Cryptominers: The New Top Threat to Your Endpoints

Ransomware has been dominating headlines recently. In 2017, ransomware broke into the popular conscious, thanks to high-profile attacks like WannaCry and NotPetya. However, ransomware is no longer the top cybersecurity threat. According to the Comodo Cybersecurity Threat Research Labs’ Q1 Global Malware Report, ransomware has been replaced as the top cyber threat by cryptomining software, with 10 percent of malware incidents in the first three months of 2018 related to cryptomining.

There’s no “one size fits all” solution to deal with cryptominers. However, with data-level visibility into all file activity on your endpoint devices, you can locate and remediate cryptominer infections.

A paralyzing threat that’s hard to see

Cryptominers hijack resources from the owner of a device for the attacker’s profit. On a single machine, cryptominers may cause a performance drain, but it can be subtle enough to go unnoticed by a user. However, cryptominers don’t typically infect just one machine; attackers more commonly deploy botnets of infected systems working in tandem to make their money off of your equipment–and potentially your customers. One system vulnerability is invariably linked to many others, which means your whole network could potentially be exposed to further exploits and other cybercriminals.

In addition to exposing your customers to risk, a widespread cryptominer infection can cause an enterprise-wide resource drain that can also have real effects on productivity. Cryptomining also comes with huge energy costs. A big spike in your electricity bill is one of the surest signs of illicit cryptomining in your enterprise. 

Locating cryptominers can be tricky. Some variants are scripts embedded in websites that can be addressed with ad-blocking software. Others (which tend to target large enterprises) aren’t as easy to deal with. More sophisticated miners are often hidden within image files on compromised web servers. When users visit a compromised site or click an email link, the cryptomining tools attempt to plant the malicious image files on their machines.

Rooting out cryptomining software

If you have a data visibility tool that can search across your organization’s endpoints for specific files and file metadata, you can locate malware in your organization. In the case of cryptominers, using a forensic file search tool to search for javascripts associated with known cryptomining tools can tell you where those scripts exist. Once located, the infected endpoints can simply be deleted. In the case of more serious infections, the machine can be reverted back to a point before infection with your endpoint backup solution. 

Cryptomining software is one of the more challenging malware categories to deal with because there are so many varieties in existence. And, because the impact on an individual machine may be minimal, it is tempting to just ignore the problem. But, according to Malware Bytes, “unmanaged cryptocurrency miners could seriously disrupt business or infrastructure-critical processes by overloading systems to the point where they become unresponsive and shut down.” With comprehensive visibility into the data and metadata in your organization, you can more quickly identify and respond to cryptominers when you first suspect infection.

Accelerating Incident Response with Forensic File Search

A streamlined incident response process depends on collaboration between security and IT teams. However, in many organizations, these teams often work in silos, with separate technologies, priorities and resources. With Code42 Forensic File Search, security and IT teams can come together with a unified incident response process.

By submitting this form, you agree to Code42’s Privacy Policy.

The Data Security Sandwich: A Recipe for Innovation

Big Data is one of the most overused buzzwords of the decade. The reality is that you know there’s huge potential value in your data. You’re collecting more than you know what to do with. The real challenge is finding or developing tools to extract that value and achieve that potential.

The ultimate data security sandwich

One of our new customers recently asked me why we combined our Code42 Backup + Restore and Code42 Forensic File Search solutions into a single agent. To me, it’s like explaining the appeal of the sandwich: You’ve got great bread. You’ve got great meat. You’ve got great cheese. Sure, you could enjoy them separately; but putting them together creates something far better.

Think about the data sitting on your users’ endpoints. Code42 Backup + Restore takes all that data and—through the magic of comprehensive backup and speedy restore—gives you the ability to support data protection, ensure business continuity and drive business resiliency. Code42 Forensic File Search takes that same data and gives you complete visibility. You can understand what your data looks like—how it’s created, where it lives and how it moves. You can understand its value—and track the movement of that value. You can further support data protection and compliance, while speeding and simplifying recovery and remediation.

Sure, you can use one product without the other—but then you’re not making the most of your users’ data.

