Cyber Security: Good, Better, Best

With some products you buy, the brand name really doesn’t matter. Socks, for example. Does anyone really care what brand of socks you wear? The answer is no – especially if you’re wearing jeans and no one can even see them. The same is true with pillow cases, in most cases, and pencils. You get the idea.

Cyber SecurityBut when you’re talking about cyber security—that’s a different story. You don’t want to experience first-hand the chaos that hackers can unleash if they’re given half a chance. If they can bring “the most technologically advanced system of government in the world” to its knees, like Russian hackers did to Estonia ten years ago, what chance does your online business have if hackers decide to target it? Only one: Trust Guard.

With such crazy cyber security threats floating around out there, might I suggest that you consider a trusted partner to do the dirty work of protecting your business while increasing your trustworthiness to online shoppers. Perhaps it would help to see an example of how Trust Guard’s Security Scanned outdoes the equivalent service of a competitor, Security Metrics.

Both of these services scan for vulnerabilities, but Trust Guard scans for more vulnerabilities and security holes and is more user-friendly than Security Metrics. Trust Guard also provides a proven security seal for your website—a small image that makes it clear to the online customer that your site has passed its security scan.

This in turn engenders trust among shoppers, which leads to more conversions. Because of the innovative methods of Trust Guard Security Scanned trust seals and scanning service, you get to enjoy an average of 15% more sales than you would without them.

Plus, Trust Guard has the best satisfaction guarantee in the industry: a 60-day double-your-money-back guarantee. How can you go wrong? So buy whatever socks or pencils float your boat. Just remember that the company that you choose to protect the your online assets needs to be not good, not better, but the best; it needs to be Trust Guard.

 

Hackers Feel Like Slivers in Your Derriere!

The following true story is courtesy of my youngest brother Luke. I feel a little guilty

When I was a young teenager, my brother’s friends would ‘toilet paper’ my yard. Little did they know the problems their playfulness caused. You see, my dad would make us gather it all up in brown paper bags, and he placed the bags in the bathrooms and removed all other TP until we finished with everything in the paper bags. This presented a very painful and unpleasant bathroom experience, because we had several evergreen bushes in our yard. No matter how hard we tried, we could never find and remove all the stickers, prickly leaves and thistles wedged in the TP.

hackers sliversFree toilet paper seemed like such a blessing to my dad, but it came with scrapes and bruises that have left a lifetime of unforgettable, miserable memories. Just like the toilet paper in this story, developers have designed an awesome website with all the bells and whistles, but have also left their websites susceptible to vulnerable holes that allow online hackers to easily ‘stick’ us with very unpleasant consequences – much more severe and lasting than a sliver in your rump.

Has your company been hacked?

Robert S. Mueller, III, former FBI director, made this now-famous statement a few years ago. “There are only two types of companies: Those that have been hacked and those that will be hacked.” But that was then, and this is now. In today’s online world, there are only two types of companies: Those that have been hacked and those that don’t know they have been hacked.

If Target, Sony, Yahoo, eBay, Sonic, Whole Foods, Equifax and thousands of other businesses would have been receiving regular security scanning services from an approved scanning vendor (ASV) certified by the Payment Card Industry (PCI) Security Standards Council and making the suggested improvements, our personal information may have been cyber safe. Instead, the world is in a panic, and the compromised companies are spending millions to try and redeem themselves. But, the hard reality is that you and I will think twice before using any of these services again.

Cybersecurity is a serious issue that affects all of us. We can no longer sit around thinking, “I won’t get hacked; that only happens to other people.” The reality is that no business is immune to online hackers’ criminal tactics. In fact, more than 30,000 websites get hacked into every single day.

Cyber-criminals use bots that they’ve created to search for online businesses that have holes and vulnerabilities they can easily exploit. Malicious bots can potentially run all night, and then when the hackers open their computers the next day the bots have found numerous vulnerable websites, servers, networks and/or POS credit card terminals to steal personal identifiable information and credit card data from.

