https://www.cnet.com/how-to/the-fbi-says-you-should-reboot-your-router-should-you/

Last Friday, the FBI issued a report recommending that everyone reboot their routers. The reason? “Foreign cyber actors have compromised hundreds of thousands of home and office routers and other networked devices worldwide.”

That’s a pretty alarming PSA, but also a somewhat vague one. How do you know if your router is infected?

Unfortunately, there’s no easy way to tell if your router has been compromised by VPNFilter. The FBI notes only that “the malware targets routers produced by several manufacturers and network-attached storage devices by at least one manufacturer.”

Those manufacturers are as follows: Linksys, Mikrotik, Netgear, QNAP and TP-Link. However, Cisco’s report states that only a small number of models — just over a dozen in total — from those manufacturers are known to have been affected by the malware, and they’re mostly older ones:

Linksys: E1200, E2500, WRVS4400N

Mikrotik: 1016, 1036, 1072

Netgear: DGN2200, R6400, R7000, R8000, WNR1000, WNR2000

QNAP: TS251, S439 Pro, other QNAP NAS devices running QTS software

TP-Link: R600VPN

Very informative article by SecurityAsia…

10 Alarming Cybersecurity Facts

By Imogen Hargreaves | Monday, May 14, 2018 – 12:26

There are 41 cyber criminals on the FBI’s Most Wanted list as of 2016

In 2016, there were 19 individuals on the FBI’s Most Wanted List for cyber criminals. Each of them was responsible for consumer losses ranging from $350,000 to more than $100 million. In 2018, that same list has 41 cyber criminals from around the world.

The most expensive computer virus of all time cost $38.5 billion

MyDoom is considered to be the most expensive virus in the world, having caused an estimated financial damage of $38.5 billion. MyDoom was first spotted in 2004 and it became the fastest spreading email worm, exceeding all previous records. It was believed to have originated in Russia but its author was never discovered.

Social Media is a hackers favourite target

Currently there are more than 3 billion active social network users worldwide. Users that spend a lot of time on social networks are likely to click links posted by trusted friends, which hackers use to their advantage. For example, like-jacking occurs when criminals post fake “like” buttons to a website that when clicked, downloads a malware onto the victims computer.

99% of computers are vulnerable to exploit kits

Oracle Java, Adobe Reader or Adobe Flash are present on 99% of computers. This means that 99% of computer users are vulnerable to exploit kits. The vulnerabilities that these types of software present are critical; all it takes is one click on an infected advertising banner to give a hacker full access to your computer. Adobe Flash has a huge number of vulnerabilities, so cyber criminals target it in the majority of their attacks.

59% of employees steal proprietary corporate data when they quit or are fired

A shocking 59% of employees steal proprietary corporate data when they quit or are fired. There are also malicious insiders who have the potential to cause significant damage because of their level of access. Exploited insiders may be tricked by external parties into providing data or passwords they shouldn’t, and careless insiders may simply press the wrong key and accidentally delete or modify critical information.

Social engineering is a cyber criminals favourite way to manipulate victims

People are the weakest link when it comes to cyber security, which is why psychological manipulation of cyber attack victims is so common. Social engineering is the psychological manipulation of people into performing actions or divulging confidential information. This is used to gather information, fraud, or system access.

Your government is making you more vulnerable

Governments around the world are creating malware and using it as digital weapons or in espionage programs. In the past 5 years, more than a handful of government malware have been discovered but their origins have yet to receive full attribution. The worst of those was the leaked NSA exploit EternalBlue which lead to the spread of WannaCry.

There is a real time map that shows cyber attacks in action

The US is one of the favourite targets for cyber criminals. Chinese attackers alone caused more than $100 million worth of damage to US department of Defence networks according to leaked documents from Edward Snowden.

You can visit the map here.

Hacktivism is the main motivation that drives cyber attacks

Hacktivism accounts for half of the cyber attacks launched in the world. The term represents a subversive use of computers and computer networks to promote political agenda. With roots in hacker culture and hacker ethics, its ends are often related to free speech, human rights, or freedom of information. Hacktivists use code, website mirroring, geo-bombing and anonymous blogging to achieve their objectives

68% of funds lost as a result of a cyber attack were declared unrecoverable

It is becoming increasingly difficult to detect cyber attacks and resolve the security issues created by them: the average time to detect a malicious or criminal attack was 170 days. According to a study by the Ponemon Institute, the average annual cost of cyber crime was $12.7 million. This represents a 96% increase since the study was initiated 5 years ago. The past 5 years has also seen a 176% increase in the number of cyber attacks, with an average of 138 successful attacks per week.

