Weekly Cyber AAG

Former Employee Arrested for Trying to Sell Company's Database for $4,000 
Comment: Employees come and go, and this latest incident stresses the importance of disabling former employees’ accounts that provide access to the company’s network and information. After separation or termination, employees familiar with the company’s network and its vulnerabilities may attempt to gain access to information that can be sold to the employer’s competitors, on the dark web, or used for other malicious purposes. 

Ethereum Scammers Make $5,000 in a Night by Impersonating Celebs on Twitter 
Comment: To help protect yourself from this and similar scams, ensure that social media accounts promoting giveaways are verified. Twitter displays a blue check mark next to account names to confirm authenticity. Additionally, do your research before sending money online and verify the giveaway is legitimate through an internet search. A simple search can confirm whether other people have left reviews or complaints claiming they have been victims of the scam. 

Would You Have Spotted This Skimmer? 
Comment: ATM and payment card terminals can become compromised in the blink of an eye with skimming devices. These devices are placed over the customer-facing card terminals to capture the personal identification number of accountholders and/or copy the data on the magnetic strip of a bank card, allowing thieves to clone the card and use it to make unauthorized purchases or to withdraw money from your account. The NJCCIC recommends checking your bank statements for unfamiliar transactions and encourages customers to use chip-based cards for all transactions. Additionally, cashiers and employees are advised to closely monitor any customer interaction with point-of-sale terminals. For more information, please see the NJCCIC threat analysis titled Payment Cards: Threat Remains High Despite Chip Card Transition.

Weekly Cyber AAG

FBI Pushes for Small Business Information Sharing
Comment: It can be challenging for small businesses to maintain awareness of, and defend against, the myriad of cyber threats that could impact their networks, data, and livelihood every day. Information sharing initiatives such as those promoted by the FBI and the NJCCIC can make the difference between being prepared for a cyber threat and being the victim of a devastating attack that closes your doors for good. We encourage all small businesses to partner with law enforcement in an effort to fight cybercrime and we especially encourage New Jersey small businesses to become members of the NJCCIC, to share information on the types of cyber threats they’re seeing, and to use the information we publish to strengthen their defenses. To become a member of the NJCCIC, fill out our Membership Form and you’ll be put on our list to receive alerts, advisories, bulletins, and training notifications. 

Compromised Credentials: The Primary Point of Attack for Data Breaches 
Comment: An overwhelming majority of data breaches stem from compromised account credentials including stolen, default, or weak passwords. As phishing campaigns become more sophisticated, it is imperative that end users take password security seriously. Implementing multi-factor authentication and selecting complex passwords are two simple steps users can take to bolster account security. 

Weekly Cyber AAG

Registered at SSA.GOV? Good for You, But Keep Your Guard Up
Comment: Unfortunately, identity thieves have discovered a way to steal Social Security benefits by impersonating victims and diverting payments, even if victims have not yet chosen to receive their benefits. With all of the sensitive information that has been exposed over the years by a number of high-profile data breaches, we all must assume that our personal data is available to criminals and remain vigilant with all of our accounts, checking them regularly and reporting suspicious activity immediately. Staying informed can help you detect and mitigate problems early and prevent a lot of hassle in the long run.

Malwarebytes Annual State of Malware Report Reveals Ransomware Detections Increased More Than 90 Percent 
Comment: 2017 was a big year for ransomware operations. While we will certainly continue to see more ransomware infections, the publicity around high-profile ransomware campaigns, such as WannaCry and NotPetya, has also educated the public about this threat and how to defend against it. This increase in awareness means that victims may be less likely to pay the ransom today than they were a year ago, which helps to deter this type of profit-motivated cybercrime. For more information, please see the NJCCIC Ransomware Threat Profile.

Google Removed over 700,000 Malicious Android Apps from the Play Store in 2017 
Comment: Over the past several months, the NJCCIC has alerted members to numerous malicious apps available for download in the Google Play store, many of which were designed to mimic legitimate applications. With a 70 percent increase from 2016, it is evident that threat actors will continue to infiltrate the Play store despite enhanced security measures. To help protect yourself from malicious Android applications, avoid downloading apps that require excessive device permissions and always review user ratings prior to installation. 