Regardless of what kind of online business you have, your website is not safe from the outstretched hands of cyber-criminals. You should do all you can to keep your business and customers cyber safe. Act now by scanning your website, network and/or POS terminal for vulnerabilities and immediately repairing security holes found.

Trust-Guard-Seal-300x74Finally, if you are doing everything you can to protect your online business, clients, partners, online-shoppers and POS terminals, then you should NOT keep that a secret; shout it loud and clear. It should be a priority to let all your consumers and associates know that you are cyber safe. The best way to do this is by placing a trust seal by your checkout page to show the world that you are doing everything you can to stay cyber safe.

A trust seal is an easy, cost-effective solution for business owners who want to create trust between themselves and online shoppers. Third-party verification can go a long way for those who want the ease of the internet but are cautious and don’t want to be victims of fraud, theft or bad business practices. A seal takes the gamble out of online shopping, which statistically is why it significantly increases sales conversion. It’s an affordable win-win solution.

In conclusion, be caught on the news as being the ‘next’ victim that’s been hacked. Take action now. Find an ASV of the PCI Security Standards Council to routinely scan your network, website and/or POS credit card reader. Make sure that any vulnerability holes are fixed. Then let everyone know you are cyber safe by posting a trust seal for everyone to see.

Good luck at getting cyber-safe. I am an optimist by nature and I believe there is still much good in the world and plenty of good to be achieved.


Special thanks to Luke’s article found here: https://staysafeonline.org/blog/online-hackers-worse-sliver-rump/

 

CNBC: Hackers Are Targeting School Websites

According to an article from CNBC, hackers are now targeting school websites – including elementary and high schools. Universities like Harvard and the University of Louisville have been hacked. As have state departments of education, like Indiana’s. Even elementary, junior and high schools have been attacked by cyber criminals.

I guess it just took CNBC to talk about it before people realized the dangers for students, parents, teachers and admin when accessing their schools’ websites.

The article mentions that a hacking group named “The Dark Overlord,” known for hacking Netflix, has recently been linked to a series of attacks on school districts in three different states.  CNN mentioned that in a Montana school district, for example, more than 30 schools shutdown for three days. The Wall Street Journal reports that cyber-thieves have attacked more than three dozen schools. But there have been more than that.

“Schools have long been targets for cyber-thieves and criminals,” writes the Department of Education. “We are writing to let you know of a new threat, where the criminals are seeking to extort money from school districts and other educational institutions on the threat of releasing sensitive data from student records.”

'These grades won't do at all! Go to your room, hack into your school's computer and change these!'The Department of Education says the hackers are probably targeting districts “with weak data security, or well-known vulnerabilities that enable the attackers to gain access to sensitive data.” It advises districts to conduct security audits and patch vulnerable systems, train staff on data security best practices, and review sensitive data to make sure no outside actors can access it.

According to Mary Kavaney, the chief operating officer of the Global Cyber Alliance, school environments often don’t have a lot of technology resources dedicated to security, but they could have some of the most sought after personal information on people, including social security numbers, birth dates, and medical and financial information.

The Department of Education’s letter confirmed that threats like these have now been observed multiple times, stating, “In some cases, this has included threats of violence, shaming, or bullying the children unless payment is received.”

“These attacks are being actively investigated by the FBI, and it is important to note that none of the threats of violence have thus far been judged to be credible,” explains the department. In order to protect private information that can be stolen and used for extortion, the Department of Education suggests that schools conduct security audits like those offered by Trust Guard and that they train staff and students on data security best practices like secure passwords.

Cyber crime has been happening since the creation of the internet. With more than 30,000 WordPress sites being hacked on a daily basis, schools, districts, and state education departments need to start monitoring their sites for vulnerabilities on a daily basis. If you are a student, parent or teacher, visit TrustGuard.com for more information on how to keep your private information safe.


Special thanks to these two articles for much of the content in this article:
http://money.cnn.com/2017/10/18/technology/business/hackers-schools-montana/index.html
https://www.cnbc.com/2017/10/24/department-of-education-warns-that-hackers-are-now-targeting-schools.html

 

You’ve Been Hacked!

