Tag: ransomware

  • McDonald’s AI “McHire” platform was breached, allowing for the potential exposure of 64 million applicants private data

    McDonald’s AI “McHire” platform was breached, allowing for the potential exposure of 64 million applicants private data

    For employers, sorting through applications is ordinarily a tedious but necessary part of the hiring process. Enter AI, with artificial intelligence employers can now have AI tools sort candidates based on specific prompt criteria, shortening the time it takes to sort through dozens or even hundreds of applications and propelling the most worthy candidates to the top of the list for human review.

    Or at least, that was the idea. However recently for McDonald’s that idea backfired with a simple mistake, a security flaw in their AI hiring platform dubbed “McHire” or McHire.com allowed attackers to access the logs of any user in the system simply by using the account and username “123456”.

    This allowed access to an administrator account for Paradox.ai, the vendor behind the creation of the McDonald’s AI hiring platform, and the ability to query “Olivia”. Olivia is is the chatbot potential applicants would chat with as they submitted their application.

    The data they were able to access included applicants’ names, emails, addresses and phone numbers. In total there were 64 million records accessible in the system at the time the breach occurred.

    Luckily, the security flaw was discovered by researchers instead of true bad actors. The breakdown of how it was discovered can be found on the blog by security researchers Ian Carroll and Sam Curry. We have reported on their research before when they discovered a major flaw with Kia and other car brand manufacturers allowing for remote access to vehicles (even while they’re actively being driven).

    It’s a sharp reminder that just because AI solutions may make things easier, doesn’t mean that best practices are automatically being followed. The human review is still an important component when deploying any system that will gather large amounts of PII (Personally Identifiable Information) and it’s important to know the rules and restrictions you must follow when collecting that data for your business.

    Below are three rules we recommend following when collecting PII in your business:

    1. Collect Only What’s Necessary (Data Minimization)

    Only gather the PII that is absolutely essential for the purpose at hand. Avoid collecting excess or sensitive data unless it is required. This reduces risk in the event of a data breach and shows respect for user privacy.

    1. Clearly Inform and Obtain Consent

    Be transparent about what data is being collected, why it’s needed, how it will be used, and with whom it might be shared. Always obtain informed consent before collecting any PII, especially for sensitive data like health, financial, or biometric information.

    1. Protect the Data with Strong Security Measures

    Use up-to-date encryption, access controls, and secure storage practices to protect PII from unauthorized access, loss, or misuse. Regularly audit systems and train employees on proper data handling procedures.

    These rules not only build trust with users but also help ensure compliance with regulations like GDPR, CCPA, HIPAA, CMMC and more. If compliance or data protection is a concern for your business, Valley Techlogic can be your go-to partner in creating secure data collection and safeguarding practices alongside deploying industry leading cyber security preventions within your business. Reach out today to learn more.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, leading provider of trouble free IT services for businesses in California including Merced, Fresno, Stockton & More. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on X at https://x.com/valleytechlogic and LinkedIn at https://www.linkedin.com/company/valley-techlogic-inc/.

  • Are cyber attacks still being conducted the same way in 2025? Top 8 cyber attack methods explained

    Are cyber attacks still being conducted the same way in 2025? Top 8 cyber attack methods explained

    New year, new threats? Hackers have not slowed down their efforts year over year, in 2024 the average cost of a data breach rose to 9.36 million US dollars. Of course this is taking into account the massive breaches that occurred last year with one attack costing the company that was targeted $500 million dollars.

    Still, even for smaller businesses the average cost is usually somewhere between $120,000 to $150,000 – no small sum. Year over year though, the types of attacks haven’t changed even if they’ve become more effective in scale. These top 8 attack methods remain the same (with the first one leading in effectiveness by a landside):

