Tag Archive for: cybersecurity

Paul Dobbins

Why Businesses Keep Losing the War on Cyber Terror: Part 3

/in /by

Awareness Isn’t Enough: A Transparency Revolution 

In Part 1 of this blog series, I asked why businesses continue to lose the war on cyber terror; and in Part 2, I identified some of the root causes of the problem. Now it’s time to stop talking and start doing something about it.

Every October during Cybersecurity Awareness Month, we see an increase in tips and tricks to help businesses better protect themselves. This is a great endeavor to raise awareness for the average consumer. How do I know it’s working?  For one, my wife (who works in education) came home beaming ear to ear, boasting that she knew it was Cybersecurity Awareness Month because her school was taking part in the campaign. Amazingly, my middle school-aged son even knew about it.

But we, as leaders in cybersecurity, must do more to affect top-level change in order to truly flip the script in this war. We must question the ways we are currently conducting business. We must begin putting the “why” ahead of what we do—and let that guide how we do things.

As outlined in Part 2, the amount of noise in the cybersecurity landscape is deafening. In an ecosystem as complex as cybersecurity, trust is paramount. But when phrases like ‘where there’s mystery, there’s margin’ permeate the culture, trust is eroded. The best way to earn trust is through transparency.

Inspired by our Founder, Michael Kennedy’s passion for transparency, Ostra has outlined the beginnings of a framework that we believe people are hungry for. We believe leaders in the cybersecurity industry should model these behaviors:

Honesty:

  • Using plain, common language that all user levels can understand
  • Using transparent sales & marketing practices
  • Using non-predatory practices (e.g., fear tactics)

Self-awareness:

  • Openly recognizing their organization/solution is not perfect or ideal for everyone
  • Committed to constantly growing, learning and improving for the good of clients

Transparency:

  • Giving and receiving constructive feedback
  • Sharing critical information with competitors and other vendors in the interest of serving and protecting clients

Accountability:

  • Educating others as a priority over sales
  • Seeking collaboration with industry partners
  • Donating time, talents and other resources to bettering the industry

Join the Revolution

Would you do business with companies who align with this transparency framework or something similar? If so, let us know and be part of a transparency revolution. Together we can turn the tide.

Paul Dobbins

Why Businesses Keep Losing the War on Cyber Terror: Part 2

/in /by

Change the Channel: It’s Broken 

I’m not one to bury the lead. When it comes to cybersecurity, the channel is broken because it’s primarily focused on margin.  As I said in the last blog entry, the quote “Where there’s mystery, there’s margin” is more important to many than actually solving the complex issues facing the clients served by our channel. 

Unsurprisingly, the origin story behind why the channel is broken starts decades ago with a guy named Dave Berkus.  Dave was in the business of selling large computing systems prior to the advent of the personal computer, and is the self-proclaimed inventor of the saying “where there’s mystery, there’s margin.” Do a quick search and you’ll find him on video, quoted as saying: 

 

“You’ll be able to charge more, not less, when people don’t understand…”  

 

Think about how this relates to the questions I asked in the first part of this blog series and the answers you may have come up with: 

  • How many companies are trying to sell you cybersecurity products so you can expand your offerings for your clients? (I counted 44 exhibitors at MSP Summit last week.) 
  • At a high level, what are they trying to accomplish and how?  And why, if we have all these wonderful individual products and technologies, do we keep losing this most important war?  

While the answers to these questions are certainly multi-faceted and complex, let’s break it down as simply as possible. Which organizations first started combating cyber threats? Enterprises. Thus, individual, point-based solutions were sold to enterprises that, theoretically, had the resources and funds to implement and manage multiple point-based solutions with very specific purposes.  Commercial antivirus solutions were first, followed by firewalls, VPN, MDM, ETP, EDR, MDR, XDR, and every other acronym-based solution you can think of.  

When the enterprise funnel began drying up, these solutions were pushed downstream further into the channel. When those business prospects became too small, rather than solve for scale, many solutions were modified and watered down. Today, on average, it is estimated that each small business deploys a dozen or more different security tools; a medium-sized business averages several dozen tools; and an enterprise deploys more than one hundred.   

For small or medium-sized businessesthe heart and soul of MSP clientelehaving dozens of security solutions to manage is a recipe for disaster. If they are watered-down solutions, it gives a false sense of security. If they are truly enterprise-level solutions, they immediately drain resources for both the MSP and the business itself. 

Look at the vast cyber landscape outlined below.  Given the sheer volume of logos, there’s obviously margin.  The real mystery is figuring out how anyone could think a small or medium-sized business—or an MSP—could successfully navigate this landscape on top of paying attention to the company they are already running.

  

There Is Good News

Full transparency: At Ostra Cybersecurity, with a few notable exceptions, we haven’t had much luck finding trustworthy MSPs that we can recommend to our clients. We have focused our efforts on looking for straightforward and humble MSPs who share our vision to go against the grain and think differently about the business of cybersecurity so we can start winning the war. So, when we set out to attend MSP Summit last week in Orlando, we felt like we were hunting for unicorns amidst a sea of 40,000 horses.   

After many in-depth conversations, our team was encouraged to hear several MSPs acknowledge the cybersecurity problem within the channel. We heard from numerous people that too many point-based solutions using cyber jargon only creates noise and confusion and ultimately take the focus away from the core business of MSPs. It was refreshing to meet MSPs who have not been seduced into overextending their business. As broken as the channel may be, my hope of change is restored after talking with these folks. 

In the third and final installment of this blog series, we’re going to dive deeper into the transparency theme, throwing margin and mystery to the curb. We’ll talk about how to challenge the way MSPs think about cybersecurity and how the channel conducts business. I’ll have some questions for you to consider as you evaluate whether it’s worth changing the way we all do business for the sake of winning this war.   

Spoiler alert: it’s worth it. 

Stay tuned.

Paul Dobbins

Why Businesses Keep Losing the War on Cyber Terror: Part 1

/in /by

Are MSPs a Weak Link in Cybersecurity?

MSPs should be on top of the world. Even through a pandemic, economic downturn and stifling inflation, the majority of MSPs were able to increase revenues in 2021 and 2022 looks even stronger, as reported by Channel Futures regarding Wingman’s 2022 MSP Growth Survey.

As the industry continues to consolidate, MSP acquisitions increased from 23 transactions in 2017 to 78 in 2021, with private equity deal volume increasing 390% in that timeframe (from 10 private equity deals in 2017 to 49 in 2021, based on MSP Insights).

However, at the same time, more than 75% of MSPs say their current workload is at or over capacity. More than 50% of MSPs say their pipelines will support them for less than six months and 40% express concern that their workload impedes finding new business.

Is it any wonder, then, that CISA and cybersecurity allies across the globe released a joint advisory earlier this year warning of increases in malicious cyber activity targeting MSPs, along with very basic cybersecurity recommendations for MSPs to implement? Threat actors know MSPs are vulnerable and provide access to multiple victim networks that they can exploit on a global scale.

But threat actors aren’t the only ones taking advantage of MSPs. Traditional vendors are taking advantage of MSPs by focusing on fear and distrust to turn a quick profit instead of solving industry problems.

“Where there’s mystery, there’s margin.” 

 MDR/XDR vendor at a recent MSP tradeshow

When it comes to vendors who encourage a sales culture based on mystery, the only thing separating them from threat actors is that we know the vendor’s identity. And MSPs that are seduced into following the “(sl)easy” money are betraying the trust of their clients and deserve to be replaced. Given that recent data has identified 80% of MSP customers are looking to replace their MSP within the next year (Channel Insider), that’s probably happening sooner rather than later.

The business practices I have described here should make any service-oriented organization angry! But it’s not just blatantly predatory sales tactics that continue to erode the foundation of security for businesses using MSPs. There are deeply rooted issues that need addressing. In this blog series, I’m going to boldly ask for your help in doing so.

If you’re an MSP, take a second to think about how many companies are trying to sell you cybersecurity products with the assumption that this will help you expand your offerings for your clients. Makes sense on the surface, right? We know that cybersecurity is the number one, most important, top-of-mind pressing IT issue facing businesses of all sizes right now, period. It’s influencing the overall cost of doing business, overwhelming already understaffed and overworked IT teams, and keeping worried C-suite execs up at night.

Take A Minute to Critically Think

Industry leaders from across the nation will gather October 30 – November 2 in Miami for the MSP Summit. Let me ask you these questions as you prepare to attend (or think about a recent MSP show you’ve attended):

  • Count all the cybersecurity products you’re being sold. At a high level, what are they trying to accomplish and how?
  • Why, if we have all these wonderful individual products and technologies, do we keep losing this most important war?

In Part 2 of Why Businesses Continue Losing the War on Cyber Terror, I’ll dive further into how we got to this point. Stay tuned.

Before I get too much hate mail, I’m not a fan of bringing problems without solutions. So Part 3 of this series will bring everything together. It will discuss how we can begin to approach this challenge differently, change the narrative, and start winning the war on cyber terror from a business perspective. Spoiler alert: Ostra Cybersecurity (my employer) is not the be-all, end-all solution; it cannot be done by any one company alone.

Before signing off, I encourage you to attend the MSP Summit. It’s a great time to hear from innovative leaders and catch up with colleagues in the managed services space—and don’t forget to stop by Ostra at Booth #309 and say hello if you’re in the neighborhood.

Until next time… I’ll leave you with a few simple challenges. Be skeptical of mysteries. Think clearly. And let’s get ready to shake things up and start winning the war on cyber terror.

Ostra Company News
Stacey Kusnier

PRESS RELEASE: Ostra Unveils Diversified Managed Cybersecurity Offerings to Meet Evolving SMB Client Needs

/in /by

Company expands its industry-leading cyber threat remediation and resolution services with Ostra EncompassTM and Ostra ExtendTM.

[Minneapolis, Minn., Sept. 26, 2023] – Ostra Cybersecurity, a company that provides a multi-layered, holistic, and fully managed Security as a Service that continues to revolutionize the way cybersecurity is delivered to small and mid-sized businesses, announced its diversified managed cybersecurity offerings designed to fit the evolving needs of its clients and partners.

All of Ostra’s solutions are managed by a trusted team of cybersecurity experts. This is especially important since threat remediation and resolution is the number one thing that many companies are looking for. Rather than just receiving the alerts and recommendations that many Managed Detection and Response (MDR) firms typically provide, clients can rely on Ostra’s proactive team to do the hard work of remediation on their behalf. In a world where SMBs are overwhelmed and alert-fatigued, Ostra’s experts have the skills and knowledge to confront cybercriminals head-on while achieving real results and resolution.  

Ostra’s new managed cybersecurity offerings include: 

  • Ostra EncompassTM: This offering is ideal for SMBs and partners who need a solution that encompasses all of their critical cybersecurity needs. Ostra Encompass incorporates 24/7 Managed SOC & SIEM, Firewall & VPN, Endpoint Security, and Email Security—plus a newly added Security Awareness Training component.  
  • Ostra ExtendTM: This new offering incorporates Ostra’s 24/7 Managed SOC & SIEM, Collector & Sensor, and Endpoint Security components. The solution is beneficial for clients who already have some security capabilities in place but need endpoint remediation and general cybersecurity guidance.

As Ostra continues to evolve its offerings to better meet the needs of the market, the company remains focused on its mission to simplify cybersecurity and make Fortune 100-level protection more accessible to SMBs.  

