Cybercrime and Real World Terrorism: Strange Bedfellows?

Cybercrime and Real World Terrorism: Strange Bedfellows?

Written by Scott Hall on . Posted in Computer Security

We know the impact of cyber-crime as it relates to every day users. Credit card theft, sensitive personal data stolen, and much more have been attributed to so-called ‘cyber terrorists’. Is it then possible that more ‘conventional’ terrorists would be interested to use similar tactics? This may sound extreme, especially due to the limited and reversibility nature of the impact of certain cybercrime tactics and the precautions that forewarned businesses and organizations can take. However, it is difficult to brush off the threat in an external inspection of both the dynamics and methodology of these types of attacks, and the tools used to perpetrate them.
Conventional terrorists–regardless of ideology have engaged in the digital space for any number of reasons, most having been born of necessity. For things like covert communication, recruitment, propaganda, transferring illicit funds undetected, and, most importantly, sharing amongst a geographically dispersed command structure. Information disseminated in the cyber space also includes target assessments for real-world terrorist acts, and tactical assignments.

However, this could change with increasing technical competency and capability for network-based attacks and growing number of bad actors in the online community. Opportunity for online interaction and training has compensated terrorists the loss of physical space for such activities on the ground. Current social networking tools such as Facebook, Twitter, and Instagram, among others, provide platforms not only to share information and expertise but also practice it in virtual space. It’s simply a foregone conclusion that funding terrorist acts, either directly or via support and logistical infrastructure, through cybercrime and ransomware is ongoing.
Ransomware tools like WannaCry and others have the potential to reduce the opportunity cost for conventional terrorist attacks as well. Al Qaeda and the Islamic State of Iraq and Syria (ISIS) have demonstrated much interest along with some capability to develop and use chemical, biological, radiological, or nuclear weapons (CBRN), and while there has been no successful mass casualty terrorist attacks involving them, there is the concern that these groups might lose control over the consequences of such an attack, in such that they could affect the members of the communities they are purportedly fighting for. However, use of weapons of “mass disruption” like ransomware as against weapons of “mass destruction” will enable terrorists to cause large-scale damage (loss of data and equipment), chaos (in hospitals and other public utilities) and fear, while simultaneously filling their coffers. Imagine the impact if terrorist groups like Al Qaeda or ISIS were involved in WannaCry attack. For terrorists, it’s a win-win tactic as they can achieve almost similar attention and without firing a shot or exploding a bomb, all without garnering the attention of conventional law enforcement and military tactics used in stopping them.

If you are concerned about your organization’s susceptibility to cyberattack, contact us today.

Staff Augmentation: A New Take on Outsourcing

Written by Scott Hall on . Posted in IT News

When thinking of a managed IT service provider, the small to medium business comes right to mind. MSPs offer an amazing value to SMBs, providing robust IT support for a significantly reduced cost compared to having their own IT staff. As your business grows, operations typically demand permanent in-house IT staff for support and maintenance. Even with new in-house IT staff, is it time to divest from an MSP?

 

Absolutely not.

 

Growing an enterprise is the epitome of success, but with transition comes change, and change can always be uncertain. New IT directors and management find themselves spending hours documenting, learning about infrastructure and equipment, and more on-boarding task, leaving the day to day IT support to newer, less experienced personnel going through the same on-boarding process. This is where staff augmentation can help your business thrive.

 

For example, Company A has decided to create its own IT department after years with an MSP because of tremendous growth in their market. But their budget doesn’t allow for the 10 person staff actually needed to manage and support their infrastructure this year, they can only hire 5, including management. The additional new hires will have to wait until the next fiscal year. But in the meantime, they still need the support, so what can they do?

 

The MSP can work alongside in-house IT staff, typically taking tiered responsibilities away from the client, for a fraction of the cost of full-time employees. The MSP will handle front line help desk on basic issues, the most time consuming and routine, so that Company A’s IT team can focus on working efficiently with the burden of being of understaffed removed. Working this way, managed services providers become a force multiplier for the client’s dedicated IT team, allowing them to work as they need knowing that the organization’s employees are still having their IT needs supported, while staying within budget and resource constraints. The MSP becomes a strategic partner for the customer, supporting them through whatever situations may arise.

 

Are your IT needs outgrowing your current team’s bandwidth? Don’t let IT employees burn themselves out with overwork. Consider staff augmentation with SOS Technology Group, and partner with us at every stage of your business.

Is Cloud Migration right for you?

Written by Scott Hall on . Posted in Cloud Hosting

Beginner’s Guide To Cloud Storage

Since reliable cloud services for small and medium businesses has been viable, SOS has worked with many clients to get the most from cloud based offerings with minimal impact and improved infrastructure. When businesses make the decision to move from physical on-premise hardware to the cloud, we’ve found the best practices to ensure success start very early in the planning stages. To that effect, if you’re considering taking advantage of the benefits of cloud services, here’s some tips to ensure a successful migration.

 

A Clear Vision for the Present.. and the Future

 

Forecasting growth isn’t a perfect science, but the overlap of IT and your business practices is incredibly important. Communicating that vision to employees and managers is crucial to keep your organization on track during migration and in the future as your business grows and scales.

 

Cloud Governance

 

Governance includes security and access. Which employees will have access to which services and virtual machines? You will still need to have a security mindset when it comes to secured network access and encryption of sensitive data, especially when working with PCI and HIPAA compliance.