A recipe for innovation

There’s probably no food item that has seen more variation and innovation than the sandwich. Likewise, (as always) our customers are much smarter than we are, and they’re already finding smart new ways to innovate by combining our two products:

  • Improving backup and simplifying data classification: Organizations keep looking for ways to understand the value of the ideas and files in their organization, get visibility into where they are stored, and find ways to classify data types and usage. With Code42 Forensic File Search, this classification becomes a lot easier. Today, we’re seeing organizations that have expanded their usage of Code42 with Code42 Forensic File Search ask questions about what files are not in their backups, and they are then using our scripts via APIs to add them. In addition, the query capabilities of Code42 Forensic File Search make it much easier to classify the value of data based on the type of intellectual property they are creating. Clearer visibility makes life easier.
  • Implementing data privacy and achieving GDPR compliance: By the time this blog goes live, GDPR will officially be in effect—can you believe it? A realistic view of data is the core of being able to respond and comply with GDPR. Organizations are already looking to use Code42 Forensic File Search to meet the GDPR’s “right to be forgotten” mandate—ensuring they can find files on their network and eliminate them—as well as ensuring compliance with the “business need” to collect information. In a world where we continue to see file decentralization, having a single lens to find files across an organization and systematically eliminate them is the only way to ensure an organization has successfully eliminated private information of customers.
  • Stronger security: Code42 Forensic File Search is being used for everything—and I mean everything—under the sun. The other day I learned that one of our customers was getting the MD5 hashes of new malware on a scheduled basis, and then looking across their organization for these new hashes as they were added to AV feeds, so they could ensure no existing instances existed. Quite creative! But here’s an even better example of how these two tools are better together: Code42 customers have already instrumented the Code42 Forensic File Search capabilities back into their Backup + Restore solution—and tied them to the Restore APIs as well. These organizations have taken the alerts fired from detection capabilities, pulled those back into SIEM systems, and created secure incidents in IT Service Management (ITSM) systems. They’ve added Code42 to the workflow to identify infected machines using Code42 Forensic File Search, and then used Code42 restore capabilities to pull the suspect file into a sandbox environment for a security researcher to examine. Now that’s synergistic value.

Aligning the needs of your business and your users

One last story on how companies are viewing the combined value of these two solutions: Last week, while talking with a very progressive CISO, he stopped me and said, “Rob, if I’m going to monitor my users more, I’d like to give them value back.” He explained that while Code42 Forensic File Search was his primary use case, his IT team decided to purchase the Code42 Backup + Restore capabilities too because “we wanted to give the users something back” for the visibility they gave to IT. It was a great sentiment, and his users responded with excitement. His users get the peace of mind of working continuously, without fear of losing their work or their data—and he and his team get the visibility they need to secure their business.

Are you making the most of your users’ data?

If you’re like me, all this sandwich talk means an early lunch. But before you go, ask yourself a simple question: Are you making the most of your users’ endpoint data? Or are you leaving some of that potential value unrealized?

Accelerating Incident Response with Forensic File Search

A streamlined incident response process depends on collaboration between security and IT teams. However, in many organizations, these teams often work in silos, with separate technologies, priorities and resources. With Code42 Forensic File Search, security and IT teams can come together with a unified incident response process.

By submitting this form, you agree to Code42’s Privacy Policy.

Cyber Threat Prevention at the Cost of Data Visibility Falls Short

As an industry, we’ve built some amazing technologies that provide defense in depth across our perimeters, networks and endpoints. We’ve created some pretty amazing tools that are able to analyze, correlate and process massive amounts of data that could indicate malicious activity. But it occurred to me that even with the most robust defenses in the world, our hyper focus on prevention and threat detection have caused us to lose sight of what it is we are defending. Our data–our intellectual property–is what drives our companies forward and provides valuable products or services to our customers.

Those of us that have been in the security space for any length of time have seen the threat landscape change rapidly. Security practitioners and the vendors that build tools to support them also have evolved dramatically. Security teams are building impressive layered defenses, as evidenced by the dramatic growth in the number security solution providers. I recently returned from the RSA Conference and, even though I’ve been going for over a decade, I’m still amazed every year by the number of new vendors that continue to pop up. There are now more than 1,600 security companies in the market, according to Zulfikar Ramzan, CTO of RSA Security. Ramzan also stated that one of RSA’s customers is using 84 different security vendors–yes, 84! He goes on to say that number really isn’t uncommon.