You’re asleep, dreaming about all of the money effortlessly flowing into your bank account because of your years of hard work and determination to succeed as an e-commerce business owner.

Suddenly your eyes jerk open to the sound of your partner’s ringtone. He’s the only person that you let call you after hours.

You turn over to reach for your phone. Your alarm clock shows you that it’s 3:30 in the morning. You begin to get nervous, asking yourself what could possibly be so important.

You answer the phone searching for explanations when your partner, with almost palpable stress in his voice exclaims: “We’ve been hacked!”
You've Been Hacked!
Not really knowing what that means, you get him to calm down and tell you what happened. He explains that he found out earlier that night that one of your longstanding customers had her credit card information stolen and linked the theft back to your site.

He was just going to talk to you about it the next day, but then he received another notification of identity theft linked to your website, then another, and then another. This started to really scare him. Then, right before he called you, your programmer called to tell him that a hacker had taken control of your website.

That’s a lot of bad, life-changing, gut-wrenching information to take in – especially at 3:30 in the morning.

You take a minute to try to make sense of it all. Finally you respond to your partner. “So, what you’re saying is that we no longer have access to our website and that we are probably responsible for the identity and credit card theft of all of our customers.”

You hear your partner take a long, deep, concerned breath before answering with a lump in his throat “Yep.”

And to think that all of this could have been avoided by using Trust Guard’s security monitoring services.

What Victims of Identity Theft Can Do

If you haven’t heard, Equifax, one of the three big credit reporting agencies in the United States, announced that it suffered a massive data breach. More than 143,000,000 records were compromised, including email addresses, names, social security cards and credit card numbers.

If you believe you were the victim of identity theft, here’s what you can do:

  1. Close the accounts that you believe may have been tampered with or opened fraudulently. Use the government’s Identity Theft Report, which can be found at www.identitytheft.govIdentity Theft
  2. File a police report and get a copy to submit to your creditors and others who may require proof of the crime. If you have proof of identity theft, be sure to take that proof with you when you go to file your police report.
  3. File your complaint with the FTC at www.consumer.ftc.gov. The FTC maintains an identity theft database that law enforcement agencies use for investigations. Filing a complaint also helps the FTC better assist you, as the commission learns more about online theft of identities and the problems it creates.

If you are a business owner with an SSL certificate but without protection from hackers, contact Trust Guard, the leader in website security to protect you and your online visitors from hackers.

More Hackers Are Doing More Damage

If you’re concerned about cyber security these days—and you should be—reading the headlines isn’t exactly going to give you any peace of mind. Sometimes it seems that hackers just have the upper hand.

Equifax_LogoOne such headline from TheRegister.co.uk tells us that “Energy sector biz hackers are back and badder than ever before.” Cyber security firm Symantec believes that a resurgent group of hackers dubbed “Dragonfly 2.0” poses more of a threat than ever. They were apparently behind a massive attack on the Ukraine’s electrical grid, which affected hundreds of thousands of people. The group now poses a threat to the electrical grids of Western nations.

Newsweek reports that the recent attack on HBO caused the loss of seven times more data than the Sony cyber attack, which back in 2014 gizmodo.com called possibly “the worst corporate hack in history.” The losses of data include things like employee medical records, Social Security numbers and TV show scripts.

And then there is the Equifax hack that lost personal data of 143 million people—yes, that’s a million. And the list goes on and on.

It would seem a good time to take cyber security seriously by using Trust Guard. If they’re on your side, they will scan for the more than 75,500 known vulnerabilities so any hacker-inviting weakness in your computer system can be fixed before the hackers can put you in a fix.

The name of the game is staying ahead of the bad guys, and you almost certainly can’t do that on your own. Trust Guard will also provide you with a Trust Seal for your web site so visitors can see that their personal data will be protected if they make a purchase on your site.

Don’t let your business make it on the hacking headlines; let Trust Guard worry about warding off hackers so you can focus on your business.  


