Blog

When we talk to customers, it’s clear that, slowly but surely, the mindset of SMBs is changing to be more hyper-vigilant when it comes to cybersecurity.

Sure, cybersecurity has traditionally been a back-burner issue for small- and medium-sized businesses (SMBs) – whose resources are laser-focused on customers, business growth and technology development. But the threat surface is growing, and SMBs are realizing they need to step up their security practices in order to survive.

In fact, according to the Ponemon Institute, a full 70 percent of SMBs have experienced a cyberattack within the last year. These attacks include ransomware, cryptomining, social media attacks, credential theft and business email compromise (BEC) – all of which are becoming top-of-mind.

Here’s a short recap of these top threats:

Ransomware

Most attacks (in general) typically involve attackers sending an email to unsuspecting employees with the aim of getting them to click on a malicious link or attachment that will execute malware on a victim’s machine. Ransomware is no different; from there, the malware infiltrates the company network, sniffing out endpoints and servers to lock up by encrypting their contents. The attackers then demand payment in exchange for the decryption key. Sometimes the adversaries threaten SMBs with extortion, saying they’ll make the data public if they don’t pay up. These attacks are becoming more targeted against specific businesses too, with attackers taking the time to know their victims to ensure they can craft convincing emails, inflict maximum disruption and garner higher ransoms.

Cryptomining

Cryptomining malware arrives on victims’ desktops and spreads through networks in the same way that ransomware does. But the payload is a piece of code that highjacks computer’s processing resources in order to apply them to mining for cryptocurrencies (most often Monero). It’s a complex blockchain process that can be lucrative for those doing it – especially if they’re not paying for their own processing power. Cryptominers are quieter by nature than ransomware, and tends to quietly leach CPU cycles while remaining hidden on a client PC or inside the datacenter. For SMBs, this translates into degraded computing performance, system-crashing and more, and can plague everyday tasks and radically reduce productivity.

Social Media Attacks

Phishing is a well-known attack vector, where cyberattackers looks to scam users via fraudulent emails. As users get more savvy at recognizing fraud mails, adversaries are moving to more trusted platforms, like social media. At SMBs, where personal social media use and business machines mingle in the absence of hard-core web policies, scammers use fake profiles to trick users into turning over sensitive info, like passwords, account numbers, tax ID numbers, credentials and more. Scammers launch thousands of phishing attacks like these every day—and they’re often successful.

Credential Theft

Speaking of credentials, the market for these is booming on the Dark Web. SMB usernames and passwords for cloud accounts, email, financial apps and more are all sought-after treasure for cyberattackers, which can be uncovered via phishing, brute force attacks or via spyware attacks. Those that steal credentials can easily sell them to other adversaries looking to take over accounts: Financial accounts to steal money directly, cloud accounts to steal company data, email accounts to carry out fraud (like BEC, our next top threat), social media accounts to cause brand damage and more. And, crooks can bank on employees using the same credentials across accounts – so, if an attacker has the password for, say a LinkedIn account, odds are the same combination will work against a more important service.

Business Email Compromise (BEC)

And finally, there’s BEC. While consumers mainly use their devices and various messaging apps to communicate, business users still predominantly use email. Cybercriminals are taking great advantage of this by impersonating executives, senior managers and supply-chain partners to dupe employees into authorizing fraudulent wire transfers or providing confidential information that can be used to defraud companies. These attacks are obviously at their most compelling when a cybercriminal has email account credentials and can log in and send a fraud email from the executive’s real account; but there are ways to spoof email addresses that are quite convincing.

No Business is Immune

The reality is, no one is immune to cybercrime, and SMBs need to take stronger action as they go forward. However, SMBs do face challenges when it comes to shoring up their armor: They have smaller budgets and limited resources to spend on training and security software. This makes them not only an ideal target for external cyberattackers that look for low-hanging quarry with limited defenses, but also ups the potential for negligent employees to make mistakes that have consequences (insider mistakes are to blame for 54 percent of SMB data breaches, according to Ponemon).