Don’t focus on threats at the expense of what’s being threatened: your data

All of these solutions do a pretty good job of understanding the particular threats they are focused on. They effectively work to detect, deny or disrupt those threats across your perimeter, inside your network or on your endpoints. But ironically enough, the tools themselves don’t have the needed visibility into what they are protecting.

And what they are protecting is the whole point: it’s the data–your company’s intellectual property, the very ideas that make your company valuable. Deloitte found that 80 percent of a company’s value is in its intellectual assets.

When it comes to protecting your data, knowledge is power

We need to do more than just stop as many threats as we can. We need to understand our data and recognize that it is the lifeblood of our companies. It is critical to know where our data is, who has it, where it is moving to and from and exactly what information is moving. No matter how complex our security posture is (and possibly because of that complexity) threats will always get through. So, we need to include data-level visibility in our security planning and tool portfolio. Data-level visibility gives us proper insight into exactly what is happening with our data, so we can be smarter about protecting it. This visibility will be a powerful complement to the rest of our security toolsets, helping to more easily detect, investigate and rapidly recover from malicious incidents.

Knowledge is power. Knowing exactly where the most important information lives and moves is a critical step in fully protecting the most valuable assets we have: our ideas.

Forrester’s Mitigating Insider Threats: The Security Playbook

By submitting this form, you agree to Code42’s Privacy Policy.

Lesson From the Road: The Security and IT Partnership

Lesson From the Road: The Security and IT Partnership

The last two weeks have been filled with travel for me, and I’ve had many opportunities to talk with security practitioners about the realities they face on a daily basis.

At our Evolution customer conference and the RSA Conference in California, as well as at the CIO Perspectives event in New York City, I heard validation of something I’ve believed for a long time: Security continues to be democratized and is a shared responsibility of everyone. Now more than ever, having security and IT teams work together as partners is essential to ensure security alongside user freedom.

For example, I had the pleasure of being part of a panel discussing security challenges facing CIOs in today’s modern age at the CIO Perspectives event. There, I heard some common themes as I spoke with countless CIOs and CISOs:

  • No one has enough budget to fulfill the needs: We heard how CIOs and CISOs are looking at “two-fer” hires who bring an IT capability along with the ability to solve security controls, essentially functioning as members of both the security and IT teams.
  • No one has enough staff: IT and Security experts are in high demand and the skill gap is challenging. Often, CISOs are turning to IT experts to help implement policy and governance and validate compliance.
  • No one feels safe enough: In today’s world, IT experts know their users are under attack. Security experts know that “soft spots” exist in every organization and abating them presents a challenge.

Security and IT are separate disciplines, and yet CISOs are looking at ways to share resources between the two and, in some cases, find hires that can fulfill the responsibilities of both. Budget pressures aside, there’s perhaps an unconscious reason why technology leaders are exploring the overlap between security and IT: When these two teams work together, both security and IT are improved.

In many cases, security and IT teams don’t see eye-to-eye, which forces conflict over prioritizing investigations versus getting users back up and running when data security incidents strike. When security and IT are separate functions, they typically operate in silos, using different data sets to triage incidents. This results in duplication of work and wasted time validating each other’s findings. And, obviously, both teams are stretched thin and have difficulty accessing each other’s tools and data sets, leading to unneeded delays in investigation, response and recovery.

When using a common set of tools for incident response, critical information is gathered more quickly and accurately. At our Evolution customer conference, we announced new features and products to arm security and IT with the capabilities they need to accelerate incident response:

  • The new Code42 Cloud: fully cloud-native deployment of our capabilities, allowing customers to retain their encryption keys while having zero software on-premises.
  • The new Code42 Forensic File Search product: complete visibility into your data wherever it is in the world, at any time, with real-time results–even when endpoints are offline.

