Blog

Horror stories and thrillers are back in style, but you don’t have to go to the theater or queue up Netflix to get your fear on this year—especially if you’re a business owner or IT manager. Cybersecurity incidents are increasing, thanks to an expanding attack surface fueled by an explosion of connected devices, better network speeds and the move to the cloud and mobile working. While some hacks, vulnerabilities and malware attacks are fairly tame, 2019 has seen some true horror stories so far, showing us just how scary things that lurk in the darkness of cyberspace can be. Here are just a few of the horror stories we’ve seen so far in 2019.

BlueKeep Vulnerability Lurks in the Shadows

In May, Microsoft alerted Windows users to the BlueKeep vulnerability (CVE-2019-0708), which, if exploited, would allow a remote attacker to take over a victim’s computer and execute code. The main thing that sets BlueKeep apart from other bugs is that it’s wormable – which means that it can self-propagate from machine to machine, setting up the scene for a fast-moving, global pandemic infection wave.

The concern was big enough that Microsoft even took the unusual step of deploying patches to Windows XP and Windows 2003, which are end-of-life and no longer supported by the computing giant. And, the National Security Agency issued a dire warning: “It is likely only a matter of time before remote exploitation code is widely available for this vulnerability. NSA is concerned that malicious cyber-actors will use the vulnerability in ransomware and exploit kits containing other known exploits, increasing capabilities against other unpatched systems.”

There are still hundreds of thousands of unpatched machines in the U.S.; and working proof-of-concept exploits have been created, including one showing how an unauthenticated attacker can achieve full run of a victim machine in about 22 seconds.

Financial Security Hacked Away

Banks just can’t catch a break. They’ve been the targets of robbers and tricksters throughout time, and our migration to the digital realm is no different. Capital One learned this lesson the hard way in July when it starred in its own summertime horror show. A single hacker demonstrated all the ways financial services firms are vulnerable in massive hack of Capital One that opened doors to the data of more than 100 million people through various avenues, including credit card applications, bank account numbers and social security numbers.

Ransomware Dirty Tricks

Ransomware operators carry out dirty tricks year-round. Last month, a rash of ransomware attacks crippled hospitals worldwide, forcing them to turn away patients and cancel surgeries. The cyberattacks froze the computer systems of several medical facilities in the U.S., with the cybercrooks demanding their treat (payment) in order to restore files.

One of the victims was DCH Health System, a regional hospital and medical complex located in Alabama, which resulted in three satellite hospitals turning away patients. The three regional hospitals, located in Tuscaloosa, Fayette and Northport, were “closed to all but the most critical new patients, because cybercriminals were limiting the hospitals’ abilities to use their computer systems in exchange for an ‘as-yet unknown payment.’” The Alabama hospitals decided to pay up, eventually, even though the FBI typically does not recommend doing so.

Ransomware attacks in 2019 have become more targeted against specific vertical businesses, such as local governments and healthcare organizations, with attackers taking the time to know their victims to ensure they can inflict maximum disruption and garner higher ransoms.

Damned by a Data Breach

In September, the rampant data breach trend reached food delivery service DoorDash, which said that a hack affected almost 5 million customers, drivers and local restaurants using its platform.

DoorDash, an on-demand food delivery service, connects end users with local restaurants and relies on contracted drivers who use their own vehicles for delivery, also known as “Dashers.” A variety of personal data was accessed including names, email addresses, delivery addresses, phone numbers and hashed passwords. Also accessed was payment information including the last four digits of payment cards and driver’s license numbers.

This is only one example: Businesses are increasingly facing data breach horrors, as the Dark Web thirst for personal information that can be used for fraud and payment card data shows no signs of abating.

These are but a few of the cybersecurity nightmares we’ve seen so far in 2019, which show that every business, in any industry, is at risk from ransomware and other malware, security bugs, data thieves and more.

To protect your business from cybersecurity ghouls, it’s critical to invest in proactive monitoring and patching of desktops and servers; intrusion prevention and detection; next-gen firewall and antivirus; and remote troubleshooting and repair. If that sounds scarily complex and resource-intensive, don’t worry: TPx has invested in the best IT security technologies, so you don’t have to. In other words, we can help you banish the horrors with all of the above functions, all at one cost-effective price.

If you’re looking for a reliable managed service that will keep your business safe from cyber-monsters, consider TPx. Visit https://www.tpx.com/services/managed-it/  or contact your TPx representative to learn more.