    1. Phishing: Phishing remains the top attack vector in 2024, with 90% of attacks still starting with a phishing email. Our advice on how to spot a phishing email has also stayed the same.
    2. Ransomware comes in second and is preceded by a phishing email 40% of the time. In 2024 the largest single ransomware payment of all time was made to the “Dark Angels” ransomware group to the sum of $75 million.
    3. Denial-of-Service (DoS) attacks are not a new player to the game, but they are part of an overall strategy we’ve seen by attackers to weaponize operational technologies to cripple businesses – either for a payout or just to send a message.
    4. Man-in-the-middle attacks involving intercepting private conversations or data between one or two parties, a good example of this is an attacker setting up a fake Wi-Fi connection or intercepting unencrypted HTTP connections to gain user login information to a website.
    5. SQL Injection attacks are a difficult one for consumers to guard against as they’re conducted on the backend of a businesses website or database and involve “injecting” malicious code. If you’re a business owner, it’s crucial to work with competent developers when creating consumer facing websites (especially if you’re collecting sensitive data through them).
    6. Cross-Site Scripting Attacks are again difficult to guard against, these attacks are also extremely inconspicuous as the attacker in effect sets up a honey pot on the victim’s server or website and waits for it to collect data from the site’s users. Again, it’s crucial to work with a competent developer and IT provider when to protecting your data both internally and from being externally exploited.
    7. DNS Spoofing involves redirecting users from the site they were intending to visit to an unknown site where their data can be collected (usually login information for the site they intended to navigate to). One trick for telling if the page you’re on is secure is to look for the little lock symbol in your navigation bar, this is a sign the page you’re on is using a secure connection.
    8. Zero Day Exploits are the most difficult to protect against as they are attacks that are literally exploited the same day they’re discovered. Hackers are constantly looking for new ways to access your systems, and even if you’re a small business you’re never too small to be of use to them (even if it means leapfrogging past you to exploit your customers).

    There is never a better time than the start of the year to evaluate your technology systems for improvements, at Valley Techlogic we can provide you with a comprehensive report on our recommendations for your business as well as a tailored plan to bring your business up to date in 2025. Schedule a consultation today.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, leading provider of trouble free IT services for businesses in California including Merced, Fresno, Stockton & More. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on X at https://x.com/valleytechlogic and LinkedIn at https://www.linkedin.com/company/valley-techlogic-inc/.

  • In the aftermath of the MGM cyberattack, five class action lawsuits have already been filed

    In the aftermath of the MGM cyberattack, five class action lawsuits have already been filed

    MGM Resorts are a staple on the Las Vegas strip, operating more than two dozen hotels and casinos around the world with nine of them being found in Las Vegas itself. You may have heard of the Bellagio, Mandalay Bay, and the Luxor? These are all MGM properties that host millions of visitors each year.

    Now some of those same visitors are wondering if the chain gambled with their private data. It was reported on September 11th that MGM was facing some kind of “cybersecurity issue” that trickled down to their facilities, with customers facing problems using the digital keys to their hotel rooms to slot machines not functioning as intended.

    Guests were left spending hours waiting to check in as the hotels shifted away from digital entry back to manual keys to get guests into the rooms they’d already paid for. It reportedly took 10 days for things to resume normal operations with some problems still occurring here or there.

    It’s now being reported that the cause of this hack was a persuasive phone call made by one of the members of a hacker group called “Scattered Spider” which has since claimed ownership of this attack. In a strange turn of events this group does not prioritize technology-based attacks such as malware or phishing but instead mostly engages in “Vishing”.

    “Vishing” or voice phishing is when someone calls you pretending to be someone else, they usually are purporting to be from a company you might do business with financially – such as your credit card company or banking institution.

    With number spoofing this type of attack can be very effective, and as the MGM attack shows even a massive organization is not necessarily immune from an attack if the bad actors is using the right attack vector for the job. That’s why it’s important to have several safeguards in place when it comes to protecting your systems and data.

    It’s alleged that a member of the Scattered Spider group found an MGM employee’s information on LinkedIn and was able to convince a member of their help desk to give them all the access they needed to perform the attack. Someone close to the group has said the original plan was to hack their slot machines but when that plan failed, they moved to plan B which was holding MGM’s data hostage for a payment in Crypto.

    Even though they’re now back to normal operations, MGM is not out of the woods yet. Five class action lawsuits have been filed with customers claiming the chain risked their personal identifiable information (PII) by falling for this attack. Two were filed against MGM directly, and three against their partner company Caesars Entertainment. We have talked about the legal ramifications. of cyber attacks before and it’s something companies should definitely be aware of, the insult of being hacked may not end just with the loss of data or systems being damaged – there may be legal consequences as well.