Code42 Forensic File Search is designed to quickly equip security and IT teams to answer the most probing security questions, reducing investigation times for cybersecurity incidents. It is our sincere hope that Code42 Forensic File Search can help move security and IT teams towards the partnership model that’s increasingly essential for today’s enterprise. With security now the responsibility of everyone in an organization, it is more critical than ever that the key players in incident response, security and IT, have the right tools to quickly, reliably and accurately gather information about data security incidents.

Webinar: How to Accelerate Incident Response

If you had to pick one word to describe the information security landscape today, what would it be? For me it would be “speed.”

Everything is moving faster – the frequency of data breaches, ransomware mutation rates and the GDPR-driven reporting time limit for data incidents. Prevention is largely a race to try to stay one step ahead of the next threat.

But what about recovery? Incident response times are lengthening. The longer detection and remediation take, the higher the cost to the business and the larger the risk of a cyberattack expanding across the organization.

Join us for our on-demand webinar on how to accelerate incident response times. We’ve got some fresh ideas and unconventional solutions that we hope will help you improve your investigation processes and think “out of the box.”

In this webinar, we will discuss how companies can significantly improve their detection and response times by adopting a product like Code42 Forensic File Search.

This informative webinar will specifically cover how to utilize Code42 Forensic File Search to:

  • Quickly enable the multiple steps, teams and processes involved in investigating and responding to cyber threats;
  • Effectively and efficiently recover from data loss incidents, reducing response times from days and weeks to mere seconds; and
  • Continuously and silently report on file events and metadata across all endpoints for near real-time detection of threats – even when the endpoints are offline.

 

Every Idea Matters: Secure Them with Code42

At the most basic level, every business sprang from an idea. Every advancement, every cure, every game changer–they all started as a concept in someone’s mind. No matter the industry, ideas are the fuel that helps every one of our customers grow.

Every idea matters. It’s a simple concept, but one that guides us at Code42 as we secure our customers’ data–their ideas–wherever they live or move.

Case in point: This week we announced the Code42 Forensic File Search product, which helps security, IT and compliance teams dramatically reduce the time it takes to investigate, respond to and recover from data security incidents that threaten their valuable IP. Because it collects file metadata and events across all endpoints in an organization and makes them searchable via the cloud, you can cut incident response investigations from weeks and months to mere seconds.

Expanding security capabilities

While this new product is exciting in itself, it also marks an important expansion of our security capabilities for global enterprises. With Code42 Backup + Restore, you have access to complete file contents on any endpoint. Code42’s File Exfiltration Detection gives you visibility into departing employees moving files to external drives or cloud services. Code42 Forensic File Search provides you metadata from file activity. Together, these features offer you the greatest visibility yet into what’s happening to the valuable ideas on your organization’s endpoints.

Later this year, we’ll extend the same visibility to the data that lives on corporate cloud applications, including Microsoft OneDrive, Google Drive, Box and Slack. While the endpoint will continue to be relevant, and a key source of data exfiltration and infiltration, we know that in the next five years that much of the data on endpoints will move to the cloud. We intend to be at the forefront of this transition.

Every feature of the Code42 platform was designed with the same end goal in mind: to protect the valuable ideas fueling our customers’ growth. Our customers are changing the world with their ideas. It’s our job to keep those ideas safe. Because every idea matters.

Meet Evolution Guest Keynote Theresa Payton (part 2)

We are excited to welcome Theresa Payton, one of the nation’s leading experts in cybersecurity and first female White House CIO, as our guest keynote at Evolution18. Don’t miss the chance to meet her in person at our annual conference, April 9-11, in San Francisco. It’s not too late to register and attend!

Before she takes center stage, we asked Theresa to share her thoughts on the state of the security space and how it has evolved since her time as White House CIO. In part two of our interview, Theresa talks about the investigation process, the risks of the move to the cloud and securing the digital transformation.

Code42: Why do cybersecurity investigations take so long? What steps can security teams take today to shorten them?

Theresa Payton: In Hollywood movies, a geek sits at a computer in the dark, and starts typing away at a keyboard. The geek looks at lists of files and computer code and then, “aha,” finds the evidence that’s needed. If only it worked that way. There are no magic programs that allow investigators to do their work. It’s a literal “whodunit” when there is an incident. Cybersecurity investigations are complex. Often you do not have a witness to talk to that saw the cybercriminal deposit the malware or break into the company.  Cybercriminals may delete their tracks, making it hard to pinpoint what they actually stole and how.