About the Author

Lucie Hys is a Senior Product Marketing Manager at TPx. She is currently leading the marketing efforts for the company’s MSx suite of managed services. She has been working in marketing for more than 9 years, with the last four focusing on the cybersecurity industry. Lucie graduated with an MBA from Florida Gulf Coast University. In her spare time, she is an avid fitness enthusiast and a passionate traveler. 

 

A network firewall is the first line of defense to protect your organization’s data, network, and critical assets from outside intruders and threats.  But in everyday terms, what does it really mean and why is it important to your business?

Think of your house as your business network.  The walkway from the street to the front door is your data connection (bandwidth) to the Internet, making your front door the connection to the world.  In networking, we call this “front door” the WAN interface.

There used to be a time when we left our front doors unlocked or even left wide open.  We didn’t get too many visitors, so we would just open and close the front door to let them in or deny their entry.  Unfortunately, those days are over.  If we leave our front door open, there will be unwanted visitors.  On a typical network, there can be tens of thousands of visitors every second.  In the networking world, these visitors are called packets.  We certainly don’t want all these packets coming in and out of our network without knowing what they are, but we can’t be opening and closing the door that often.

So what do we do?  We get a very fast security guard to stand at that front door, and we tell him who and what to let in and what to block.  That security guard is the firewall.  Without that security guard/firewall there, we are letting in pretty much any visitor, and some of those visitors will be criminals who are coming to rob us.

On a basic level, the security guard can look at where a visitor comes from.  If they come from our local book club, we are going to let them in. If it’s a salesperson, we won’t even open the door.  One way a firewall does this is by looking at the source IP. If it’s an IP for Google, we will probably let it in. If it’s an IP from the Dark Web, we won’t allow it.

We might let visitors in the front door at home, but that doesn’t necessarily mean we give them access to the entire house.  We’ll let them use the guest bedroom and bathroom, but our master bedroom and bathroom are off limits.  A firewall typically accomplishes this by looking at port numbers.  You want to access my web server on port 80?  Yup, go ahead… but you aren’t going to get to see my FTP server on port 21. And we might decide that only certain IPs can access the web server.  This helps to block unsolicited traffic into our network.

When you browse the Internet, you are basically shouting out from your window into the street (Internet) and saying “Hey, I want to see the brochure about ABC Widgets.”  So your browser connects to ABCWidgets.com, and that company starts sending you information (in the form of web traffic and packets) back to you.  We need to make sure we are letting that traffic in. A firewall does that because it knows who you called out to and lets them back in.

Everything we’ve talked about so far describes the old type of firewall.  Now we have what’s called a Next Generation Firewall (NGFW).  The problem with the old firewall is that the criminals knew they could get into a house, but not necessarily into the master bedroom where the safe full of valuables was hiding.  So they started hiding saws and lock picks in their pockets or in the boxes they were carrying into the house.  Once inside the house, they might go to the guest bathroom because we said they could go there.  But once inside the guest bathroom, they unload the saw to cut a hole in the wall which leads into the master bedroom, where they use the pick to unlock the jewelry drawer.  These saws and picks are the viruses, malware, crypto lockers, and other cybersecurity threats that you hear so much about.

The NGFW tells the security guard, “Hey, make sure you look at what is in these guests’ pockets and the boxes they might bring in” – meaning data, attachments, and files. That means the firewall is no longer just looking at where the packets come from and where they are going. The NGFW is looking at the information contained in the packet, so we can try to identify if there is anything malicious and block it if necessary.  These new firewalls also tend to keep very good records of who and what is going through the front door.  That walkway to the front door (bandwidth) is only so big, so we want to know who is inviting in all those Netflix streaming packets that are congesting the walkway and maxing out the bandwidth.

Now that you know what a network firewall is and what it does, learn about the costs associated with security breaches – and then you will understand why having perimeter security with a firewall is so important.

Interested in protecting your business with a Next Gen Firewall?  Request a free, no-obligation consultation with TPx’s security specialists today.

 

About the Author

Erik Nordquist is the Senior Product Manager for TPx Communications’ managed security services. He’s led a broad range of critical activities, including Field Operations and the Hostmaster team where he built TPx’s anycast DNS network to service its 55,000 customer locations. His work on the Network Integrity team made him the resident expert for mitigating Denial of Service (DoS) attacks. After interfacing with customers for years, Erik is bringing his customer-focused approach to his Product Manager role, helping to deliver first-in-class security services to TPx clients with unsurpassed customer support.

