Coleman Technologies Blog

Give Me the Short Answer - What’s Phishing?

Phishing is where you get an email that looks like an actual legit email. The goal that a cybercriminal has is to trick you into giving them a password or access to an account (like to PayPal, Facebook, or your bank) or to get you to download malware.

The problem with phishing emails is how real they can seem. A phishing attempt for your PayPal information can look just like an everyday email from PayPal.

Even worse, often phishing emails try to sound urgent. They make you feel like you have to take action quickly, or that a bill is overdue, or that your password has been stolen. This can lower the user’s guard, and force them into a sticky situation.

How to Spot a Phishing Attack

Like I said, it’s not always going to be obvious when you get phished. Even careful, security-minded, technical people can fall victim because phishing is just as much of a psychological attack as it is a technical one.

Still, there are some practices you and your staff should use:

Always Use Strong, Unique Passwords

This can solve a lot of problems from the get-go. If your PayPal account gets hacked, and it uses the same password as your email or your bank account, then you may as well assume that your email and bank account are infiltrated too. Never use the same password across multiple sites.

Check the From Email Address in the Header

You’d expect emails from Facebook to come from This email address is being protected from spambots. You need JavaScript enabled to view it., right? Well, if you get an email about your password or telling you to log into your account and it’s from This email address is being protected from spambots. You need JavaScript enabled to view it., you’ll know something is up.

Cybercriminals will try to make it subtle. Amazon emails might come from This email address is being protected from spambots. You need JavaScript enabled to view it. or emails from PayPal might come from This email address is being protected from spambots. You need JavaScript enabled to view it.. It’s going to pay off to be skeptical, especially if the email is trying to get you to go somewhere and sign in, or submit sensitive information.

Don’t Just Open Attachments

This is nothing new, but most malware found on business networks still comes from email attachments, so it’s still a huge problem. If you didn’t request or expect an email attachment, don’t click on it. Scrutinize the email, or even reach out to the recipient to confirm that it is safe. I know it sounds silly, but being security-minded might build security-mindfulness habits in others too, so you could inadvertently save them from an issue if they follow your lead!

Look Before You Click

If the email has a link in it, hover your mouse over it to see where it is leading. Don’t click on it right away.

For example, if the email is about your PayPal account, check the domain for any obvious signs of danger. Here are some examples:

• Paypal.com - This is safe. That’s PayPal’s domain name.
• Paypal.com/activatecard - This is safe. It’s just a subpage on PayPal’s site.
• Business.paypal.com - This is safe. A website can put letters and numbers before a dot in their domain name to lead to a specific area of their site. This is called a subdomain.
• Business.paypal.com/retail - This is safe. This is a subpage on PayPal’s subdomain.
• Paypal.com.activecard.net - Uh oh, this is sketchy. Notice the dot after the .com in PayPal’s domain? That means this domain is actually activecard.net, and it has the subdomain paypal.com. They are trying to trick you.
• Paypal.com.activecardsecure.net/secure - This is still sketchy. The domain name is activecardsecure.net, and like the above example, they are trying to trick you because they made a subdomain called paypal.com. They are just driving you to a subpage that they called secure. This is pretty suspicious.
• Paypal.com/activatecard.tinyurl.com/retail - This is really tricky! The hacker is using a URL shortening service called TinyURL. Notice how there is a .com later in the URL after PayPal’s domain? That means it’s not PayPal. Tread carefully!

Keep in mind, everyone handles their domains a little differently, but you can use this as a general rule of thumb. Don’t trust dots after the domain that you expect the link to be.

Training and Testing Go a Long Way!

Want help teaching your staff how to spot phishing emails? Be sure to reach out to the IT security experts at Coleman Technologies. We can help equip your company with solutions to mitigate and decrease phishing attempts, and help educate and test your employees to prepare them for when they are threatened by cybercriminals.

Chances are your business has a social media presence in at least some capacity, as it’s a good way to drive traffic to your business. However, hackers want to leverage this benefit against you. A new malware specifically targets Facebook business accounts to launch malicious advertisement campaigns using your own money against you.

Budget Tracking Templates Gone Wrong

Imagine that you are presented with a free budgeting spreadsheet that you can open up in Microsoft Excel or Google Sheets. Sounds like a pretty good deal, right? Well, in most cases, it is going to be too good to be true, and most cases involving the aforementioned Facebook threat involve a tool just like this. The tool markets itself to business page admins through Facebook Messenger, and while it might seem like a good resource at first glance, it’s far from it.

Once the user opens the file, the malware called “NodeStealer” installs. It can sometimes come bundled with other threats that steal cryptocurrency, disable Microsoft Defender, and other issues. The primary threat, however, is the one that steals your social media credentials, specifically your Facebook business account. It will gain access to your accounts to deploy ads using your financial information to foot the bill. These ads are designed to spread more malware.

Have you ever tried to reclaim access to a Facebook account? If so, you know exactly the type of pain to expect, and hackers are taking advantage of the social media website’s lackluster support options to prolong your suffering.

Here’s How to Dodge This Threat

If you’re aware of the threat, you’ll be more likely to think twice before committing to the click. If someone starts to randomly offer you free resources, you should always do your research before indulging them with your trust. If it looks suspicious, chances are you should be careful around it.

Implementing multi-factor authentication is another effective tool to secure your Google, Facebook, Microsoft, LinkedIn, and Twitter/X accounts. In fact, if you can implement MFA for any account, you absolutely should. The additional layer of security might just save your bacon one of these days.

Finally, if you think that one of your systems has been breached or compromised, you need to take swift action. Change all of your passwords and notify the appropriate parties. There’s no good that can come from sweeping it under the rug.

