Knogin Blog

Welcome to Knogin's new service, called - The Breacher Report.
When  there are important breaches that might affect you,  we will let you know
here in The Breacher Report.   Here is the latest...... Eurostar.

According to a report by the BBC,   Eurostar has reset its customers' login passwords after detecting attempts to break into an unspecified number of accounts.

Eurostar has forced all of its customers to reset their passwords after detecting an "unauthorised attempt" to hack into its systems and access their accounts. 

According to a spokesman for Eurostar, "We have taken this action as a precaution because we identified what we believe to be an unauthorised automated attempt to access eurostar.com accounts using your email address and password," the company told customers. 

"We've since carried out an investigation which shows that your account was logged into between the 15 and 19 October. If you didn't log in during this period, there's a possibility your account was accessed by this unauthorised attempt."

In cybersecurity, one of the good habits to acquire is the ability of creating unique and strong passwords. Indeed, your enemy isn’t a lonely hacker in the darkness of his bedroom trying a password one by one. Your enemy is a program able to assimilate enormous databases of common passwords or random combinations of characters.

So why do you need a strong password ? Mainly to avoid breaks-in that could lead to the loss of your personal data and sensitive information. Once someones breaks your password, the quantity of information available can be significant with major consequences in your private life.

In order to avoid such an inconvenience, I offer you these guidelines on how to build a safe and strong password to prevent attacks.

 The traditional way

Several years ago, at an RSA Cybersecurity Conference, then FBI Director, Robert Mueller  gave a presentation  about the  FBI combating threats and cyber crime,  where he became noted for his quote, "that there two types of companies: those that have been hacked and those that will be. And even they are converging into one category: companies that have been hacked and will be hacked again".

Getting Tricked? Phishing emails are unfortunately one of the most prevalent ways that people get hacked.   Email scams and cybersecurity are something we take very seriously.  

In cybersecurity your first line of defense will be your weakest link, unless you reinforce it. 

What is the most important position in football? Many would say the quarterback, right?

After all, their job description includes: reading the defense; adjusting the plays; handing off the ball and making those awe inspiring, crowd cheering amazing touchdown passes. They also happen to be paid the highest salary on the team.

So, they must have the most important job, right?

Instead, I think the most important job could be that of the offensive linemen.

If the offensive line doesn't do their job well and they don't stop the defensive players (the attackers), then what happens to the quarterback? A sack. Ouch! Or, a fumble. Opps. Or, a touchback. Drat. Or even worst, an injured quarterback. Big big ouch!

Here at Knogin, we take cybersecurity very seriously.  Personal information, company data, employee information,  financial records, sensitive customer files and more, all need to be carefully guarded and protected using the latest and most effective cybersecurity technologies.  We are laser-focused in building these tools and cybersecurity technologies at Knogin.

Entrepreneur  Magazine published an serious article on ways to protect your personal privacy in social media.  It's well worth a 4 minute read here.

The truth is, here at Knogin, we like to have a bit of fun too. When we find something  that can blend cyber education and humor  we like to share it with our readers.   

We've all heard the importance of protecting our privacy by being careful about what we post online.  Here is a short video story that explains why...... 

Think your small business is too small to be a target for a cyber attack?

Think again.

Small businesses are one of the biggest and most vulnerable targets because personnel, budget and technologies continue to be insufficient to have a strong security policy.

According to the Better Business Bureau (BBB) 36% of business that reported being a target of a cyberattack in 2017 ended up losing money. The average loss for smaller businesses from these cyberattacks is estimated to be  $79,841 USD.

Cybersecurity threats are real and businesses must implement the fundamental tools and tactics to protect themselves, their customers, and their data.  But, what are the fundamentals?

Here is some very good news. 

Some of the most fundamental actions you can take to improve your organization's level of cybersecurity can be accomplished for free or a nominal cost. Some of these may already be in place. 

But, are you covering all the  bases?   
Are you securing all fundamental areas that a cybercriminal might exploit?

Let's say that on Friday, you installed a brand new alarm systems in your business.  But, since the alarm company was in a rush and you wanted to save a few dollars,  you decided not to install a sensor on that really high window that you are 100% sure that no one can ever reach.  Seems like a reasonable trade off, right?

Wrong.  

On Monday, you discover that over the weekend, your business was broken into and robbed, but yet, your alarm was never triggered.  How is that possible?  Ah, it was that 'high window'.  And  just think, for the cost or an additional alarm sensor, that window could have been protected also.

Moral of the story? 

Don't assume criminals won't find a way in, when there is something they want.  Instead, take the time to understand and cover all the fundamental bases  in your cybersecurity. 

What are the cybersecurity fundamentals that your company should implement?

We have 10 of them for you.    Click here and download our report:   'Cybersecurity 101: Ten Cybersecurity Fundamentals for Small Businesses'.

Another day and another data breach.   New York Times calls out Google for exposing  "the private data of hundreds of thousands of users of the Google+ social network and then opted not to disclose the issue this past spring, in part because of fears that doing so would draw regulatory scrutiny and reputational damage".

Google 'feared repercussions'.  Really?
Strike 1..

What caused the data breach?  A security bug allowed third-party developers to access Google+ user profile data since 2015 until it was discovered and patched in March of 2018.   But,  it took them 6 months to finally report it to the public. 

Really?  Six months to make it public?  Strike 2..... 

 Embarrassingly, Google admits their internal  'Project Strobe' security audit review also  "crystallized what we’ve known for a while: that while our engineering teams have put a lot of effort and dedication into building Google+ over the years, it has not achieved broad consumer or developer adoption"   Really?  Who knew! (shhhhh, almost everyone knew)

Get ready for a  big announcement.. drum roll please.....  Google+  is going to shut down in 2019. 

Strike 3, Google+ is OUT..
That's OK, because no-one really used their Facebook wannabe anyway.

So, what the moral of the story?

While the Google data breach is small compared to the ones revealed by Facebook,  your online security is something that you should take very seriously.  

With every social media account you sign up for, every picture you post and status you update,  you

Have you ever heard of a ‘common sense law’? Well, California just passed SB327 that raises cybersecurity standards.  And it is great timing too, because it’s October and its National Cyber Security Awareness Month.

But first, what is a ‘common sense law’?  When something is ‘common sense’ and ultimately good for you, but yet not enough people are doing that ‘something’, then the lawmakers create a law that requires you to do that ‘something’.  An example would be ‘seat belt laws’ in the US.  

If I asked you, 'what are two things that are certain in life?',  what would you say?  Death and taxes, right?

But, what if I asked you,  'what is one thing that is almost certain to affect you in  your Digital Life?'

What would you say?

If you said, 'another announcement of a cyber breach that could affect me, my family or my business', then you would be 100% right.

Ok, while it is a bit of a stretch to tie all 3 of these things together, I hope you get the point.
Facebook alone has reported breaches that affected the data of  87M people in April 2018, and 50M people in September of 2018.  

Your online security is something that you should take very seriously.  Think about this. Do you  know someone  that has been hacked, had their identity compromised or got hit with a virus or..., , maybe even worse?  

With every social media account you sign up for, every picture you post and status you update,  you