 

5 Things You Must Know About Firewalls

How much money will your company need to lose before you stop procrastinating on cybersecurity matters?

There is always a “too late” option, when the cyberattack puts you out of business, which happens to 60% of small businesses within six months of a cyber-incident. Although most companies know of the dire consequences of cyber threats, they postpone addressing them for various reasons. Many assume that “everything is fine right now,” so their response is reactive instead of proactive – which is a lot more stressful, and most of all, risky.  According to the Better Business Bureau and their 2017 State of Cybersecurity Report, the top five factors that prevent SMBs from advancing in their cybersecurity efforts are as follows:

  1. Lack of resources
  2. Lack of expertise or understanding
  3. Lack of information
  4. Lack of time
  5. Lack of training

Just like putting off going to the dentist, that decision can often come back to bite you (pun intended).  When this happens, we often remember the old Benjamin Franklin axiom: “An ounce of prevention is worth a pound of cure.”  According to the PwC Health Research Institute analysis, the likely cost of a serious cybersecurity breach in the healthcare industry is $200 for every patient’s record, when the cost to thwart a cyberattack is only $8 for every patient’s record. This figure alone should motivate you to take action.

Many small businesses don’t know where to begin. One of the first lines of defense a business can take is to have a properly configured and installed firewall on their network. Here are five key things you should know about firewalls:

1. What is a firewall and what does it do?

A firewall can be either hardware or software-based.  Our Windows-based machines have a built-in firewall, but generally speaking, when talking about firewalls we are referring to hardware.  A firewall is a network-based perimeter security device that is intended to protect your network’s devices from the dangers that exist on the Internet.  Data is exchanged between your network devices and destinations in cyberspace and firewalls monitor this data (sent in packets) to check whether they are safe or not.  The firewall does this by establishing whether the packets meet the established rules and rejects any packets of data that don’t.  If it didn’t do this, within minutes of connecting a device to the Internet, attackers would attempt to compromise our computers.

2. All firewalls are not created equal

We talked about software-based firewalls which may live on a computer’s software, but these types of firewalls are very limited in what they can do.  Older physical firewalls have the same types of limitations.  They are good at blocking and allowing specific ports, sources, and destination IP addresses, and they can also translate and route traffic into your internal network.  This type of functionality used to be sufficient, but with the advanced threats out there today, that’s no longer the case.  Nowadays, we talk about Next Generation Firewalls (NGFW).  What sets these devices apart from their older counterparts are their advanced features: specifically, their ability to inspect individual packets for malicious payloads.  Unified Threat Management (UTM) consolidates multiple security and networking functions such as anti-virus protection, web content filtering, application control, and intrusion detection/protection (IDS/IPS), all on one appliance protecting the network.  While we want our firewall to inspect every packet individually, what we don’t want is to feel that the firewall is slowing down the network.  We want the firewall to be transparently running in the background providing peace of mind without demanding our attention.  That is accomplished by sizing the firewall properly and using one with a security-centric processor to handle all those UTM tasks.  Providing that is a pretty sophisticated challenge, so don’t make the mistake of buying a firewall at a big box store thinking that it will solve all your security problems.

3. Firewalls and firewall rules must be constantly updated

Things are constantly changing in IT, and managing all the changes is one of the biggest problems that businesses face.  Maintaining a clean set of firewall rules is one of the most important firewall management functions. However, many businesses continue to struggle with this task, leaving them open to increased risks such as open ports, unwanted VPN tunnels, and unnecessary complexity which could lead to the firewall being unknowingly bypassed altogether.  On top of that, the firewall itself needs to be constantly updated to ensure that it can detect the most recent threats.  The firmware on the firewall itself may need to be updated if engineers discover a vulnerability.  Keeping up with all of these updates can be overwhelming, and most businesses simply forget to do them.  That’s a potentially fatal mistake.

4. Encryption can be bad for your firewall

Encryption was created to prevent unwanted eyes from viewing the data we are transmitting and receiving.  The paradox is that this increased security could be preventing your firewall from doing its job of inspecting packet payloads for malicious content.  If a packet reaches a firewall and the firewall has no way to decrypt the packet and inspect what is inside, it will most likely be passed on to its final destination.  The way to resolve this – and get the firewall back to where it can look for malicious payloads – is to institute SSL Deep Packet Inspection (DPI) on the firewall. DPI allows the firewall to become a “man in the middle” for all Internet traffic and ensure that the local network is properly protected.  This process is CPU intensive, so again, a properly-sized firewall is critical.

