Cyber News Roundup: We all need to protect against cyberthreats, all the time

Editor’s Note: This is your cyber news roundup with the latest cybersecurity news and tips from the Cyber Oregon team to help you and your organization stay safe online and protect your digital assets. We examine cybersecurity news and developments from across the Northwest and the Nation that are important to all Oregonians including individuals, businesses, non-profit organizations, government entities, and educational institutions. Sign up to receive ongoing updates here.

October is Cybersecurity Awareness Month, but every month should be since there is no shortage of security breaches. While headlines of security breaches targeting large companies dominate the headlines, small and medium-sized businesses need to remember that they are not immune. Quite the opposite. A report from Sitelock states that a typical small business website is attacked 44 times a day and software “bots” are visiting these sites globally an average of 152 million times a week. This is because many SMBs don’t expect to be attacked or they don’t have the money or resources to adequately protect their assets.

SMBs should consider incorporating these basic security technologies to improve their network security:

• Secure access: Common practices to help ensure a secure environment include using time locks, strong passwords and multi-factor authentication. Other technologies to consider include Trusted Platform Module 2.0, fingerprint readers or facial recognition software, and servers that have multi-layer protection to block unwanted content.
• Secure the network: Use encryption technology, which scrambles data into unreadable code on wireless networks.
• Data backup and recovery: According to the FCC, nearly half of small businesses report that they never back up data, which is a major risk for any SMB. Implement a system for data protection and backup and consider a cloud backup service.

Even Burgerville isn’t safe

Security breaches can happen anywhere, as Burgerville recently found out. As reported by Oregon Public Broadcasting, Burgerville was the victim of a highly advanced security breach by Fin7, a cyber-crime group located in Eastern Europe that has been blamed for more than 100 attacks against U.S. companies.

“The Vancouver, Washington-based burger chain is urging all customers who used a debit or charge card between September 2017 to September 2018 to review their statements for suspicious activity. Compromised customer information could include names, card numbers, expiration dates and the CVV numbers on the back of most cards.”

While three members of Fin7 were arrested in August 2018 by the U.S. Justice Department, it’s believed that more than 15 million customer card records were stolen. Burgerville became aware of the break-in in late August but the FBI asked that no announcement be made alerting the public so that the FBI could conduct a full investigation. Burgerville has a customer support line for customers to ask questions and report issues at 1-855-336-6688.

Artificial Intelligence: good vs. evil

For years, Artificial Intelligence (AI) has been touted as a breakthrough technology that will help cure diseases, reduce global warming and protect companies and governments from cyberthreats. Yet as with most technologies, there are good points and bad points to consider. ThreatPost recently published Artificial Intelligence: A Cybersecurity Tool for Good, and Sometimes Bad, which offers a variety of thoughts since AI technology can be used by both IT experts who are protecting companies and those who are causing mayhem.

AI focuses on understanding behavioral norms. “The system takes some time to observe the environment to see what normal behavior is and establish a baseline—so that it can pick up on deviations from the norm by applying algorithmic knowledge to a data set.”

The good news, according to Steve Durbin, managing director at the Information Security Forum, is that the IT landscape for using AI to improve security is getting better. “What we’ve seen is continuing sophistication of attacks, coming from a backdrop of security departments being under-resourced and not really knowing where they should put their spend and their people. All of this is happening amidst an increasingly complex environment with more and more IoT devices taking feeds from various sources, plus there’s often a hugely complex third-party supply chain. AI is becoming necessary to get one’s arms around all of this.”

Cyber Oregon partner blog post of interest

• Sword & Shield: Why Sharing Credentials is Dangerous and How to Stop It