“Not all of our clients require the same type of cybersecurity solution,” said Ostra Founder Michael Kennedy. “Ostra believes in transparency and trust, and these new managed cybersecurity offerings help us communicate more clearly with our partners and clients about the exact level of service they need.”  

A major part of Ostra’s mission is to educate its community, and provide helpful resources related to cybersecurity and data privacy. Adding psychological Security Awareness Training to its core capabilities adds another important layer of protection for organizations while also increasing their cybersecurity compliance and enabling them to meet standards such as NIST and CMMC. 

“While security tools do a great job of filtering out most phishing emails, hackers are changing their tactics every day to target our clients’ employees,” said Emad Bhatt, VP of IT at Ostra. “This additional frontline defense training truly arms our clients and their employees with the critical knowledge they need to be protected.” 

Ostra’s new value-added Security Awareness Training includes ongoing psychological training, phishing testing, and reporting. Designed to increase staff engagement in cybersecurity best practices, this component is now included at no additional cost to Ostra Encompass clients.  

About Ostra Cybersecurity 

As Your Trusted Cybersecurity Team, Ostra makes cybersecurity simple and accessible to businesses of all sizes. Ostra provides its partners and their clients with multi-layered, comprehensive, and fully managed Security as a Service. Ostra’s proprietary solutions combine Fortune 100-caliber tools, tech, and talent to ensure threats are not only detected and hunted, but also fully remediated.   

With a mission to simplify cybersecurity for small to mid-sized businesses, Ostra believes everyone deserves best-in-class data protection—not just big business. For more information, visit www.ostra.net 

Read the full Press Release

 

Ostra Cybersecurity

The Hidden Dangers of Insider Threats

/in , /by

Possibly one of the most underrated catalysts for a cyberattack is the insider threat. Take a look at some recent statistics:

  • An article by Identity Management Institute stated that 65-70% of all security incidents arise from insider threats to system and data security.
  • According to IBM Security Intelligence, 40% of insider incidents involve an employee with privileged access to company assets.

Many companies do not account for the damage that an insider threat could do. An insider threat can be anyone with access to an organization’s network, like employees, contractors, business associates, or friends. Insider threats are the biggest contributors to cyberattacks, especially in the last couple of years.

22% of all folders were available to every employee. (Varonis)

What is an insider threat?

An insider threat is anyone who has special access to the organization and can possibly use that access to attack or help hackers target the company. There are a few different types of insider threats to be aware of: malicious insiders, inside agents, emotional employees, reckless employees, and third-party users. Each one of these types of insider threats all could have access to an organization in some way and can use it to their advantage.

Insider threat attacks have only been growing in the past years and experts predict that number to skyrocket as more businesses switch to remote work. The increasing mix of remote, hybrid, and on-site employees means that companies must be extra vigilant about managing network access and permissions. Even the most loyal employees who retire or leave on good terms should no longer have access to company files or systems after their last day. In addition, it is important to ensure that dissatisfied or disgruntled employees—whether they are still there, or were recently laid off—cannot use their access in retaliation against the company.

“The overall cost of insider threats is rapidly rising. There is a 31% increase from $8.76 million in 2018 to $11.45 million in 2020”. (Cost of Insider Threats Global Report)

Online Hygiene

Although cybersecurity has become a loaded concept, it’s important to make cybersecurity a priority. Good online hygiene should be part of any organization’s onboarding or off-boarding process, but if it not, then take it upon yourself to exercise best practices to keep your company safe.

Some basic precautions include performing regular software updates and enabling MFAs. You can also contact Ostra to explore how a cybersecurity assessment can reveal what vulnerabilities you may have, and how you can stay ahead of threats.

Avoiding Apathy

How can companies best protect their data from insider threats? While it is tempting to succumb to either apathy or paranoia, neither of these extremes is the right approach. Rather, awareness that leads to action is the goal. You can read more about this approach in Ostra’s blog about data privacy.

How to protect against insider threats?

  1. Update and maintain the user access/privileges list and be aware of which employees have access and to what—especially as you are onboarding new employees or removing access from departing employees.
  2. Ensure sensitive/confidential information is not accessible by anyone who does not need it.
  3. Educate employees on insider threats and how they can help defend against a possible attack.
  4. Implement a cybersecurity program that can defend immediately against any lurking vulnerabilities.

Ostra Cybersecurity provides active defense protection for your businesses’ data and act immediately instead of monitoring and alerting as many antiviruses do. Ostra keeps everything up to date meaning the latest threats are already neutralized before they attack.

Want to find out more? Contact us today to see how Ostra can help you and your clients minimize risk from insider threats.

Eunice Asemnor

Spot the Signs of Tax-Time Phishing Scams

/in /by

Tax season is officially upon us. Tuesday, April 18 is the deadline for most Americans to file their 2023 federal tax returns—and for many, the process of preparing and assembling the necessary documents is already underway. This is also an especially busy season at Ostra, as our Trusted Cybersecurity Team always sees elevated levels of phishing activity around tax time.

Both individuals and businesses should remain extra vigilant and take steps to avoid getting “hooked” by phishing scams during tax season.

Phishing and IRS Impersonators

As the digital age progresses, so do the tactics of cybercriminals. One of the most common types of cybercrime is phishing, in which scammers pose as legitimate entities to trick people into divulging sensitive information.

The Internal Revenue Service (IRS) is a popular target for phishing scams due to its role in collecting taxes from individuals and businesses. To protect yourself from tax-related phishing scams, it is essential to be aware of the tactics used by scammers during our tax season, and learn how to report them to the IRS.

Phishing emails often use fear tactics to get people to act quickly without thinking. One very important point to understand about the IRS is this:

“A real IRS agent WILL NEVER demand you make an immediate payment to a source other than the U.S. Treasury. Unscrupulous callers claiming to be federal employees can be very convincing by using fake names or phony ID numbers. If you are unsure if the caller is legitimate, hang up, look up the direct number for the agency online, and call that source to verify.”

(Source: National Cybersecurity Alliance)

For example, an email may claim that the recipient is owed a tax refund but needs to provide their personal information to claim it. Another common strategy is to claim that the recipient owes back taxes and is in danger of legal consequences if they do not pay immediately. These emails may also contain attachments or links that, when clicked, download malware onto the user’s computer.

Stay Ahead of the Game

To protect yourself from phony IRS phishing, it is important to recognize these tactics and take the following precautions:

  1. Be on the lookout of unsolicited emails. The IRS does not initiate contact with taxpayers via email, text message, or social media. If you happen to get an email claiming to be from the IRS, don’t click on any of the links or open any attachments. Instead, forward the email to the IRS (phishing@irs.gov).
  2. Be sure to check the sender’s email address. Phishing emails often use email addresses that appear to be legitimate but are slightly different from the actual address. For example, an email may come from “irs-taxrefund.com” instead of the official “irs.gov.” Always check the sender’s email address before clicking or replying to any emails.
  3. Do not provide personal information. The IRS will never ask for personal or financial information via email, text, or social media. If you receive a message asking for this type of information, it is most likely phishing.
  4. Use strong passwords. You’ve heard this one before, but it’s an important one. Always create strong, unique passwords for all your accounts and change them regularly. You can use a combination of letters, numbers, and symbols, and avoid using the same password for multiple accounts.
  5. Enable two-factor authentication. Two-factor authentication adds an extra layer of security to your accounts by requiring a second form of authentication, such as a code sent to your phone and your password.

Phishing scams by criminals posing as the IRS can be dangerous and costly. By recognizing the tactics used by scammers and taking necessary precautions, you can protect yourself from becoming a victim. Be wary of unsolicited emails, double-check sender email addresses, do not provide personal information, use strong passwords, and enable two-factor authentication. Stay vigilant and take steps to keep your personal and financial information safe.

Protect Your Business

Is your business fully protecting the financial information, health records, or other sensitive data from customers, clients or third-party entities? Working with a dedicated cybersecurity partner like Ostra offers peace of mind. Our proprietary solutions are built on multiple layers of protection to keep your data, as well as your reputation, safe and sound.

Reach out to Your Trusted Cybersecurity Team today with any concerns or questions on tax-related scams.  From phishing to malware, ransomware and other cyber threats, Ostra has you covered.

Michael Kennedy

Protecting What We Value: Why Data Privacy Is Worth the Effort

/in /by

For anyone who participates in today’s digital economy, sharing information across multiple devices, apps, websites and software programs has become standard business practice and part of our daily routines. Many assume it is safe to repeatedly upload documents to file-sharing sites, collect details about customers via email, utilize customer service chats, process credit card payments online, or engage with third-party services. But how many of us take the time to learn more about the data collection process—or verify how this information will be kept confidential in the future?

Data Privacy Week

Data Privacy Week is an annual campaign and global initiative that spreads awareness about data privacy and educate individuals on how to secure their personal information. As a proud Data Privacy Champion, Ostra recognizes and supports the principle that all organizations share the responsibility of being conscientious stewards of personal information.

Ostra’s history and team culture reveals our passion for data privacy; we were founded on the belief that all businesses and individuals have a fundamental right to data privacy and security, no matter the size of their organization. Our team remains engaged in educating businesses about how to manage and secure their own data and systems, as well as taking steps to protect the data of clients or third-party vendors they interact with.

Why Is Data Valuable?

The truth is that data is a valuable asset because all online activity generates a digital trail that reveals behaviors, interests, purchasing habits, and more. For example, a weight loss app can track things such as the user’s age, weight, blood pressure or activity levels. Auto insurance providers may offer a rate discount if users install an app that shows their driving habits, daily routes, and phone usage while driving. YouTube, TikTok, and other social media apps keep an eye on the videos and ads that users click on, so they can place similar content in their feeds.

SDG Group, a global management consulting firm, explained that the “highly reusable” nature of data is one of the reasons why it is such a valuable asset for businesses:

“Generated once, it can be reused multiple times for a variety of uses: information analysis by business analysts, analytical models, etc.” (Source: sdggroup.com)

Of course, data isn’t always used for nefarious purposes. Most business use data analytics to help them reach more customers, and that’s not in itself a negative thing. For example, this HubSpot article asserts that there are four main benefits of big data for large and small businesses: solving problems, increasing revenue, cutting costs, and improving customer experiences.

But unfortunately, cybercriminals can use an individual’s online details to create a digital profile with the end goal of identity theft. And at the corporate level, all it takes is one weak password to give hackers a foothold that could result in a ransomware attack on the larger organization or its customers.

Take Proactive Steps

In his 2022 Data Privacy Week blog, Ostra Founder Michael Kennedy unpacked the idea that data privacy shouldn’t be considered an all-or-nothing pursuit. Although it can be tempting to become stuck in either apathy or paranoia, both of these extremes can actually result in inaction—which doesn’t help anyone. The best way forward is simple awareness, which leads to action steps. Read the full article here.

Apathy and paranoia are two extremes that result in inaction, while awareness leads to action.

 

Three Tips for Managing Data Privacy

Below is a summary of simple tips, provided by the National Cybersecurity Alliance, to help you manage your data privacy:

1. Know the Tradeoff Between Privacy and Convenience

Anytime you download a new app, open a new online account, or join a new social media platform, you may be asked for access to your personal information before you can even use it! This data might include your geographic location, contacts, and photos.

This personal information about you is tremendously valuable to businesses – so you should think about whether the service you get in return is worth the data you must hand over, even if the service is free.