Luckily, they can turn to managed service providers (MSPs) like TPx to help. With our Managed Firewall and Managed Endpoint services, you gain your own dedicated team of security professionals working for you. And, we keep your defenses consistent: You never need to worry about installation, configuration, maintenance, patching or updating of your security infrastructure – and it’s all provided at a price you can afford.

Make your business more secure with TPx, so you can focus on growing your organization with the peace of mind that you have the latest, most up-do-date modern security defenses possible. Visit www.tpx.com/services/managed-it or contact your TPx representative to learn more!

 

About the Author

Erik Nordquist is the Senior Product Manager for TPx Communications’ managed security services. He’s led a broad range of critical activities, including Field Operations and the Hostmaster team where he built TPx’s anycast DNS network to service its 55,000 customer locations. His work on the Network Integrity team made him the resident expert for mitigating Denial of Service (DoS) attacks. After interfacing with customers for years, Erik is bringing his customer-focused approach to his Product Manager role, helping to deliver first-in-class security services to TPx clients with unsurpassed customer support.

 

The business landscape is becoming more competitive and having the right operational strategy in place can help organizations differentiate themselves, improve margins and free up resources to invest in core priorities. Small- and medium-sized businesses (SMBs) in particular are realizing that they can adopt a managed services approach to many mission-critical operational functions, including technology training, cybersecurity/compliance strategies, workflow and process improvements, policy development and implementation, and onboarding new technologies. MSPs investing in professional services practices will be uniquely positioned to provide SMB clients with affordable, high-quality alternatives to trying to carry out these functions with thin or non-existent in-house expertise. For smaller companies that may not have dedicated staff, these unique, value-added services can complement managed IT, security, SD-WAN and other MSP wares.

The Internet of Things

The rise of connected devices has been spinning up for years now – but IoT devices are finally crossing the chasm into the mainstream, with 10 billion of them expected to be deployed by the end of next year, according to Iota. A full 22 billion are expected to be in the field by 2025. Much of the business investment will come from “smart manufacturing” deployments, logistics/fulfillment and transportation – but everything from connected video displays to product sensors to smart lightbulbs and thermostats will find their way into a range of offices going forward.

All of this promises to revolutionize how businesses collect, manage and use data to inform strategic operational decisions. However, as with any emerging technology, there’s a substantial gap between the possibilities and practicality. Among other things, implementing an IoT ecosystem requires a solid cybersecurity strategy, an end-to-end device management stack, and options for managing bandwidth and connectivity – a tall order for many resource-constrained SMBs. Fortunately, the right MSP can help businesses bridge the gap by designing and deploying IoT solutions that add long-term value to their operations.

Multi-cloud Adoption

Digital transformation is continuing for organizations of all sizes as they look to harness the power of virtualization, DevOps and on-demand everything to accelerate their businesses and gain competitive advantage. To support these efforts, the rise of multi-cloud architecture will be the most significant trend in cloud for 2020.

Multi-cloud refers to the strategic decision to use multiple private and public cloud providers to meet different technical or business requirements. More specifically, applications and microservices can be built using component services from different cloud providers, depending on their specific requirements. There are multiple benefits of this approach, ranging from avoiding vendor lock-in and building redundancy, to segregating for security and exploiting best-of-breed solutions.

However, building these new platforms takes expertise in planning, migrating, optimizing and securing infrastructure across multiple cloud vendors – and multi-cloud being a new area, many businesses are at loss for where to turn to acquire it.

Automation

Automation can dramatically reduce workloads in IT and server environments. As standard processes become increasingly automated, look for complex and proprietary automations to become new sources of competitive advantage for MSPs. From onboarding to helpdesks to billing – and everything in between – opportunities for automation scripts to drive new efficiencies abound.

Partnership

MSPs are perfect partners to help companies through all of the stages of this digital transformation journey. Managed planning services include evaluating infrastructure needs, assessing vulnerabilities and planning for disaster recovery and business continuity; migration involves selecting applications and services to implement in the cloud; optimization requires evaluating tradeoffs between performance, agility and efficiency, on the right combination of platforms; and, security requires protecting apps and data from breaches, denial-of-service (DoS) attacks and the remediation of malware threats.

2020 promises to provide plenty of opportunities for managed services to play a crucial role in companies’ growth trajectories through professional services, IoT and multicloud rollouts. If you are looking for a good company to join forces with, contact us today.

