Knogin Blog

In this edition the Knogin's  "Breacher Report" we focus on the recent Marriott-Starwood data breach that has been the talk of the cyberworld.

Here is a brief look at the timeline of events.
* On November 30, 2018 Marriott announces Starwood reservations database security incident. 

* On November 19, 2018 Marriott's investigation determined there was an unauthorized access to guest information on Starwood reservations system on or before September 10, 2018. 

* On September 8, 2018, Marriott received an alert from an internal security tool regarding an attempt to access the Starwood guest reservation database in the United States. 

*  Upon investigation, it was determined by leading security experts that there had been unauthorised access to the Starwood network since 2014.  While that may seem like a  long time, it is not uncommon that major breaches often go undetected for many years.  

What records were affected?

Marriott believes there were approximately 500 million guest records who made a reservation at a Starwood property.  For approximately 327 million of  these guests, information includes some combination of name, mailing address, phone, email, passport numbers, Starwood Preferred Guest account information, DOB, gender and in some cases payment card data such as numbers and expiration dates

What actions has Marriott taken as a result?
* Created a dedicated website and call center to  respond to customer questions.    (info.starwoodhotels.com)
* Sent emails to affected guests.
* Providing guests  with free one year enrollment in Webwatcher, an internet monitoring service that alerts consumers if evidence of their personal information is found.

This event was serious enough that  the  the Federal Trade Commission (FTC) has released an alert on the Marriott Data Breach to provide affected users with recommended precautions against identity theft after the recent breach of the Marriott International Starwood guest reservation database.

What Knogin's take on all  of this?
This is another incident that reminds me of the saying, "let's close and lock the the stable door after the horse has bolted".   Bottom line, is - its too late!  The damage has been done.

In the spirit of overusing old sayings, this is a lesson for all companies that an "ounce of prevention is worth a pound of cure".

The root cause of the Starwood data breach is currently unknown and no doubt additional details will emerge in the weeks and months ahead. One thing is certain: A breach of this size is hardly ever the result of a single flaw. Rather it's the result of a threat actor that somehow got into the network and then was able to move around laterally without being detected.

Providing enterprise-class levels of security for your network and end points and detecting breaches and lateral intrusions is something that the Knogin's CyberEASY can help you with.
Find out how  CyberEASY helps companies improve their security posture. 

his latest massive records breach, unfortunately highlights the importance of having the proper tools, processes and procedures in place.    

When  there are important breaches that might affect you,  we will let you know
here in The Breacher Report.   Here is the latest...... Eurostar.

According to a report by the BBC,   Eurostar has reset its customers' login passwords after detecting attempts to break into an unspecified number of accounts.

Eurostar has forced all of its customers to reset their passwords after detecting an "unauthorised attempt" to hack into its systems and access their accounts. 

According to a spokesman for Eurostar, "We have taken this action as a precaution because we identified what we believe to be an unauthorised automated attempt to access eurostar.com accounts using your email address and password," the company told customers. 

"We've since carried out an investigation which shows that your account was logged into between the 15 and 19 October. If you didn't log in during this period, there's a possibility your account was accessed by this unauthorised attempt."

Welcome to Knogin's new service, called - The Breacher Report.
When  there are important breaches that might affect you,  we will let you know
here in The Breacher Report.   Here is the latest...... Eurostar.

According to a report by the BBC,   Eurostar has reset its customers' login passwords after detecting attempts to break into an unspecified number of accounts.

Eurostar has forced all of its customers to reset their passwords after detecting an "unauthorised attempt" to hack into its systems and access their accounts. 

According to a spokesman for Eurostar, "We have taken this action as a precaution because we identified what we believe to be an unauthorised automated attempt to access eurostar.com accounts using your email address and password," the company told customers. 

"We've since carried out an investigation which shows that your account was logged into between the 15 and 19 October. If you didn't log in during this period, there's a possibility your account was accessed by this unauthorised attempt."

In cybersecurity, one of the good habits to acquire is the ability of creating unique and strong passwords. Indeed, your enemy isn’t a lonely hacker in the darkness of his bedroom trying a password one by one. Your enemy is a program able to assimilate enormous databases of common passwords or random combinations of characters.

So why do you need a strong password ? Mainly to avoid breaks-in that could lead to the loss of your personal data and sensitive information. Once someones breaks your password, the quantity of information available can be significant with major consequences in your private life.

In order to avoid such an inconvenience, I offer you these guidelines on how to build a safe and strong password to prevent attacks.

 The traditional way

Several years ago, at an RSA Cybersecurity Conference, then FBI Director, Robert Mueller  gave a presentation  about the  FBI combating threats and cyber crime,  where he became noted for his quote, "that there two types of companies: those that have been hacked and those that will be. And even they are converging into one category: companies that have been hacked and will be hacked again".