    Over 90% of successful attacks have a human element to them, with this most recent attack on MGM included in that figure. Cyber security training can go a long way in preventing cyber threats to your business, but vishing may still catch you or your employees off guard. You may be wondering how someone on the phone could possibly be so convincing that you give them access to your systems or financial accounts. We made a chart on the top 8 steps you need to take to guard against a vishing(voice phishing or)’ smishing (text message phishing) attack on your business.

    Of course, as we mentioned the best defense against cyber attacks in general is a layered approach, that way if one wall is breached an attacker would still have to get through several more to do any damage to your business. That’s where a partnership with Valley Techlogic comes in – we take a layered approach to protecting your backups, protecting your systems, and protecting you and your employees from bad actors. Learn more today through a consultation.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • Threat actors attack on cloud company leads to customers data being wiped completely

    Threat actors attack on cloud company leads to customers data being wiped completely

    Last week a Danish cloud provider called CloudNordic suffered a cyber attack that led to them losing all of their customers data in one fell swoop.

    The hackers who gained access to CloudNordic’s system immediately issued a financial demand that the company was unable and unwilling to meet and led to all of their data being encrypted by the hackers. The company said that no evidence of being hacked was left behind other than the encrypted data.

    This hack also effected their sister company, AzeroCloud, and both companies released identical statements on the ongoing issues they’re facing after this event, you can see the statement below translated to English from Danish.

    In an effort to start over the company has establish a new name and new servers and have offered to restore their clients to servers with the same name as they had previously, though they’ve also included instructions for customers who want to move their domains to new hosts.

    CloudNordic suspects the attack occurred while they were moving data centers, exposing them to already infected systems. As they were mid-migration it allowed the attackers access to their systems and even their own backups.

    CloudNordic states “”The attackers succeeded in encrypting all servers’ disks, as well as on the primary and secondary backup system, whereby all machines crashed and we lost access to all data,”.

    They’ve stated while the data was scrambled during the attack, they don’t believe the attackers copied customers data as is typical with ransomware attacks, so it’s unlikely individual customers will be targeted to be ransomed back their data.

    No known ransomware group has so far taken credit for this attack. The company CloudNordic and their sister company AzeroCloud have both said they plan to try to rebuild from here without access to their previous data.

    At Valley Techlogic, backups are an important puzzle piece when it comes to maintaining the security of your business. For many businesses, a cyber event where all of your data is lost would be difficult to impossible to recover from. Many businesses that suffer attacks like these end up going out of business.

    That’s why we created our triple layer backup plan, TechVault.

    With TechVault you not only have an onsite copy of your data, there’s also a cloud backup and what we call an archival backup.

    This archival backup is what makes this program we’ve created special, as it’s write once read many. Basically, the data can be copied back to you as many times as needed but once it’s on there, it cannot be deleted.

    This, in addition to the 24/7 monitoring we provide as well as firewall, antivirus and other protections means your data is virtually bullet proof.

    If you would like to learn more about what makes Valley Techlogic a cyber security leader in the Central Valley, schedule a consultation with us today.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • Zero-click exploits, how they work and how to avoid them

    Zero-click exploits, how they work and how to avoid them

    What comes to mind when it comes to viruses and malware and how they infect a device?

    Most of us think of someone accidentally downloading an infected program from an email or website, which we’re sorry to say doesn’t always end in the much maligned and feared .exe. These days executable files with malware can take the guise of an image, PDF, and more.

    Unfortunately, now users can be infected by malware or a virus without clicking on anything at all. A zero-click exploit can compromise a device without any action from its owner. While most malware is spread through social engineering attacks (tricking a user via email or on a webpage) zero-click exploits make use of existing vulnerabilities found on operating systems.

    So far these attacks have been mostly affecting mobile devices, with Apple having to release its third update recently aimed at addressing a zero-click spyware campaign that’s been launched to specifically target iMessage users in Russia. The attack dubbed “Operation Triangulation” affected a wide range of Apple devices including iPhones, iPads, Mac OS devices and even Apple TV.