Coleman Technologies can help you secure your business. Find out how by calling us at (604) 513-9428.

What is Social Engineering?

Think of it like this: online, you have some type of social currency. Your personal information, your data, your interactions, your profiles, they all add up to your online life. If someone were to use that information to trick you into providing them access to your secure online accounts, you would be the victim of a social engineering attack. 

Basically, a hacker uses what amounts to the fundamentals of human psychology to gain unauthorized access to an account. Rather than exploiting a vulnerability within a system’s technology, a social engineer will take advantage of the human resources to gain access through relatively simple psychology.

Successful social engineering can be the result of many different actions. Some include: carelessness by an individual, perceived kindness, reaction to fear, and business as usual. Let’s take a look at these actions and how social engineering schemes work as a result.

Individual Carelessness

When there is a lack of diligence carried out by an individual, there are openings for a social engineering attack. This includes trash thrown out with information on it, keeping login credentials out in the open, and other careless actions. It’s important that you and your staff understand that the best practices of password protection, such as using a password manager, are crucial to maintaining the integrity of your company’s network and infrastructure.

Perceived Kindness

Many people won’t think twice about helping someone that asks for help. Social engineering attackers take advantage of the better angels of our nature, by using people’s helpfulness to gain access to secure computing resources. Any person can fall for this type of attack. This is why we stress that in order to keep your digital and physical resources secure, a critical eye for potential intrusion works. That doesn’t mean you have to be a jerk, but if a situation is presented to you that’s out of the ordinary, take anyone’s helplessness with a grain of salt.

Business as Usual

When we picture a hacker, we all tend to think about them the same way. They are brooding people sitting in a dark room typing away at a computer. In social engineering attacks, this couldn’t be further from the truth. A popular social engineering tactic is to gain physical access to a large business--where there are often a lot of moving parts--and then spend time at the business looking for ways into secure digital environments. This could also include straight hatchet jobs, where your employees would help people outside of your business sabotage your access control systems. 

Reaction to Fear

Finally, fear is one of the best motivators. By striking fast and threatening all types of negative consequences if a worker doesn’t help them get into a secure computing system, this kind of cyberattack can be a major problem. 

Coleman Technologies Can Help Protect Your Business

If you are looking to secure your network from cyberattacks, including social engineering, the IT professionals at Coleman Technologies can help. Call us today at (604) 513-9428 to learn more about how we can help you with the training you need to keep social engineering from causing problems for you.

What’s the Exploit and Who Does It Affect?

The vulnerability in the CISA’s emergency directive affects all supported Windows Server operating systems. It’s been named Zerologon, and If left unpatched, it could allow an unauthenticated threat actor to gain access to a domain controller and completely compromise your network’s Active Directory services. The vulnerability gets its name because all the hacker has to do is send a series of Netlogon messages with the input fields filled with zeroes to gain access. 

Once in, this essentially gives the hacker a lot of control over your network, and it’s a publicly available exploit (since Microsoft has released a patch for it) which means cybercriminals will be taking advantage of it. The attacker doesn’t need any user credentials to use this exploit.

If your business network is running Windows Server, you need to have updates applied to your servers to ensure that this vulnerability is patched. If you aren’t actively keeping all the devices on your network maintained with the latest updates and security patches, you are essentially leaving the front door wide open.

The Department of Homeland Security (the parent department of the CISA), has issued a directive for all government agencies in the United States that they have until today (September  21st) to apply the patch, to prevent giving hackers control over federal networks. This means all state and local government agencies are required to apply this today and report back to the CISA. Not having this patch installed will also affect other compliance standards throughout other industries, and of course, leave your business and your data at high-risk of a breach. It is highly recommended to apply this patch today, as soon as possible, regardless of the industry you are in. We can’t stress this enough. Apply this patch as soon as humanly possible.

The Good News

If you have an active managed IT services agreement with Coleman Technologies that covers the maintenance of your Windows Servers, you have likely already received the patch, or will be having it installed today. The patch was released by Microsoft as part of their August 2020 Patch Tuesday Update.

If you don’t have an agreement with us, or you aren’t sure if your agreement covers fixing the Zerologon vulnerability, we urge you to reach out to us by calling (604) 513-9428. This is definitely not something you want to risk.

The Department of Homeland Security and the US Cybersecurity and Infrastructure Security Agency don’t issue emergency directives casually. This needs to be taken seriously for all businesses and organizations.

If you need help, or you are unsure about how to protect your organization from the Zerologon vulnerability, don’t hesitate to reach out to Coleman Technologies at (604) 513-9428.

Spoiler Alert: Macs Do, in Fact, Get Malware

Not to be juvenile about it, but duh. A computer produced by Apple can just as easily be infected by malware and ransomware, just as they can also experience any of the other problems that a PC user would. Hardware failure, slowing with age, crashes, data loss—these and so many other issues can be seen in a Mac.

So, where do we get the widespread opinion that Macs are somehow immune to the issues that Windows devices suffer from?

In short, advertising. Over the years, Apple has had some brilliant advertising campaigns behind it, from the classic “1984” ad that ran during Super Bowl XVIII to the brief clip of John Malkovich talking to Siri. One particular campaign, however, helped to really push the idea that Macs aren’t susceptible to computer viruses.

The “Hello, I’m a Mac” campaign starred John Hodgman as the beleaguered PC, constantly coming up short when compared to Justin Long’s Mac in a total of 66 spots. One of the most famous of these bits outlined how Macs didn’t have to worry about viruses—amongst many, many others over the four years that these ads ran.

In all fairness, these ads were truthful enough. Massive amounts of new viruses are created to attack the Windows system each year, many of them leaving Macs unimpacted. While in fairness, Macs do get viruses, there are far more variants out there that target PCs.