Make informed decisions about sharing your data with businesses or services:

  • Is the service, app, or game worth the amount or type of personal data they want in return?
  • Can you control your data privacy and still use the service?
  • Is the data requested even relevant for the app or service (that is, “why does a Solitaire game need to know all my contacts”)?
  • If you haven’t used an app, service, or account in several months, is it worth keeping around, knowing that it might be collecting and sharing your data?

2. Adjust Settings to Your Comfort Level

Check the privacy and security settings for every app, account or device that you use. These should be easy to find in a Settings section and should only take a few moments to change. Set them to your comfort level for personal information sharing; generally, it’s wise to lean on the side of sharing less data, not more.

You don’t have to do this for every account at once. Start small and, over time, you’ll make a habit of adjusting all of your settings to your comfort. The National Cybersecurity Alliance has in-depth, free resources like the Manage Your Privacy Settings page  to help you check the settings of social media accounts, retail stores, apps and more.

3. Protect Your Data

Data privacy and data security go hand-in-hand. Along with managing your data privacy settings, follow some simple cybersecurity tips to keep your data safe. The National Cybersecurity Alliance recommends following these “Core 4” tips:

  • Create long (at least 12 characters), unique passwords for each account and device. Use a password manager to store each password – maintaining dozens of passwords securely is now easier than ever.
  • Turn on multifactor authentication (MFA) wherever it is permitted – this keeps your data safe even if your password is compromised.
  • Turn on automatic device, software, and browser updates, or make sure you install updates as soon as they are available.
  • Learn how to identify phishing messages, which can be sent as emails, texts, or direct messages.

For more information about Data Privacy Week, visit https://staysafeonline.org/data-privacy-week/

 

Ready to learn how Ostra can help you safeguard your most valuable asset? Contact our Trusted Cybersecurity Team to start an honest, down-to-earth conversation about data privacy.

Ostra Company News
Stacey Kusnier

PRESS RELEASE: Ostra Cybersecurity Secures Capital to Bring Fortune 100-Caliber Protection to Small and Mid-Sized Businesses

/in /by

Funding led by Rally Ventures will fuel growth and strengthen channel partner relationships.

[Minneapolis, Minn., Nov. 16, 2022] – Ostra Cybersecurity, a company that provides a multi-layered, comprehensive and fully managed solution to simplify cybersecurity for small to mid-sized businesses, announced that they have recently raised $3.5 million in Series A funding led by Rally Ventures, with participation from founding investor Jeff Cowan.

More than 75% of cyber attacks target small and mid-sized businesses (SMBs) with the average total cost of a data breach reaching nearly $3 million in 2021. It’s critically important for businesses of all sizes to keep systems and data secure from cybercriminals, but best-in-class, enterprise-grade protection has not always been accessible or affordable for most SMBs.

Ostra’s comprehensive solution provides SMBs with access to cybersecurity that rivals the type of protection the world’s largest companies rely on. Ostra combines the latest generation of cybersecurity tools, technology and talent into one fully managed service that protects against email threats, ransomware attacks, malware infiltration and more.

The funding will support Ostra’s business development and operational initiatives to strengthen and expand its channel partner relationships. “This investment helps us navigate a time of rapid growth while continuing to provide breakthrough solutions as the trusted cybersecurity team for our clients and partners,” said Paul Dobbins, Chief Growth Officer with Ostra.

“Every business should have access to best-in-class data protection,” said Ostra Cybersecurity President Joe Johnson. “Cybercriminals are increasingly going after SMBs and Ostra is passionate about ensuring they have what they need to protect their data so clients can sleep at night knowing our team is fully managing their security environment.”

“Cybersecurity challenges are overburdening SMBs. Ostra delivers big company technology to make cybersecurity accessible to businesses of all sizes,” said Michael Jennings, Venture Partner at Rally Ventures. “The Ostra executive team are entrepreneurs with decades of experience in cybersecurity and strategic operations. We look forward to joining them in their mission to simplify cybersecurity for SMBs.”

About Ostra Cybersecurity

Ostra Cybersecurity provides a proprietary solution that combines Fortune 100-caliber tools, tech, and talent to ensure threats are not only detected and hunted, but also fully remediated. Ostra was founded in 2018 by Michael Kennedy, a cybersecurity innovator who previously led a $100 million global security initiative for one of the world’s largest healthcare providers. Kennedy recognized that small and medium-sized businesses (SMBs) were increasingly being targeted by cybercriminals. He built Ostra Cybersecurity on a mission to simplify cybersecurity and better protect SMBs. To learn more about Ostra Cybersecurity, visit ostra.net.

About Rally Ventures

Rally Ventures invests exclusively in early-stage business technology companies, focusing on entrepreneurs creating major new markets or bringing transformative approaches to existing ones. Since 1997, Rally Ventures’ partners and venture capital industry veterans have invested in or run early stage enterprise business-to-business technology companies with a proven ability to deliver superior returns regardless of the overall market environment. For more information visit rallyventures.com.

 

Read the full Press Release

Stacey Kusnier

“Who Can You Trust” – A Hacks and Hops Session Recap

/in /by

Ostra was a proud sponsor and co-presenter at this year’s Hacks & Hops Information Security Conference, held October 6, 2022 at the U.S. Bank Stadium in Minneapolis. Hosted by FRSecure, one of Ostra’s Channel Partners, Hacks and Hops is a full-day conference that brings information security professionals together to learn, network and enjoy beer. 

Who Can You Trust?  

For the opening session of Hacks and Hops, Michael Kennedy (Founder, Ostra Cybersecurity) joined Evan Francen (Founder and CEO, FRSecure/SecurityStudio) for a candid discussion about mental health and coping strategies for those who work in the stressful field of cybersecurity. Access a replay of the on-demand session below.  

 

 

Session Summary 

Information security professionals are presented with no shortage of tasks, deadlines, emails, conference options, information feeds and advice on a daily basis. Whether they are building secure infrastructures, responding to incidents, combing through threat feeds, justifying budgets, training or educating employees, the job can feel overwhelming at times. So, who can they trust and where can they go for the solid support they desperately need?

As two cybersecurity leaders known for their honesty and frankness, Michael and Evan delivered a 40-minute presentation entitled “Who Can You Trust?” They shared some of their own struggles, as well as wisdom they have learned along the way, regarding:

·      Tips for dealing with job-related anxiety, impostor syndrome, etc. 
·      Vetting the information they consume (marketing fodder, headlines, threat feeds, etc.) 
·      Recommendations they make to their customers

 

Letting go is not letting it consume you… If something happened, how do we fix it? How do we move on? … You’ve got to be in this moment, today. Just deal with what’s in front of you.

– Michael Kennedy, reflecting on ways to stay mentally healthy while managing cyber threats

 

A Call for Transparency 

Many of Kennedy’s and Francen’s comments were rooted in themes of transparency and honesty. Kennedy shared that although it can sometimes feel intimidating to admit what you don’t know—especially in an industry rife with acronyms and cyber jargon—transparency is critical to getting the support you really need to help your clients.  

Transparency is a topic that Ostra leaders have been passionate about since the company’s inception. Chief Growth Officer Paul Dobbins recently published a 3-part blog series, Why Business Keep Losing the War on Cyber Terror. In the final blog in this series, “Awareness Isn’t Enough: A Transparency Revolution,” Dobbins outlines 4 key behaviors that Ostra believes every leader in the cybersecurity industry should model in order to create the kind of transparency that benefits everyone, including clients.  

Join the Revolution

If you are an information security professional, do you think being more transparent could help you get the support you need? Or, if you are a business owner, would you do business with companies who align with this transparency framework or something similar? If so,  let us know and be part of a transparency revolution. 

Ostra-small-business-security-tips-998x681px
Ostra Cybersecurity

Small Business Cybersecurity Tips

/in , /by

Many small businesses are currently struggling because of the pandemic. The last thing any small business needs now is a cyberattack, which could easily put a company out of business. So now more than ever there is a need for strong cybersecurity practices, especially in smaller businesses with less cybersecurity devoted resources.

60 percent of companies that are victims of a cyber-attack go out of business within six months. -NCSA

The average loss of a cyberattack in 2019 was around $200,000, which is a lot of money for a small business to pay. This helps to understand why so many companies struggle to succeed after a cyberattack.

These are some helpful tips to help improve cybersecurity in small business

Train your staff

Employee training is the first and one of the most important steps in maintaining quality cybersecurity. Your employees are the main entry point that hackers try to exploit. Hackers try to gain access through employees by tricking them with phishing and social engineering attacks. They also target employees who are working from home on unsecured personal internet networks. Business owners should train their employees to back up data regularly, avoid any suspicious links, and to report any possible phishing scams. Trained employees will reduce the risk of an attack and should be wary of any future attack.

A 2019 Accenture study found that 43 percent of cyber-attacks are aimed at small businesses but only 14 percent are prepared to defend themselves. This is alarming news especially since small businesses are a top-tier target for most cybercriminals. Shows just how many small businesses lack preparedness and how many need to quickly improve their security.

Find a cybersecurity solution

Perhaps one of the best ways to defend your business against cyber threats is to find and install a solid cybersecurity solution. Small businesses usually are short on cybersecurity resources, to begin with, and usually do not have dedicated IT/Cybersecurity experts. Which is why small businesses need a low-cost solution that is extremely effective.

Your business technology should be protected with anti-virus and anti-malware software, this will find and identify any threats to your business. These have security features that will make it harder for any information to be stolen. Every business should have a virtual private network (VPN) that hides your IP address, making it almost impossible for hackers to track you. VPNs are very useful and a necessity if you have employees working from home on unsecured networks. Email protection and maintaining a firewall are also highly recommended in the cybersecurity community.

Ostra offers an affordable and quality cybersecurity solution for your business, that incorporates the very best security tools to protect small/medium-sized businesses. We operate behind the scenes to protect businesses and their most valuable asset, their data.

We leverage known platforms such as FireEye and Palo Alto, to create a sphere of protection for your business and employees, no matter where they are located or what machine they are on.

Want to find out more? Contact us today!

Ostra Cybersecurity

Cybersecurity Awareness Month

/in /by

October is Cybersecurity Awareness Month, Ostra is proud to take part in helping to create a safer and more trusted cyberspace for everyone.

History of Cybersecurity Awareness Month

Cybersecurity Awareness Month was founded by both government and industry to make sure every American consumer and business has the resources needed to stay safe and secure online. Originally, 17 years ago, cybersecurity month messages were about updating antivirus software and the threat of a “virus”. But as technology advanced, so did the efforts needed to educate people on growing cybersecurity threats.

Today, organizations of every kind, non-profit/for-profit, corporations, universities, small businesses, and other groups all participate in Cybersecurity Awareness Month. These groups all have one goal in mind, to educate their employees/customers/members on the importance of creating a safer, more secure internet for everyone. Awareness efforts today highlight the basics of keeping your technology and information safe. Companies and organizations share tips and tricks throughout October.

Cybersecurity Awareness Month Resources

To get involved and learn more about Cybersecurity Awareness Month, check out these cybersecurity focused partners.