 

About the Author

Lori Hannan is the Product Manager for the MSx Managed SD-WAN Service for TPx Communications, a leading provider of UCaaS, Managed IT services and Managed Connectivity services, with approximately 30,000 customers and 53,000 customer locations across the U.S. Hannan has more than five years’ experience in SD-WAN technology and networks. She recently launched a second managed SD-WAN solution for TPx, which has been a great success. Previous to her network career, she worked with a variety of voice solutions and also launched a Voice over Internet Protocol (VoIP) cloud-based managed solution.

 

Horror stories and thrillers are back in style, but you don’t have to go to the theater or queue up Netflix to get your fear on this year—especially if you’re a business owner or IT manager. Cybersecurity incidents are increasing, thanks to an expanding attack surface fueled by an explosion of connected devices, better network speeds and the move to the cloud and mobile working. While some hacks, vulnerabilities and malware attacks are fairly tame, 2019 has seen some true horror stories so far, showing us just how scary things that lurk in the darkness of cyberspace can be. Here are just a few of the horror stories we’ve seen so far in 2019.

BlueKeep Vulnerability Lurks in the Shadows

In May, Microsoft alerted Windows users to the BlueKeep vulnerability (CVE-2019-0708), which, if exploited, would allow a remote attacker to take over a victim’s computer and execute code. The main thing that sets BlueKeep apart from other bugs is that it’s wormable – which means that it can self-propagate from machine to machine, setting up the scene for a fast-moving, global pandemic infection wave.

The concern was big enough that Microsoft even took the unusual step of deploying patches to Windows XP and Windows 2003, which are end-of-life and no longer supported by the computing giant. And, the National Security Agency issued a dire warning: “It is likely only a matter of time before remote exploitation code is widely available for this vulnerability. NSA is concerned that malicious cyber-actors will use the vulnerability in ransomware and exploit kits containing other known exploits, increasing capabilities against other unpatched systems.”

There are still hundreds of thousands of unpatched machines in the U.S.; and working proof-of-concept exploits have been created, including one showing how an unauthenticated attacker can achieve full run of a victim machine in about 22 seconds.

Financial Security Hacked Away

Banks just can’t catch a break. They’ve been the targets of robbers and tricksters throughout time, and our migration to the digital realm is no different. Capital One learned this lesson the hard way in July when it starred in its own summertime horror show. A single hacker demonstrated all the ways financial services firms are vulnerable in massive hack of Capital One that opened doors to the data of more than 100 million people through various avenues, including credit card applications, bank account numbers and social security numbers.

Ransomware Dirty Tricks

Ransomware operators carry out dirty tricks year-round. Last month, a rash of ransomware attacks crippled hospitals worldwide, forcing them to turn away patients and cancel surgeries. The cyberattacks froze the computer systems of several medical facilities in the U.S., with the cybercrooks demanding their treat (payment) in order to restore files.

One of the victims was DCH Health System, a regional hospital and medical complex located in Alabama, which resulted in three satellite hospitals turning away patients. The three regional hospitals, located in Tuscaloosa, Fayette and Northport, were “closed to all but the most critical new patients, because cybercriminals were limiting the hospitals’ abilities to use their computer systems in exchange for an ‘as-yet unknown payment.’” The Alabama hospitals decided to pay up, eventually, even though the FBI typically does not recommend doing so.

Ransomware attacks in 2019 have become more targeted against specific vertical businesses, such as local governments and healthcare organizations, with attackers taking the time to know their victims to ensure they can inflict maximum disruption and garner higher ransoms.

Damned by a Data Breach

In September, the rampant data breach trend reached food delivery service DoorDash, which said that a hack affected almost 5 million customers, drivers and local restaurants using its platform.

DoorDash, an on-demand food delivery service, connects end users with local restaurants and relies on contracted drivers who use their own vehicles for delivery, also known as “Dashers.” A variety of personal data was accessed including names, email addresses, delivery addresses, phone numbers and hashed passwords. Also accessed was payment information including the last four digits of payment cards and driver’s license numbers.

