) or Solid State Drives (often referred to as SSD). We almost always recommend SSD drives because the performance is much better versus traditional spinning drives, and they are usually the norm these days. The size of the hard drive all depends on how much data you plan to save on your computer. If you are using the computer to browse the internet and/or use email, then the size of your hard drive does not need to be large. However, if you are saving images or video (which are the largest file size types) then you should get a larger hard drive.

Happy shopping!

Sign up for our monthly Timely Tech Tips: https://bit.ly/CBTech-Tips

For weekly tips like these, follow us on Facebook: http://bit.ly/2sCMb30 LinkedIn: http://bit.ly/375e6HB Twitter: http://bit.ly/3ajca0n