Weekly Cyber AAG

Over 90 Percent of Gmail Users Still Don’t Use Two-Factor Authentication 
Comment: While two-factor authentication (2FA) isn’t bullet-proof protection against account compromise, it does provide an extra layer of security that would require a threat actor to not only obtain or guess your password, but also would require them to access an additional authenticating factor, such as a time-based one-time password generated by an application, a single-use code sent to your mobile phone, or a biometric identifier such as a fingerprint or a facial scan. 2FA is a very simple way to greatly reduce your risk of account compromise and the NJCCIC highly encourages all users to enable this security feature for any account that offers it. For more information, please see the NJCCIC blog post, “Stop What You Are Doing and Enable 2FA.” 

Cybercriminals Stole $172 Billion from 978 Million Consumers in the Past Year 
Comment: According to the 2017 Norton Cyber Security Insights Report, 143 million consumers were victimized by cybercrimes last year in the United States alone. This survey highlights the importance of maintaining awareness of current cyber threats and educating yourself on best practices to help defend against common attacks. When it comes to cybersecurity, employing best practices such as enabling multi-factor authentication and running up-to-date antivirus software can go a long way in reducing your cyber risk.

Weekly Cyber AAG

Email Virus Shuts Down Rockingham County Schools Computer Servers 
Comment: This incident reinforces the importance of educating administrators, teachers, parents, and students on common cyber threats and the impact such attacks can have on an entire school district. Email-based cyber threats are rapidly evolving as criminals find new and effective ways to bypass security controls and reach end users. In this attack, Emotet was delivered in the form of a malicious Microsoft Word document which led to the complete shutdown of computer networks throughout a North Carolina School District. 
  
CISOs Are Feeling Less Confident Than Ever about Cyber Risk and Data Security 
Comment: According to a survey conducted by the Ponemon Institute, phishing campaigns and malware attacks are among Chief Information Officers’ top predictions with regards to cybersecurity incidents expected to impact organizations in 2018. To help combat these and similar threats faced by all organizations, the NJCCIC strongly recommends implementing a cyber incident response plan and providing training to all employees on cybersecurity best practices.

Weekly Cyber AAG

Online Shop Can't Determine Card Breach Severity Due to "Lack of Backups" 
Comment: This breach emphasizes the importance of implementing data backups and also highlights the consequences that arise when backups are not completed on a regular basis. At a time when no individual or organization is immune from cyber attacks, it is vital that backups are conducted routinely and incorporated into cyber incident response plans. For additional information and tips on developing a backup strategy for you or your organization, review the NJCCIC’s Cyber Blog “Backups: The Cure to Viral Cyber Infections”.

How to Keep Your Browser and Devices Safe from Cryptojackers 
Comment: Over the last several months, the NJCCIC has reported on numerous cryptocurrency-mining scripts embedded within browser extensions, mobile device applications available for download in official app stores, and popular websites. This helpful article lists some simple steps you can take to prevent your system from being hijacked and becoming a cryptocurrency-mining machine.

Weekly Cyber AAG

Make 2018 Your Year of Taking Password Security More Seriously
Comment: This year, make a resolution to secure all of your online accounts by using strong, complex passwords and enabling two-factor authentication for every account that offers it. Don’t reuse passwords across multiple accounts and keep your systems and devices free of data-stealing keyloggers and other malware by using up-to-date antivirus software. These basic steps can help you reduce your risk of account compromise and better secure your digital data.

Symantec: A Cryptocurrency Mining Malware 'Arms Race' Is Looming 
Comment: With the value of digital currency rising, threat actors are consistently developing new ways to mine virtual coins by hijacking unsuspecting users’ machines. In 2018, this type of malicious activity will increasingly impact computer and mobile device users as profit-motivated actors seek to generate revenue by embedding these scripts in browser extensions, popular websites, and seemingly legitimate apps available for download via official app stores. We recommend that users closely monitor their devices for any sudden changes in performance that may be attributed to cryptocurrency-mining malware.

Resolve to Mitigate Your Business' Digital Risk in 2018 
Comment: From compromised third-party suppliers to self-replicating malware, organizations must be prepared to defend their data and networks against a multitude of threats. This article highlights several steps that management and IT personnel can take to better secure their organizations and mitigate the risks posed by cybercriminals this year.