    This type of attack was actually discovered when the iPhone of a journalist in Azerbaijani in 2020 received a silent command to open the Apple Music app. From there, the app connected to a malicious server and downloaded spyware onto the phone, which remained on the phone for 17 months collecting data silently in the background.

    The spyware in this instance was placed and developed by the NSO Group, which is an Israeli based security firm that sells technology to governments and law enforcement agencies. While the company says they’re developing this software as a way to address terrorism and curb crime, it has been misused by the government agencies who contract it in the past. Human rights groups have been critical of the NSO group for the violation of privacy this type of software poses.

    While most of these attacks have been aimed at Apple devices in particular, the NSO group also developed a version that exploited WhatsApp on Android devices. Both Android and Apple have been quick to patch these vulnerabilities as they are discovered.

    While in a different category, these attacks have a similarity to “zero-day” attacks which is when bad actors discover a vulnerability in a specific system and utilize it to gain access or enact malicious activity against the devices that are targeted. It’s referred to as “zero-day” because the product merchant has had zero days to deal with the issue when it’s discovered. The difference between a zero-day attack and a zero-click attack though is with zero-day attacks there’s typically some action that’s needed on behalf of the device owner.

    With zero-click attacks, no action is needed and these attacks can happen completely silently and with no warning.

    So how do you avoid something that sounds at first glance, pretty unavoidable? There are some mobile device hygiene habits that, while not making your phone completely impervious will drastically decrease your risk of falling victim to zero-click attack.

    When it comes to zero-click or zero-day the truth is cyber attacks can happen quickly and with little to no warning. As a business owner, your risk is multiplied by the number of devices you must maintain and secure in your office. That’s where Valley Technlogic can help.

    We are experts in the field of cyber security, we even wrote the book on it (claim a free copy today!) or reach out for a free consultation to learn how we can help mitigate these types of attacks on your business.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • Western Digital suffers a ransomware attack, with hackers requesting an 8 figure sum and leaking image from internal meeting

    Western Digital suffers a ransomware attack, with hackers requesting an 8 figure sum and leaking image from internal meeting

    Western Digital is a well-known name in the data production and storage industry. Established in 1970, they were one of the original players in the process of making semiconductors and they have a storied history that began with calculator chips, included a bankruptcy as well as being at the forefront of floppy disc creation in the 1980’s to eventually the hard drives they became known for in the 1990’s. Chances are good you have had a Western Digital drive in one of your devices (you may even have one now).

    Despite being leaders in the digital storage industry, they’ve unfortunately proven no one is immune when it comes to ransomware attacks. While this story emerged mid-April (and the attack occurred March 26) we have an update as the hacker group “BlackCat” taunts Western Digital by leaking an internal video conference on the topic just this week. They leaked an image from the meeting on social media coyly dubbing the people included “the finest threat hunters Western Digital has to offer”. A clear mockery of their attempts to remediate the threat thus far.

    The hacker group is clearly trying to up the ante to get the company to fork over the ransom they’ve requested, a sum reportedly coming in at an eye watering 8 figures. For context a typical ransomware payment paid out by a business in Quarter 1 of 2022 was $228, 125. For individuals payouts hover around $6000. In a nutshell, ransomware is a lucrative business for those with unscrupulous motives.

    To make matters worse, it’s been reported that the group BlackCat has access to multiple Western Digital systems. Meaning this attack was well orchestrated and highly effective at not only making their data vulnerable but creating a disruption to all parts of their business. Western Digital has reported requested the services of outside security and forensic experts to try and recover what they can but needless to say this is an expensive lesson for their business both in money and time lost as well as their reputation in the technical industry.

    You would think being a leader in data storage that their backup recovery process would be flawless, unfortunately when hackers gain domain level access even the best laid plans for your data can go out the window. That’s why Valley Techlogic offers a multi-pronged approach to backups.

    Many clients like the idea that all their data is at their fingertips within their on-premises server. The server itself serves as a physical reminder that their data is ready and available when they need it.