One of the best things you can do is to have a plan in advance. Practice digital disasters and practice doing forensics. Set ground rules. Identify the tools you need to purchase and the training your team will need. Interview vendors and choose a vendor that you can work with if the forensics is too overwhelming to handle in house or if you want a second opinion.

C42: What are the risks facing companies as they embrace the move to the cloud?

TP: Think about the data that you and your customers are going to generate. Using cloud platforms can sometimes be a better option than managing your own servers.

You do need someone on your team worrying about the security configurations of your cloud instance. The cloud service providers do not do this for you. There remains no set-it-and-forget-it option when it comes to security.

C42: IT teams are tasked with moving the business forward by helping employees be more effective and embracing the mobile workforce. What advice do you have for security leaders embracing this digital transformation?

TP: No company is perfect. It’s not a technology issue. It’s a creativity issue and an issue of business risks. We have to really try to understand what risks we are willing to take, and which ones are non-negotiable business risks.

What you see in safer companies are the executives taking this very seriously. You often see a governance board, which could be different executives from around the company—so you may see C-suite members from marketing, customer service, legal, finance and risk.

Often, finance is assuming the role of getting that group together because finance is also thinking about the business strategy, business enablement and reducing business risk. Spending that time to talk upfront at the executive level about security as it relates to the organization’s most critical assets is vital to making sure that the issue actually permeates through the rest of the company.

A key item to remember about security is that in spite of following regulatory compliance checklists and compliance frameworks, bad things still happen. Following checklists didn’t stop WannaCry or Petya from spreading, HBO from getting hacked, or help Twitter, Netflix and Amazon during the scary hours of Friday, October 21, 2016, when we realized the Internet was slowing down and, in many cases, not available at all.

What was the cause of the slowdown of the Internet last year? Weaponized baby cams and other Internet of Things devices. It was on that fateful day that the Marai Botnet attack hit Dyn. Dyn, a cloud-based Internet performance management company was the target of a disruptive Distributed Denial of Service (DDoS) attack. The attack directed networked devices to route traffic at the Dyn’s Domain Name Servers (DNS). As a result, Dyn could not respond to the flood of DNS requests and consumers could not reach web sites. It was the biggest, baddest DDoS attack ever… at least until the next time.

C42: Has Hollywood and the media done a good job of portraying cybersecurity and the threats we face? Any examples that have proven to be accurate/predictive?

TP: Our reality TV show, Hunted, did a good job portraying the challenges investigators face when chasing fugitives and the challenges the public faces based on how they live their digital lives. I believe Endemol Shine and CBS did a good job portraying how your digital tracks can betray you. The one thing you did not see were the hours and hours of our team digging and coming up with nothing. You just see the exciting parts. If you have not watched it, my mom says it’s her favorite show and you should trust my mom.

More about Theresa: A pioneering technology leader
Theresa Payton is one of the nation’s leading experts in cybersecurity and IT strategy. She is currently CEO of Fortalice Solutions, an industry-leading security consulting company; and co-founder of Dark Cubed, a cybersecurity product company.

Theresa began her career in financial services, and after executive roles at Bank of America and Wachovia, she served as the first female chief information officer at the White House, overseeing IT operations for President George W. Bush and his staff.

Code42 for data visibility

Better Data Visibility Unlocks Mobility and Collaboration

There’s a very good chance you’ve used a file-sharing product like OneDrive, Google Drive or Box today. There’s an even better chance that, at some point, you’ve shared the wrong file—or shared a file with the wrong people (mistakenly or unknowingly). It’s startlingly easy to do, and that’s a complete nightmare for enterprise data security. In fact, research shows that one in five files uploaded contain sensitive data, and 3 percent of uploads end up with “public” permissions. That means literally anyone with a Google search bar can find and view them.

Just like with GDPR compliance and data security in general, when it comes to securing collaboration and mobility, it’s about getting a better set of tools–tools that enable cloud collaboration and drive digital transformation while mitigating the inherent risks.

