The largest telecommunications company in Canada, Bell Canada, reported a data leak of the personal information of 1.9 million customers. Currently, the company is working with Canadian law enforcement agencies to identify those responsible for the leak of email addresses and phone numbers.
According to the company, unknown attackers received unauthorized access to 1.9 million active electronic addresses and 1,700 names and current telephone numbers.
Cybercrimes
Trend Micro Inc.[1] indicates that fraud through email is among the most popular cybercrimes. Losses amounted to $140K. Also, hackers do not hesitate to use vulnerabilities in popular office programs. Trojan horses, attacking banking systems and ATM software, have become more diverse, and the number of extortion programs has increased by a record 752%. The largest cybercrime in 2016 [1] was the massive theft of Yahoo user accounts. During the year, hackers created fake cookies to collect personal data and access accounts without a password.
Attacks can be directed at any company, organization, or individual. Worldwide there are about a thousand different cyber attacks daily. Today we need to provide protection across the board. This includes network protection, docking protection, database protection, data leakage protection, protection of software development and applications, etc.
APT attacks have become critically widespread over the past few months. An APT, or advanced persistent threat, is aptly exemplified by persistent high-level threats such as WannaCry. Hackers also penetrate and roam inside networks for a long time, study them, mimic the environment of the information systems, and install additional backdoors and “sleeping agents”. Later, they can return and at the right time launch the final phase of the attack, directed either toward system failure or to data exfiltration.
Most of all for the year 2017, organizations that use local networks have suffered. Especially if physically separated divisions are united into a single local network. The scenario is that initially, the Trojan programs enter either by email, opening an infected, attached file, or by visiting an infected site. After the first computer on the local network becomes infected, a massive internal epidemic begins. In large enterprises, the probability of such a first infection is very high because it only takes one unprepared employee.
Five Сybersecurity Rules
One of the main reasons for the penetration by intruders into the infrastructure of a company or organization is precisely the human factor. One click on a link or an attachment that contains malicious code can give hackers access to the user’s computer or even the entire corporate network. Such attacks rely on social engineering.
It is important to remember and perform five simple and effective protection rules. And most importantly, do not be afraid immediately to inform the cybersecurity specialist about a possible threat. You might think that the threat has passed because nothing has happened to your computer, but malware might be spreading on the network.
- Do not access compromised or suspicious Internet resources.
- Do not open unknown emails, and even more so, their attachments if you are not sure who the email came from. Check the address first.
- If you have nonetheless still opened the attachment and saw that the file looks like spam, contains information that does not concern you, etc., be sure to notify the helpdesk or IT security specialist.
- Use complex passwords and change them regularly.
- Do not insert unfamiliar flash drives into your computer, even if you found the USB drive in the office or near the office.
Read the article on IoT Security Issues in 2017 and Сybersecurity Tips: How to Protect Your Data in 2017?
Contact JeraSoft
For general and sales inquiries regarding JeraSoft IoT billing or telecom billing solutions, please contact our Sales Department at sales@jerasoft.net