    Unfortunately, having your data all in one place is not a good idea. Other than ransomware attacks such as this, it also leaves your business vulnerable if your server fails for whatever reason. We’ve seen it before; many clients aren’t expecting their servers to just give out or for something like a fire or other disaster to affect them and when it happens, they’re left scrambling. The process to recover from scratch is not always guaranteed and even if a recovery is possible, it can take as long as 3 months to get back mostly to where you were. Generally, a 100% recovery is not possible in these instances.

    That’s why at Valley Techlogic our backup solution TechVault is available and used by each of our clients. We have this chart on the benefits of our TechVault solution.

    You can also learn more about it by visiting here. If the Western Digital breach has left you concerned for the safety of your data, or you would just like more information on our backup solution you can request a consultation with our expert sales staff here.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • When a data breach leads to jail time for an ex-CEO, and why you should take data security seriously in 2023

    When a data breach leads to jail time for an ex-CEO, and why you should take data security seriously in 2023

    We’ve seen plenty of examples of extreme monetary penalties occurring from data breaches, but this is the first we’ve seen of anyone actually being jailed for one.

    Vastaamo was a Finnish psychotherapy provider that was founded in 2008. While it was a sub-contractor under the government, Vastaamo like many healthcare related businesses was the subject of data breach attempts, with two additional successful attempts occurring  in 2018 and 2019. These attempts failed to be reported by the company.

    The ex-CEO Ville Tapio did report the 2020 breach to authorities, after all of their patient data was stolen by the cyber criminals. These criminals asked for €450,000 (about $.0.5 million in US dollars at the time of writing) and when that was unsuccessful, they then demanded €200 from each patient of the clinic for which they had records on. They warned this fee would increase to €500 each if the clinic did not pay within 24 hours.

    They warned the patients that after 48 hours with no payment they would be doxxed. Doxxing is when your private details are leaked online (this can include your payment information but also things like your address). In this case they were even willing to leak client session records and notes. They leaked the details of 300 patients which included politicians and police office. A 10 GB file containing the patient notes for over 2000 patients was also found on the dark web following the hack.

    While the clinic, Vastaamo, was a victim in this case authorities still looked at the overall picture when making the decision to charge ex-CEO Ville Tapio, including the previous breaches and the fact that he had insider knowledge of the company’s cybersecurity coverage (or lack thereof). He was charged with a 3-month suspended sentence and the company itself had to file bankruptcy and eventually went under.

    The severity of the breach and the companies lack of accountability when it came to cybersecurity protections made them run afoul of the GDPR (General Data Protection Regulation) which are Europe’s regulations on data protection and privacy for its citizens.

    If you’re a US based company owner it’s not a good idea to think “Well nothing like this could happen here”. California recently passed the CCPA (California Consumer Privacy Act) which allows customers more say so over the data your business collects on them. If your business has contracts with the DoD (Department of Defense) you’re probably already seeing stricter restrictions and regulations for how your business must be cybersecurity compliant to keep doing business with the government via CMMC (Cybersecurity Maturity Model Certification). HIPAA is old news for medical practitioners, but we still find many that are not compliant with the regulations.

    Suffice to say there can be blowback that extends beyond financial penalties and injuries to your business’s reputation. Small steps in protecting the data within your business can make a huge difference in the outcome you have (whether it be avoiding an attack altogether or making for an easier recovery).

    If you need creating or developing a more robust cybersecurity gameplan, Valley Techlogic is the one you’re looking for. Cybersecurity is our number one concern, and we take implementing cyber prevention measures for our clients very seriously. If you would like a consultation to learn more just visit here to get started.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • The Rockstar Games data leak and how reputation loss can be one of the costliest aspects of being hacked

    The Rockstar Games data leak and how reputation loss can be one of the costliest aspects of being hacked

    Video game news might fall outside our normal wheelhouse but reporting on cybersecurity events is right up our alley, and this the most recent hack on major game developer Rockstar Games made major news over the weekend so we wanted to chime in with our thoughts.

    The hacker going under the moniker “Tea Pot” released video clips of Rockstar Games unreleased (and previously unannounced) new game, Grand Theft Auto 6. The clips revealed spoilers on the games content and also showcased rougher assets as the game is still in early development, something game publishers don’t ordinarily highlight.

