20 JULY 2021

RANSOMWARE RISK: STOP USING CONVENTIONAL EMAIL AND MESSAGING!

BY DAN LEW

Apologies for the shocking imagery, but imagine you just received and opened a file to see that picture on your screen.  Your day is now ruined, as you attempt to figure out what happened, and how to recover from ransomware.  Your business operations could be shut down.  Your company could lose millions of dollars and suffer severe damage to its brand, reputation and integrity.

 

It is a real threat and a number of serious breaches have recently occurred:

 

https://www.wfae.org/nation-world/2021-05-12/colonial-pipeline-shutdown-is-the-latest-in-wave-of-cyber-attacks

A vital gasoline pipeline was shut down for 6 days and caused major supply issues on the east coast.

 

https://www.bizjournals.com/nashville/news/2021/05/03/smiledirectclub-reveals-cybersecurity-incident.html

A major dentistry company lost millions of dollars as well as suffered a large drop in their share price.

 

https://www.usatoday.com/story/tech/2021/05/31/jbs-cybersecurity-attack-top-meat-supplier/5285566001/

The world’s largest meat supplier was forced to shut down its give biggest U.S. plants after a cyberattack.

 

https://9to5mac.com/2021/06/29/linkedin-breach/

92% of LinkedIn’s user data has been exposed, including inferred salary and contact information.

 

https://www.cbsnews.com/news/ransomware-attack-hackers-70-million-demand-1500-businesses/

As much as 1,500 businesses have been compromised by the massive July 4th ransomware attack.

 

 

HOW DOES THIS HAPPEN?

 

Ransomware affects a computer and networks they are attached to via a vulnerable point of entry.  There are four types of these points of entry:

 

(1) A malicious file attached to an email that is inadvertently opened by the receiver.

(2) A malicious file attached to an instant messaging application that is inadvertently opened by the receiver.

(3) A user visits an infected website and inadvertently downloads and installs the ransomware.

(4) Hackers gain access to an organization's network via a vulnerable server attached to the internet and install ransomware.

 

Ransomware and malicious viruses are spread via phishing emails or text messages that contain malicious attachments or when a user visits an infected website and downloads and installs malware without knowing.

 

When your email address and telephone number are known, you are a target for legitimate and illegal activities.

 

It is easy to find someone’s corporate email address.  For example, https://hunter.io/ is one such website that can find professional email addresses.  Additionally, your email may have been uncovered in a data breach at a service you may have used.  https://haveibeenpwned.com/ is a website that can determine if your email was uncovered in a data breach.  There are even professional companies like zoominfo.com that sell direct dial phone numbers and email addresses for sales lead generation:  https://page.zoominfo.com/intent-offer-default.  Once your email address is known, you can be targeted for legitimate marketing and sales activities and you can also be targeted by malicious hackers.

 

The recent LinkedIn breach is also likely to lead to a heightened level of phishing activity by targeting high net worth and influential executives.

 

But I have spam filters to protect me.

 

Spam filters can be effective and filtering algorithms have come a long way, but they are not perfect and can also block legitimate emails that you need to receive, so it becomes necessary to review spam or junk folders to make sure there are no legitimate emails that got erroneously filtered out.

 

But I have an antivirus program to protect me.

 

Antivirus programs work by detecting known threats and require constant updating of their antivirus program.  If a user hasn’t updated their antivirus software, it cannot detect newer threats and there are plenty of new ransomware variants that come out every week.  It’s also easy for a user to ignore antivirus warnings, click “OK” and then proceed to infect themselves and potentially their entire network.

 

STOP USING CONVENTIONAL EMAIL AND MESSAGING!

 

If being on an open communications platform where anyone that has your email address and phone number can contact you is the primary source of cybersecurity risk, then perhaps it is time to recognize that conventional email and messaging platforms are a breach waiting to happen and wasting time by forcing you to manage and sort through junk versus focusing on important communications immediately.  Furthermore, it has been well documented that many conventional “free” email and messaging content are parsed, analyzed and sold to third parties to develop targeted marketing campaigns based on what you read or send.

 

At Secured Communications, we recognize the inherent risks of an open communications platform and the problems that we are all reading about in the news regularly are not going to go away.  Until businesses and users realize they are all queued in the open communications cyber-slaughterhouse, it is just a matter of time until something bad happens.  It’s time to get off that line and onto a better system.

 

MERCURY

 

The vision for Mercury was to enhance the user design and interface for an established system, Artemis, we had already developed and is trusted by law enforcement, public safety, and counterterrorism organizations.  These are organizations who depend on reliable and secure communications to protect and to save lives.  With Mercury, we took a battle-tested system and made it user friendly for business users.