The National Cyber Security Alliance (NCSA) builds strong public/private partnerships to create and implement broad-reaching education and awareness efforts to empower users at home, work, and school with the information they need to keep themselves, their organizations, their systems, and their sensitive information safe and secure online and encourage a culture of cybersecurity. https://staysafeonline.org/cybersecurity-awareness-month/

Information Systems Security Association (ISSA) is the community of choice for international cybersecurity professionals dedicated to advancing individual growth, managing technology risk, and protecting critical information and infrastructure. https://www.issa.org/

The Cyber Security Hub is an online news source for global cybersecurity professionals and business leaders who leverage technology and services to secure the entire perimeter in their enterprise. https://www.cshub.com/

Ostra’s Cybersecurity 101

For those who are new to the world of cybersecurity or just need a refresher, check out our Cybersecurity Terms 101 post. We cover the basic terms that everyone should know to better protect their own devices and to help keep cyberspace safe.

Want to find out more about Ostra and how we can help your business? Visit Ostra.net or contact us today at protection@ostra.net

Ostra Cybersecurity

Cybersecurity Terms 101

/in /by

October is Cybersecurity Awareness Month and a time to spread the importance of understanding cybersecurity and cybercrime. As cybersecurity evolves, so do the threats that come with it. To stay safe in today’s cyber world it’s important to understand all the different types of threats that could harm you and your business. Everyone is vulnerable to a cyberattack, not just businesses and computers, your personal devices like your phone, watch, and tablet can all be hacked. This is a shortlist of the many different cybersecurity terms that are important to know to increase your cybersecurity awareness.

Cybersecurity

Cybersecurity is the practice of protecting computer systems and networks from the theft of hardware, software, and data. Cybersecurity works in many ways to defend against all types through hardware, software, and even internal threats. Cybersecurity works as an immediate defense against all types of ways that cybercriminals try to attack.

Hacker

A hacker is someone who gains access to devices or networks by breaching defenses and exploiting weaknesses. Hackers are usually motivated by personal gain or just because they know how to, for fun.

Malware

Malware, short for malicious software, is any type of software that is designed to cause damage and gain access to a computer, network, or database. Examples of malware are computer viruses, ransomware, spyware, adware, and more.

Ransomware

Ransomware is a new and very popular form of malware that locks the users out of their devices and prohibits access to files. After locking the user out, the hackers behind the ransomware then demand an anonymous online payment (ransom) to get their data and device access back.

Spyware

Spyware is a form of malware that hides on a device or network and steals information discreetly without the user’s knowledge. Spyware is used to steal things like bank details and personal information.

Adware

Adware is a form of malware that also hides on your device and annoyingly makes advertisements pop up, usually on web browsers. The adware is meant to gain revenue for the adware developer by monitoring online behavior and spamming the user with targeted ads.

Phishing

Phishing is the practice of sending malicious emails that appear to be from a reputable company to trick victims into the opening and sharing their sensitive personal information. Usernames/passwords, bank account, and credit card details are the main targets for phishing scams. The elderly are one of the most targeted groups for phishing scams. Educate your parents/grandparents on how to avoid phishing scams!

Data Breach

A data breach is an incident that exposes sensitive and protected information, intentionally or unintentionally. A data breach is usually the result of a successful cyberattack, where the hacker then steals information to sell back for a ransom, sell on the dark web, or any other personal gain. Data breaches can force business operations to completely stop, which can cost a lot of money and lost profits.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

 

Ostra-largest-medical-cyberattack-998x681px
Ostra Cybersecurity

Largest Medical Cyberattack in US History?

/in , /by

Universal Health Systems is a major US hospital and healthcare provider that has more than 400 different locations throughout the country. The hospital system was hit with one of the largest medicals cyberattacks ever in the United States. Experts believe it could be the biggest ever.

The attack, that left the IT network offline across the 400 healthcare facilities, was reported as a security incident. The facilities had to resort to their back-up plan which includes offline documentation methods. Nurses had to work with pen and paper and could not access their medication system. Many reported that their computers either shut off on their own or slowly stopped working.

The way the entire system was compromised at once and many computers seemed to be taken over, makes this seem like a ransomware attack. Many experts are speculating that this is the case. We know that cybercriminals like to target healthcare systems because the probability of a ransom payment is higher. Hospitals would rather pay than have a patient become more injured, sick, or die due to a security incident.

Protect your business

To protect the organization, company IT security programs should be in the hands of professionally managed security teams or outsourced to managed security firms. Ostra Cyber Security is the professionally managed security team for your business. Managing everything from desktops and laptops, to tablets and BYODs, Ostra’s technology keeps everyone safe.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

https://bit.ly/30ov82h

Ostra-legislation-security-standards-998x681px
Ostra Cybersecurity

House Passes Legislation To Set Internet Of Things Security Standards

/in /by

A new bill that was just passed will require that all Internet of Things devices purchased by the US government must meet set security requirements. Internet of Things devices is any everyday objects that connect via the internet to send/receive data. Things like smartwatches, smart home security devices, and wireless inventory trackers are all IoT devices.

This bill, called the IoT Cybersecurity Improvement Act, instructs the National Institute of Standards and Technology to enforce security standards that any government agency needs to follow when buying IoT devices.

“These devices must be secure in order to protect Americans’ personal data.” Rep. Kelly (IL)

Even though this bill doesn’t directly improve the security of millions of consumer Internet of Things devices that are already being used by Americans. Such as home voice assistants, smart TVs, and smartwatches. It is still a huge deal for long-term IoT security. Because government agencies are big customers, IoT manufacturers will have to adjust to meet the new standard if they want to keep their business. Most IoT manufacturers sell to the government and consumers, so it should encourage them to only follow one set of standards. Resulting in improved security standards for all future IoT devices.

Stay protected

This bill gives manufacturers 2 years to update their security standards. Some say this is too long of a wait considering there are currently millions of devices in the US that could be vulnerable to unknown or known exploits.

Ostra Cyber Security provides active network defense protection for your home or businesses’ Internet of Things devices and acts immediately instead of monitoring and alerting as many antiviruses do.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

https://washex.am/34euwxj

Ostra Cybersecurity

Companies are Looking for Affordable Cybersecurity Solutions

/in /by

It is estimated that more than half of the US workforce has transitioned to remote working. With more people working from home businesses are way more vulnerable. This has really increased overall cybersecurity spending for companies.

58% of companies represented in a recent Microsoft survey have increased their cybersecurity budgets in response to the pandemic.

Companies have spent the last months working overtime to meet business goals while also protecting the business from new and dangerous threats. Even though many companies are spending more to play defense, many are still being impacted by social engineering attacks, like phishing scams. Phishing scams have only become more popular as employees are now working on personal networks and devices.

Companies are Struggling with Complex Cybersecurity Programs

The COVID situation has made companies rethink their cybersecurity approach. Now companies are finding ways to increase the efficiency of their cybersecurity while also simplifying them.

“Companies are looking for simplicity, to date, security is too complicated.” – Andrew Conway, GM for Microsoft’s security marketing

Companies are struggling with complex and hard to use/install cybersecurity programs that use many different security tools from different vendors. Many programs require too much set-up or maintenance work. Companies and cybersecurity managers are looking for an affordable cybersecurity program that simplifies cyber defense and protects what matters.

Businesses NEED a simple and affordable cybersecurity program in place

Ostra is your cyber-security-solution that offers a 360 degree, 24/7 protection that works seamlessly in the background, protecting sensitive data and communications at every access point. Ostra Cyber Security is a software solution that knits together the top security solutions in the industry. We leverage known platforms such as FireEye and Palo Alto, to create a sphere of protection for your business and employees, no matter where they are located or what machine they are on.

Want to find out more? Contact us today!

Ostra Cybersecurity

Financial Sector is the Most Targeted During Pandemic

/in /by

Cybercriminals are attacking businesses like never before, and they have way more of an interest in the financial services sector than in past years. The pandemic has caused difficult financial situations for many, that includes cybercriminals too, which is why they have their targets locked on the most lucrative sector.

Remote work is part of the reason for the sudden spike in financial sector related cyberattacks. Experts highlighted remote access inefficiencies, due to the increase in the number of people working from home, as the greatest security challenge. They also mentioned virtual private network (VPN) vulnerabilities as another security challenge. These are challenges for every business but especially for remote workers in the financial sector, who must protect more sensitive information.

The financial sector was the most commonly targeted sector, receiving 51% of attacks. This was followed by healthcare (35%), professional services (35%) and retail (31%).

Because organizations in the financial services industry are entrusted with highly valuable and personally identifiable information, they are an attractive target for cybercriminals. Businesses in the financial sector have the most valuable information for cybercriminals. Such as social security numbers, bank information, insurance information, names, contact information, and addresses. All this personally identifiable information can sell for a high price on the black market.

A cybersecurity company has reported a 238% increase in cyberattacks between February and April 2020. With the financial sector receiving a majority of pandemic attacks, a cybersecurity solution is essential in the fight against cybercrime.

Protect your business from the rapid increase in cyberattacks on the financial industry

Ostra is your cyber-security-solution that offers a 360 degree, 24/7 protection that works seamlessly in the background, protecting sensitive data and communications at every access point. We offer a secure VPN connection to protect your remote workers. We also offer email protection, to protect against one of the financial sectors’ biggest threats, phishing scams.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

https://yhoo.it/3bmcZqa

Ostra Cybersecurity

Financial Sector Cybersecurity Spending Up 15% in 2020

/in /by

Banks and other financial service-related businesses are spending 15% more this year to defend against cybercrime.  The pandemic and remote working are influencing this change in spending, and the number will keep increasing, a survey found.

The average spending per employee in 2019 was $2,337. That number has increased to $2,691 per employee in 2020. For example, a company like Wells Fargo with thousands of employees is paying $850 million annually on cybersecurity. This change is due to the increased need for effective cybersecurity that can defend against cyberthreats no matter where the employee is located. The financial services industry on average pays the most per cyberattack than any other industry.

The financial services industry takes in the highest cost from cybercrime at an average of $18.3 million per company surveyed. (Accenture)

Since the financial sector is one of the most targeted it makes sense that overall cybersecurity spending has only increased in the last 5 years. The sector has also been the most targeted sector in the last few years as well.

Improve your cybersecurity without breaking the bank

With cybersecurity spending only going to increase nationally in the next years, it is important for your business to keep systems up-to-date and secure. Ostra is a software solution that knits together the top security solutions in the industry. We leverage known platforms such as FireEye and Palo Alto, to create a sphere of protection for your business and employees, no matter where they are located or what machine they are on.

Comprehensive cybersecurity made simple & affordable.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

https://bloom.bg/2Z4407W

Ostra Cybersecurity

The Biggest Cyberattacks on the Financial Services Industry

/in /by

The financial services industry is one of the most targeted out of all industries for cybercriminals. It is the most lucrative industry for cybercriminals to attack, which is why it is the most important to defend. These are a few of the biggest cyberattacks in recent years.

The Capital One Data Breach

In March of 2019, a hacker gained access to the Capital One server by a misconfigured firewall. The hacker could access credit card applications all the way back to 2005. It took Capital One 4 months to detect the breach. In July of 2019, Capital One found that a former tech worker gained access through the vulnerability and had been stealing data since March.

What was exposed?

According to Capital One, 140,000 social security numbers and 80,000 bank accounts were leaked in the United States. Over 1 million Canadian social insurance numbers were also exposed. The exposed data cost Capital One, hundreds of millions of dollars in damages.

How they could have prevented it?

Experts agree that this attack was very preventable if Capital One had correctly configured their firewall and ensured there were no vulnerabilities. A cybersecurity program like Ostra helps prevent data breaches by always running seamlessly in the background and protecting all digital entry points. Ostra detects and responds immediately to any threat.

