TPx Blog

When we talk to customers, it’s clear that, slowly but surely, the mindset of SMBs is changing to be more hyper-vigilant when it comes to cybersecurity.

Sure, cybersecurity has traditionally been a back-burner issue for small- and medium-sized businesses (SMBs) – whose resources are laser-focused on customers, business growth and technology development. But the threat surface is growing, and SMBs are realizing they need to step up their security practices in order to survive.

In fact, according to the Ponemon Institute, a full 70 percent of SMBs have experienced a cyberattack within the last year. These attacks include ransomware, cryptomining, social media attacks, credential theft and business email compromise (BEC) – all of which are becoming top-of-mind.

Here’s a short recap of these top threats:

Ransomware

Most attacks (in general) typically involve attackers sending an email to unsuspecting employees with the aim of getting them to click on a malicious link or attachment that will execute malware on a victim’s machine. Ransomware is no different; from there, the malware infiltrates the company network, sniffing out endpoints and servers to lock up by encrypting their contents. The attackers then demand payment in exchange for the decryption key. Sometimes the adversaries threaten SMBs with extortion, saying they’ll make the data public if they don’t pay up. These attacks are becoming more targeted against specific businesses too, with attackers taking the time to know their victims to ensure they can craft convincing emails, inflict maximum disruption and garner higher ransoms.

Cryptomining

Cryptomining malware arrives on victims’ desktops and spreads through networks in the same way that ransomware does. But the payload is a piece of code that highjacks computer’s processing resources in order to apply them to mining for cryptocurrencies (most often Monero). It’s a complex blockchain process that can be lucrative for those doing it – especially if they’re not paying for their own processing power. Cryptominers are quieter by nature than ransomware, and tends to quietly leach CPU cycles while remaining hidden on a client PC or inside the datacenter. For SMBs, this translates into degraded computing performance, system-crashing and more, and can plague everyday tasks and radically reduce productivity.

Social Media Attacks

Phishing is a well-known attack vector, where cyberattackers looks to scam users via fraudulent emails. As users get more savvy at recognizing fraud mails, adversaries are moving to more trusted platforms, like social media. At SMBs, where personal social media use and business machines mingle in the absence of hard-core web policies, scammers use fake profiles to trick users into turning over sensitive info, like passwords, account numbers, tax ID numbers, credentials and more. Scammers launch thousands of phishing attacks like these every day—and they’re often successful.

Credential Theft

Speaking of credentials, the market for these is booming on the Dark Web. SMB usernames and passwords for cloud accounts, email, financial apps and more are all sought-after treasure for cyberattackers, which can be uncovered via phishing, brute force attacks or via spyware attacks. Those that steal credentials can easily sell them to other adversaries looking to take over accounts: Financial accounts to steal money directly, cloud accounts to steal company data, email accounts to carry out fraud (like BEC, our next top threat), social media accounts to cause brand damage and more. And, crooks can bank on employees using the same credentials across accounts – so, if an attacker has the password for, say a LinkedIn account, odds are the same combination will work against a more important service.

Business Email Compromise (BEC)

And finally, there’s BEC. While consumers mainly use their devices and various messaging apps to communicate, business users still predominantly use email. Cybercriminals are taking great advantage of this by impersonating executives, senior managers and supply-chain partners to dupe employees into authorizing fraudulent wire transfers or providing confidential information that can be used to defraud companies. These attacks are obviously at their most compelling when a cybercriminal has email account credentials and can log in and send a fraud email from the executive’s real account; but there are ways to spoof email addresses that are quite convincing.

No Business is Immune

The reality is, no one is immune to cybercrime, and SMBs need to take stronger action as they go forward. However, SMBs do face challenges when it comes to shoring up their armor: They have smaller budgets and limited resources to spend on training and security software. This makes them not only an ideal target for external cyberattackers that look for low-hanging quarry with limited defenses, but also ups the potential for negligent employees to make mistakes that have consequences (insider mistakes are to blame for 54 percent of SMB data breaches, according to Ponemon).

Luckily, they can turn to managed service providers (MSPs) like TPx to help. With our Managed Firewall and Managed Endpoint services, you gain your own dedicated team of security professionals working for you. And, we keep your defenses consistent: You never need to worry about installation, configuration, maintenance, patching or updating of your security infrastructure – and it’s all provided at a price you can afford.