 

Mercury is a closed communications and collaboration platform where businesses and users needed to be vetted to be allowed on Mercury and for users to permission others to contact them.  By having a closed system, email is no longer needed.  Important communications are instantaneous via encrypted messaging and important data files are transferred and stored via encrypted cloud file sharing.  Voice and videoconference communications on Mercury are also secure via leading edge AES-256K encryption.  Mercury is also simple to use on PC, smartphone, or tablet.  Our business model is to collect a modest $1/day per user to provide our services.  We cannot read or eavesdrop on your communications.  We do not sell any of your information to third-party organizations and we do not get paid by advertisers.   We also provide a concierge service with live people to assist in onboarding and training.

 

THE PANDEMIC MAY BE OVER, BUT REMOTE/HYBRID WORKING IS HERE TO STAY SO LET’S MAKE IT BETTER!

 

Hopefully, the worst of the pandemic is over, but it is clear that many businesses will retain remote/hybrid work as their mode of operation.  During the pandemic, many businesses rushed to use whatever was easiest to maintain communications and to collaborate with employees.  As more cyber-breaches are occurring, it is paramount that businesses demand more security from their existing communications suppliers, recognize that the business models of some of these suppliers may operate in conflict with protecting privacy, or to consider viable alternatives like Mercury.

 

Daniel Lew is EVP of Strategic Alliances at Secured Communications. In his previous life, he was a uBreakiFix franchisee and dealt with many upset clients whose computers were compromised by viruses and ransomware.

SAN FRANCISCO | RENO TAHOE  | SYDNEY | LONDON

©2021 SECURED COMMUNICATIONS

  •  ALL RIGHTS RESERVED

Sustainability

EULA

SLA

SAN FRANCISCO | RENO TAHOE  | SYDNEY | LONDON

©2021 SECURED COMMUNICATIONS

  •  ALL RIGHTS RESERVED

20 JULY 2021

RANSOMWARE RISK: STOP USING CONVENTIONAL EMAIL AND MESSAGING!

BY DAN LEW

Apologies for the shocking imagery, but imagine you just received and opened a file to see that picture on your screen.  Your day is now ruined, as you attempt to figure out what happened, and how to recover from ransomware.  Your business operations could be shut down.  Your company could lose millions of dollars and suffer severe damage to its brand, reputation and integrity.

 

It is a real threat and a number of serious breaches have recently occurred:

 

https://www.wfae.org/nation-world/2021-05-12/colonial-pipeline-shutdown-is-the-latest-in-wave-of-cyber-attacks

A vital gasoline pipeline was shut down for 6 days and caused major supply issues on the east coast.

 

https://www.bizjournals.com/nashville/news/2021/05/03/smiledirectclub-reveals-cybersecurity-incident.html

A major dentistry company lost millions of dollars as well as suffered a large drop in their share price.

 

https://www.usatoday.com/story/tech/2021/05/31/jbs-cybersecurity-attack-top-meat-supplier/5285566001/

The world’s largest meat supplier was forced to shut down its give biggest U.S. plants after a cyberattack.

 

https://9to5mac.com/2021/06/29/linkedin-breach/

92% of LinkedIn’s user data has been exposed, including inferred salary and contact information.

 

https://www.cbsnews.com/news/ransomware-attack-hackers-70-million-demand-1500-businesses/

As much as 1,500 businesses have been compromised by the massive July 4th ransomware attack.

 

 

HOW DOES THIS HAPPEN?

 

Ransomware affects a computer and networks they are attached to via a vulnerable point of entry.  There are four types of these points of entry:

 

(1) A malicious file attached to an email that is inadvertently opened by the receiver.

(2) A malicious file attached to an instant messaging application that is inadvertently opened by the receiver.

(3) A user visits an infected website and inadvertently downloads and installs the ransomware.

(4) Hackers gain access to an organization's network via a vulnerable server attached to the internet and install ransomware.

 

Ransomware and malicious viruses are spread via phishing emails or text messages that contain malicious attachments or when a user visits an infected website and downloads and installs malware without knowing.

 

When your email address and telephone number are known, you are a target for legitimate and illegal activities.

 

It is easy to find someone’s corporate email address.  For example, https://hunter.io/ is one such website that can find professional email addresses.  Additionally, your email may have been uncovered in a data breach at a service you may have used.  https://haveibeenpwned.com/ is a website that can determine if your email was uncovered in a data breach.  There are even professional companies like zoominfo.com that sell direct dial phone numbers and email addresses for sales lead generation:  https://page.zoominfo.com/intent-offer-default.  Once your email address is known, you can be targeted for legitimate marketing and sales activities and you can also be targeted by malicious hackers.

 

The recent LinkedIn breach is also likely to lead to a heightened level of phishing activity by targeting high net worth and influential executives.

 

But I have spam filters to protect me.

 

Spam filters can be effective and filtering algorithms have come a long way, but they are not perfect and can also block legitimate emails that you need to receive, so it becomes necessary to review spam or junk folders to make sure there are no legitimate emails that got erroneously filtered out.