    In a message acknowledging the breach the Rockstar Games Team had this to say:

    Rockstar Games Response to the data leak.

    The hacker returned after releasing the data and sent a message on the GTAForums claiming they wanted to “negotiate a deal” with Rockstar Games, hinting that they had more data to release. Speculation proliferated across the internet that the hacker had somehow obtained some of the games source code.

    With the source code portions of the game could be re-engineered (outside Rockstar Games) and that could even possibly be used to provide at least a semi-playable version. The fallout from that would be devastating as it would steal the developer’s agency in releasing their own content and also reveal trade secrets that could be used to help create knockoff or pirated versions.

    Rockstars parent company, Take-Two, has issued take down notices to social media accounts and Youtube channels broadcasting the stolen footage as work to perform damage control. There will probably be a costly investigation into the origination of the hack and there may even be financial complications beyond that, as investors may question what effect this leak will have on the eventual release of the game.

    This hack is a perfect example of the reputation cost associated with being hacked. Recovering data you need to do your day to day job is one aspect, but you also need to think about data you wouldn’t want released to the public.

    Projects that haven’t been announced yet or information that’s not easily changed (tax information, personal identifying information) are just two factors, but there’s also the release of your customers private data. Many aren’t aware a breach involving client information can even lead to legal ramifications depending on regulatory factors in your sector.

    There’s also your private emails or messages, which could have future business plans, personal information, or other things that could be used by the hackers in a ransomware attempt (or even ongoing blackmail).

    Cybersecurity prevention’s are important but one element that has surged to the forefront of our minds is a recovery tool that’s becoming more difficult to obtain – cybersecurity insurance.

    You can review our comprehensive guide on the topic but here’s a brief chart on what cybersecurity insurance typically covers:

    Click to view the full size version.

    Obtaining coverage can be challenging, the requirements have grown much steeper as cybersecurity attacks become more common place, and that doesn’t look like it’s going to change anytime soon. At Valley Techlogic we have experience in helping clients obtain coverage so if the unthinkable does occur, their business will survive the hit.

    Whether you’re are in the early stages of researching cybersecurity coverage or if you have an application form in front of you, we can be your guide through the process. Schedule a consultation today to learn more.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley Techlogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • College shuttered after 157 years due to ransomware attack

    College shuttered after 157 years due to ransomware attack

    While ransomware wasn’t the only thing behind the decision to close Lincoln College, located in rural Illinois and established in 1865, it was the final blow after taking substantial financial losses due to the COVID-19 pandemic.

    The school, which had survived through the Spanish Flu, the Great Depression, two world wars and even a fire in 1912 will close its doors for good on May 13th, 2022.

    The ransomware attack which occurred in December 2021 crippled their recruiting and fundraising efforts for two months, not being resolved until March 2022 as a statement on the school’s website reads.

    “Furthermore, Lincoln College was a victim of a cyberattack in December 2021 that thwarted admissions activities and hindered access to all institutional data, creating an unclear picture of Fall 2022 enrollment projections. All systems required for recruitment, retention, and fundraising efforts were inoperable.

    Fortunately, no personal identifying information was exposed. Once fully restored in March 2022, the projections displayed significant enrollment shortfalls, requiring a transformational donation or partnership to sustain Lincoln College beyond the current semester.”

    The school made attempts to avoid the closure, but the efforts came too late, and we’re sorry to say they’re far from unique in being a school that was targeted by a cyberattack. According to this report over 1043 schools suffered ransomware attacks in 2021.

    Cyber criminals don’t think twice when targeting schools, hospitals, and infrastructure that’s needed by the community. We reported on the on Colonial Pipeline hack that created a major disruption at gas stations across eastern US last May.

    Schools and hospitals are appealing targets because investing in cyber security measures is not generally a priority and they often store large amounts of PII (Personal Identifying Information) in their systems.

    Many senators have taken note of this and have called on the Department of Homeland Security to instate measures that would bolster the security of our schools, especially K-12.

