Ekaru Technology Advisor
April 2019
Welcome to this month's issue! The Technology Advisor provides technology advice, strategy, tips and trends to help you manage and grow your business... since 2001!
Tech Headlines

Here are some of the Tech Headlines we've selected for you:
Technology changes all the time.  We're always learning something new and we've selected a few headlines for you...

Security Un-Awareness:  Company suing employee for $138K for BEC Losses -  The company has decided that firing an employee who fell for a BEC (Business Email Compromise) scam is not enough and is suing its former employee for the losses.  They have described her actions as "careless and in breach of the duties-including the duty to exercise reasonable care in the course of the performance of her duties as an employee which she owed to her employer, the pursuer."  Her legal team says she never received any training on how to spot or watch out for this type of scam, and is asking the case to be dismissed.  Are you training your employees?  We strongly advise you have a training program in place.  At Ekaru, we all take an annual exam and do weekly micro training even though we work with these kind of threats all the time.   

Are you still running Windows 7 or Server 2008? -  This is a repeat message, but we want everyone to have a plan in place by June!  Microsoft will be ending support for Windows 7 and Server 2008 on January 14, 2020.  Microsoft made a commitment to provide 10 years of product support for Windows 7 when it was released on October 22, 2009. When this 10-year period ends, Microsoft will discontinue Windows 7 support so that they can focus their investment on supporting newer technologies.  This is a standard part of their product life cycle.   After January 14, 2020 technical assistance and automatic updates that help protect your PC and Server will no longer be made available for these products.  Your systems will no longer have security protection and will be out of compliance for all major security compliance requirements (MA Data Security Law, HIPAA, etc), so it's extremely important to be aware of this deadline and start the planning process now.  We can provide leasing to spread the payments over multiple years, so this doesn't have to be a big budget hit for 2019.     

Facebook Found to Host Cybercriminal Groups Trading Stolen Information - So the DarkWeb isn't just on the DarkWeb any more...   Facebook housed dozens of cybercriminal groups that set up shop on the platform as online marketplaces to sell a variety of illegal services, such as stolen credit card information, account theft and spamming tools, a team of researchers found.  Cisco Systems Inc.'s Talos security unit uncovered 74 groups with names like "Spam Professional" and "Facebook hack (Phishing)".  Those online marketplaces, which counted about 385,000 members, were quite easy to locate for anyone with a Facebook account.  Once a person joined one such group, Facebook's own algorithms would often suggest similar groups, making criminal hangouts easy to find, according to Talos.  Facebook confirmed the groups have been removed.      Read more on Bloomberg

This prolific phishing gang is back with new tactics to target executives  -   Business Email Compromise group has added to their massive database of CFOs and others to target and have adopted some new tricks. Just because you see some details that look familiar, don't get tricked!  Read more - ZD-Net

Microsoft Releases April Security Updates.  Security updates are released every month by Microsoft and we're posting this as a reminder that cybersecurity is an ever-changing landscape.  The US-CERT (United States Computer Emergency Readiness Team) website is a great resource for all cybersecurity news.  Technology changes and threats change all the time - security is an ongoing battle.  Additionally, security updates are required by law - MA Data Security Law, HIPAA, and other industry-specific regulations.   Read more at US-CERT

Michigan Medical Practice to Shutter after Hackers Delete Patient Files - The owners of Brookside ENT and Hearing Center have decided to shut down their practice and retire early following a ransomware attack, where they refused to pay the ransom, and the hackers deleted all patient data.  With HIPAA regulations this story isn't over.

Happy 60th Birthday to the word "Hack".  - April 5th marked the 60th birthday of the word "hack".  The broad definition of hack, commonly associated with disrupting technology, was also coined at MIT and quietly first appeared in the minutes of MIT's Tech Model Railroad Club (TMRC) 60 years ago on April 5, 1955.  Hacks' was the term applied to all manner of technology-based practical jokes.  The world has changed a lot, but its fun to read about the origins.  

New Sextortion Scams using Password Protected "Evidence" Files - You may already be aware of this type of threat, but new variations make them even scarier.  The attackers are using a lot of tricks to convince recipients that the threats are real and demand a payment.  We want to help raise awareness before you find one of these scary threats in your inbox.  Read more at BleepingComputer
     

Cybersecurity Webinar - View the Video

Did you miss Ekaru's security awareness webinar on March 28?  View the webinar recording on line.
61% of ransomware attacks are hitting small businesses, and the average recovery cost is $86,500 and climbing.
Cybersecurity - Why firewalls and security patches aren't enough
Cybersecurity - Why firewalls and security patches aren't enough
  
Stay tuned, we'll be hosting a lunch event in June.  Call Nancy at 978-692-4200 to get on the invitation list.  Here's what attendees had to say about past training sessions:

Today's session was just the "nudge"  I need to focus on security
Thanks, very helpful as always...
Thank you to you and the rest of the team for the great event this afternoon. 
Thank you!
Thank you  for the opportunity to work with you and be part of your digital life! 
Happy Spring! 

Ann Westerheim & The Ekaru Team