The question is, why?

There are Far More PCs Than Macs, for One

Back in 2018, there was only one Mac for every ten active PCs online. Therefore, if about 90 percent of computers run on Windows, it only makes sense that there would be more viruses focused on Windows.

PCs are the predominant choice for businesses and industries, schools and universities, and home users alike.

To be fair, there isn’t really anything inherently wrong with Macs. Apple’s laptops and desktops are very capable devices. The difference comes from third-party developers. Many business-oriented core applications just don’t have Mac versions, and Apple doesn’t have the low-tier hardware options that are available with the Windows platform. So, when your billing department and your video department have very different needs, there isn’t a reason for you to spend the amount that a high-end Mac costs when a mid-range PC would do the job.

At the end of the day, a Mac and a PC at the same price tier are going to be effectively the same. The big difference is your preference and what your business works best with. Of course, we also have to say that Macs can have some difficulty integrating with a network designed for the PC and the software that most businesses prefer to use.

Mac Users Aren’t Off the Hook

While the fewer number of viruses targeting them has made it seem as though a Mac is the more secure choice of computer, the environment is changing. Malwarebytes recently reported that Mac malware is outpacing PC malware for the first time. The report also states that, between 2018 and 2019, threats to Macs increased by 400 percent.

Of course, it should also go without saying that the type of computer one uses shouldn’t impact that person’s security awareness and hygiene. Macs and PCs alike need to have antivirus and other protections installed, secured by strong passwords by users who understand that risk has no brand loyalty.

At Coleman Technologies, we are very aware of the importance of your business’ security and can assist you in protecting your endpoints and educating your users. To learn more about what we can do, reach out to us by calling (604) 513-9428.

Nowadays, it is crucial that you make security a top priority. With the right approach, it not only saves you massive headaches, but also a considerable amount of capital—particularly if you leverage the appropriate solutions for SMBs. As a managed service provider, we can ensure that you implement the appropriate IT solutions to maximize the return on your security investment.

The best security solutions will make sure that you are exposed to minimal security risks as you go about the workday. Here are just a few security best practices and technologies that can save your business time, energy, and money.

Firewalls to Defend Your Network

Network security is incomplete without a robust firewall solution to protect your infrastructure. A firewall is a digital shield that safeguards your company’s network from external threats. It analyzes traffic into and out of your infrastructure. It keeps threats from sneaking through, thereby minimizing the opportunity for a data breach and potential financial loss from fines and damage control. Trust us when we say the best way to address a security breach is to be proactive about it and prevent it entirely.

Regular Security Audits to Leave No Stone Unturned

When you’re sick, you go to the doctor. When your car breaks down, you go to the mechanic. When your technology fails, you see your local managed service provider. These are all “reactive” approaches to maintenance, whether for your body, vehicle, or IT. When it comes to security, you want to take a proactive approach, though, and conduct security audits every so often to address potential issues before they become serious problems. Again, preventing problems from escalating saves you money, so it never hurts to be overly prepared.

Employee Education to Supplement Technology Solutions

What happens when a hacker cannot break through your technology solutions? Rather than brute forcing their way through to your infrastructure, they will take the path of least resistance by targeting your employees with phishing scams and other unethical tactics. You must provide routine security training to reduce the risk of human error. While it might take time out of their days, it will go a long way toward mitigating the risk of a data breach.

Get Started Today with Proactive Security Solutions

All it takes to break your budget is one single data breach. Don’t let your business suffer even that! Take advantage of our managed services to give your business the security solutions it deserves. To learn more, call Coleman Technologies today at (604) 513-9428.

One of the best things about the move towards streaming in media is that since people love watching real-life stories, studios have committed to creating documentary content that provides interesting perspectives. Many people don’t have a comprehensive understanding of technology, especially as it relates to real-world situations, so dramatized documentaries can be a good source of information. Today, we’re going to go through three riveting technology documentaries that are available on streaming services.

The Social Dilemma (2020)
Social media is one of the most important technologies developed over the past couple of decades. As with any transformative technology, the practices developed early on by developers to monetize seemingly “free” services have a major impact on users and the monstrous social media space as a whole. A saying that is repeated several times throughout the movie is, “If you’re not paying for the product, you are the product.”

The filmmakers use one-on-one interviews as well as actors who play roles that are supposed to represent an average family and their use of social media. This gives the viewer multiple perspectives to understand the documentary's central theme: that social media is a new market with a much different business plan than any other that has come before it: what is called surveillance capitalism. 

The documentary does an amazing job of explaining how social media negatively affects personal value, society, and other issues without the billions of users on these platforms even knowing that they are being manipulated at every turn. The Social Dilemma was directed by Jeff Orlowski and is available for streaming on Netflix. 

The Great Hack (2019)
The Great Hack isn’t about hackers, per se. It’s about the case of Cambridge Analytica, a company set up to mine data and manipulate people into changing how they look at the world. Centered around a pair of whistleblowers, the documentary tells the story about how the company unethically obtained a load of Facebook data to provide powerful clients the information they required to manipulate public policy.

The scandal was at the heart of the 2016 U.S. Presidential election and the British exit from the European Union (Brexit). The Great Hack sheds light on the ethical implications of data privacy breaches and the dangers of unchecked data manipulation through interviews with former employees, whistleblowers, journalists, and academics. The film raises important questions about the power of technology companies, the role of social media in shaping public opinion, and the need for greater transparency and regulation of these massive technology companies. 

The Great Hack was directed by Karim Amer and Jehane Noujaim and is available for streaming on Netflix. 

