Blog

The latest in Dark Rhino news

PMI rebranding - March 31st deadline

PMI rebranding - March 31st deadline

 

Prior to the PMI Global Conference, PMI hand-selected 25 chapters from across the globe to release the new PMI brand. We host 14 of those chapters. Together, with PMI and the chapters, we have created a sleek new look. On October 05, 2019, we went live at the PMI Global Conference with zero hiccups.

Below are a few chapters that have already gone live with their new look. With the rebranding deadline around the corner, please schedule a meeting with us to get started!

PMI Indonesia

Image

PMI Inland Northwest

Image

PMI Madrid

Image

PMI Mexico

Image

PMI Northeast Wisconsin

Image

PMI Northern Alberta

Image

PMI Olympia

Image

PMI Singapore

Image

PMI South Africa

Image

PMI Sydney

Image

PMI United Arab Emirates

Image

PMI United Kingdom

Image

PMI Zimbabwe

Image

PMI Delaware Valley

Image

PMI Canada's Technology Triangle

Image

PMI Eastern Iowa

Image

PMI France

Image

PMI Guayas

Image

 

Healthcare Companies & MSSPs: Achieve Your Goals

Healthcare Companies & MSSPs: Achieve Your Goals

Healthcare organizations can utilize MSSPs like Dark Rhino Security to achieve business goals while also reducing legal, reputational and financial risk. This can be done through the prevention of ransomware, assistance with certification requirements and protection of valuable data.

About two years ago, we began working with a healthcare data analytics firm. We implemented our security solutions and part of that suite was Next-Gen Anti-Virus (NGAV) protection. Within two weeks, we received an alert from our NGAV tool; a user attempted to download a file that matched the behavior characteristics of ransomware. Within minutes, our analysts confirmed the file was blocked outright on the user’s device. Additionally, we ensured the cyber threat was quarantined from the rest of the organization and reported the incident to the CEO.

Due to our efforts, the threat was blocked. However, if we had not stepped in, the healthcare firm could have been at the mercy of cybercriminals. They may or may not have recovered from the attack. 

Healthcare companies also leverage MSSPs to fully comply with needs such as HIPAA and Hi-Trust certifications. Based on our past experience, achieving the Hi-Trust certification leads to more business and more incentives from Blue Cross and Blue Shield. I personally assisted one of our healthcare partners to utilize our security offerings and meet the necessary Hi-Trust controls. I also provided written proof of where our technologies met the necessary control. After achieving Hi-Trust, our client said the incentives they’ve received have helped shape their business drastically.

Moreover, Healthcare companies can utilize MSSPs to protect company data and client/patient information. The most interesting case I had experienced with a healthcare partner was an insider threat. One of the company’s employees was attempting to exfiltrate company data. Although in this scenario the data in question did not include any patient information, any attempt made to leak company secrets poses a huge risk to a company’s reputation. Luckily, with our data loss tool, I was able to see the exact data being exfiltrated. I was also able to see the exact USB drive that was conducting the data extraction. We worked with the company’s legal representatives and HR department to send the necessary documentation to the user and recover the designated corporate files. We also informed the user that if this company’s intellectual property ever showed up at a future employer in a product offering, a cease and desist would be sent to the user and to the new employer. After the whole fiasco, we conducted a full recovery of all the extracted files and the user never posed as a threat to the healthcare firm at their future employer. 

Overall, more and more small to medium-sized healthcare firms are becoming larger targets for cybercriminals. Therefore, the need for cybersecurity continues to grow. This dilemma gives healthcare companies two options, they can either invest $250,000 - $500,000 in cybersecurity professionals and security software or utilize an MSSP to serve as a cost-effective means to achieve a solid cybersecurity posture. If you’re interested in reducing company risk and optimizing your business, feel free to email me back at This email address is being protected from spambots. You need JavaScript enabled to view it.

Cyber Basics: Training the End-User

Cyber Basics: Training the End-User

 

Imagine you invest millions in cybersecurity technology. Then, an untrained employee clicks on a link in an email. He just rained on your cyber parade and completely negated every measure you implemented. This scenario would be awful. However, it is not uncommon.

The most vulnerable part of any organization is its end-user.  “Knowing is half the battle,” says Nathan Horne, a senior security engineer.” If you properly train your users, a decent portion of your concern goes away.