The problem: the world has changed in three big ways

The collaboration challenge is both driven and magnified by three critical changes in the enterprise world:

  1. The idea economy. Revenue and growth used to come from doing more transactions. Now we grow through innovation. As tech legend Meg Whitman put it, “In an Idea Economy, success is defined by the ability to turn ideas into value faster than your competition.”
  2. Mobility. Ideas are highly mobile, and this is accentuated by the mobility of today’s knowledge workers. Ideas are born on endpoint devices—and they’re increasingly staying there, instead of moving to central shared drives.
  3. Employee churn. The revolving door is spinning faster and faster. According to a recent Jobvite survey, 18 percent of the total workforce now switches jobs every one or two years. This number jumps all the way to 42 percent for millennials. When employees leave, they take their data (and many of their ideas) with them; 59 percent of employees take data when they leave a company, and 42 percent believe it’s their right to do so.

All of this adds up to a simple problem: Organizations don’t know where their data lives anymore. But there are tools being developed today that can help you move from the traditional approach of securing the environment to securing the data itself.

Step 1: Know WHAT your data is

I recently spoke at a 2018 CSO50 conference, and I asked a simple question to the crowd: Do you treat your data differently based on who created it, what it is and its value? My informal survey showed nearly all of the audience said, “No.” Most companies are treating valuable IP and sensitive data, like social security numbers, financial spreadsheets and documents containing architectural intellectual property in the same way they treat users’ music files and family photos.

We need to get better at classifying data if we’re going to simplify the giant (and growing) challenge of protecting data. At Code42, we’re working on tools that make it easy and cost-effective to understand what your data is. These tools combine comprehensive data visibility with smart ways of recognizing which files and data are most sensitive and valuable to your organization—so you can focus your efforts in the right place.

Step 2: SEE movement to the cloud

Today, plenty of organizations have tools in place that allow them to see when data moves from a laptop to a cloud storage location or file-sharing app. But the reality is this movement is happening constantly—and 99 percent of it is legitimate productivity. The challenge is recognizing that one percent that isn’t. We’ll have more news about these tools at Evolution18, our annual customer conference. Sign up today to be one of the first to learn about our new solutions and future innovations.

Digital Transformation Requires a New Kind of Castle

Digital Transformation Requires a New Kind of Castle

Why don’t we build castles anymore? The answer, of course, is that we do—they just look a lot different. In fact, thinking about how and why castles have evolved can tell us a lot about how we can improve our approach to securing the enterprise “kingdom.”

The first medieval castles were a lot like first-generation enterprise networks: giant walls surrounding centralized assets. Nearly all the value of the kingdom could be held within the walls (data, productivity, etc.). A single drawbridge (the firewall) was connected to the outside world. Turrets gave better visibility to threats coming from the outside. It was a simpler time: With most value contained within the walls and little need to connect outside, it was much easier to build up a hardy perimeter. But these castles were also big targets, with a huge attack surface and lot of value to be taken. Moreover, there was little in the way of internal security. If attackers breached the perimeter, they had their run of the kingdom.

Gunpowder changed everything

Then someone came along and invented gunpowder. Firepower is a lot like malware, ransomware and social engineering tactics. Suddenly you can shoot over castle walls or even through walls. The response in medieval times was to build more walls—to create castles within castles. We did the same in the digital enterprise world, adding VLANs, secondary firewalls, app-specific encryption and other “walls” around specific internal assets.

That’s where most organizations are today – still structured around the idea of the secure perimeter. We secure the thing that holds the value—the network, the server, the app, the endpoint device—but not the value itself (the data). We hone our sights on external threats, missing the threats that are already inside the castle walls.