Make your business more secure with TPx, so you can focus on growing your organization with the peace of mind that you have the latest, most up-do-date modern security defenses possible. Visit www.tpx.com/services/managed-it or contact your TPx representative to learn more!

 

About the Author

Erik Nordquist is the Senior Product Manager for TPx Communications’ managed security services. He’s led a broad range of critical activities, including Field Operations and the Hostmaster team where he built TPx’s anycast DNS network to service its 55,000 customer locations. His work on the Network Integrity team made him the resident expert for mitigating Denial of Service (DoS) attacks. After interfacing with customers for years, Erik is bringing his customer-focused approach to his Product Manager role, helping to deliver first-in-class security services to TPx clients with unsurpassed customer support.

 

The business landscape is becoming more competitive and having the right operational strategy in place can help organizations differentiate themselves, improve margins and free up resources to invest in core priorities. Small- and medium-sized businesses (SMBs) in particular are realizing that they can adopt a managed services approach to many mission-critical operational functions, including technology training, cybersecurity/compliance strategies, workflow and process improvements, policy development and implementation, and onboarding new technologies. MSPs investing in professional services practices will be uniquely positioned to provide SMB clients with affordable, high-quality alternatives to trying to carry out these functions with thin or non-existent in-house expertise. For smaller companies that may not have dedicated staff, these unique, value-added services can complement managed IT, security, SD-WAN and other MSP wares.

The Internet of Things

The rise of connected devices has been spinning up for years now – but IoT devices are finally crossing the chasm into the mainstream, with 10 billion of them expected to be deployed by the end of next year, according to Iota. A full 22 billion are expected to be in the field by 2025. Much of the business investment will come from “smart manufacturing” deployments, logistics/fulfillment and transportation – but everything from connected video displays to product sensors to smart lightbulbs and thermostats will find their way into a range of offices going forward.

All of this promises to revolutionize how businesses collect, manage and use data to inform strategic operational decisions. However, as with any emerging technology, there’s a substantial gap between the possibilities and practicality. Among other things, implementing an IoT ecosystem requires a solid cybersecurity strategy, an end-to-end device management stack, and options for managing bandwidth and connectivity – a tall order for many resource-constrained SMBs. Fortunately, the right MSP can help businesses bridge the gap by designing and deploying IoT solutions that add long-term value to their operations.

Multi-cloud Adoption

Digital transformation is continuing for organizations of all sizes as they look to harness the power of virtualization, DevOps and on-demand everything to accelerate their businesses and gain competitive advantage. To support these efforts, the rise of multi-cloud architecture will be the most significant trend in cloud for 2020.

Multi-cloud refers to the strategic decision to use multiple private and public cloud providers to meet different technical or business requirements. More specifically, applications and microservices can be built using component services from different cloud providers, depending on their specific requirements. There are multiple benefits of this approach, ranging from avoiding vendor lock-in and building redundancy, to segregating for security and exploiting best-of-breed solutions.

However, building these new platforms takes expertise in planning, migrating, optimizing and securing infrastructure across multiple cloud vendors – and multi-cloud being a new area, many businesses are at loss for where to turn to acquire it.

Automation

Automation can dramatically reduce workloads in IT and server environments. As standard processes become increasingly automated, look for complex and proprietary automations to become new sources of competitive advantage for MSPs. From onboarding to helpdesks to billing – and everything in between – opportunities for automation scripts to drive new efficiencies abound.

Partnership

MSPs are perfect partners to help companies through all of the stages of this digital transformation journey. Managed planning services include evaluating infrastructure needs, assessing vulnerabilities and planning for disaster recovery and business continuity; migration involves selecting applications and services to implement in the cloud; optimization requires evaluating tradeoffs between performance, agility and efficiency, on the right combination of platforms; and, security requires protecting apps and data from breaches, denial-of-service (DoS) attacks and the remediation of malware threats.

2020 promises to provide plenty of opportunities for managed services to play a crucial role in companies’ growth trajectories through professional services, IoT and multicloud rollouts. If you are looking for a good company to join forces with, contact us today.

