Blog

The latest in Dark Rhino Security news

Healthcare Companies and MSSPs: How to Achieve Your Business Goals

Healthcare Companies and MSSPs: How to Achieve Your Business Goals

Healthcare organizations can utilize MSSPs like Dark Rhino Security to achieve business goals while also reducing legal, reputational and financial risk. This can be done through the prevention of ransomware, assistance with certification requirements and protection of valuable data.

About two years ago, we began working with a healthcare data analytics firm. We implemented our security solutions and part of that suite was Next-Gen Anti-Virus (NGAV) protection. Within two weeks, we received an alert from our NGAV tool; a user attempted to download a file that matched the behavior characteristics of ransomware. Within minutes, our analysts confirmed the file was blocked outright on the user’s device. Additionally, we ensured the cyber threat was quarantined from the rest of the organization and reported the incident to the CEO.

Due to our efforts, the threat was blocked. However, if we had not stepped in, the healthcare firm could have been at the mercy of cybercriminals. They may or may not have recovered from the attack. 

Healthcare companies also leverage MSSPs to fully comply with needs such as HIPAA and Hi-Trust certifications. Based on our past experience, achieving the Hi-Trust certification leads to more business and more incentives from Blue Cross and Blue Shield. I personally assisted one of our healthcare partners to utilize our security offerings and meet the necessary Hi-Trust controls. I also provided written proof of where our technologies met the necessary control. After achieving Hi-Trust, our client said the incentives they’ve received have helped shape their business drastically.

Moreover, Healthcare companies can utilize MSSPs to protect company data and client/patient information. The most interesting case I had experienced with a healthcare partner was an insider threat. One of the company’s employees was attempting to exfiltrate company data. Although in this scenario the data in question did not include any patient information, any attempt made to leak company secrets poses a huge risk to a company’s reputation. Luckily, with our data loss tool, I was able to see the exact data being exfiltrated. I was also able to see the exact USB drive that was conducting the data extraction. We worked with the company’s legal representatives and HR department to send the necessary documentation to the user and recover the designated corporate files. We also informed the user that if this company’s intellectual property ever showed up at a future employer in a product offering, a cease and desist would be sent to the user and to the new employer. After the whole fiasco, we conducted a full recovery of all the extracted files and the user never posed as a threat to the healthcare firm at their future employer. 

Overall, more and more small to medium-sized healthcare firms are becoming larger targets for cybercriminals. Therefore, the need for cybersecurity continues to grow. This dilemma gives healthcare companies two options, they can either invest $250,000 - $500,000 in cybersecurity professionals and security software or utilize an MSSP to serve as a cost-effective means to achieve a solid cybersecurity posture. If you’re interested in reducing company risk and optimizing your business, feel free to email me back at This email address is being protected from spambots. You need JavaScript enabled to view it.

Cyber Basics: Training the End-User

Cyber Basics: Training the End-User

 

Imagine you invest millions in cybersecurity technology. Then, an untrained employee clicks on a link in an email. He just rained on your cyber parade and completely negated every measure you implemented. This scenario would be awful. However, it is not uncommon.

The most vulnerable part of any organization is its end-user.  “Knowing is half the battle,” says Nathan Horne, a senior security engineer.” If you properly train your users, a decent portion of your concern goes away.

Typically phishing or malware occurs because an employee opens an email or goes on a website a CIS admin didn’t block. Unfortunately, you cannot stop the employee from checking their emails or surfing the web on their time off. There is no 100 percent block.

“You can’t protect people from themselves,” Horne says. “Honestly what a good portion of these appliances do is attempt to protect the end-user from themselves, but there is no such thing; You need to train,” he continues.

Start strategically training and watch the incidents drop. People that have the ability to control or direct funds are the most targeted. Therefore, they should be at the top of the training priority list.

Training comes in several forms; To start you can add cybersecurity to yearly corporate compliance training. Tyler Smith, a senior software engineer, recommends educating users that violate company policy.

For example, Smith was previously the head of a DLP program for an enterprise and he would see 200-300 hits on violation of policy. His co-workers suggested staying quiet because the violators were very important and busy people. Smith did the opposite and within 90 days that number dropped by two thirds.

Smith says most of the people violating the company policies were doing so because of broken business practices.

“People want to do the right thing. They just need to know what that is,” Smith says.

The Rundown on Ransomware

The Rundown on Ransomware

 

Tyler Smith, a senior security engineer, was on his way to Kentucky when he received an urgent phone call – one of his clients suffered from a ransomware attack. The backup files. The network storage files. Everything was encrypted. The client was backed into a corner and had to pay the ransom.

Less than two weeks later, the same client was hit again. The attackers humorously offered them a discount because it was their second attack. Luckily, Smith and his team were able to find the key in the code to decrypt all the files. His client would not have to pay the ransom fee again. It took such a horrific set of incidents to get the client to finally take cybersecurity much more seriously.

This occurred in the early 2010s. Since then, ransomware attacks have only become more sophisticated.