Deep Web (2015)
The Internet is much larger than the typical person experiences. Alex Winter, one of the great documentary filmmakers of contemporary cinema, explores the deep web in his 2015 film of the same name. The film features many issues, including the ethical use of technology, the dissolution of the Silk Road, a notorious illicit marketplace found on the deep web, and Bitcoin, the infamous cryptocurrency so often used in cybercrime.

The film explores the events leading up to the trial of Ross Ulbricht, the originator of the Silk Road, through the lens of his capture, the trial, and the immediate aftermath. In doing so, it serves as a historical account of what would soon be a common enough occurrence to be a part of the zeitgeist.

Deep Web was directed by Alex Winter and is available for streaming on Amazon Prime.

This is just a taste of the many documentaries discussing today’s technology and its intricacies in daily life. We encourage you to view these titles and continue exploring to learn more.

Monitoring Employees Without Their Knowledge

We figured it would be most appropriate to discuss the no-go option first, which would be to start monitoring your employees without their knowledge or consent. As you would imagine, this is the shadier side of the monitoring spectrum, and is actually illegal in most cases. Unless you have reason to believe an employee is actively acting out and are investigating them, you are not allowed to use monitoring software to keep an eye on your team without telling them.

So, as much as I hate to have to say it, don’t do that. Instead, inform your team of your intention to monitor their systems, what you will be monitoring, and—most crucially—why. This is the real key. Transparency is the most important thing to have with your employees. Studies have even shown that this kind of transparency makes your team more comfortable with these kinds of arrangements.

Monitoring Employees While They Aren’t Working

Again, with so many employees working remotely, it may be tempting for many employers to just continue monitoring these devices even after work hours have ended. It’s one less thing to worry about that way, right?

Wrong. 

What if the employee ends their day or takes a break, and decides to log into their bank account to check in on their finances? You could easily capture sensitive information without meaning to, putting you on the hook in the legal sense. To avoid this, you have a few options you can exercise. Your first option is to simply ban employees from using work technology for personal matters. Your second option is to enable your team members to turn off the monitoring software when they are not actively working.

Not Making Use of Your Monitoring Data

A big part of ethically monitoring your employees comes down to your intent, your motivation for doing so. Are you looking to improve productivity by identifying inefficiencies and bottlenecks? Great. Are you ensuring that there are no data leaks that need to be mitigated? Fantastic. Are you simply using it to make sure that your employees are at their desks working? There are better ways to account for that.

Employee monitoring should always be a means, not the end. Whenever you implement it, it needs to be in service of a specific goal. When used in this way, and not just because you want to keep a closer eye on your team, it can bring some significant benefits.

Coleman Technologies can help bring these benefits and more to your operations. To find out how our team can help you implement and manage the technology your business needs supporting it, give us a call at (604) 513-9428 today.

Have you ever suspected that a hacker could silently observe your email interactions with your clients and your staff? If you manage your own email infrastructure, we want to highlight the importance of email encryption. Encryption keeps your business’ email communications secure and compliant so you can worry less about security and privacy to focus more on running your business.

Here are three potential consequences of failing to encrypt your email communications.

Regulatory Fines

The big one to consider is that you’ll be charged out the wazoo in regulatory and compliance fines for failing to protect sensitive information.

Think about it; how much sensitive information is exchanged by email at your business? Even if it’s not directly included in the body of the email, how many attachments are sent that contain personal or sensitive information? Without encryption, any onlooker could easily pluck this data out of your inbox and use it for nefarious purposes.

And whenever you breach the security and privacy of others, you’re sure to get slapped with serious fines that can break your budget and jeopardize your business for the foreseeable future.

Negative Public Relations

What would your customers and clients think if they found out you don’t encrypt your email?

Never underestimate the power of a bad review or a local op-ed in the paper about how you don’t take security seriously. If potential clients are informed of a reason not to work with you—especially one related to security and privacy—they will consider other options, period. Worse yet, your current customers could jump ship and go work with one of your competitors, which directly impacts your bottom line and profits.

Seriously, who wants to work with a business that doesn’t take security seriously? Not me; that’s for sure.

Loss of Intellectual Property

What would you do if your biggest competitors had access to the tech and strategies that make your business what it is?

If your business has industry secrets or intellectual property to maintain, you really do need email encryption to ensure communications pertaining to those secrets are not leaked to competitors. Otherwise, you run the risk of ideas, thoughts, patents, and other IP falling into the hands of people who will steal your clientele. Worse yet, you might end up fighting prolonged legal battles and paying exorbitant fines due to these legal battles over your IP, which nobody wants.

Protect what’s yours with email encryption before it inevitably is no longer yours.

Coleman Technologies can work with your business to encrypt your email communications and keep your company’s messages safe. Learn more by calling us today at (604) 513-9428.

Let’s start with where we are now. History is best told on a timeline, so let’s start from the present. Cybercrime today is profiting over $1.5 trillion each year, and that figure continues to climb. Some have predicted that this figure will nearly quadruple by 2021. Security breaches are up by 67 percent over just the past five years.  

How is this figure climbing so quickly? Well, let’s examine the most popular form of cybercrime: phishing. The method that cybercriminals are using are able to deploy all types of malware, yet also has data-stealing abilities. Whether that data is your sensitive personal information, or login credentials to your bank account, phishing gives a cybercriminal direct access. The worst part for people who have fallen victim, is until something dramatic happens, they are clueless that they have even become a victim. Phishing attacks have led to billions of records being exposed, stolen, or corrupted each year.

Cybercrime has become a real concern for all business owners. So how did all of this start?