    A ransomware payment isn’t the only thing attackers stand to gain when they successfully infiltrate a network, here’s a chart with the way hackers “double dip” from during their attacks:

    Hacker Motivations Infographic

    In the end Lincoln College did choose to pay the ransom to gain control of their systems again, but it sadly made no difference in saving the college.

    60% of businesses close within 6 months following a ransomware attack, and only half businesses have a cyber response plan available to quickly respond to an attack. The slow response time will only add insult to injury as you try to get back on your feet and as we’ve seen in this case, it can be fatal to your business.

    Valley Techlogic can help you not only have a contingency plan in place, but also help you enact cyber security measures in your business that will prevent an attack from occurring in the first place. Learn more today through a quick consultation.

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley TechLogic, an IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.

  • Cyber Insurance – What you can do to ensure your business will be covered in 2022

    Cyber Insurance – What you can do to ensure your business will be covered in 2022

    Last month we released our new cyber insurance report which is an in depth look into this topic, but we wanted to touch on what we’re specifically seeing so far in 2022 in today’s article because from what we’re seeing in from our clients and in the industry – cyber insurance requirements are on the rise.

    If you’re new to cyber insurance or aren’t sure what’s covered under this sort of policy, for most insurance providers cyber insurance offers coverage for technology related disasters. This could include a cybersecurity event such as ransomware or a data breach but depending on your level of policy it might also include IT related downtime not related to cybersecurity such as internet outages. You may even see coverage for specific device issues, such as the loss of an office server that’s critical for day-to-day operations.

    When it comes to the cybersecurity related coverage what many people don’t realize is it’s not only meant for covering your own losses, but also the potential loss incurred by your customers. If you have a data breach, your cyber insurance coverage will cover the cost of any litigation brought by your customers and it may also cover items such as on-going credit monitoring if their PII (personal identifying information) was exposed in the data breach your company suffered.

    It can be easy to feel detached from a loss you haven’t suffered yet. To put some perspective to, it during the Anthem data breach in 2015 when involved 80 million patient records, their costs to notify their customers (which HIPAA regulations stipulate must be done by snail mail) exceeded $40 million in just postage. That’s not even taking into consideration all of the other costs associated with that breach.

    They’re a major corporation, so again it may be difficult to imagine yourself in those shoes, but even for small companies the average costs are as high as $200,000 per breach. Also, if you’re hit with a ransom and think you can just pay it and get out intact, think again. Many times, even if you receive the de-encryption key from the hackers your data may still be lost.

    It’s not surprising that insurance providers are looking at this and wondering how they can alleviate some of the risk they’re taking providing insurance to customers going forward. The requirements are increasing, even for us as a technology provider for businesses we’re seeing longer forms that we’re assisting our customers with when they go to acquire a new cyber insurance policy.

    These longer forms are featuring more difficult questions as well. We have made cybersecurity a staple feature of our plans so our customers are in a good place for obtaining a cyber insurance policy, but the truth is if cybersecurity has been on the back burner for your business, you may have a difficult time in 2022 and beyond finding an insurer that’s willing to cover you.

    As an idea of where to start before you go to obtain a cyber insurance policy, we’ve created this checklist of items you can begin to work on to put your business in a better position this year.

    Be Cyber Insurance Ready in 2022
    Click to grab the full size version.

    Many of the items listed are easy for even someone who’s not very tech savvy to tackle, but if you’d really like to protect your business from hackers this year, we suggest teaming up with a tech provider like Valley Techlogic.

    Cybersecurity is a core focus for our business, we will match your business with a cybersecurity framework that makes sense – for example CMMC for defense contractors, HIPAA for healthcare providers, NIST or CIS for small and medium sizes businesses of any industry – and use that framework to have a concrete game plan for making sure your networks and devices are impenetrable to bad actors. Learn more today with a quick consultation

    Looking for more to read? We suggest these other articles from our site.

    This article was powered by Valley TechLogic, IT service provider in Atwater, CA. You can find more information at https://www.valleytechlogic.com/ or on Facebook at https://www.facebook.com/valleytechlogic/ . Follow us on Twitter at https://x.com/valleytechlogic.