Essentially, a ransomware attack happens when a team member clicks on a bad link and their machine becomes compromised. The virus jumps from machine to machine and encrypts the team’s files. Typically, a sum of money is demanded in exchange for the return of the files.

“Paying the ransom is never recommended,” Tyler says. It does not guarantee that it will solve your problem. For example, there could be bugs in the malware, causing the data to be unrecoverable. 

However, there are certain scenarios in which there is no choice but to pay the ransom. For example, companies working in areas such as health care cannot afford to have the patient data lost or compromised. When vital information or millions of dollars are at stake, paying the ransom feels as if it is the only way out.

The best defense is to train the end-users in an organization. 

“Human beings are notorious for overcoming all security efforts because they don’t understand the why behind the security measures,” Tyler says.

You can also detect these attacks by ensuring that next-generation end-point detections and response software is deployed on all the endpoints of users in your cyber environment; You should segment the networks and limit the connects between the segments in a way that makes sense for your business.

With ransomware it does not matter what line of business you are in. Ransomware is not going away. Rather it is advancing quite rapidly. Companies are even built upon customizing attacks for clients.

The Danger Of Cybersecurity Burnout

The Danger Of Cybersecurity Burnout

Burnout from working too much is something every working person needs to worry about. But in some fields, the danger is magnified. Doctors, lawyers, and executives are common victims of the negative health effects of overworking.

And now, cybersecurity professionals have bene added to the mix.

Thanks to stressors like advanced malware and zero-day vulnerabilities, cybersecurity professionals are joining the ranks of the most burnt out professionals in the workforce. On top of regular on-the-job stressors, a shortage of cybersecurity professionals in the marketplace means in many cases, lone employees are doing what should rightly be the work of two or three people.

This kind of burnout has real world consequences; mental health concerns like depression and anxiety are on the rise for cybersecurity professionals, affecting their life at home as well as at work.

What should I do to keep myself from getting burnt out?

Keeping yourself from becoming burnt out in cybersecurity is the same as keeping yourself from becoming burnt out in any other profession.

Get a hobby

Allowing your whole day to become consumed by cybersecurity is a quick path to burnout. To prevent this, include other activities in your life. Start learning a skill you've always wanted to learn, practicing a new language, or playing a new sport.

Take regular breaks from work

Make sure to take regular breaks from work to do nothing in particular. If there's nothing pressing that needs to be done, leave work on time (and don't work from home). Take a day off when your schedule allows. Plan regular vacations -- and shift your work to team members, so you aren't working while you're on your vacation.

Spend time with friends and family

Humans are social animals. The best way for us to refuel and feel good about life is to spend time with other humans we love and care about. Remember to spend time with your friends, family, and loved ones.

Remember to put your phone and computer away while you take this quality time -- time spent split between another person and a screen is not quality time.

Keep work in perspective

Ultimately, work is just work. It's just a way to get money so you are able to live the kind of life you want. Work concerns should be kept in perspective, not made into the center of your world.

What should I do to keep my employees from getting burnt out?

There's only so much employees can do to keep themselves from getting burnt out. As an employer, you bear a special resopnsibility toward your employees to create an environment for them that is conducive to their health, not destructive. Some ways you can create that environment are:

Add more team members

Cybersecurity is an industry known for it's lack of qualified professionals. Often, cybersecurity employees are doing the work of two or three men. People who are working double or triple rarely put in quality work. Hire more team members so your current ones can share the load.

Create a restful space

Our environment affects our performance. If your workplace is a dark, chaotic, stressful environment, employee performance will suffer. Create an employee workspace which is calm, peaceful, and welcoming so that employees can relax into work.

Encourage team members to take breaks

Nobody can work continuously. Encourage employees to take regular breaks when necessary so that when they are working, they are giving their best work.

Give employees autonomy

The person who knows how to make your employees perform best are the employees themselvs. Give them freedom to do what will make them the most effective employees. Instead of trying to get results by controlling their every move, allow them the freedom professional adults deserve.

Cyber Criminals Using New Browser 'Linken Sphere'

Cyber Criminals Using New Browser 'Linken Sphere'

Every day, e-commerce and financial organizations around the world are targeted by cybercriminals. These criminals are often looking for customer information to use to steal the identities of customers, or looking for information they can use to blackmail companies. Companies typically combat these cyber criminals using a technology called digital fingerprinting, a process designed to identify each unique device and browser that visits their websites. This enables them to verify the identity of any visitors and block malicious actors.

Historically, cyber criminals get around digital fingerprinting using technology like virtual machines, proxies, and VPN servers. However, anti-fraud systems are becoming sophisticated enough to identify suspicious IP addresses even if they are using these tactics.

As a result, cyber criminals have started using the Linken Sphere browser for criminal activity. Linken Sphere changes web browser configurations dynamically, generating an unlimited number. This enables them to imitate the activity of legitimate users.