5. Firewalls aren’t just about security

We put firewalls on a network to help secure it from malicious attacks, but there are some great added benefits from NGFW that aren’t necessarily security-related.  Good firewalls will give you the ability to run and view detailed reports about network traffic.  These can be critical if you have to meet certain compliance requirements, such as PCI or HIPAA. Because a firewall is a network device at its core, you will gain increased visibility into your network.  No more need to create a mirrored port on your switch and run Wireshark or another packet capture program, because today’s firewalls will allow you to view real-time and historical traffic on your network –  a great aid in troubleshooting network issues.  Firewalls can also help enforce company HR or other group policies by leveraging web content filtering controls; these can also maintain productivity by limiting access to certain time-consuming sites.  Application control helps prevent bandwidth overutilization by bandwidth-hogging applications such as video streaming services.  Since company employees are not always local, the firewall’s ability to support remote users – and doing it in a secure manner – is critical for increased productivity.

 

While there are many things to consider when implementing firewalls or updating your existing firewall, a basic understanding of what they do and what they can’t do is important.  Firewalls are evolving constantly with more functionality and advanced features. That’s an important aspect in combating today’s threats, but often makes implementing firewalls and firewall policies more complex.  Small businesses often have a hard time implementing and maintaining security on their own, largely due to the fact that security professionals are hard to find and expensive to keep on staff.  As a result, more businesses are turning to a Managed Services Provider like TPx for their security needs, which allows them to get that enterprise level security at a price they can afford.

Ready to get peace of mind and stop procrastinating on your security? Talk to a TPx specialist today.

 

About the Author

Erik Nordquist is the Senior Product Manager for TPx Communications’ managed security services. He’s led a broad range of critical activities, including Field Operations and the Hostmaster team where he built TPx’s anycast DNS network to service its 55,000 customer locations. His work on the Network Integrity team made him the resident expert for mitigating Denial of Service (DoS) attacks. After interfacing with customers for years, Erik is bringing his customer-focused approach to his Product Manager role, helping to deliver first-in-class security services to TPx clients with unsurpassed customer support.

off-the-shelf security devices

When it comes to cybersecurity options for businesses today, the range of “off-the-shelf” options can be dizzying – and exciting – for those looking to cut administrative costs. A nice, new shiny router with what claims to be “business-class” firewalling and maybe even some DDoS protection for under 200 bucks? For many business owners the answer is “Yes please!” when the answer really needs to be “No way,” or maybe even “No freaking way!”

The consequences of going with one of the many routers (or other quick-fix security products) for sale at a big-box store can be devastating. These solutions may claim to offer business-class security, like firewall options, but the reality is that their features are limited and require frequent updates to make sure they’re ready to handle the latest threats. They also offer a false sense of security, given their narrow focus. Throwing a router with a firewall into the network and calling it a day is not a solid defense against the troublemakers out there targeting businesses every minute.  To be fully protected, businesses need to think bigger and broader – which is where managed services come in.

A good managed security product keeps you automatically up-to-date with a comprehensive set of the most powerful defenses against ever-evolving threats, while eliminating overhead. By way of comparison, to really do any good, that off-the-shelf router needs to be paired with additional security layers, including intrusion detection, traffic monitoring, antivirus and anti-malware software, plus work on the network/LAN side, like properly configuring user permissions to determine who has access to what data on the network. There’s also disaster recovery and backups to consider. Putting all of that together takes time and expertise—something that’s in short supply for most businesses except the largest enterprises.

Sure, many companies think they’re too small or their data’s too generic to find themselves in the sights of cybercriminals. The reality, however, is that 58 percent of all breach victims are categorized as small businesses.

It’s also worth noting that you never know when an on-premises device like a router can become a conduit for bad actors. The FBI, for instance, recently advised that the VPNFilter malware has infiltrated 1 million routers and counting – noting that everyone should reset their network boxes to help thwart the malicious code. “The FBI recommends any owner of small office and home office routers power cycle (reboot) the devices,” the Bureau said in a statement. “VPNFilter is able to render small office and home office routers inoperable. The malware can potentially also collect information passing through the router.”

The TPx managed services suite includes affordable device monitoring and management, network intrusion detection and prevention, antivirus, web content and spam filtering, plus disaster recovery options – all backed with our round-the clock Security Operations Center and highly experienced cybersecurity analysts.