 

But I have an antivirus program to protect me.

 

Antivirus programs work by detecting known threats and require constant updating of their antivirus program.  If a user hasn’t updated their antivirus software, it cannot detect newer threats and there are plenty of new ransomware variants that come out every week.  It’s also easy for a user to ignore antivirus warnings, click “OK” and then proceed to infect themselves and potentially their entire network.

 

STOP USING CONVENTIONAL EMAIL AND MESSAGING!

 

If being on an open communications platform where anyone that has your email address and phone number can contact you is the primary source of cybersecurity risk, then perhaps it is time to recognize that conventional email and messaging platforms are a breach waiting to happen and wasting time by forcing you to manage and sort through junk versus focusing on important communications immediately.  Furthermore, it has been well documented that many conventional “free” email and messaging content are parsed, analyzed and sold to third parties to develop targeted marketing campaigns based on what you read or send.

 

At Secured Communications, we recognize the inherent risks of an open communications platform and the problems that we are all reading about in the news regularly are not going to go away.  Until businesses and users realize they are all queued in the open communications cyber-slaughterhouse, it is just a matter of time until something bad happens.  It’s time to get off that line and onto a better system.

 

MERCURY

 

The vision for Mercury was to enhance the user design and interface for an established system, Artemis, we had already developed and is trusted by law enforcement, public safety, and counterterrorism organizations.  These are organizations who depend on reliable and secure communications to protect and to save lives.  With Mercury, we took a battle-tested system and made it user friendly for business users.

 

Mercury is a closed communications and collaboration platform where businesses and users needed to be vetted to be allowed on Mercury and for users to permission others to contact them.  By having a closed system, email is no longer needed.  Important communications are instantaneous via encrypted messaging and important data files are transferred and stored via encrypted cloud file sharing.  Voice and videoconference communications on Mercury are also secure via leading edge AES-256K encryption.  Mercury is also simple to use on PC, smartphone, or tablet.  Our business model is to collect a modest $1/day per user to provide our services.  We cannot read or eavesdrop on your communications.  We do not sell any of your information to third-party organizations and we do not get paid by advertisers.   We also provide a concierge service with live people to assist in onboarding and training.

 

THE PANDEMIC MAY BE OVER, BUT REMOTE/HYBRID WORKING IS HERE TO STAY SO LET’S MAKE IT BETTER!

 

Hopefully, the worst of the pandemic is over, but it is clear that many businesses will retain remote/hybrid work as their mode of operation.  During the pandemic, many businesses rushed to use whatever was easiest to maintain communications and to collaborate with employees.  As more cyber-breaches are occurring, it is paramount that businesses demand more security from their existing communications suppliers, recognize that the business models of some of these suppliers may operate in conflict with protecting privacy, or to consider viable alternatives like Mercury.

 

Daniel Lew is EVP of Strategic Alliances at Secured Communications. In his previous life, he was a uBreakiFix franchisee and dealt with many upset clients whose computers were compromised by viruses and ransomware.

SAN FRANCISCO | RENO TAHOE  | SYDNEY | LONDON

©2021 SECURED COMMUNICATIONS

  •  ALL RIGHTS RESERVED

20 JULY 2021

RANSOMWARE RISK: STOP USING CONVENTIONAL EMAIL AND MESSAGING!

BY DAN LEW

Apologies for the shocking imagery, but imagine you just received and opened a file to see that picture on your screen.  Your day is now ruined, as you attempt to figure out what happened, and how to recover from ransomware.  Your business operations could be shut down.  Your company could lose millions of dollars and suffer severe damage to its brand, reputation and integrity.

 

It is a real threat and a number of serious breaches have recently occurred:

 

https://www.wfae.org/nation-world/2021-05-12/colonial-pipeline-shutdown-is-the-latest-in-wave-of-cyber-attacks

A vital gasoline pipeline was shut down for 6 days and caused major supply issues on the east coast.

 

https://www.bizjournals.com/nashville/news/2021/05/03/smiledirectclub-reveals-cybersecurity-incident.html

A major dentistry company lost millions of dollars as well as suffered a large drop in their share price.

 

https://www.usatoday.com/story/tech/2021/05/31/jbs-cybersecurity-attack-top-meat-supplier/5285566001/

The world’s largest meat supplier was forced to shut down its give biggest U.S. plants after a cyberattack.

 

https://9to5mac.com/2021/06/29/linkedin-breach/

92% of LinkedIn’s user data has been exposed, including inferred salary and contact information.

 

https://www.cbsnews.com/news/ransomware-attack-hackers-70-million-demand-1500-businesses/

As much as 1,500 businesses have been compromised by the massive July 4th ransomware attack.

 

 

HOW DOES THIS HAPPEN?