According to Tenebris, the creators of Linken Sphere, it was created for legal, legitimate purposes such as:

  • penetration testing
  • social media market research
  • keyword research
  • bonus hunters (online gambling and other purposes)
  • privacy-minded users
  • people operating multiple accounts simultaneously for work

However, it was announced to the world via underground forums such as Exploit, Verified, Korovka, and Maza, places known for enabling cyber criminals. The user who announced Linken Sphere on these forums is a verified member of the Tenebris team, the creators of Linken Sphere.

About Linken Sphere

According to Tenebris, here are the general features of Linken Sphere:

  • Linken Sphere is based on the Chromium web browser: its developers used its source code and removed all tracking functions enabled by Google
  • Operates in the “Off-the-Record Messaging” mode
  • Does not use any hidden Google services
  • Encrypts all saved data using the AES 256 algorithm
  • Connects to the internet via various protocols, including HTTP, SOCKS, SSH, TOR, TOR + SSH, and DYNAMIC SOCKS
  • Each session creates a new configuration and users do not need multiple virtual machines
  • Allows working with different types of connections in multi-thread mode at the same time
  • Includes built-in professional anti-detection with regular updates of configurations of the user’s agents, extensions, languages, geolocation, and many other parameters, which are able to change in real time
  • Saves fingerprints and cookie files after every session, allowing the use of a saved session by multiple users without needing to switch between virtual machines
  • Does not require specific settings to start working proactively, anonymously, and securely
  • Contains a built-in license with a location database GeoIP2 MaxMind, allowing users to configure time and geolocation immediately
  • WebEmulator, called “Прогреватор” in Russian, is an option created to “warm up” websites in an automated mode. This function allows collecting needed cookie files automatically between websites before working with a new account. WebEmulator operates in the background with multi-thread mode allowing the set up of parameters for visiting websites such as the number of visited pages, time spent on each page, pauses, and delays between visits. WebEmulator enables alerts after task completion. 
Why Video Games Are The New Golf

Why Video Games Are The New Golf

Millennials grew up during the stock market crash of 2008. While we were young, our parents were focused on cutting costs and trying to scrape together money for retirement. Nobody’s parents had money to take them out to the golf course, let alone get lessons. It was far cheaper — and easier on our parents — for us to play video games.

As a result, we grew up in a video game culture. Most millennials who are adults today grew up playing video games like Halo, Call of Duty, and Battlefield. Video games are so common in our age cohort that they are the kind of thing you can strike up a conversation with a stranger over, much like football or the weather.

We didn’t leave our love of video games in the past, either. Platforms like Twitch and YouTube allow us not only to play video game, but to watch the pros show us how it’s done. Video games are not just a hobby, but an entire sports industry.

As millennials get older, more and more of us are holding influential roles inside companies. According to the Pew Research Center, the oldest millennials were born in 1981, making the oldest millennials 38 years old. In our youth-obsessed culture, that’s more than old enough to hold powerful executive positions. There are millennials in Congress and on the boards of directors.

And almost every one of those millennials grew up playing video games.

The Advantages of Video Games

It’s easier to play video games. You don’t have to get dressed up, pack a bunch of large golf clubs into the car, and drive to a physical location — all you have to do is turn on your console and sign on. This makes it easier to arrange short-notice or impromptu sessions.

Video games are more relaxed. Most people take golf pretty seriously, whereas they consider video games relaxed and lighthearted. Instead of focusing on competing, people laugh and have fun. That relaxed atmosphere makes people — customers, partners, and vendors — feel more comfortable talking about their needs without politicking.

Video games can be played together remotely. To play golf, you and your contact need to be in the same place at the same time. On the other hand, all video games require is an internet connection. This allows you to maintain hot connections with people all over the world.


It’s not that video games are “better” than golf. At the end of the day, both are simply different ways of getting in touch with business contacts. But as more and more millennials take positions of power, video games are likely to take center stage as a way of connecting with clients. In fact, this is already starting to happen, says millennial sales engineer Mitch:

“I was consulting at a client site and one of the things that we brought up during our lunch break was how great the new modern warfare game is to play. We talked about some of our favorite game modes and then decided to add each other once the engagement ended. Ever since, we’ve been playing together fairly frequently and discussing just some of the other problems that he’s facing internally.

Another time, myself and a partner bonded over our shared love of Fortnite. We added each other on that game as well, and have discussed everything from how to go after certain accounts together strategically to what has and hasn’t worked with his technology during his sales cycles.”

And it isn’t just milennials playing video games. As video games become more popular, familiarity with them is becoming more common. Even Gen X-ers and Baby Boomers know about video games — even if your contact is older, odds are they have children of their own, children who are growing up playing video games today.

As the business landscape changes, don’t be afraid to strike up conversations about video games. You never know which impromptu gaming sessions may lead to business breakthroughs.

News

Subscribe to Our Newsletter

Image

Address (United States)

5695 Avery Road
Dublin, OH 43016

Address (United Kingdom)

31 Sapphire Rd
Bishop's Cleeve
Cheltenham
Glos GL52 7YT

Talk to us

+1 (614)-401-3025

Support

Need Any Help?
Contact Us