The First American Financial Corporation Breach

Last May, the website for First American Financial Corp. was breached by hackers. The breach occurred due to an error in the backend of their website, specifically in the document management system, making it easy for any hacker to access. Being a financial company, their servers are full of private and extremely sensitive information dating back years.

What was exposed?

It is reported that the data breach exposed over 885 million financial records related to real estate deals. All the way back to 2003, that’s 18 years of sensitive information. These documents were made viewable to absolutely anyone. The leaked documents included emails, phone numbers, names, addresses, and financial information.

How could they have prevented it?

Penetration tests conducted by First American found this vulnerability in 2018 but failed to prioritize the fix for it. The company failed to patch any weaknesses, and they really paid for it. Not only did this breach cost them millions in damages, but they could be facing steep fines for rule violation by financial regulators. First American could have prevented this issue if they acted immediately instead of waiting to secure their weak spots. Websites are a huge vulnerability for the financial services industry, as they are the gateway to data breaches like this one.

Ostra’s cybersecurity solution can prevent weak spots from being exposed. Ostra allows systems to update & patch automatically with no business interruption or end-user engagement needed.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

Source:

https://bit.ly/2QKQp0N

https://bit.ly/3hQ77rC

Ostra Cybersecurity

Tesla Employee Prevents Massive Ransomware Attack

/in , /by

Ransomware attack on Tesla

A Tesla employee working in a Gigafactory in Nevada was offered a $1 million bribe to help a hacker install malware into the Tesla computer systems. The hacker who has since been arrested is a Russian citizen by the name of Egor Igorevich Kruichkov. This attack was well planned out by the Russian hacker, as the Tesla worker who he contacted was also Russian and spoke it too.

The Tesla worker met with Kruichkov in early august after being contacted but didn’t know the reason for the rendezvous. After meeting, Kruichkov asked the Tesla employee to help him install malware that once installed, would launch a massive DDoS attack. Which would effectively allow the hackers to occupy the Tesla system, giving them access to steal sensitive corporate data. The hackers would then hold the data until the electric car manufacturer pays big. Kruichkov mentioned that a reward of $1 million would be sent to the Tesla worker in cash or bitcoin.

Enter the FBI

Kruichkov and the hacking group could only hope that the worker would accept the offer. However, the results did not favor the Russians. As soon as the Tesla worker left the meeting he contacted the FBI who then, with the help of the Tesla worker, communicated with the Russian hackers and got as much information as possible. The FBI discovered that the Russians were the ones responsible for the recent $4.5 million ransomware attack on CWT travel.

On August 21st the hacker contacted the Tesla employee and said “the project was delayed” and said he was leaving the area. The FBI followed and arrested the Russian hacker the next day during a failed flee attempt.

This Tesla employee prevented a possible cyberattack on Tesla that could have cost them millions of dollars. Not just in ransom payments but also in the lost operating time that could cost way more than the ransom.

Protect your business from ransomware attacks

Ostra Cyber Security provides active defense protection for your businesses’ data and acts immediately instead of monitoring and alerting as many antiviruses do. Ostra keeps everything up to date meaning the latest threats are already neutralized before they attack.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

https://bit.ly/3hH961h

Ostra-cybersecurity-in-education-998x681px
Ostra Cybersecurity

The Challenge of Cybersecurity Education at Colleges

/in /by

Colleges around the nation have dealt with an increase in pandemic-related cyberattacks. Colleges have always been a target for many cybercriminals as they hold a lot of sensitive information and research, which are valuable on the dark web. With the increase in attacks, many college security chiefs say the real challenge is educating professors and students on cybersecurity training and data protection.

Many of the attacks have been targeted towards medicine schools that conduct COVID-19 related research. The academic community has always worked together and relied on shared information, which is what makes training difficult.

“In an environment where it is intrinsic for our people to say, ‘Give away the information,’ there’s also a national interest in keeping it protected, too. It’s a super delicate balance,” -Erik Decker, CISO at University of Chicago Medicine

Mr. Decker says that the overall solution includes educating the students and any faculty on cyberattacks and how they work. As well as what the best security practices are even though they might add more time to the research process. Emphasizing the idea of data protection is necessary.

Importance of data protection

Most organizations are experiencing an increase in pandemic related cyberattacks currently. However, many companies fail to properly train their employees or install a cybersecurity program, which creates a huge vulnerability for the company. This is why a cybersecurity solution is necessary no matter the size of the company, big or small.

Ostra Cybersecurity prevents problems before they happen. Ostra operates behind the scenes to protect businesses and their most valuable asset, their data.

Want to find out more? Contact us today!

Ostra Cybersecurity

Cybersecurity Challenges and Concerns of Remote Working

/in /by

A new report by Malwarebytes wanted to investigate the new normal of working from home (WFH). They measured the immediate reaction to the pandemic and also businesses’ future cybersecurity strategy. The cybersecurity company surveyed more than 200 executives and managers in IT and cybersecurity roles at US companies.

Organizations’ challenges to remote working

Switching to working from home created a new set of challenges for companies. The biggest challenge for most was maintaining efficient cybersecurity, especially those who had already been facing cybersecurity threats before the pandemic.

55% of the respondents said their biggest challenge was training employees how to work from home securely and compliantly.

Image: Malwarebytes

Biggest cybersecurity concerns

There are a lot of concerns for IT and cybersecurity managers/executives with the switch to remote work. Many of the concerns involve the inevitable increase of ransomware and malware attacks overall. Many employees do not have proper cybersecurity training and don’t know how to avoid common cyberthreats, like phishing scams. Employees also lack cybersecurity protections for their home devices and ISP.

45% of respondents say their biggest concern is other individuals who have access to an employees device and may inadvertently compromise it.

Image: Malwarebytes

Protect your business, keep your employees secured

Human mistakes are inevitable and its what cybercriminals depend on to exploit and hack a business. These mistakes are much more likely to happen when employees are working from home. It is important for your business to manage and secure the scattered endpoints, which are your employees. Working from home could be the new normal for a long time, consider using an affordable and effective cyber-security program.

Ostra specializes in protecting business data for remote workers with elite security using Fortune 100 caliber tools. Managing everything from desktops and laptops, to tablets and BYODs Ostra’s technology keeps everyone safe.

Want to find out more? Contact us today!

Ostra Cybersecurity

Ransomware Gang Attacks Billion-Dollar U.S. Liquor Maker

/in , /by

The hacking group called REvil ransomware, who have hacked numerous million-dollar companies, have hacked and encrypted Brown-Forman. Brown-Forman is a top U.S. based liquor maker with brands like Jack Daniels, Finlandia Vodka, Early Times, and Old Forester.

The REvil gang reportedly had access to Brown-Forman’s systems for over a month. They were able to completely explore any system/device they had access too. Even the company’s cloud services were exposed. A Brown-Forman representative has claimed that they detected the attack early enough that no data could have been encrypted.

Even though the Liquor company stopped the attack before any encryption took place, the hackers claim to have stolen a terabyte of data. The REvil gang is using this data to hopefully extort Brown-Forman and get paid.

“Screenshots posted by REvil provide a glimpse into the full scope of the breach. Internal communications, financial documents, contracts and personnel data all appear to been accessed”.

A Brown-Forman representative has said some information included employee data. Employees at Brown-Forman now have a huge increase in risk for identity theft or attacks on personal accounts. This is a big reliability for the company. REvil hackers believe that the company will end up paying. The hackers could be right, especially if they start to leak files to force payment, as they have done before.

REvil Ransomware

REvil ransomware has been a threat to many smaller companies in the past. Recently, however, this ransomware group and others alike have been targeting governments and billion-dollar corporations. These ransomware attacks are growing worse by day as hackers develop increasingly more sophisticated ransomware strains. REvil has recently started to auction off stolen data on the dark web and is one of the first hacking groups to popularize it.

Protect your company from ransomware

Ostra Cyber Security provides active defense protection for your businesses’ data and acts immediately instead of monitoring and alerting as many antiviruses do. Ostra keeps everything up to date meaning the latest threats are already neutralized before they attack.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

https://bit.ly/3aCaL5E

Ostra Cybersecurity

Cloud Service Costs Rise During Pandemic

/in /by

The COVID-19 pandemic has increased the need for cloud computing services. Companies are racing to meet the demand for cloud computing tools needed for their remote workers. While also battling the rising costs of the cloud. There are a lot of company budgets being stretched as companies search for more affordable cloud costs.

“The corporate shift to the cloud has accelerated, with businesses last year spending an estimated $96.4 billion on cloud infrastructure services”

This cloud usage boom has positively impacted the big cloud companies like Amazon, Microsoft, and Alphabet Inc. The cloud services industry leader, Amazon, said its cloud usage grew 33% in the first quarter to $10.22 billion. This is good for cloud providers and the cloud industry. However not for the companies who need to expand their cloud usage while struggling with the economic impact of the pandemic.

The biggest companies pay hundreds of millions of dollars every year for their cloud services. Many smaller companies’ cloud budgets are being optimized to decrease the financial strain from the pandemic. These businesses are finding that they are overestimating their needs and have been paying too much. Companies have found that their cloud bills have increased even when the cloud use decreases because “the applications had to be kept running”.

Experts recommend keeping your cloud budget updated and tuned up. Cloud providers can charge plenty of hidden fees which makes it important to know how much your business needs and how much you are paying for.

Ostra not only specializes in protecting business data for remote workers with elite security but also keeps costs affordable and makes budgeting predictable.

Want to find out more? Contact us today!

 

Ostra Cybersecurity

Cybersecurity Training Company SANS Hit by Phishing Attack

/in /by

The cybersecurity training company SANS has fallen victim to a data breach. The attack started after a successful phishing scam against one of SANS employees. The breach compromised over 28,000 records of personal identifiable information, like names, emails, phone numbers, and addresses. No sensitive information like credit card info or login credentials were exposed.

The cybersecurity training company detected the breach during a systematic review of its email configuration. Where they found that 513 emails were forwarded to an unknown email address. This means that the company did not even know there was a breach until they found it on accident. “After finding the activity, SANS said it’s IT and security team deleted the forwarding rule as well as a malicious O365 add-in”. This breach is surprising for a company like SANS, whose employees should be very informed and alert to phishing scams.

This incident shows that no organization is immune from a cyberattack, even companies that specialize in the information security industry. Phishing attacks rely on human error which is what makes social engineering attacks so dangerous to organizations. If an employee at a cybersecurity training company can fall victim, then so can anyone else.

Many employees are working from home which can make it hard to conduct the cybersecurity training necessary.

”With remote working, the proper training is more essential than ever. In the case of phishing attacks, training should include phishing simulations where employees are taught how to respond to suspicious emails.”

Even with extensive employee training, training just isn’t enough.

Protect your business with a cybersecurity solution

With today’s increased risk of a phishing scam it is important to have cybersecurity that will protect your network and information immediately when faced with a threat. Your business has a greater chance now than ever to be targeted for a phishing scam or worse. Ostra Cyber Security provides active defense protection for your businesses’ data and acts immediately instead of monitoring and alerting as many antiviruses do.

Ostra protects your company from all threats including the number one way attacks can happen; email.

Want to find out more? Contact us today at protection@ostra.net

News Article

Ostra Cybersecurity

Twitter Could Pay $250 Million for Using Private Information for Advertising

/in /by

Twitter could be paying a hefty fine to the U.S. FTC for its use of private information (phone numbers and emails) in targeted advertising campaigns. This fine comes after the FTC filed a complaint against Twitter for using “phone number and/or email address data provided for safety and security purposes for targeted advertising during periods between 2013 and 2019”.