 

About the Author

Lori Hannan is the Product Manager for the MSx Managed SD-WAN Service for TPx Communications, a leading provider of UCaaS, Managed IT services and Managed Connectivity services, with approximately 30,000 customers and 53,000 customer locations across the U.S. Hannan has more than five years’ experience in SD-WAN technology and networks. She recently launched a second managed SD-WAN solution for TPx, which has been a great success. Previous to her network career, she worked with a variety of voice solutions and also launched a Voice over Internet Protocol (VoIP) cloud-based managed solution.

 

When it comes to the company network, cybercriminals are always looking for ways to infiltrate and uncover lucrative data that the can either sell on the Dark Web or use as reconnaissance fodder to plan follow-on attacks. And you don’t have to be a large business for threat actors to set their sights on you — small and medium-sized (SMBs) are just as targeted, if not more so, than their bigger rivals.

What’s also true is that company endpoints – the places where individual employees interface with both the internet and the internal company network – are among the weakest links when it comes to corporate security. So, while there are a lot of reasons to turn to a managed service provider (MSP) for your mission-critical IT and communications needs, endpoint protection should be at or near the top of the list.

Here are the basics that SMBs should know about managed endpoints and security. We’ve also put together a quick, two-minute video overview of what they are and why they need management:

1.What are endpoints, exactly? [0:11]

An endpoint is any device that is connected to your network that employees use to carry out their job functions. These include the web-facing servers that run the applications that power your business, as well as the desktop and mobile computers/devices that your employees use to do their jobs every day.

2.Why do endpoints matter? [0:32]

Think of unprotected endpoints as wide-open doors and windows to your business. If they’re not secured and managed properly, bad actors can easily get in, installing malware, monitoring employee communications or snooping around the files on a computer. They can also pivot, get onto the network, and reach other corporate resources beyond the endpoint itself. The result? Security breaches, frequent system crashes and performance issues, lost productivity, frustrated employees and possibly even competitive harm or legal trouble.

3.It sounds like I really need endpoint protection. Can I handle it myself? [0:54]

While many companies would love to handle things in-house, this is really only feasible if you have the right tools for the job and dedicated IT security staff who have the know-how to cover all the bases. Those bases include making sure every single application and operating system is patched and updated; running daily malware and antivirus scans; purchasing and maintaining the latest endpoint security software for intrusion detection and performance monitoring; ensuring employees are using only sanctioned cloud services; requiring strong passwords; and implementing employee education around things like phishing threats. Unfortunately, it’s often far too complex and expensive for small business owners to put all of these things into place on an in-house basis, especially the technology pieces.

4.Is there anyone who can help me? [1:32]

Yes! Fortunately, managed service providers (MSPs) can act as an extension of your staff, guaranteeing that all of the technical details – like patching and malware scans – are done and that all the tools in use are continuously up-to-date.

TPx, for example, has invested in the best endpoint management technologies, so you don’t have to. We manage troubleshooting and repair, and more, all at one cost-effective price. That way, you can focus on growing your business, with peace of mind that the doors and windows are locked.

If you’re looking for a reliable managed service that will keep your endpoints safe, consider TPx. Visit www.tpx.com/endpoints and contact your TPx representative to learn more.

 

About the Author

Joe Royer is the Product Manager for IT/Cloud services at TPx. He has 25 years of industry experience in sales, consulting, and product management for several leading MSPs.

With payment-card details and personal data remaining a lucrative cash cow for cybercriminals on the dark web, retailers are firmly on criminals’ radar these days. E-commerce and business-to-business (B2B) transactions are the norm for most shops, which opens up a big digital avenue straight into the heart of the business for capturing card information and personally identifiable information (PII) including names, addresses, shopping preferences, and loyalty program information. Exacerbating matters is the fact that retail tends to be a vertical that falls behind on the security front – something that cyber criminals are well aware of.

All of this means that if you’re in charge of a company in the retail space, you need to make cybersecurity a priority. In case it’s not already, here are eight stats to think about as you plan strategic decisions going forward.

1.Retailers are top targets for cyber criminals.