The Beginning 

This information Coleman Technologies is about to reveal may be hard to believe, but cybercrime was Bob’s fault. This trillion-dollar criminal trend is the result of a research project held by a man named Bob Thomas. Bob Thomas made the observation that a program is able to move across a computer network, leaving a trail behind. He then proceeded to write a code that was named “Creeper”. This code resulted in a program that was designed to travel between Tenex terminals on the ARPANET. The message that came across? “I’M THE CREEPER : CATCH ME IF YOU CAN”. 

The research project sparked the attention of email inventor Ray Tomlinson. Tomlinson altered this program into a self-replicating one. This resulted in the first computer worm. Immediately after this discovery, he wrote an additional code which was titled “Reaper”. This chased down the Creeper code, and deleted it; which resulted in what was effectively the first antivirus software. 

So how did Bob’s experiment start all of this? Well, in the 1980s Soviet hackers considered the applications of this experiment. Academics designed applications that could be used to infiltrate other networks. This ideology quickly spread, and in 1986 German hacker Marcus Hess hacked into an internet gateway which was hosted at the University of California at Berkeley. This hacked connection was then used to piggyback onto the ARPANET. He hacked into a total of 400 computers, including mainframes hosted at the pentagon. 

How did this turn into such a profitable “business”? Hess planned on selling the secrets found on these computers to the Soviet KGB. Before he was able to do so, he was caught by the group effort put forth by the FBI and the West German government. His conviction was the first of its kind -- cybercriminal activity sentencing. The abnormality of the case resulted in a 20-month suspended sentence. 

At the same time as this was occurring, computer viruses started to become a serious threat. With the exponential growth of the internet, there were more connections that viruses could infect. The virus started to become a real problem.

The Middle

In 1988, Robert Morris woke up and decided he wanted to see just how big the internet had become. Morris, a software engineering student at Cornell University, wrote a program designed to spread across various networks, work themselves into Unix terminals, and begin replicating. The software replicated so quickly that it actually slowed down the early Internet, which caused major carnage. This carnage become known as “the Morris Worm”. Morris’ worm resulted in the formation of the Computer Emergency Response Team, known as US-CERT today. Morris was the first person convicted under the Computer Fraud and Abuse Act (CFAA). This act was introduced with the intentions to protect against unauthorized access. 

After Morris’ worm was handled, viruses began being developed at an absurd rate. The antivirus industry, which started in 1987, began to grow as a result. By the time the Internet was an accessible user-product in the 1990s, dozens of solutions were available to prevent devices from being infected. These solutions scanned the binaries on a computer, and tested them against a database of known virus-code. There were major problems with this protection method, such as the abundance of false positives. They also had a tendency to use a lot of the systems’ resources to scan for these viruses. Remember how slow dial-up used to feel? Your anti-virus could have been the culprit. 

The mid-90’s to late-2000’s were a prospering time for the world of viruses. While the figure was estimated to be a few thousand known viruses in the mid 90’s, that figure was estimated to be around five million by 2007. These different malware strains were either worms, viruses, trojan horses, or other forms. By 2014, 500,000 different types of strains were being created daily. This time truly was the malware boom. 

Who was stopping this boom? Well, nobody. Cybersecurity professionals needed to make an effort. Antivirus solutions simply couldn’t keep up, and while they might detect malware, they had a hard time preventing it. Innovations in cybersecurity developed quickly. First, endpoint protection platforms (EPP) that didn’t just scan for known code, they also scanned for code similarities. This meant that unknown viruses could be detected.

The End?

With advanced malware defeating endpoint protection regularly, it was time to further innovate cybersecurity measures. The timeline innovators had was cut short with the deployment of WannaCry. WannaCry was, at this point, the most devastating piece of malware that existed. WannaCry even shook the world of the most capable security professionals. It encrypted the data on a computer and forced the computer owner to pay in Bitcoin to regain access to these files. This deployment sparked an explosive increase in the cybersecurity industry. It was time for cybersecurity to surpass the capabilities of cybercriminals, instead of being constantly behind.

The only way anyone was able to determine if they were being infiltrated was to have a transparent network. Administrators began using endpoint threat detection and response (EDR) services to monitor their networks. This solution is still cutting edge by today’s standards. While this isn’t the end for cybersecurity, EDR services are extremely capable of keeping malware out of your network. 

If you would like to learn more about cybersecurity, or are interested in keeping your business’ data safe, call Coleman Technologies today. Our professionals can be reached by calling (604) 513-9428.

As the threat landscape gets more concentrated with serious cyberthreats, new next-generation firewalls (NGFWs) have been developed to help stem the tide of negative outcomes that result from cyberattacks. An NGFW is an advanced network security device or software solution that combines traditional firewall capabilities with additional features and functionalities designed to provide enhanced protection and visibility into network traffic. NGFWs are designed to address the evolving and sophisticated nature of cyberthreats, including malware, intrusion attempts, and other malicious activities.

Key Features of NGFWs

• Application Awareness - These new firewalls can identify and control applications and services at the application layer. This allows them to make access decisions based on the specific applications or services being used, rather than just IP addresses and port numbers.
• Intrusion Prevention System - NGFWs often incorporate intrusion prevention capabilities, which help detect and prevent known and unknown threats by inspecting traffic for malicious patterns and signatures.
• User and Identity Awareness - These firewalls can associate network traffic with specific users or devices, enabling user-based policies and monitoring.
• Content Filtering - NGFWs can filter web content to block or allow specific types of websites, ensuring that organizations can enforce acceptable use policies and protect against malicious content.
• Advanced Threat Protection - Many NGFWs include features like antivirus, anti-malware, and sandboxing to detect and block advanced threats, including zero-day attacks.
• VPN Support - NGFWs often support Virtual Private Network (VPN) functionality, allowing secure remote access and site-to-site connectivity.
• Security Intelligence - Incorporating threat intelligence feeds and databases to keep up with emerging threats, NGFWs can update their security policies accordingly.
• Granular Control - Administrators can define granular policies for network traffic, specifying what is allowed and what is denied, based on various attributes such as application, user, content type, and more.
• Logging and Reporting - NGFWs offer robust logging and reporting capabilities to provide visibility into network activities, which can aid in incident response and compliance reporting.
• Scalability and Performance - NGFWs are designed to handle high volumes of traffic and offer scalable performance to accommodate the needs of large enterprises.