Contact your TPx representative today to find out how managed services can help you avoid the consequences of hasty decisions in your security spend and keep your business safe and stable.

About the Author

Matt Mair is a Senior Product Marketing Manager for Managed Services. His role includes marketing and communications for TPx’s suite of managed IT offerings including Managed SD-WAN, LAN Monitoring, Office 365, Managed Endpoint, Colocation and Server Backup solutions. Matt holds an MBA from Michigan State University’s Broad School of Business and resides in Los Angeles.

It’s a scary world out there. As if new competitors, technologies and changing markets weren’t enough to keep you awake at night, there are all those headlines that seem to hit every couple of weeks – Wannacry virus spread worldwide… Data breach exposes the customer information of tens of thousands… Chapter 11 filing cites damage from last year’s hacking attack…

Some 70 percent of cyberattacks target small businesses, according to the National Cyber Security Alliance. Why? It’s pretty simple. Smaller enterprises aren’t likely to have dedicated internal IT departments and sophisticated systems that can keep pace with the furiously evolving arsenal of malicious malware – including viruses, spyware, worms and service attacks – that’s arrayed against them. A Dark Net universe of global attackers sees soft targets and easy paydays. Business owners see potential disaster.

Fortunately, there are potent reinforcements ready to man the barricades. SMBs increasingly turn to managed security services such as managed firewall solutions to gain the same level of protection that the largest enterprises deploy. In fact, the SMB segment’s adoption of managed security services is expected to grow at the highest compound annual growth rate (CAGR) of all business segments through 2021, according to a recent MarketsandMarkets report.

Firewall solutions guard the critical information that flows within organizations from external and internal threats. Deployed at network borders, they act as choke points that prohibit potentially vulnerable traffic from entering or leaving networks and can instantly stop a database attack. That’s potent protection for SMBs. However, firewall management is an ongoing process that requires IT security resources, expertise and diligent maintenance. A poorly-implemented or improperly-configured firewall can leave a company just as vulnerable as not having one at all.

At TPx, we’ve eliminated the challenges SMBs face in firewall implementation and maintenance with ITx for Firewalls – a powerful turnkey managed security service that provides an easily deployable and cost-effective firewall solution. This innovative service frees business owners, managers and even IT specialists from the worries of network security planning and firewall maintenance. With flexible hardware options and remote 24×7 device monitoring and management from our state-of-the-art Security Operations Center (SOC) in St. Louis, security and threat management becomes a lot less threatening.

With ITx for Firewalls, TPx customers can focus on building and running their businesses while our security team, led by former military intelligence and Department of Defense officials, handles all firmware updates and administrative configuration changes. And with a TPx-managed firewall, our customers also get the peace-of-mind of layered Unified Threat Management (UTM) services as well— all run from our cutting-edge SOC.

Traditional firewalls and routers often include a basic level of protection via packet inspection. However, packet inspection alone does not thwart malicious intent and threats. TPx believes that all of our managed firewall customers deserve an affordable security solution that offers levels of UTM in a single solution, guarding against threats by performing intrusion protections such as content filtering, application control and anti-virus – duties traditionally handled by multiple systems. Layered on top is a dedicated security team to manage the necessary firmware upgrades that keep the business’s protection up to date with the latest security policies. A managed firewall solution that combines threat protection with expert monitoring and management is an uncommonly powerful and economic solution for SMBs.

The technology landscape is changing, and so are the potential threats against businesses of all sizes. SMBs are particularly vulnerable as they face more attacks but have fewer resources available to protect their networks, operations and data. More than ever, they need innovative solutions that can protect their data and provide comprehensive security that’s both scalable and easy to manage. Managed firewalls – especially when backed by a comprehensive threat-management suite – can be a great equalizer for SMBs in a cyber-threat landscape that otherwise favors larger companies with significant IT and security resources.

It’s just common sense.

About the Author

Teri Lingley is a Sr. Product Manager for ITx Managed Services, specifically for TPx’s managed Software-Defined Wide Area Networking and security solutions. She has over 20 years of experience in managed network services and business continuity, ranging from enterprise sales to product management and development. Since the beginning of her career, her focus has been on bringing new technologies to market as managed solutions that enable business customers to keep focus on their business and not their networking. Teri is passionate about providing next-generation solutions that protect SMBs from threats, whether they be a natural disaster or the latest malware. Teri received her undergraduate degree and M.B.A. from Virginia Tech and resides in Dallas, TX.