Typically phishing or malware occurs because an employee opens an email or goes on a website a CIS admin didn’t block. Unfortunately, you cannot stop the employee from checking their emails or surfing the web on their time off. There is no 100 percent block.

“You can’t protect people from themselves,” Horne says. “Honestly what a good portion of these appliances do is attempt to protect the end-user from themselves, but there is no such thing; You need to train,” he continues.

Start strategically training and watch the incidents drop. People that have the ability to control or direct funds are the most targeted. Therefore, they should be at the top of the training priority list.

Training comes in several forms; To start you can add cybersecurity to yearly corporate compliance training. Tyler Smith, a senior software engineer, recommends educating users that violate company policy.

For example, Smith was previously the head of a DLP program for an enterprise and he would see 200-300 hits on violation of policy. His co-workers suggested staying quiet because the violators were very important and busy people. Smith did the opposite and within 90 days that number dropped by two thirds.

Smith says most of the people violating the company policies were doing so because of broken business practices.

“People want to do the right thing. They just need to know what that is,” Smith says.

The Rundown on Ransomware

The Rundown on Ransomware

 

Tyler Smith, a senior security engineer, was on his way to Kentucky when he received an urgent phone call – one of his clients suffered from a ransomware attack. The backup files. The network storage files. Everything was encrypted. The client was backed into a corner and had to pay the ransom.

Less than two weeks later, the same client was hit again. The attackers humorously offered them a discount because it was their second attack. Luckily, Smith and his team were able to find the key in the code to decrypt all the files. His client would not have to pay the ransom fee again. It took such a horrific set of incidents to get the client to finally take cybersecurity much more seriously.

This occurred in the early 2010s. Since then, ransomware attacks have only become more sophisticated.

Essentially, a ransomware attack happens when a team member clicks on a bad link and their machine becomes compromised. The virus jumps from machine to machine and encrypts the team’s files. Typically, a sum of money is demanded in exchange for the return of the files.

“Paying the ransom is never recommended,” Tyler says. It does not guarantee that it will solve your problem. For example, there could be bugs in the malware, causing the data to be unrecoverable. 

However, there are certain scenarios in which there is no choice but to pay the ransom. For example, companies working in areas such as health care cannot afford to have the patient data lost or compromised. When vital information or millions of dollars are at stake, paying the ransom feels as if it is the only way out.

The best defense is to train the end-users in an organization. 

“Human beings are notorious for overcoming all security efforts because they don’t understand the why behind the security measures,” Tyler says.

You can also detect these attacks by ensuring that next-generation end-point detections and response software is deployed on all the endpoints of users in your cyber environment; You should segment the networks and limit the connects between the segments in a way that makes sense for your business.

With ransomware it does not matter what line of business you are in. Ransomware is not going away. Rather it is advancing quite rapidly. Companies are even built upon customizing attacks for clients.

The Danger Of Cybersecurity Burnout

The Danger Of Cybersecurity Burnout

Burnout from working too much is something every working person needs to worry about. But in some fields, the danger is magnified. Doctors, lawyers, and executives are common victims of the negative health effects of overworking.

And now, cybersecurity professionals have bene added to the mix.

Thanks to stressors like advanced malware and zero-day vulnerabilities, cybersecurity professionals are joining the ranks of the most burnt out professionals in the workforce. On top of regular on-the-job stressors, a shortage of cybersecurity professionals in the marketplace means in many cases, lone employees are doing what should rightly be the work of two or three people.

This kind of burnout has real world consequences; mental health concerns like depression and anxiety are on the rise for cybersecurity professionals, affecting their life at home as well as at work.

What should I do to keep myself from getting burnt out?

Keeping yourself from becoming burnt out in cybersecurity is the same as keeping yourself from becoming burnt out in any other profession.

Get a hobby

Allowing your whole day to become consumed by cybersecurity is a quick path to burnout. To prevent this, include other activities in your life. Start learning a skill you've always wanted to learn, practicing a new language, or playing a new sport.

Take regular breaks from work

Make sure to take regular breaks from work to do nothing in particular. If there's nothing pressing that needs to be done, leave work on time (and don't work from home). Take a day off when your schedule allows. Plan regular vacations -- and shift your work to team members, so you aren't working while you're on your vacation.

Spend time with friends and family

Humans are social animals. The best way for us to refuel and feel good about life is to spend time with other humans we love and care about. Remember to spend time with your friends, family, and loved ones.