NGFWs are a crucial component of modern network security infrastructure, helping organizations protect their networks and data from a wide range of threats while maintaining control and visibility over network traffic. That is why it is so important to keep your firewalls, next-gen or not, updated with the latest threat definitions to ensure that you are getting the stated value out of it.

If you would like to learn more about outfitting your business with NGFWs, give the IT professionals at Coleman Technologies a call today at (604) 513-9428.

Today, it’s not enough to have an antivirus or firewall. You need solutions designed to actively protect your network and data from those that are actively trying to gain access to them. So while it may not be enough, making sure that your firewall and antivirus software are updated with the latest threat definitions, and that your other solutions like spam blocking and virtual private networks are being utilized properly, can set you up for success. Let’s look at four additional strategies that extend traditional cybersecurity into the modern age. 

Network Monitoring

Network monitoring is a solid strategy that will allow you to keep tabs on what is happening on your network. Today, there are remote monitoring tools that feature cutting-edge automated features designed to ensure that if something is funky on your network, or with your infrastructure, that you know about it before it becomes a major problem. Your IT support team should be outfitted with these tools as active monitoring may be the only strategy that can truly keep your network and infrastructure secure. 

Mobile Device and Endpoint Management

More businesses were relying on remote workers anyway, but with the COVID-19 pandemic that number has risen by several hundred percent. Mobile device management allows an organization to control the access each mobile user has to company resources, which applications employees can access on the network, while also providing control over the flow of mobile data. Securing endpoint access can go a long way toward protecting organizational computing resources from possible threats that users may have on their remote computers.

Security Training and Management

Today’s biggest threats often come into a network from user mistakes or negligence. In order to mitigate these instances, ensuring that your staff is properly trained is more important than ever. Not only will you want to provide them with the information needed to secure your network, you will also want to test them to ensure they are capable and willing to follow the company-outlined protocol on how to deal with threats. 

Threat Management and Detection

Despite your increased reliance on your staff to ensure that nefarious people don’t gain access to your network, there are still tools designed to identify threats and mitigate their existence. From firewalls to antivirus to powerful new threat management tools, if protecting your network from outside threats is a priority, making investments in solutions designed to eliminate threats is prudent. 

Coleman Technologies is the British Columbia experts in IT security. Call our expert technicians today at (604) 513-9428 to learn more about what you should be doing to secure your network and infrastructure.

Unfortunately, most attacks still come in through email, and can slip by your users. Even the most complex cybersecurity platforms used by massive corporations and governments can be foiled by a simple phishing attack, and your end-users are your last line of defense.

How Can an Employee Fall Victim?

Phishing attacks are designed to look real. An email might come in looking like a valid message from Paypal, a bank, a vendor, or even from another employee or client. Hackers use several tricks to make the email look real, such as spoofing the address or designing the content of the email to look legitimate.

Unfortunately, if the user clicks on the link in the email or downloads the attachment, they could open themselves and your company up to whatever threats contained within.

Commonly, this leads to stolen sensitive information, or installs malware on the device, or grants the hacker the ability to log into the user’s bank account.

While having strong IT security can reduce the amount of these phishing attacks that come in, a percentage can be tricky enough to bypass your firewalls and content filters, exposing your staff to situations that could your whole endeavor in

Educate Your Employees

It’s important to teach employees how to catch a phishing attack. We recommend sharing the following steps with your staff, or even printing them out and posting them around the office:

1. Carefully hover (don’t click!) over links and see if they go to a legitimate URL. If the email is from Paypal, a link should lead back to paypal.com or accounts.paypal.com. If there is anything strange between ‘paypal’ and the ‘.com’ then something is suspicious. There should also be a forward slash (/) after the .com.   If the URL was something like paypal.com.mailru382.co/something, then you are being spoofed. Everyone handles their domains a little differently, but use this as a general rule of thumb:
   1. paypal.com - Safe
   2. paypal.com/activatecard - Safe
   3. business.paypal.com - Safe
   4. business.paypal.com/retail - Safe
   5. paypal.com.activatecard.net - Suspicious! (notice the dot immediately after Paypal’s domain name)
   6. paypal.com.activatecard.net/secure - Suspicious!
   7. paypal.com/activatecard/tinyurl.com/retail - Suspicious! Don’t trust dots after the domain!
2. Check the email in the header. An email from Amazon wouldn’t come in as This email address is being protected from spambots. You need JavaScript enabled to view it.. Do a quick Google search for the email address to see if it is legitimate.
3. Always be careful opening attachments. If there is an attachment or link on the email, be extra cautious.
4. Be skeptical of password alerts. If the email mentions passwords, such as “your password has been stolen,” be suspicious.

Phishing Simulation

Another great tactic is to have regular phishing simulations. This is where we create a series of fake phishing emails (don’t worry, it’s safe), and randomly send it to your staff. When someone falls for the attack, we send them educational information to help them prevent being tricked by a real one.

We’ve found this to be very effective, without taking a lot of time out of an employees already busy day.

Are you interested in helping to protect your staff from falling victim to phishing attacks? Give us a call at (604) 513-9428.