The digital castles of tomorrow

It’s increasingly clear that a perimeter-based approach doesn’t suit the modern kingdom. You’re never going to completely stop all breaches, and tougher walls will end up locking your own people out and stifling value creation. So, what does a forward-thinking data security strategy look like? Here are four key features we’ll see in the digital enterprise “castles” of tomorrow:

  • There will be perimeter—but it will be porous. There will always be boundaries, but we’ll only rely on the perimeter to stop the most obvious and basic attacks—and we’ll ensure it doesn’t thwart our users’ productivity.
  • Smaller targets—less attack surface. Data security strategies will start at the most granular level which is at the user’s endpoint device. By making the targets small and many, it makes it more expensive (and less fruitful) to attack them.
  • Turrets that look inward. As threats increasingly come from within, we’ll turn our lookout towers around. We’ll use data visibility tools to see where our data lives and when it moves, and get better at recognizing when something doesn’t look right.
  • Securing the value itself. Instead of securing the thing that holds the value, we’ll secure the value (the data) itself. That means finding ways to ensure that attackers can’t actually remove data, and/or that the enterprise never truly loses that data (and all its value).

To close out our medieval castle analogy, the next-generation digital “kingdom” won’t have giant walls to protect our gold. We’ll use data visibility tools to know the second a gold coin moves somewhere it shouldn’t, and we’ll use data recovery tools to ensure we can always yank that gold coin back, no matter where someone tries to take it.

Forrester’s Mitigating Insider Threats: The Security Playbook

By submitting this form, you agree to Code42’s Privacy Policy.

Be Alert for Cybercrime During the Big Game

Super Bowl LII will be held this weekend in Minneapolis, and far more than the game itself has come to town. Additional activities include concerts, zip lines, fashion shows, ice mazes, fat bike races and much, much more. Unfortunately, all this entertainment and excitement brings a shadowy downside: an incredible risk of cybercrime. All around the Twin Cities region, thousands of fans will be using personal and company-owned laptops on public Wi-Fi at local hotels and coffee shops to make online purchases, respond to event promotions, take care of transactions with business partners, reply to company emails and more. With so much online activity, events like the Super Bowl create a prime opportunity for hackers.

To remind Super Bowl visitors to be aware of data security during Super Bowl week, we’re lighting up the top floors of our headquarters office building in orange and offering these cybercrime security tips. When you see the orange glow at 100 Washington Square, think about your own cybersecurity habits.

Studies have shown that online data privacy is very important to 87 percent of Americans, but few actually take steps to protect themselves. This should be of concern to every employer, because poor data security habits don’t just put the individual’s data at risk–corporate data is also in danger. In today’s BYOD work environment, laptops are a mix of personal and corporate data. Unfortunately, endpoints like laptops are also a favorite target of cybercriminals. In the U.S., as much as 60 percent of corporate data is on employee endpoints. Minneapolis has 117 free public Wi-Fi hotspots, and U.S. Bank Stadium alone has 1,300 Wi-Fi access points. All it takes is one employee on one of these hotspots to make a mistake and become exposed to ransomware, malware or another data loss incident.

The good news is that following a few simple data security best practices can drastically reduce your odds of getting hit by data loss during the big game:

For fans

  • Use a secure internet connection and avoid public Wi-Fi. If you are using a company device, use the VPN provided by your organization.
  • Ensure your email and other important transactions occur with SSL. Look for “https” in the browser.
  • Use password best practices. Make sure to use unique passwords for personal and professional accounts.
  • Use a “dedicated” or prepaid credit card for making online purchases.
  • Stay alert for phishing emails. If an offer seems too good to be true, it probably is. Don’t click on links embedded in an email even from someone you conduct business with. Instead, open a fresh browser page and go to their site using your own browser history or app.
  • Look closely at email addresses to ensure they are properly formatted and from the correct domain. Look for typos or a 0 (zero) being used instead of the letter “O.”
  • Back up your devices regularly with an endpoint recovery solution. This is an essential form of protection in the event of a ransomware attack.

For companies

  • Educate your employees about security best practices. People are often the weakest link in security manifestations, so diligence is essential to staying safe.
  • It takes a mere second for an employee to click on a link in response to an inquiry that looks innocent or open an attachment that gives a cybercriminal access to your company’s network and data.
  • Lack of education is often the reason that employees breach certain conditions, such as downloading non-approved programs.
  • Data has moved outside the data center. To protect information, companies must have visibility to where it is, who moved it and how it is being used.
  • Back up all corporate devices regularly with an endpoint recovery solution.
Facebook Twitter Google LinkedIn YouTube