This is only one example: Businesses are increasingly facing data breach horrors, as the Dark Web thirst for personal information that can be used for fraud and payment card data shows no signs of abating.

These are but a few of the cybersecurity nightmares we’ve seen so far in 2019, which show that every business, in any industry, is at risk from ransomware and other malware, security bugs, data thieves and more.

To protect your business from cybersecurity ghouls, it’s critical to invest in proactive monitoring and patching of desktops and servers; intrusion prevention and detection; next-gen firewall and antivirus; and remote troubleshooting and repair. If that sounds scarily complex and resource-intensive, don’t worry: TPx has invested in the best IT security technologies, so you don’t have to. In other words, we can help you banish the horrors with all of the above functions, all at one cost-effective price.

If you’re looking for a reliable managed service that will keep your business safe from cyber-monsters, consider TPx. Visit https://www.tpx.com/services/managed-it/  or contact your TPx representative to learn more.

About the Author

Lucie Hys is a Senior Product Marketing Manager at TPx. She is currently leading the marketing efforts for the company’s MSx suite of managed services. She has been working in marketing for more than 9 years, with the last four focusing on the cybersecurity industry. Lucie graduated with an MBA from Florida Gulf Coast University. In her spare time, she is an avid fitness enthusiast and a passionate traveler. 

 

what are managed services

Most people have heard the term “MSP.” While a majority understands that it stands for “Managed Service Provider,” very few have a good grasp of what it really entails. As a result, many customers have ill-informed expectations.

To help clear up any misunderstanding, I spoke with Erik Nordquist, TPx’s Product Manager for MSx Security Services and MSx Datacenters.

Erik, what do TPx customers really get with our Managed Firewalls and Managed SD-WAN solutions?

For Managed Firewalls, our security specialists monitor customers’ firewalls 24/7 in our own SOCs (Security Operations Centers) to make sure the firewalls are up and operating.  In case it’s down, we open a ticket and engage the customer to make sure it isn’t an ISP issue.  If it’s the ISP, then we work internally to make sure there isn’t an issue with our circuit.

When we provision the firewall, we make sure it is provisioned properly and that it adheres to best practices.  We make all the necessary changes but keep the old configurations, with the new configurations being stored off-site in case there is a need for an audit or for disaster recovery.

If any vulnerabilities are discovered (not common, but can happen), then we update the firmware to close off the vulnerability.  If there are bugs, we work to resolve them.  If the hardware has issues, we work to get the hardware replaced.  The customer never needs to notify the vendor – we do that for them.  If any scans or compliance issues come up, we help resolve those with the customer.

If there is an issue on the network, we troubleshoot for the customer to best determine where the problem is.  We also provide reports about what is happening on the customer’s network – for instance, what their web usage looks like.  With the MSx Optimum Firewall service, we maintain customer traffic logs for 4 months.

All of these things can happen at any time – day or night.  If a customer wants to make a change or just has a question, they can open a service ticket, send an email, or call the SOC team to speak with someone.

When we are managing a third-party circuit, since we are an authorized contact, TPx can open tickets if there are problems with the circuit and can work with the provider to troubleshoot the issues. This way the customer only has one company to contact and doesn’t have to lose time by dealing with multiple parties.

Can you share some more benefits of managed services?

We deal with most issues that come up, which frees up the customer to concentrate on other areas.  In general, this is what managed services is all about.  An IT person may have general knowledge in all areas but not really specialize in one single area.  TPx has experts in all areas that we manage, and we have the systems in place to offer enterprise-level services that would otherwise not be available to smaller businesses.  Instead of hiring expensive IT people that are hard to find these days, customers can look to us to do this work.

Why should businesses choose TPx over other Managed Services Providers?

TPx is large enough to get the job done right and agile enough to get it done on time. TPx puts an emphasis on using market-leading technology while providing excellent customer service around the clock. Our services portfolio is designed to be a one-stop-shop for IT and security, so customers can eliminate the complexity and headaches that come with dealing with multiple vendors. Very few providers in the U.S. can offer a product portfolio scope of a nationwide managed services carrier like we do. Our trained and experienced staff watches over our customers 24/7/365 so that if an issue arises, it is resolved quickly and effectively. Our solutions are designed to provide enterprise-level quality and customization without an enterprise price tag.  We offer incredibly flexible cost options for customers, based on their service level needs and service commitment lengths.