 

Know Your Assets and Plan Ahead

 

Identifying your entire infrastructure is very important to successful cloud migrations, especially when adopting a hybrid model where some physical hardware remains. During this phase, best practices dictate that backups of your entire system are critical during this analysis. This will minimize the risks of any potential downtime and make the entire migration process much smoother, while also ensuring that no data is lost. Once this is complete, determine the order of migration, which departments of your organization will be affected and when at each step, and inform end-users of any changes to policy or operations that would require additional training.

 

Start Small and Simple

Beginning with non-critical systems is the best way to put some points in the win column and let your organization experience the benefits of cloud computing and gain experience with it. By encouraging transparency and consistency, everyone can familiarize themselves with the experience quickly and easily.

 

Migration

Once your plan is in place, it’s time to execute. Start with backups of existing data and hardware. Next, prepare and test the new cloud environment for connectivity with end users, and with other components in the cloud. After that, the moving of operational data can begin during your business’s downtime. Be prepared for adjustments to infrastructure, and get ready to test again under working conditions.

 

Monitor All the Things

Develop a comprehensive and complete monitoring process in place with your managed services provider and internal staff, to include as many details as possible, no matter how mundane they may appear. This will give you hard data points as to how your IT environment is actually working for your business, and you can approach performance and cost tradeoffs much more easily as you complete your cloud migration.

 

This outline can be challenge for anyone, and it’s important to have a winning team on your side when making the transition to the cloud. Get in touch with SOS today for an expert consultation and find out if cloud services is a good fit for your business.

Understanding Cyber Security

Written by Scott Hall on . Posted in Security

A few years ago, cybersecurity was once the responsibility of large corporations and governments. Companies specializing in cybersecurity could make very specialized efforts and expenditures to maintain parity with IT related crime. Unfortunately, that is no longer the case. Every day, digital attacks make the news, and every aspect of every infrastructure, company, and application is at risk.

 

As the number of Internet-connected devices across the world increases, humanity is hyper-connected. In times previous, the responsibility of cybersecurity fell squarely on the IT department, the burden is now shared across entire organizations. Cybersecurity has become a huge concern for every company and it is being prioritized accordingly. Not all organizations have successfully managed to translate the digital threats into credible business concerns, however, and as a result, there are plenty of businesses that have no idea how to proceed.

 

Businesses spend billions of dollars every year on advanced technology. This new equipment is meant to preserve the safety of important information and data, and deter malicious hackers and insiders from their attempts to bypass security measures and swipe data without a second thought. In spite of this, most breaches occur as a result of human actions or errors. Also, people seem to be completely unaware of what has happened until after the damage is done. You will always be targeted by hackers into spilling valuable secrets unknowingly. Through a method known as social engineering, they target the weakest link in the cybersecurity spectrum – humans and exploit them to find loopholes and other entry points. To combat this, humans and technology must work more efficiently together with the same goals in mind.

 

Most often, it is people who are targeted by hackers, and these are the same people who are often responsible for lapses in cybersecurity. The problem lies in human nature. We have an innate desire to be helpful and to trust other humans.  Hackers take advantage of this trust and use our willingness to cooperate and curiosity to get us to “click on the link” in personal or business emails.  But the moment you clicked on a bad link, you might have unknowingly downloaded a virus or malware into your system. And if you’re one of the unlucky few, you might be the victim of a ransomware attack, where all your data is locked up, and unless you pay a certain amount, you will never be able to access the data again.

 

So, even if these actions are accidental, the outcome can considerably harm your company, your community, your family, or yourself. Until you learn to be suspicious of too-good-to-be-true emails or shady links online, malicious insiders will continue to take you for a ride.

 

SOS Technology Group prides itself on familiarizing their clients with all the common cybersecurity errors and work with them to strengthen their systems so that no data is lost or stolen by hackers. The more informed the client is, the better they will be able to protect their personal information.

 

Disaster Recovery: Is your Business Prepared?

Written by Scott Hall on . Posted in IT News, Technology

technology

Disasters take many forms. It’s not just catastrophic events such as hurricanes, earthquakes and tornadoes, also cyber-attacks & equipment failures that can be classified as disasters.

Companies and organizations can the impact of disasters with plans that detail actions to take and processes to follow to resume operations quickly with minimal loss.

 

In the IT space, disaster recovery focuses on the IT systems that help support business operations. The term “business continuity” is often associated with disaster recovery, but the two terms aren’t completely the same. Disaster recovery is a piece of business continuity, which focuses more on keeping all aspects of a business running in spite of a disaster. Because technology is so critical to the success of modern businesses, disaster recovery is critical for business continuity.

 

Economic and operational losses can overwhelm unprepared businesses. One hour of downtime can cost small companies as much as $8,000, midsize companies up to $74,000, and large enterprises up to $700,000, according to a 2015 report from the IT Disaster Recovery Preparedness (DRP) Council.

 

Even if your business has a disaster recovery plan of some sort, a thorough review of that plan is needed. If your company doesn’t have one, and if you’ve been handed the task of coming up with one, the first step is a risk assessment. It’s important to identify key vulnerabilities to your infrastructure and where things could go wrong, and when they do go wrong, how your operations are impacted.

 

This phase is where a managed service provider can help. We can assess your network & infrastructure, and provide a custom disaster recovery plan tailored to your specific operations, and you can rest assured your business is protected in a disaster situation. Talk with us today.

Tech Headaches? We can help! Contact us now »