Getting Tricked? Phishing emails are unfortunately one of the most prevalent ways that people get hacked.   Email scams and cybersecurity are something we take very seriously.  

In cybersecurity your first line of defense will be your weakest link, unless you reinforce it. 

What is the most important position in football? Many would say the quarterback, right?

After all, their job description includes: reading the defense; adjusting the plays; handing off the ball and making those awe inspiring, crowd cheering amazing touchdown passes. They also happen to be paid the highest salary on the team.

So, they must have the most important job, right?

Instead, I think the most important job could be that of the offensive linemen.

If the offensive line doesn't do their job well and they don't stop the defensive players (the attackers), then what happens to the quarterback? A sack. Ouch! Or, a fumble. Opps. Or, a touchback. Drat. Or even worst, an injured quarterback. Big big ouch!

Here at Knogin, we take cybersecurity very seriously.  Personal information, company data, employee information,  financial records, sensitive customer files and more, all need to be carefully guarded and protected using the latest and most effective cybersecurity technologies.  We are laser-focused in building these tools and cybersecurity technologies at Knogin.

Entrepreneur  Magazine published an serious article on ways to protect your personal privacy in social media.  It's well worth a 4 minute read here.

The truth is, here at Knogin, we like to have a bit of fun too. When we find something  that can blend cyber education and humor  we like to share it with our readers.   

We've all heard the importance of protecting our privacy by being careful about what we post online.  Here is a short video story that explains why...... 

Think your small business is too small to be a target for a cyber attack?

Think again.

Small businesses are one of the biggest and most vulnerable targets because personnel, budget and technologies continue to be insufficient to have a strong security policy.

According to the Better Business Bureau (BBB) 36% of business that reported being a target of a cyberattack in 2017 ended up losing money. The average loss for smaller businesses from these cyberattacks is estimated to be  $79,841 USD.

Cybersecurity threats are real and businesses must implement the fundamental tools and tactics to protect themselves, their customers, and their data.  But, what are the fundamentals?

Here is some very good news. 

Some of the most fundamental actions you can take to improve your organization's level of cybersecurity can be accomplished for free or a nominal cost. Some of these may already be in place. 

But, are you covering all the  bases?   
Are you securing all fundamental areas that a cybercriminal might exploit?

Let's say that on Friday, you installed a brand new alarm systems in your business.  But, since the alarm company was in a rush and you wanted to save a few dollars,  you decided not to install a sensor on that really high window that you are 100% sure that no one can ever reach.  Seems like a reasonable trade off, right?

Wrong.  

On Monday, you discover that over the weekend, your business was broken into and robbed, but yet, your alarm was never triggered.  How is that possible?  Ah, it was that 'high window'.  And  just think, for the cost or an additional alarm sensor, that window could have been protected also.

Moral of the story? 

Don't assume criminals won't find a way in, when there is something they want.  Instead, take the time to understand and cover all the fundamental bases  in your cybersecurity. 

What are the cybersecurity fundamentals that your company should implement?

We have 10 of them for you.    Click here and download our report:   'Cybersecurity 101: Ten Cybersecurity Fundamentals for Small Businesses'.

Another day and another data breach.   New York Times calls out Google for exposing  "the private data of hundreds of thousands of users of the Google+ social network and then opted not to disclose the issue this past spring, in part because of fears that doing so would draw regulatory scrutiny and reputational damage".

Google 'feared repercussions'.  Really?
Strike 1..

What caused the data breach?  A security bug allowed third-party developers to access Google+ user profile data since 2015 until it was discovered and patched in March of 2018.   But,  it took them 6 months to finally report it to the public. 

Really?  Six months to make it public?  Strike 2..... 

 Embarrassingly, Google admits their internal  'Project Strobe' security audit review also  "crystallized what we’ve known for a while: that while our engineering teams have put a lot of effort and dedication into building Google+ over the years, it has not achieved broad consumer or developer adoption"   Really?  Who knew! (shhhhh, almost everyone knew)

Get ready for a  big announcement.. drum roll please.....  Google+  is going to shut down in 2019. 

Strike 3, Google+ is OUT..
That's OK, because no-one really used their Facebook wannabe anyway.

So, what the moral of the story?

While the Google data breach is small compared to the ones revealed by Facebook,  your online security is something that you should take very seriously.  

With every social media account you sign up for, every picture you post and status you update,  you

Have you ever heard of a ‘common sense law’? Well, California just passed SB327 that raises cybersecurity standards.  And it is great timing too, because it’s October and its National Cyber Security Awareness Month.

But first, what is a ‘common sense law’?  When something is ‘common sense’ and ultimately good for you, but yet not enough people are doing that ‘something’, then the lawmakers create a law that requires you to do that ‘something’.  An example would be ‘seat belt laws’ in the US.