Shadow IT
In a lot of ways, productivity is a lot like the thing it produces, money. People will do anything to get more of it. Businesses, have a plan; and, while they also want to maximize productivity and money, they typically don’t put their whole enterprise in jeopardy to get a little bit more of it. Shadow IT is the process in which an employee will download and use a piece of software that hasn’t been tested or passed by a company’s IT administrator to try and get a little more done.

Often times, the employee is just showing initiative, with no real knowledge that by downloading and utilizing a certain off-brand software that they have just put their whole business in danger. This wouldn’t be such a major deal if it was an isolated incident, but studies show that nearly 80 percent of all employees admit to utilizing software that wasn’t selected, tested, and released for use by their IT administrator. These apps may have vulnerabilities that would-be infiltrators can take advantage of. That is why it is important to utilize the software that has been vetted by the company, even if that means losing out on a bit of productivity.

Cryptojacking
There are well over 1,500 different cryptocurrencies, and in 2018 crytojacking, the strategy of using malware to use a target computer’s resources to mine for cryptocurrency was a major problem for businesses. Since this is a computationally complex task, it significantly reduces the computer’s effectiveness and longevity. As a result, cryptojacking has become en vogue for hackers and others looking to mine cryptocurrency without the investment necessary to do it.

Most studies show that the effect of cryptojacking could get way worse in 2019 since the value of cryptocurrency has fallen significantly over the past year. This means more machines mining for crypto are necessary, and thus more attacks. Users are just learning how these attacks are carried out and how to protect their business against them.

Ransomware
While there was a reported reduction in the number of ransomware cases in 2018, it still remains a major concern for any business looking to build a comprehensive network security strategy. Ransomware, of course, is a strain of malware that encrypts parts of or entire computing systems and then demands payment in cryptocurrency in a set amount of time for safe return of the files/access.

Hackers using ransomware have taken to targeting healthcare organizations’ networks for the breadth of the sensitive data they hold on them. They’ve also began to target operational technology systems, since, as with healthcare, costs of restoration of these systems (rather than payment) are prohibitive. This produces a little more urgency to get the problem resolved.

Unsecured Internet of Things
The Internet of Things keeps expanding, but so does the security threats to networks as a result of security-light devices. With more and more devices presenting security problems for businesses and individuals alike, it becomes important to ascertain exactly what devices are present on your network at any given time. Remember, even if a security-less IoT device is connected to a network-attached smartphone, it still offers up a major vulnerability.

While this is a major threat, there has been a push to improve the security of IoT devices as of late. With more security-minded companies developing useful smart products, these concerns will begin to take a back seat. But until that shift has been well documented, you’ll want to be diligent in the manner in which you utilize IoT devices.

Phishing
No business goes very long without getting some type of phishing email. In fact, it is estimated that 156 million phishing emails are sent every day, making it the most used practice by hackers everywhere. The way it works is that since most accounts are secure enough not to be guessed outright, hackers search for ways for people to help them gain access to the accounts they want to get in to. Nearly every successful cyber attack begins with a successful phishing scheme.

A specific example called business email compromise (BEC) which targets specific members of an organization is responsible for over $12 billion in losses across the globe. Once thought to be an email scam that could be mitigated with strong spam filters, today’s phishing scam is taking on a new shape by utilizing text messaging, instant messaging, phone calls, and even the seemingly-benign social media quiz to gain access to business networks.

2019 is lining up to be another stellar year for business technology, and as more tech is used, more threats come with them. If you would like any more information about how to prioritize network security, give our IT experts a call at (604) 513-9428 today.

First, we’ll define what “infrastructure monitoring” refers to:

Understanding IT Infrastructure Monitoring

Infrastructure monitoring covers a few different considerations, all critically important to the continued productivity of your business. These considerations include things like the physical condition of your infrastructure’s hardware, how your operating systems are being utilized, how much of your network’s bandwidth is being consumed and how many errors are occurring, or the performance and availability of your applications.

Naturally, hardware failures are a considerably sizable issue, even among the issues that infrastructure monitoring can help detect. This is especially the case when you consider that your remote workers will be especially reliant on your hardware to deliver the solutions they need. This means that you need to be particularly concerned about the possibility of issues happening within your server room and impacting your physical infrastructure itself.

In order to avoid the disastrous results this could have upon your data, productivity, budget, and business continuity, it is important that you have the proper infrastructure monitoring in place. Considering all that is going on now with a largely absent workforce, you especially need to abide by a few best practices considering your infrastructure monitoring solutions.

How to Make the Most of Infrastructure Monitoring

Here, we’ve assembled a few of the most important considerations you need to take into account--especially if your team is operating remotely.

Identify your most critical pieces of infrastructure for remote work capabilities.

While the entirety of your infrastructure is important, there are bound to be some components that a remote team is going to rely on more frequently. Regardless, since your business likely relies on each piece of equipment in your setup to some degree, you will want to make sure that the conditions are ideal for them all to operate. Consider adding backups of your climate control systems to take over if your primary ones should fail, and devices that allow for unresponsive components to be rebooted remotely to ensure that your in-house tools are available to your remote team.

Make sure your alert settings are up-to-date.

It’s one thing to have alerts set up for detected issues… it’s quite another to have alerts set up to inform the right people about these detected issues. If James needs to know about something, it doesn’t make much sense to alert Sarah. As the balance of your team shifts and responsibilities move around to new people, you need to make sure that your alerts are shifted accordingly. 

Confirm your system is in working order.

If a technician ever must go into the office to attend to something, have them check around your infrastructure for issues with your monitoring system. After all, it won’t do you any good if it isn’t functional itself and something were to happen. Have them check connections and ensure that the sensors are clean.

While we all try to keep ourselves safe, we must remember to do something to keep our business technology operational. Monitoring its environment is a great way to accomplish this.