Remember to put your phone and computer away while you take this quality time -- time spent split between another person and a screen is not quality time.

Keep work in perspective

Ultimately, work is just work. It's just a way to get money so you are able to live the kind of life you want. Work concerns should be kept in perspective, not made into the center of your world.

What should I do to keep my employees from getting burnt out?

There's only so much employees can do to keep themselves from getting burnt out. As an employer, you bear a special resopnsibility toward your employees to create an environment for them that is conducive to their health, not destructive. Some ways you can create that environment are:

Add more team members

Cybersecurity is an industry known for it's lack of qualified professionals. Often, cybersecurity employees are doing the work of two or three men. People who are working double or triple rarely put in quality work. Hire more team members so your current ones can share the load.

Create a restful space

Our environment affects our performance. If your workplace is a dark, chaotic, stressful environment, employee performance will suffer. Create an employee workspace which is calm, peaceful, and welcoming so that employees can relax into work.

Encourage team members to take breaks

Nobody can work continuously. Encourage employees to take regular breaks when necessary so that when they are working, they are giving their best work.

Give employees autonomy

The person who knows how to make your employees perform best are the employees themselvs. Give them freedom to do what will make them the most effective employees. Instead of trying to get results by controlling their every move, allow them the freedom professional adults deserve.

Cyber Criminals Using New Browser 'Linken Sphere'

Cyber Criminals Using New Browser 'Linken Sphere'

Every day, e-commerce and financial organizations around the world are targeted by cybercriminals. These criminals are often looking for customer information to use to steal the identities of customers, or looking for information they can use to blackmail companies. Companies typically combat these cyber criminals using a technology called digital fingerprinting, a process designed to identify each unique device and browser that visits their websites. This enables them to verify the identity of any visitors and block malicious actors.

Historically, cyber criminals get around digital fingerprinting using technology like virtual machines, proxies, and VPN servers. However, anti-fraud systems are becoming sophisticated enough to identify suspicious IP addresses even if they are using these tactics.

As a result, cyber criminals have started using the Linken Sphere browser for criminal activity. Linken Sphere changes web browser configurations dynamically, generating an unlimited number. This enables them to imitate the activity of legitimate users.

According to Tenebris, the creators of Linken Sphere, it was created for legal, legitimate purposes such as:

  • penetration testing
  • social media market research
  • keyword research
  • bonus hunters (online gambling and other purposes)
  • privacy-minded users
  • people operating multiple accounts simultaneously for work

However, it was announced to the world via underground forums such as Exploit, Verified, Korovka, and Maza, places known for enabling cyber criminals. The user who announced Linken Sphere on these forums is a verified member of the Tenebris team, the creators of Linken Sphere.

About Linken Sphere

According to Tenebris, here are the general features of Linken Sphere:

  • Linken Sphere is based on the Chromium web browser: its developers used its source code and removed all tracking functions enabled by Google
  • Operates in the “Off-the-Record Messaging” mode
  • Does not use any hidden Google services
  • Encrypts all saved data using the AES 256 algorithm
  • Connects to the internet via various protocols, including HTTP, SOCKS, SSH, TOR, TOR + SSH, and DYNAMIC SOCKS
  • Each session creates a new configuration and users do not need multiple virtual machines
  • Allows working with different types of connections in multi-thread mode at the same time
  • Includes built-in professional anti-detection with regular updates of configurations of the user’s agents, extensions, languages, geolocation, and many other parameters, which are able to change in real time
  • Saves fingerprints and cookie files after every session, allowing the use of a saved session by multiple users without needing to switch between virtual machines
  • Does not require specific settings to start working proactively, anonymously, and securely
  • Contains a built-in license with a location database GeoIP2 MaxMind, allowing users to configure time and geolocation immediately
  • WebEmulator, called “Прогреватор” in Russian, is an option created to “warm up” websites in an automated mode. This function allows collecting needed cookie files automatically between websites before working with a new account. WebEmulator operates in the background with multi-thread mode allowing the set up of parameters for visiting websites such as the number of visited pages, time spent on each page, pauses, and delays between visits. WebEmulator enables alerts after task completion. 

News

Subscribe to Our Newsletter

Image
Image

Address (United States)

5695 Avery Road
Dublin, OH 43016

Talk to us

+1 (614)-401-3025