According to a recent Alert Logic cybersecurity report, retailers topped the list of cyberattack targets out of eight different types of organizations (4,000 organizations in total). Alert Logic’s analysis of the attacks in this vertical revealed aggressive scanning, including indicators of extensive directory-guessing techniques and a large array of automated code injection and vulnerability scanning. Application attacks, where hackers infiltrate a victim company’s mission-critical services in order to capture the information flowing to and from them, are by far the dominant attack type in this industry group, accounting for 85 percent of all attacks.

2. Retailers lack social-engineering awareness.

The retail industry ranks dead last in foiling social-engineering efforts, where cyber criminals pose as a legitimate correspondent in an email to get an employee to click on a malicious link or open a weaponized attachment. According to the 2018 SecurityScorecard Retail Cybersecurity Report, since the retail industry employs younger, less experienced people at a higher rate than other industries, these employees may be less aware of these attack vectors.

3. Most retailers miss the mark on PCI compliance.

Also, according to SecurityScorecard, more than 90 percent of retailers are out of compliance with the Payment Card Industry Data Security Standard (PCI DSS). PCI DSS is a standard for those that handle credit and debit card transactions. It’s mandated by law, requiring steps such as maintaining a firewall around customer data, practicing good hygiene when it comes to account passwords, and so on. Penalties for non-compliance are as high as $100,000 every month or $500,000 per security incident.

4. Retailers fall behind on encryption for data in the cloud.

According to the retail edition of the “2018 Thales Data Threat Report,” despite being among the primary adopters of cloud storage for company and customer information, retailers tend to put encryption for the data they keep in the cloud on the back burner. Only 26 percent of U.S. retailers are implementing encryption in the cloud today.

5. Data breaches are accelerating.

The Thales report also revealed that half of U.S. retailers experienced a data breach in the past year, up from 19 percent the year before. Further, a full 75 percent of retailers have experienced at least one data breach in the past.

6. Retailers see data theft as the biggest challenge this year.

According to the SecurityScorecard report, eight in 10 retailers think that their biggest IT challenge for 2019 is combatting data theft. And no wonder: a majority (79 percent) of those hit with an incident in 2018 said they lost customers, while 62 percent admitted to incurring legal costs.

7. Breaches impact customer loyalty.

According to a study by KPMG, a fifth (19 percent) of consumers would take their retail business elsewhere after a breach, and 33 percent would take a break from shopping at a store for an extended period. Examples of 16 retailers that have been affected by data breaches since January 2017 can be found here.

8. Security spending is on the rise.

The good news is that many retailers seem to be waking up to the cyber-dangers out there and the implications of a break or attack. According to the Thales study, 84 percent of U.S. retailers plan to increase their security spending in the next year.

The bottom line is that cybersecurity trends are growing worse for retailers in terms of the volume and success rate of attacks. This, combined with a lack of awareness and poor security posture within the vertical, makes retail an attractive target for information thieves. All too often, retail locations don’t have in-house expertise, which can be an obstacle for security preparedness.

The good news is that a growing number of retailers are increasing their use of managed security services  to fill the gaps in personnel and budgetary resources. For example, TPx has a full range of state-of-the-art protections and mitigation services, all offered on a cost-effective, managed basis. Call your TPx representative today to find out how we can help your retail business navigate the always-evolving threat landscape.

 

About the Author

Erik Nordquist is the Senior Product Manager for TPx Communications’ managed security services. He’s led a broad range of critical activities, including Field Operations and the Hostmaster team where he built TPx’s anycast DNS network to service its 55,000 customer locations. His work on the Network Integrity team made him the resident expert for mitigating Denial of Service (DoS) attacks. After interfacing with customers for years, Erik is bringing his customer-focused approach to his Product Manager role, helping to deliver first-in-class security services to TPx clients with unsurpassed customer support.

 

 

Whatever changes are in store for the future, one constant that we all will continue to face is the need to protect our data and infrastructure from increasingly complex digital threats. TPx is on the forefront of managed security services, offering a range of turnkey options to protect your critical data and IT systems without the cost and hassle of doing it all in-house. We’ve been able to establish these world-class – and industry-leading – solutions thanks to a team of professionals that runs our state-of-the-art security operations centers (SOC) in St. Louis, Missouri and Portland, Maine. A close-knit group of security analysts and engineers comes together there to deliver high-value, and highly effective, security services for our customers.