To learn more about implementing the tools that protect your business during a wide array of circumstances, reach out to the team at Coleman Technologies today by calling (604) 513-9428, and subscribe to our blog for more IT information and updates.

How Did the Attack Happen?

In short, an IT management company known as SolarWinds was breached back in March, affecting a massive number of organizations—18,000 in all. These organizations include the likes of Microsoft, Cisco, and FireEye, as well as many states and federal organizations, including:

• The U.S. Department of State
• The U.S. Department of the Treasury
• The U.S. Department of Homeland Security
• The U.S. Department of Energy
• The U.S. National Telecommunications and Information Administration
• The National Institutes of Health, of the U.S. Department of Health
• The U.S. National Nuclear Security Administration

When the attackers gained access to SolarWinds’ network, they were able to use what is known as a supply chain attack to introduce their malware to these departments and organizations by pushing it through the company’s automatic software update system for their Orion products. These kinds of attacks can be particularly effective since the threat is introduced to an environment via a trusted application.

Making this situation worse, many SolarWinds customers had excluded Orion products from their security checks on SolarWinds’ recommendation to prevent their other security products from shutting them down due to the malware signatures that these security products contain.

While (at the time of this writing) it is unclear what the attackers responsible used this access to do, the potential ramifications are truly terrifying. While government departments were targeted, it also needs to be said that this attack could have potentially continued from the major providers like Microsoft and Cisco to their clients, and so on and so forth. That’s why there is still no estimate of this attack’s true scope.

This attack was seemingly only discovered when an employee at FireEye received an alert that their VPN credentials had been used from a new device, and a little digging revealed the much larger situation playing out.

This Wasn’t the Only Attack, Either

Another attack was also discovered on SolarWinds’ network when the company performed an internal audit of its systems. On December 18, a second malware was found to have used the same tactic to infiltrate SolarWinds, but as of this writing does not seem to come from the same source.

What This Needs to Teach Us

Frankly, the most important lessons to be learned here are painfully obvious. First off, cybersecurity needs to be prioritized above all else, and all potential threats should be considered a likelihood. After all, the U.S. government was warned about the viability of exactly this kind of threat back in 2018 by the Government Accountability Office.

Secondly, the concept of your employees being a huge part of your cybersecurity strategy needs to be reinforced. This was only discovered when an employee was alerted of unusual activity and took that alert seriously. Your team needs to know what they are looking out for, and how to proceed if they spot it.

We may not know the scope of these attacks for a while. That shouldn’t stop you from reaching out to the IT professionals at Coleman Technologies to get an assessment and a consultation. Call us today at (604) 513-9428 to get started protecting your network, infrastructure, and data.

Birth of the Internet

The first Internet was born on college campuses. It was built by intellectuals, for academics, without the massive list of considerations that now accompany software development. It spread quickly, of course, and somewhere, pretty early on, it was decided that by being able to support commerce, the Internet could become one of the west’s greatest inventions.

This came to fruition in 1984 when the first catalogue was launched on the Internet. This was followed by the first e-store (at books.com) in 1992, and the first software to be sold online (Ipswitch IMail Server) in 1994. Amazon and eBay launched the following year and the Internet has never been the same.

By then, the academic uses for the Internet had multiplied, as well. By the time Amazon launched, many colleges and universities were offering students access to the Internet as an important part of their continuing education. Boy, was it ever.

Today, you’ll be hard pressed to find a classroom (outside of the poorest school districts in the country) where every classroom isn’t Internet-ready.

College Internet Needs and Cybersecurity

This stands true in university and college circles, as well. Campuses today are almost completely connected. You’ll be hard pressed to find a place on a modern campus that, as long as you have security credentials to do so, you can’t gain access to an Internet connection. In a lot of ways, it is the demand for access that makes network security a major pain point for the modern college. Firstly, having to protect computing networks from a continuously variable amount of mobile devices is difficult. Secondly, the same attacks that plague businesses, are also hindering IT administrator efforts at colleges.

Colleges themselves aren’t doing anyone any favors. According to a 2018 report, none of the top 10 computer science degrees in the United States require a cybersecurity course to graduate. Of the top 50 computer science programs listed by Business Insider only three require some type of cybersecurity course. Moreover, only one school out of 122 reviewed by Business Insider requires the completion of three or more cybersecurity courses, the University of Alabama. Regardless of the metric, it’s clear that learning cybersecurity is not a priority for any school.

Are There Cybersecurity Problems Specific to Colleges?

The short answer is no. That’s why it's so important to get people thinking about cybersecurity any way they can. No industry can afford to have the skills gap between people that hack and the people looking to stop them grow any wider. This is why, no matter what you do (or plan on doing) for a living it’s important to understand what your responsibilities are and how to get them into a place that can help your organization ward off these threats from outside (and sometimes inside) your network.

Many colleges have turned to companies like Cyber Degrees to help them not only educate the people utilizing the college’s networks to why cybersecurity awareness is important, but also help people understand that with the rise of cybercrime and hacking-induced malware, that cybersecurity has become a major growth industry with many facets. In 2015, the Bureau of Labor Statistics found there were more than 200,000 unfilled cybersecurity jobs in the U.S. With curriculums not prioritizing cybersecurity, and with threats growing rapidly, imagine how many are unfilled today. As demand rises for competent individuals to fill a multitude of jobs in the computer-security industry, colleges need to do a better job prioritizing cybersecurity training.

For the business looking into protecting itself, look no further than the cybersecurity professionals at Coleman Technologies. Our knowledgeable technicians work with today’s business technology day-in and day-out and know all the industry’s best practices on how to keep you and your staff working productively, while limiting your exposure to risk. Call us today at (604) 513-9428 to learn more.