Great! You’re interested in protecting yourself! Here’s a fast and effective way to spot a suspicious email before the bad guys fool you into giving away your information.

On a previous post, I mentioned that the bad guys who want your personal information (including logins and passwords) have evolved beyond attaching viruses. One very common
new method is to send a link to a malicious website. The website may look legitimate, but when you log in, it actually sends your information to the bad guys. Another method is to include a .doc or .pdf attachment which can (and often does) contain a malicious link. This attempt to steal your personal info is called “phishing.”

How do I identify a “phishing email” before I ever click the link or open the attachment? In the screenshot below, I’ve circled 5 giveaway signs often seen in phishing and other malicious emails.

As tempting as it can be, I recommend not opening any attachment in an email until you have some other confirmation from the sender that it is legitimate.

But opening the document or clicking on the link are not usually harmful in themselves. It’s their secondary stage in which you can get in trouble. This includes enticing you to enter a login/password or enabling macros in an Office document. This is the most frequent entry point for today’s malware. Always run an antivirus Full Scan on your computer immediately to find and remove malware if you suspect malicious activity.

The good news is that you can prevent this from happening in the first place. You can run a real-time anti-exploit scanner to catch many malicious links, but “smart browsing” is just as, if not more, effective. For small businesses, a mail proxy provides an additional line of defense, and only costs a few dollars per month. If you’d like our cybersecurity engineer to improve your computer or mobile device security, or investigate and fix any problems after a potential infection, give us a call at 941-270-3005 or visit FloridaCoastIT.com for additional information and to request personal assistance.

What is a Smart Home and how can it help me?

“Smart Home” is a term for the integration of home electronics with smartphone and voice control. Imagine the convenience of having an amazing amount of control and information available using only your voice or an app on your phone or tablet!

Your Smart Home gives YOU the power to:

Do I need to pay for an antivirus program for my Windows computer?

It’s one of the most frequent questions I hear when someone learns about my expertise in cybersecurity. The confusion is totally understandable since there are so many different solutions available. Many new PCs come bundled with time-limited “free” starter editions of McAfee, Norton, Avast, etc., or they are installed with another program. Within a month or three, the software begins nagging you with ominous warnings about your PROTECTION TIME RUNNING OUT (!). Do you pay their subscription fee, or do you take the chance that your PC will be unprotected?

Good news! In the past, a third-party antivirus program was needed because Windows did not include any native protection. However, all Windows 8 & 10 PCs come with built-in (and free!) Windows Defender, which does a very good job at recognizing, blocking, and cleaning malware and viruses. In fact, Windows Defender catches 99.9% of “widespread and prevalent malware” along with 98.8% percent of zero-day attacks (1). These numbers are quite comparable when tested against paid products. Microsoft Security Essentials is the version for Windows 7, and it’s also free and fully-functional.

Now for the caution: Viruses and malware are no longer the greatest threat to information safety and privacy. The bad guys have moved on to more advanced schemes like ransomware and phishing in their attempts to extort or trick you into giving them money or valuable personal information. Antiviruses do not protect against trickery because antiviruses only scan for harmful software code.

To fully protect yourself against these newer non-virus threats, I recommend using an “anti-exploit” application. These newer products work in conjunction with your antivirus to provide more comprehensive protection by recognizing attempts to trick you, such as those found in attachments or in links to harmful websites. I prefer Malwarebytes‘ anti-exploit solution because it comes from a US-based company with excellent technical support if needed. They have a location in Clearwater, FL in fact! They offer a free version which is limited to on-demand scanning and cleaning only, so it does not protect against any threats while you use your PC. Their Premium product costs $39.99 per year and offers real-time protection against ransomware and web page-based attacks. It also augments Windows Defender for an even higher level of protection against viruses and malware.

All of this to say, you can certainly pay for the extra protection that more robust programs provide. But you may not need to spend any extra money as long as you practice safe-browsing, and maintain vigilance against opening attachments or clicking suspicious links.

If you’d like to learn more about protecting yourself against the latest threats to your online safety, please feel free to call 941-270-3005 or visit www.floridacoastit.com for a personal consultation.