Inside Our SOC

TPx Security Operations Center

In a cyber landscape increasingly colored by spyware, ransomware, data breaches, denial-of-service attacks and many others, our SOC delivers TPx customers peace of mind. Most of the team’s time and effort is focused on enabling and managing the security features that are built in to each customer’s firewall.

The TPx SOC was built from scratch to respond to today’s critical need for security services. Developed by former security experts from the United States Department of Defense, it employs both digital and physical protections to its operations, including multistep access protection that includes:

This enhanced physical data protection is driven by requirements like HIPAA, PCI and CPNI standards. It was all designed into the SOC so our clients can rest assured they have all the layers of protection they need, and that they can meet stringent government and industry standards for maintaining sensitive data in key industries.

Meet Some of Our Team Members

Technology is nothing without people.  With this in mind, we’d like to introduce you to some of the members of our growing managed security services organization. It’s thanks to them that our customers can focus on their own businesses by day and rest easy at night.

Steve previously worked as a system engineer for St. Charles County, where he was in charge of network security. He also taught IT and mathematics classes for more than two decades, and has spent his time collecting a slew of certifications along the way. Steve taught IT courses at ITT Technical Institute for 12-and-a-half years, and he taught mathematics at other colleges for more than a decade prior to that. Steve brings no shortage of certifications to the TPx table, including: CCNA, CNA and MCP in 2003 Server; the A+, Security + Certified Authorization Professional (CAP) certifications from ISC2; and many more. When he’s not honing his technical expertise, Steve likes to sing karaoke, play guitar, and fly radio-controlled jets, airplanes and helicopters.
Bob has been on the front lines of fighting Internet abuse for the past 10 years. As a Certified Ethical Hacker, he knows the threats, how you can be attacked, what can go wrong in a response, and what to do to proactively protect your network. When not fighting cybercrime and sifting through forensic data, Bob enjoys playing Afro-Cuban percussion and building electric ukuleles.
Bryan is a network security engineer bringing almost 20 years of experience from his time in the U.S. Army – and in various roles afterwards – in the areas of systems, network, and security administration and engineering. He holds a BSc in Information Systems Security and has numerous security certifications. When he isn’t busy working to keep networks safe, you’ll find Bryan relaxing with coffee and a book, in the kitchen trying out a new recipe, or cheering (probably a little too loudly) for one of the Boston-area pro sports teams.
Charles is a security analyst at TPx, where he monitors networks for security breaches and investigates violations when they occur. He also configures firewalls, sets up virtual private networks (VPNs) and adds upgrades. Charles holds a bachelor’s degree in Information systems and cybersecurity. In his spare time, he enjoys basketball and cooking.
Jesse was originally an IT intern with TPx. He has since forged a path into the MSx Security team where he excels as the team supervisor, working on the best ways to maintain and secure networks. Working with the MSx Security director and product manager, he ensures that customers receive the white glove treatment they deserve.

These are just some of the talented folks behind it all, allowing TPx to offer our 24/7/365 protection and mitigation against viruses, ransomware, DDoS attacks and an increasingly sophisticated array of threats to businesses – all with the highest standard of excellence.

TPx has a full range of state-of-the-art protections and mitigation services, all offered on a cost-effective, managed basis. Managed security is always up to date, which means that the latest threats and security incidents can be quickly identified and receive an immediate response. Call your TPx representative today to find out how we help you navigate the always-evolving threat landscape.

 

About the Author

Adam Weber leads the development of TPx’s security product offerings. He has more than 15 years of experience in security and cybersecurity, both in the public and private sectors. He is a 12-year U.S. Army veteran in communications and was deployed to two combat zones. He has also worked with U.S. government agencies like U.S. Transcom (U.S. Military Transportation Command), DISA (Defense Information Systems Agency), and NGA (National Geospatial Agency). In his spare time, he is a computer and technology hobbyist who enjoys building his own networks, servers, labs, and security infrastructure. Adam holds an MBA from McKendree University and CISSP, CASP, CEH, and Security+ certifications.