Sources:
http://gizmodo.com/the-sony-pictures-hack-exposed-budgets-layoffs-and-3-1665739357/1666122168
http://www.newsweek.com/hbo-cyberattack-sony-hack-leak-game-thrones-645450
https://www.theregister.co.uk/2017/09/06/energy_sector_attacks
https://us.norton.com/internetsecurity-emerging-threats-143-million-people-exposed-in-equifax-data-breach.html?om_em_cid=hho_email_US_BLST_ACT_2017_09_databreach_Equifax

 

What You Should Know about the Equifax Breach

What: Data collected by Equifax, one of the three credit report giants, was hacked. “This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes,” said Richard F. Smith, Equifax CEO, in a statement. 

When: In early August, Mandiant (a cybersecurity firm) was approached by Equifax to figure out what was going on, according to CNN News. Mandiant aided in the investigation and determined from May 13 through July 30 a spate of hacks occurred.

Who: 143 million Equifax customers have been affected. Their information, including social security numbers, addresses and birth dates were accessible by hackers.

Soon after the breach was announced to the public, Susan Mauldin, former chief security officer and Dave Webb, former chief information officer, retired.

How: Like many of these cases, the how is still a mystery. But Apache Struts, a tool used for Equifax’s online dispute portal, has become the scapegoat, being blamed for vulnerabilities, making the breach easier for hackers.

Apache Struts released this statement:

“We as the Apache Struts PMC want to make clear that the development team puts enormous efforts in securing and hardening the software we produce, and fixing problems whenever they come to our attention. In alignment with the Apache security policies, once we get notified of a possible security issue, we privately work with the reporting entity to reproduce and fix the problem…”

What you can do: If you believe you might have been impacted, visit Equifax’s Cybersecurity Incident & Important Consumer Information page: https://www.equifaxsecurity2017.com/.

Vulnerability Scanned Websites

vulnerabilityTo me, shopping on the Internet is the best thing to have ever happened to mankind since the invention of the internet itself.

According to a recent study, 51% of Americans prefer to shop online than in stores and 96% of American adults, at some point in their lives, have made an online purchase.

Impressive numbers don’t you think? That is why e-commerce is estimated to be growing at a rate of 23% every year.

The problem of website vulnerability has been a major concern for e-commerce websites.

Hackers are more and more prevalent – as seen this week in the huge Equifax data breach that saw the identity theft of 143 million people in the US, Canada and United Kingdom.

Vulnerability scanning involves the use of computer programs designed to assess computers, websites, networks or applications for weaknesses that can be exploited by hackers and identity thieves. These scans are used to discover the weak points or loopholes in website designs. Currently, Trust Guard scans for more than 75,575 of these security holes.  Unsafe websites is a very big problem for e-commerce owners because they require their customers to submit sensitive information to make their purchases. Imagine how useful this information would be in the hands of  identity thieves. From credit card information to mailing addresses, phone numbers, account details and photographs, it’s like giving these thieves the key to your home, bank account and your office.

Your customers worry about the safety of their personal information when they visit your website.

They worry about the vulnerability of your website. Ask yourself this, why should I save my money in a bank that has a massive hole on the side of its vault through which anyone can have free access? Your customers need to feel as safe using your website as they do at their bank. Look at things from the perspective of your customers. Why would they give their personal information to a website that isn’t safe?

As an online shopper, you should only shop on websites that have been thoroughly scanned for vulnerabilities by a reputable website protection company. Website protection companies like Trust Guard are able to completely uncover a website’s vulnerabilities and instruct the website owner how to fix them. How can you identify e-commerce websites that are free from vulnerabilities? Quite simple. You can check websites for security trust seals. Security scanned trust seals are an indication that the website you’re shopping on is safe.

We know that everything on the internet is hackable. However, it will take expertise and focus for hackers to attack a vulnerability-free website.


 

Identity TheftThis article was written by Emmanuel Ozigi, a biochemist in the making from Nigeria. In my spare time, I’m a science, health, and fitness blogger. I also specialize in graphic design and photo editing. I also have this insatiable hunger for information and the desire to learn new things. Visit my blog at http://sciencehealth24.com.