 

Thanks for your insights, Erik!

You may feel overwhelmed with all the cybersecurity and IT pressures of today’s digital environment, but there is a light at the end of the tunnel. Let us give you a hand with your IT and security – schedule a free consultation with our specialists or call 888-407-9594.

 

About the Author

Lucie Hys is a Senior Product Marketing Manager at TPx. She is currently leading the marketing efforts for the company’s MSx suite of managed services. She has been working in marketing for more than 9 years, with the last four focusing on the cybersecurity industry. Lucie graduated with an MBA from Florida Gulf Coast University. In her spare time, she is an avid fitness enthusiast and a passionate traveler. 

 

 

A hacking organization called The Dark Overlord Solutions threatened schools and families in Flathead Valley, Montana, over the past few weeks, sending appalling electronic messages to school administrators and contacting families in the area with extortion demands and death threats.

The cybercriminals infiltrated the valley’s Columbia Falls school district server and stole personal information, as well as addresses and medical records of past and present students, staff and parents. This caused several schools in the district to close for three days before reopening under heightened security.

The Dark Overlord is a notorious hacker responsible for several high-profile breaches including one perpetrated on Netflix last year. The organization infiltrated a Netflix server, stole episodes of a popular show and threatened to release them early unless payments were made via electronic currency. A company associated with Netflix paid, but afterward the group released the episodes anyway.

That the group attacked a relatively small school district is a sign of the times: cybercriminals increasingly are targeting smaller organizations.

The Flathead Valley incident is unique in that the Dark Overlord group usually attacks larger targets with hundreds of thousands or millions of personal records. Security experts believe the organization is responsible for several prominent ransomware attacks in the healthcare sector, stealing millions of hospital records and social security numbers and trying to sell them back to institutions and individuals.

That the group attacked a relatively small school district is a sign of the times: cybercriminals increasingly are targeting smaller organizations. Today some 70 percent of attacks target small businesses, for example. And the threat is growing, particularly with ransomware attacks– a type of malicious software designed to block access to a computer system until a sum of money – literally, a ransom – is paid. To wit, the 2017 SonicWall Annual Threat Report claims that ransomware attacks exploded from 3.8 million in 2015 to 638 million in 2016.

Hackers increasingly are taking advantage of smaller enterprises without heavy in-house IT departments and sophisticated systems capable of keeping pace with evolving cyber threats including viruses, spyware, worms and service attacks. Quite simply, in small- and medium-sized businesses (SMBs) and organizations, cybercriminals see soft targets and easy money.

SMBs have a remedy in managed security services like those provided by TPx, including managed IT and business continuity services, all backed up by a state-of-the-art security operations center (SOC) staffed by a team of security analysts with deep military and intelligence backgrounds.

TPx also offers a Unified Threat Management solution that consolidates network security –including firewalls with anti-virus and anti-spyware protection, intrusion detection, web filtering and more – as a comprehensive and dynamic threat prevention solution.

TPx’s Managed Firewall service in particular provides a first line of defense against intrusions and other network threats. By using a hardware-based architecture to filter inbound and outbound traffic, a network firewall from TPx blocks malicious traffic before it can consume a company’s network bandwidth or last-mile circuit. It also protects the company’s network against unauthorized users, dangerous protocols, and common network-layer attacks without degrading network or application performance.

We developed these solutions so customers can concentrate on their strategic plans for business success, knowing they are protected by the most powerful security options available. These kinds of TPx solutions are surprisingly affordable for SMBs, which can no longer ignore escalating cybercrime aimed squarely at them. Contact your TPx representative today for details on how we can help you rest easier at night and focus on your core business during the day.

About the Author

Matt Mair is a Senior Product Marketing Manager for ITx Managed Services. His role includes marketing and communications for TPx’s suite of managed IT offerings including Managed SD-WAN, LAN Monitoring, Office 365, Workstation and Servers Management, Colocation and Server Backup solutions. Matt holds an MBA from Michigan State University’s Broad School of Business and resides in Los Angeles.