Many Twitter users have voluntarily submitted both their phone number and email to better secure their accounts with two-factor authentication. Usually when creating an account. But the users had no idea their information would be used in advertising campaigns. Twitter has now stopped requiring users to submit their phone number.

Twitter has said that its most recent breach has affected its business with advertisers. This is an issue that has occurred with many other social media companies, for example, the Facebook-Cambridge Analytica data scandal.

Protect your email

Email inboxes are the most common entry-point for ransomware attacks. Twitter being caught distributing private information like email addresses means that cybercriminals most likely have access to this information now too. Especially with the recent Twitter data breach, nobody knows what kind of information has been stolen.

Ostra protects your company from all threats including the number one-way attacks can happen; email.

https://bit.ly/31JvX5v

Ostra Cybersecurity

Travel Management Firm CWT Pays $4.5 Million to Hackers

/in , /by

The US business travel management firm CWT just paid a $4.5 million bitcoin payment to hackers who stole terabytes of information. CWT claims that the hackers stole sensitive corporate files and put 30,000 computers offline. CWT represents more than 1/3 of companies on the S&P 500, which makes them a very valuable target for hackers.

Ransomware. Why did it have to be Ransomware?

Just like Indiana Jones hates snake’s, business executives hate ransomware. When ransomware is used by experienced hackers it can be very effective and can give all the leverage to the criminals, leaving businesses stuck with limited options. A majority of the time the hackers end up getting paid, which is why ransomware is a CFOs worst nightmare. In the case of CWT, the strain of ransomware used was called “Ragnar Locker” which encrypted computer files and made them useless until the ransom was paid. The hacking group originally asked for a $10 million payment, but a CWT negotiator brought the ransom to $4.5 million instead.

CWT was quick to pay the hackers as they wanted their systems online and sensitive information returned. On July 28th a bitcoin payment for 414 bitcoin or $4.5 million US dollars was paid to the hacking group and the attack was over.

Cybersecurity experts say that paying ransoms encourages future attacks, but these situations leave business executives with a difficult decision.

Protect your business from ransomware

Ostra Cyber Security provides active defense protection for your businesses’ data and acts immediately instead of monitoring and alerting as many antiviruses do. Ostra keeps everything up to date meaning the latest threats are already neutralized before they attack.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

https://nyti.ms/2DAnObP

 

Ostra Cybersecurity

Hospitals Face Wave of Cyberattacks Trying to Crash Websites

/in /by

The healthcare industry has been one of the most targeted industries during the COVID-19 pandemic. With cybercriminals trying to steal COVID vaccine-related information or disrupt hospital operations in the hope of receiving a quick ransom payment. The healthcare industry currently has the largest number of cybersecurity openings of any other industry.

Researchers have said that hospitals dealing with many COVID-19 patients have had a giant increase in DDoS attacks. DDoS attacks, or Distributed Denial of Service attacks, are when cybercriminals attempt to overwhelm and crash websites by flooding the server with millions of rogue requests. These attacks can crash systems for hours or even days and are used in blackmail schemes or distraction methods.

This specific cyberattack on these hospitals came from over 300,000 different IP addresses. The attacks took place on hospitals in the US, Germany, Canada, and the UK.

Protect your business and your employees working from home

Numbers don’t lie, and the possibility of your business falling victim to a cyber-attack has never been higher. Protecting your business and sensitive data is a priority in the era of cybercrime.

Ostra Cyber Security offers a total solution for cybersecurity that combines Fortune 100 tools and is easy to deploy without needing to purchase any hardware.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

https://bit.ly/30HrxNv

Ostra Cybersecurity

Remote Work Boosts Cybersecurity Hiring

/in /by

It is estimated that more than half of the US workforce has transitioned to remote working. With more people working from home businesses are way more vulnerable. This has increased the need for cybersecurity-related positions.

According to LinkedIn, there were 261 thousand open cybersecurity positions in April, 244 thousand in May, and 348 thousand in June. This has made the Cybersecurity and IT job market one of the top performers since the start of the pandemic. The sectors with the biggest need for cybersecurity positions have been Healthcare, Financial Services, IT and Services, and Retail.

Businesses NEED a cybersecurity plan

The threat of a cyberattack grows every day, especially if you’re a business that operates with remote workers. Cybercriminals are more active than ever, and they target the weakest links who do not have a good cybersecurity program/team in place.

Ostra is your security team of experts, without having to hire a full-time cybersecurity role. We manage and update the technology daily. Use your budget wisely and let the experts keep you safe.

Want to find out more? Contact us today!

Ostra Cybersecurity

Connected-Car Cyberattacks Have Doubled Since Last Year

/in /by

There are more connected cars on the road every year than ever before. Even though these cars make everyday life more convenient for consumers, they are way more likely to be targeted in a cyberattack than traditional cars. It is estimated that connected car cyberattacks have doubled in the last year alone.

The average connected car has over 150,000,000 lines of code

A cyberattack is more likely to occur when there are more lines of code for hackers to attack. Hackers only need a small portion of the code to gain access to all the data available.

Recently Nissan had to shut down one of their connected car apps after security testers found a vulnerability. Cybercriminals “were able to connect to the car via the internet and remotely control the car’s heated seating, fans, air conditioning, and heated steering wheel”. This means that cars could have their battery drained without the owner realizing it.

Keyless Theft

The main way that theft of connected cars occurs is through the keyfob. Most thefts occur while the car is parked at the owner’s house, and the thieves don’t even need the key. By amplifying or duplicating the signal from the car key inside the house, they can trick the car into thinking the key is being used. When successful, thieves can steal cars in under 30 seconds.

Stay Protected

Protect yourself and your connected car by only downloading official apps, keeping your car software up to date, and limit the personal data you trust your car with.

Ostra Cybersecurity extends multiple layers of protection around your network, hardening the defenses and creating active barriers preventing criminals from exposing any lurking vulnerabilities, like installing malware and taking control of your car.

Want to find out more? Contact us today!

Ostra Cybersecurity

Vulnerability in Website Builder Exposes 700,000 sites

/in /by

In late July, a threat intelligence team found a vulnerability in themes by Elegant Themes. The themes were Divi, Extra, and the WordPress plugin, Divi Builder. These products combined are downloaded on over 700,000 websites.

The vulnerability allowed attackers the ability to upload PHP files onto any website with the programs downloaded. The attackers also used remote code execution on the website servers.

Elegant Themes is the company that created Divi and Divi Page Builder. These are website editing tools that make website design easy and completely customizable. Divi editor users can import and export page templates with ease, however, this is where the security issue was found. The import/export feature was missing a server-side verification check, which means that the server function that determines if a file is safe was not working.

“This flaw made it possible for authenticated attackers to easily bypass the JavaScript client-side check and upload malicious PHP files to a targeted website. An attacker could easily use a malicious file uploaded via this method to completely take over a site.”

This vulnerability has been patched completely in a new update released in early August. It is recommended that any company using these website builders, updates immediately.

Protect against vulnerabilities

Ostra Cyber Security extends multiple layers of protection around the Internet Service Provider hardening the defenses and creating active barriers preventing criminals from exposing any lurking vulnerabilities.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

https://bit.ly/2PnOeQ9

Ostra Cybersecurity

Garmin in Trouble for Paying Ransom

/in , /by

The GPS company Garmin became the victim of a ransomware attack late July. The suspected hackers, known as EvilCorp, encrypted a lot of company data and attached a ransom note to each file. The ransom note had directions to email one of two email addresses to get a price for the encrypted data. Garmin confirmed that the price was around $10 Million for the decryption key.

Garmin has paid the ransom to get their stolen information back. There is no official explanation yet how Garmin paid the hackers. But now Garmin could be in more trouble for paying the ransom. This time with the United States Government.

EvilCorp is on a US sanction list

Because the hacking group is on a US sanction list, that makes any transaction illegal and a punishable offense. Garmin reached out to a cyber response company, but the company refused due to legal implications.

Eventually, Garmin found a cyber response company that would help them with the transaction and securing their stolen data. The company, Arete IR, is confirmed to have assisted Garmin but no official statements have been released about the payment.

Even though Garmin was faced with no other choice but to pay the ransom, the company may be facing more punishment by the US government if the hackers are confirmed to be EvilCorp.

Protect your business

Ostra eliminates the human errors that can lead to a ransomware attack by preventing the phishing emails, suspect inquiries, and social engineering campaigns from reaching employees. Ostra will help secure your network and keep your businesses private data out of the hands of cybercriminals.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

https://bit.ly/3k94LWd

Ostra Cybersecurity

Cybersecurity is a Business Decision

/in /by

Today, many companies struggle with their cybersecurity budget. Either not spending enough or spending too much, both issues result in unreliable cybersecurity.

Several CISOs have said that their cybersecurity budget comes from the ROI and contribution it adds to the business. Making sure the business is secure while creating growth and profit is what makes cybersecurity a business decision.

When cybersecurity spending is not calculated and not part of a solid business plan, many endpoint security issues arise. Businesses need to track the effectiveness of their cybersecurity to define the ROI and create a budget.

“More than one of every three enterprise devices had an Endpoint Protection (EP), client management or VPN application out of compliance, further exposing entire organizations to potential threats”.

Businesses must keep their devices up to compliance otherwise the risk of a breach is imminent. Especially as most workers are remote which makes network security much more difficult to maintain.

Ostra keeps everything up to date meaning the latest threats are already neutralized before they attack.

Want to find out more? Contact us today!

Ostra Cybersecurity

Blackbaud Pays After Ransomware Attack

/in , /by

Blackbaud, one of the largest providers of fundraising technology to nonprofits, universities, and other charities was hacked. After a ransomware attack left important data encrypted, Blackbaud was forced to either pay the ransom or let the data be sold to other cybercriminals. Blackbaud paid in Bitcoin and received confirmation that the data was destroyed.

It is unknown how much was paid to the hackers, but the ransom was not paid until there was sufficient proof that the data was destroyed. Blackbaud officials say that credit card info, bank account info or social security numbers were not stolen. To ensure the privacy of its customers, the company hired outside-experts to monitor the internet and dark web. To make sure that no information was released or sold by the hackers.

Blackbaud is the target of millions of cyberattacks each month

The company follows the industry best practices and they conduct aggressive tests on the security of their systems and infrastructure. They are a part of many Cyber Security related organizations. Officials claim to have implemented additional security measures to prevent this from happening again.

This is the second time this year that a major provider for the nonprofit sector was hacked. Earlier this year MIP, a financial software company, was hacked and users were locked out for 3 weeks.

Protect your data

Ostra Cyber Security provides active defense protection for your businesses’ data and acts immediately instead of monitoring and alerting as many antiviruses do. Ostra keeps everything up to date meaning the latest threats are already neutralized before they attack.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

https://bit.ly/3jYC0eL

Ostra Cybersecurity

Twitters Biggest Threat: Its Own Employees

/in /by

Twitter demonstrated an example of the biggest cybersecurity threat that companies cannot defend against. Their own employees.

When Twitter was breached mid-July, many highly followed blue checkmark accounts became pawns in a coordinated bitcoin scam. Some accounts included Joe Biden, Elon Musk, Jeff Bezos, even the Twitter Support account. It took twitter multiple hours to contain the breach, while the hackers received over $115,000 in bitcoin transfers.