 

Ransomware affects a computer and networks they are attached to via a vulnerable point of entry.  There are four types of these points of entry:

 

(1) A malicious file attached to an email that is inadvertently opened by the receiver.

(2) A malicious file attached to an instant messaging application that is inadvertently opened by the receiver.

(3) A user visits an infected website and inadvertently downloads and installs the ransomware.

(4) Hackers gain access to an organization's network via a vulnerable server attached to the internet and install ransomware.

 

Ransomware and malicious viruses are spread via phishing emails or text messages that contain malicious attachments or when a user visits an infected website and downloads and installs malware without knowing.

 

When your email address and telephone number are known, you are a target for legitimate and illegal activities.

 

It is easy to find someone’s corporate email address.  For example, https://hunter.io/ is one such website that can find professional email addresses.  Additionally, your email may have been uncovered in a data breach at a service you may have used.  https://haveibeenpwned.com/ is a website that can determine if your email was uncovered in a data breach.  There are even professional companies like zoominfo.com that sell direct dial phone numbers and email addresses for sales lead generation:  https://page.zoominfo.com/intent-offer-default.  Once your email address is known, you can be targeted for legitimate marketing and sales activities and you can also be targeted by malicious hackers.

 

The recent LinkedIn breach is also likely to lead to a heightened level of phishing activity by targeting high net worth and influential executives.

 

But I have spam filters to protect me.

 

Spam filters can be effective and filtering algorithms have come a long way, but they are not perfect and can also block legitimate emails that you need to receive, so it becomes necessary to review spam or junk folders to make sure there are no legitimate emails that got erroneously filtered out.

 

But I have an antivirus program to protect me.

 

Antivirus programs work by detecting known threats and require constant updating of their antivirus program.  If a user hasn’t updated their antivirus software, it cannot detect newer threats and there are plenty of new ransomware variants that come out every week.  It’s also easy for a user to ignore antivirus warnings, click “OK” and then proceed to infect themselves and potentially their entire network.

 

STOP USING CONVENTIONAL EMAIL AND MESSAGING!

 

If being on an open communications platform where anyone that has your email address and phone number can contact you is the primary source of cybersecurity risk, then perhaps it is time to recognize that conventional email and messaging platforms are a breach waiting to happen and wasting time by forcing you to manage and sort through junk versus focusing on important communications immediately.  Furthermore, it has been well documented that many conventional “free” email and messaging content are parsed, analyzed and sold to third parties to develop targeted marketing campaigns based on what you read or send.

 

At Secured Communications, we recognize the inherent risks of an open communications platform and the problems that we are all reading about in the news regularly are not going to go away.  Until businesses and users realize they are all queued in the open communications cyber-slaughterhouse, it is just a matter of time until something bad happens.  It’s time to get off that line and onto a better system.

 

MERCURY

 

The vision for Mercury was to enhance the user design and interface for an established system, Artemis, we had already developed and is trusted by law enforcement, public safety, and counterterrorism organizations.  These are organizations who depend on reliable and secure communications to protect and to save lives.  With Mercury, we took a battle-tested system and made it user friendly for business users.

 

Mercury is a closed communications and collaboration platform where businesses and users needed to be vetted to be allowed on Mercury and for users to permission others to contact them.  By having a closed system, email is no longer needed.  Important communications are instantaneous via encrypted messaging and important data files are transferred and stored via encrypted cloud file sharing.  Voice and videoconference communications on Mercury are also secure via leading edge AES-256K encryption.  Mercury is also simple to use on PC, smartphone, or tablet.  Our business model is to collect a modest $1/day per user to provide our services.  We cannot read or eavesdrop on your communications.  We do not sell any of your information to third-party organizations and we do not get paid by advertisers.   We also provide a concierge service with live people to assist in onboarding and training.

 

THE PANDEMIC MAY BE OVER, BUT REMOTE/HYBRID WORKING IS HERE TO STAY SO LET’S MAKE IT BETTER!

 

Hopefully, the worst of the pandemic is over, but it is clear that many businesses will retain remote/hybrid work as their mode of operation.  During the pandemic, many businesses rushed to use whatever was easiest to maintain communications and to collaborate with employees.  As more cyber-breaches are occurring, it is paramount that businesses demand more security from their existing communications suppliers, recognize that the business models of some of these suppliers may operate in conflict with protecting privacy, or to consider viable alternatives like Mercury.

 

Daniel Lew is EVP of Strategic Alliances at Secured Communications. In his previous life, he was a uBreakiFix franchisee and dealt with many upset clients whose computers were compromised by viruses and ransomware.

SAN FRANCISCO | RENO TAHOE  | SYDNEY | LONDON

©2021 SECURED COMMUNICATIONS

  •  ALL RIGHTS RESERVED

Sustainability

EULA

SLA