More corporate ransomware victims, T-Mobile, J. Crew hacked, coronavirus advice and a fraud awareness quiz

Welcome to Cyber Security Today. It’s Friday March 6th . I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanada.com.

To hear the podcast click on the arrow below:

Cyb er Security Today on Amazon AlexaCyber Security Today on Google PodcastsSubscribe to Cyber Security Today on Apple Podcasts

Organizations are still failing to protect themselves from ransomware. Here’s this week’s news: In Canada, CBC News reports a Regina steel company called Evraz will shut down for three days to contain an attack. In addition, I’ve discovered that if information on one ransomware gang’s website is to be trusted, a Canadian company that sells power tools to the construction industry has also been hit. In the U.S. a large industrial construction firm called Emcor admitted it was hit. According to the news site TechCrunch an American company called Communications & Power Industries, which makes components for the military, paid a $500,000 ransom. Other recent victims were a global legal service firm called Epiq Global and Visser, a U.S. auto and aerospace parts manufacturer.

Experts say many of these attacks can be stopped by giving employees regular training on how to spot suspicious emails, by making sure employees use strong passwords or passphrases and making them use two-factor authentication, and by restricting access to and encrypting sensitive data.

I talk a lot here about how to avoid being taken in by scams. You may think by now you’re an expert. Well, because March is Fraud Prevention Month the website of Canada’s Competition Bureau has a quiz you can take to test your skill. Here’s one of the questions: Who is typically vulnerable to being a targeted victim of fraud? Seniors, newcomers to Canada, women over the age of 50 or everyone? There’s a link to the quiz here.

The spread of the Covid-19 coronavirus has security-related implications for consumers and organizations. Consumers need to be wary of email and text scams trying to take advantage of your fears. So ignore messages with attachments purportedly with advice for what to do — even if they come from relatives and friends. Security experts have already discovered a number of malicious attachments being sent by people who want to attack your computer. Ignore advice from strangers on social media like Twitter and Facebook. Go yourself to trusted sources: Government web sites like the U.S. Food and Drug Administration. The Canadian government’s Canada.ca. has a special page. Just type in coronavirus. The United Kingdom’s National Health Service has a special page, too. There’s the Centers for Disease Control and the World Health Organization.

As for businesses, every firm should have a business continuity plan. That’s also called a disaster recovery plan. Disasters are usually thought of as floods, power failures, data breaches. But if many staff are unable to work because of illness, that can also be a disaster. So consider not only if staff can work from home, but if your organization is set up so they can securely connect to the office. If you already have team collaboration software, that may do. If not, staff may need to add special software to home computers called a virtual private network, or VPN. Make sure VPNs are protected with strong passwords and two-factor authentication. If you think staff will have to do video conferencing that has to be looked into as well.

Two big U.S. companies have admitted to data breaches. Telecom carrier T-Mobile said Thursday email accounts of some employees were hacked. Personal data of staff and customers were accessed including names, phone numbers, T-Mobile account numbers and billing information. Customers notified should change their password and PIN numbers. The last time T-Mobile was hacked was six months ago. And clothes retailer J. Crew is coming out now and admitting it was hacked just over a year ago. Crooks were able to get customer names, the last four digits of their credit cards, card expiration dates and billing addresses. In this case the attackers got in using stolen email addresses and passwords from other hacks. So victims were likely using the same password on more than one website, or an unsafe password — like “password123.”

That’s it for Cyber Security Today. Links to details about these stories can be found in the text version of each podcast at ITWorldCanada.com. That’s where you’ll also find my news stories aimed at businesses and cyber security professionals. Cyber Security Today can be heard on Mondays, Wednesdays and Fridays. Subscribe on Apple Podcasts, Google Podcasts or add us to your Flash Briefing on your smart speaker.