Twitter tweeted, saying the breach was “a coordinated social engineering attack by people who successfully targeted some of our employees with access to internal systems and tools”. What that means is that the attack was not through malware or a technical problem, but an employee let it happen.

Humans are the biggest threat to cybersecurity

Twitter told a tech-focused news website that whoever was behind the breach had gained access from an employee. An employee who was paid and willingly gave the hackers access. Insider attacks like this are common, and a huge threat since humans are unpredictable compared to technology. You can apply updates and fix cybersecurity tech, but you cannot fix humans who would turn on their company for a handful of cash.

35% of attacks are insider attacks — SpectorSoft

Insider attacks occur more often when the economy and job market are in poor condition. A pandemic is a perfect time for hackers to target employees who need money.

Ostra protects against known and unknown threats even when they come from inside.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

https://nbcnews.to/2De2ubx

Ostra Cybersecurity

Garmin Hit by 4-Day Ransomware Attack

/in /by

The navigation company became the victim of a ransomware attack on Thursday. The attack left many Garmin systems offline, including fitness apps, aircraft navigation systems, and customer service centers. Garmin factories had to close production lines, and planes that use Garmin navigation were grounded.

The attack completely crippled the navigation company. A cybersecurity company reported that Garmin’s IT department shut down all the company’s computers, including employee computers at home. Anything connected to the Garmin network, even by VPN, was cut off to stop the ransomware from spreading through the network.

10 Million dollar ransom

Garmin employees say that the attack was due to WastedLocker ransomware. The hackers encrypted a large number of company files, with a ransom note attached to each file. The ransom note has directions to email one of two email addresses to get a price for the encrypted data. Garmin has confirmed that the price was $10 Million for the decryption key.

The attack lasted 4 days, with Garmin systems becoming operational again on Monday (July 27th). Currently, it is not known whether Garmin paid the $10 Million, but the real price was paid in the number of lost profits from 4 days of operation.

Protect your business

Ostra eliminates the human errors that can lead to a ransomware attack by preventing the phishing emails, suspect inquiries, and social engineering campaigns from reaching employees. Ostra will help secure your network and keep your businesses private data out of the hands of cybercriminals.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

https://bit.ly/3g7FdX3

Ostra Cybersecurity

Why One Data Breach Can Lead to More Cyber Attacks

/in /by

Recently, cyberattacks have skyrocketed during the COVID-19 pandemic, which is a huge issue in the long run. Most businesses have become too used to these attacks, and usually, disregard the long-term effects that the breach has caused. Especially when gigabytes of personal customer information is stolen and posted on the dark web.

Personal Details Can Lead to Endless Threats

When a business becomes the victim of a data breach, usually they can pay the hackers and get the data back. But that is when the real threat starts. The business will do damage control and send out emails to their affected customers. The goal of the email is to establish a perception of safety and security. Even though the business has no idea who has access to their customers’ information.

The data that is lost in these incidents, like stolen personal data, lead to ransomware or “man-in-the-middle” breaches in the future.

“Ransomware exploits can arrive in email, text, messaging and social engineering. The success of these attacks counts on the appearance of legitimacy, which is why they often offer links, attachments, and messaging from familiar sources, sites, and people”.

The more personal information gathered from past breaches, the more likely they are to be the target of a social engineering attack. With loads of information, it’s easy for a hacker to pretend to be a close associate.

Data leaks that occur today may not even be harmful for years to come. As personal information is being sold, traded, and bought all over the dark web, long term security issues will emerge. Private information gathered throughout the next 5 years could help cyberattack hold an entire business network hostage.

Protect your customer information

To protect the organization, company IT security programs should be in the hands of professionally managed security teams or outsourced to managed security firms.

Ostra is the professionally managed security team for your business. Managing everything from desktops and laptops, to tablets and BYODs Ostra’s technology keeps everyone safe.

Want to find out more? Contact us today!

Ostra Cybersecurity

Outdated Budgets are a Threat to Business Cybersecurity

/in /by

Its 2020 and business are operating online more than ever before. But many organizations are looking to decrease their overall spending as things move online. That is an issue for cybersecurity teams who are expected to keep the same security, now with more vulnerabilities, while on a lower budget.

Cybersecurity budgets are usually the first to get cut, even in a pandemic when phishing attacks have increased more than 600%. One of the biggest issues that companies are facing is the lack of funds for an up-to-date cybersecurity team/program.

“Cybersecurity budgets aren’t revised for current threatscapes. Even though many organizations are still in the midst of extensive digital transformation, their budgets often reflect the threatscape from years ago”.

When cybersecurity budgets aren’t updated, so are the old security systems and programs. Hackers can easily take advantage of a security system when they use tools that are more updated than the system they’re attacking.

Stay Updated

Ostra Cyber Security is your security team of experts. We manage and update the technology daily. Use your budget wisely and let the experts keep you safe.

Want to find out more? Visit our website or contact us today!

 

Ostra Cybersecurity

Hackers are Selling Your Data to the Highest Bidder

/in /by

It is never a good situation when data is stolen by hackers. In the best-case scenario, the victim would pay the ransom and hope the hackers give back and delete the data. But that is not typically how it goes.

Usually, if the victim does not pay the ransom, the data is auctioned off on the dark web for the highest bidder. Sometimes even if the victim pays to get the data back, the hackers will still sell the data online.

How is the data auctioned off?

Researchers at a cybersecurity company have published a report that shares the details of these dark web data auctions. Once the data is put up for auction, anyone with dark web access can bid on it. No identity proof is required, only a simple CAPTCHA checkpoint. The highest bid must be paid in cryptocurrency, which is untraceable.

The company discovered many listings on the dark web. A simple 50 gigabytes of sensitive files and data from a U.S. law firm are sold for $30k. The most expensive found was a full library of trade secrets, patents, and executive-level communication history, all for the price of $1.2 Million.

“Email inboxes are still the most common starting point for ransomware attacks. Being able to identify a phishing message could keep your secrets from being spilled to the highest bidder”.

Cyberattacks are only increasing and victims are paying the ransoms. Cybercriminals have no reason to stop attacking, especially when they can make a fortune from one successful phishing email.

Protect your data

Ostra protects your company from all threats including the number one-way attacks can happen; email.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

https://bit.ly/3jtMuTl

Ostra Cybersecurity

What a Cyber Attack on the Energy Sector Could Mean

/in /by

Even though the energy sector faces the same threats as every other sector, an attack on the energy industry could cause the most damage. A cyber-attack targeting a major power grid could completely shut down an entire economy. The attack could be so widespread that it could knock out the power for many large cities, resulting in disastrous damages.

In 2016, a Russian hacking group is believed to have attacked the Ukraine power grid. Resulting in the loss of power in Ukraine for a long duration. This example is evidence that there are many cybercriminal organizations that have the power to take away energy for an entire population.

“If one country wants to inflict major damage on another, they don’t need to drop bombs. All they need to do is hack into their power grid.”

Just one successful phishing email or a hidden security issue and an entire power grid can be attacked. Even if your business is not an electric company with access to a power grid. You still have something that cybercriminals want access to, and they will try their best to get it.

Protect yourself with Ostra Cybersecurity

Ostra protects your company from all threats including the number one way that attacks can happen; email.

Want to find out more? Contract us today!

Ostra Cybersecurity

Over 100 Law Firms Report Data Breaches

/in /by

There have been more than 100 law firms that have reported data breaches since 2014. Since about 20 states do not require that law firms report data breaches, that number is definitely higher.

Most of the reported breaches occurred through phishing attacks, with some through hacking or security lapses.

One big law firm reported that they received emails that were designed to appear like a legitimate request for W-2 forms. This attack led to many W-2 forms being sent to the unauthorized user behind the attack. Exposing Salaries, SSNs, and other personal information for 900 people.

While another law firm reported that a payroll employee responded to an email that claimed to be from a senior executive. The email exposed the private information of 1,500 people.

Protect your business

Ostra eliminates the human errors that can lead to stolen logins by preventing the phishing emails, suspect inquiries, and social engineering campaigns from reaching employees. Ostra will help you keep your employee’s credentials out of the hands of cybercriminals.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

https://bit.ly/30wzymN

Ostra Cybersecurity

Android Faces New Security Threat, Malware That Spreads Itself

/in /by

Self-Spreading Android Malware

There is a new type of malware that has recently appeared on Android phones throughout the world. This malware can steal personal information, bank details, and can read your text messages. Once the phone is infected, it uses the user’s contact list to spread itself through text messaging.

FakeSpy Malware is linked to a Chinese-speaking cybercriminal group called ‘Roaming Mantis’. There have been other campaigns of this malware in the past. However, it is always evolving and is updated to stay undetected by updated security measures.

Recently Android users in the US, UK, Germany, China, and others have been under threat of this new malware. The attack starts through a phishing campaign, users receive a message related to a missed package from the post office. The link then leads them to download a fake app that appears to be the real post office app. Once the app is downloaded and users have granted minimal access, the data-stealing begins. Once the app is downloaded, the page even redirects to the actual website to appear more authentic.

Once the phone is infected, FakeSpy can steal all personal information on the phone, including all text messages sent & received. The malware spreads itself too, by using the stolen contact list, it sends the fake delivery message to all the user’s contacts.

Protect against phishing attacks

With phishing scams like this always being sent between phones, it is important to have cybersecurity that will protect your network and information immediately when faced with a threat. Your business and employees have a greater chance now than ever to be targeted for a phishing scam or worse.

Ostra Cyber Security provides active defense protection for your businesses’ and employees’ data and acts immediately instead of monitoring and alerting as many antiviruses do.

Want to find out more? Contact us today at protection@ostra.net

https://zd.net/32AhWci

Ostra Cybersecurity

Many High-Profile Twitter Accounts Simultaneously Hacked in Bitcoin Scam

/in /by

Many popular twitter accounts have been hacked in a giant bitcoin scam. The accounts include Bill Gates, Joe Biden, Barack Obama, Warren Buffet, Bitcoin, Elon Musk, Jeff Bezos, Apple, Uber, Kanye West, and many more.

The twitter accounts seemed to all be simultaneously hacked, as the tweets were all identical and carried out at the same time. The tweets all had the same message, claiming to double any Bitcoin payment sent to them.

This is one of the largest coordinated attacks that Twitter has ever seen. How they did is unknown, but the scammers have managed to hack into all these accounts with ease. All with the goal to exploit possible bitcoin traders into sending them money.

The screenshot below is from Elon Musk’s twitter account. The identical message was shared multiple times on all the accounts mentioned above.

These are big names to have all their accounts hacked at the same time. The story is still developing and the details as to how the hackers gained access is still unknown.

If you think your personal accounts are safe, you will want to reconsider. The private twitter accounts of some of the worlds richest people have been hacked. Cyber-criminals are smart and always evolving, they will try to gain access to your confidential information. The odds of being hacked decrease dramatically if there is a security measure in place to catch social engineering attacks and possible mistakes.

Ostra Cyber Security uses tools that only Fortune 100 companies have access to, but Ostra delivers it at an affordable price. Ostra will help you keep you and your employee’s credentials out of the hands of cybercriminals.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

Ostra Cybersecurity

There are 15 Billion Stolen Logins on the Dark Web

/in /by

A new report found the true number of stolen account logins that are currently circulating around the dark web. After auditing dark web forums and marketplaces for 18 months, the report found a 300% increase in the number of stolen account logins since 2018. Now there are 15 billion stolen usernames and passwords from over 100 thousand data breaches.

What happens to the account logins?

With 15 billion login credentials many are just given away for free, but more valuable ones can be worth a lot of money. The average price for online banking and other financial account logins is $70.91 each. Some banking accounts are reported to sell for upward of $500. Anti-virus and security program logins sell for an average price of $21.67. Many social media, music, and video streaming accounts sell for under $10 on the dark web.

The real money comes from domain administrator accounts that can give hackers access to the business network. These account logins sell in auction-style for cybercriminals who will pay up to $120,000. The price depends on the access privileges of the account. Account logins like these are stolen through phishing emails and other social engineering campaigns on employees.

Protect your employee’s logins

Protecting your passwords is extremely important. Especially since most compromised credentials belong to consumers. It is necessary to avoid re-using passwords and to use two-factor authentications if possible. One compromised employee login could lead to a lot of damage for your business.

Ostra Cyber Security eliminates the human errors that can lead to stolen logins by preventing the phishing emails, suspect inquiries, and social engineering campaigns from reaching employees. Ostra will help you keep your employee’s credentials out of the hands of cybercriminals.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

https://bit.ly/3ewbJAF

Ostra Cybersecurity

When It Comes To Cyber Training, It’s Quality Over Quantity

/in /by

Conducting cyber security training more frequently than others does not mean less security incidents, according to a report by security software company, Tessian.

The percentage of employees who sent emails to the wrong people was highest in businesses that provide more frequent cyber training. 63% of employees that get training every 1-3 months remember sending emails to the wrong people. However just 43% of employees who get training once a year or less remember sending emails to the wrong person.

Quality over Quantity

This shows the importance of creating an effective and meaningful cyber security training for your employees. It is more effective to deliver quality training, that will change the behavior of the employees. Training needs to be engaging and meaningful, not boring and taught just because it needs to.

It is more important now than ever to deliver quality cyber training, as many employees are more vulnerable working remotely.

To protect against the inevitability of human error, an effective Cybersecurity Program is essential for businesses. Especially ones with remote workers operating on unsecured home networks.

The Ostra solution provides 360-degree 24/7 proactive protection to all employees, regardless of where they are located. What that means is that Ostra becomes a secure ISP for remote employees working on a home or public Wi-Fi connections. Ostra extends multiple layers of protection around the Internet Service Provider hardening the defenses and creating active barriers preventing criminals’ access to employee’s hardware and company data. Even if a mistake is made.

Want to find out more? Contact us today!

Ostra Cybersecurity

60% of Organizations Experience Cyberattacks Spread by Their Employees

/in /by

With today’s huge increase in phishing attacks. Many organizations still do not provide regular cybersecurity awareness training, some don’t even have a security solution.

A new report from security vendor, Mimecast, highlights the current issues surrounding social engineering attacks. Many surprising statistics help to explain why phishing attacks are successful and how they affect the organizations. The lack of training, security programs, and an increase in remote work all play a role.

  • 51% of organizations have been impacted by ransomware in the last year
  • 58% saw an increase in phishing attacks
  • 82% have experienced downtime from an attack

These numbers show that many businesses are not prepared when it comes to cybersecurity. There has been an increase in phishing attacks, especially targeting remote workers who might be more vulnerable. Even though organizations know that the numbers are getting worse, statistics show that its their own employees that are responsible

  • 60% of organizations have had their own employees spread malicious emails
  • 55% do not provide regular security awareness training
  • 41% do not even have a system in place to monitor for phishing scams

Organizations need to take the security measures necessary to protect against phishing attacks. Which starts with a cyber security solution.

Ostra Cybersecurity has a solution that provides 24/7 proactive protection to all employees, regardless of where they are located. Ostra extends multiple layers of protection around the Internet Service Provider hardening the defenses and creating active barriers preventing criminals’ access to employee’s hardware and company data.

Want to find out more? Contact us today!

Ostra Cybersecurity

Number of Coronavirus-Related Scams Jump

/in /by

The Internet Crime Complaint Center (IC3) has noted a large increase in cyber threat complaints per day. Before the COVID-19 pandemic began, they were receiving around 1,000 complaints daily. Now, they receive 4,000 complaints a day.

These cyber threats are foreign groups trying to steal COVID-19 related information. As well as cybercriminals trying to exploit users working from home. Health agencies have reported an increase in cyber threats as well, as they are a very profitable target for cyber criminals.

“Near the start of the epidemic, researchers at the cybersecurity company Barracuda Networks reported a 667 percent increase in “phishing” emails.”

These emails are sent with the purpose of downloading viruses onto the recipient’s computers. With the increase in reported phishing scams, it is important to understand and identify possible scams when going through your emails.

Protect your business and your employees

Numbers don’t lie, and the possibility of your business falling victim to a cyber attack has never been higher. Protecting your business and sensitive data is a priority in the era of cybercrime.

Ostra Cyber Security offers a total solution for cybersecurity that combines Fortune 100 tools and is easy to deploy without needing to purchase any hardware. Ostra Cyber Security is perfect for those who do not want to put a lot of time into their cybersecurity program. Just set it up and forget about it. It requires no IT support, it is budget friendly, and Ostra does all the work to stop threats before they reach you.

Want to find out more? Contact us today!

Ostra Cybersecurity

Hackers Selling Stolen Customer Information Online

/in /by

Frost & Sullivan is a business consulting firm in Silicon Valley, who thought their private information was safe from the hands of hacking groups. Next thing they knew, all their sensitive employee and customer information was for sale, on the dark web.

Frost & Sullivan is a globally recognized consulting firm with offices all around the world. They offer information such as marketing research and analysis, among other things.

A hacking group known as “KelvinSecurity Team” managed to find a way into the Frost & Sullivan database by finding a vulnerability in the defense. The breach happened because of a mis-configured backup directory on the consulting firms cloud server. After finding a way to access the databases, the hacking group put the stolen data on an online hacker forum to sell.

The stolen data includes information on employee and customers, first and last names, emails and usernames, and passwords. In other words, a fortunes worth of information for a hacking group. Many hashed passwords can be easy for these groups to decipher. Giving whoever has the information access to the Frost & Sullivan’s database, as an employee.

The last thing you want is your company’s private information for sale on the dark web. Where many cybercriminals have access to it. It is important to have a security solution in place, as there are more cyberattacks then ever before.

Ostra Cyber Security offers a solution that uses the same security products that protect large businesses, for businesses of any size. Ostra’s solution has active defense that immediately responds to threats. It also provides insurance against human error or opening a phishing scam on accident.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

News source: https://bit.ly/2DiThyJ

Ostra Cybersecurity

Experts Say the Largest Cyberattack in History is Coming Soon

/in /by

Experts are predicting the largest cyberattack ever in the next 6 months. Here’s Why.

When the coronavirus pandemic started, many people were only worried about how to keep working from home. Nobody was thinking about how businesses and their virtual security defenses were about to be exposed. Exposed to many more cyberthreats due to an increased “attack surface”.

 

Businesses are More Vulnerable Than Ever Before

Usually, if a company has their employees doing remote work, they provide them with a secure work laptop. The employees must go through many security measures to access their work material. Usually, a secure wi-fi connection is also required.

However, since the beginning of the pandemic, millions of Americans were forced to quickly switch to remote work. Without time to set up secure systems, many companies were left with only one option. Letting their employees work from their personal laptop, on their unsecured home network.

This is the perfect scenario for cybercriminals. All it takes is one entry point to take over the whole network. Every employee working from home, is one more entry point that cybercriminals can target. This creates a larger attack surface for every business with remote workers.

More remote workers than ever before mean that businesses are more vulnerable than ever before. Therefore, the possibility of a cyberattack bigger than ever seen before is dangerously high.

 

“Hackers broke into the networks of America’s largest defense contractor, Lockheed Martin, by targeting remote workers. If they can infiltrate this system, you best believe remote workers with little security are easy pickings.”

Smaller Attack Surface = Smaller Risk

How can businesses protect against the increased risk of a cyberattack during the pandemic? Decrease the attack surface.

Businesses with remote workers need to protect and secure the networks that their employees are using. It is important to decrease the number of entry points available. Ostra Cyber Security has a solution that will help decrease your attack surface.

The Ostra solution provides 360-degree 24/7 proactive protection to all employees, regardless of where they are located. What that means is that Ostra becomes a secure ISP for remote employees working on a home or public Wi-Fi connections. Ostra extends multiple layers of protection around the Internet Service Provider hardening the defenses and creating active barriers preventing criminals’ access to employee’s hardware and company data.

Want to find out more? Visit Ostra.net or contact us today at protection@ostra.net

https://bit.ly/2Ak2aqn

Ostra Cybersecurity

Ransomware is Getting Worse

/in /by

Ransomware attacks are increasing, and not just for consumers.

Businesses have become a more valuable target for cybercriminals who are looking for a bigger payout. Cybersecurity experts say that ransomware attacks will only become a larger threat in the future.

As cybercriminal groups become more skilled in exploiting and bypassing network security defenses, they can start to target more sophisticated programs. By targeting more important businesses and their assets, like file servers, entire databases, and cloud services. These groups can demand a much higher ransom, with a much higher probability of being paid the ransom as well.

Recently a cybersecurity company has identified a cluster of attacks against multiple U.S. companies, including 8 Fortune 500 companies. These attacks were well planned out with the intent to deploy ransomware on the company networks. By using ransomware, the goal was to encrypt computer networks and servers, then demand a multi million-dollar ransom. The attackers were identified by the security company and disrupted before the companies had to pay millions, and lose valuable operating time.

Attacks like these are well coordinated and usually begin taking place weeks before anyone notices. 

“Cyber criminals often spend weeks poking around in a network before they make their attack, which means they have time to understand key digital assets, like the CEO’s emails for example, allowing them to put even more pressure on their victims”.

Protect yourself from Ransomware

It is more important today then ever before to keep your business protected from the high possibility of a ransomware attack. Especially as ransomware becomes more sophisticated. You could be caught having your data encrypted before even realizing it’s happening. 

Ostra Cybersecurity offers a Fortune 100 caliber solution, that is simple to deploy and use whether your business is 20 people or 2000. Ostra provides active defense protection for your businesses’ data and acts immediately instead of monitoring and alerting like many antiviruses do. 

Want to find out more? Contact us today!

 

Ostra Cybersecurity

Phishing in a Pandemic

/in /by

Cybercriminals are smart, they are professionals in what they do and know how to take advantage of an opportunity, like a pandemic. The Microsoft Threat Protection Intelligence Team has recently published a report on how scammers have used the COVID-19 pandemic to increase phishing attacks.

According to the report, they observed the biggest spike in pandemic-related attacks in the first two weeks of March. The report found that the timing of the attacks is correlated to major news stories to capitalize on the fear of the public. For example, there have been many attacks in the last few weeks as fears of a second wave of cases grow in the United States.

“Cybercriminals are adaptable and always looking for the best and easiest ways to gain new victims.” the researchers mention.  Updated cybersecurity programs and updated employee training can help protect your business from cybercriminals.

The figure on the right is from the Microsoft report: Exploiting a crisis shows the frequency of pandemic themed attacks in the United States and how they jumped during major events. This chart is very similar to the global trend as well.

With todays increased risk of a phishing scam it is important to have cyber security that will protect your network and information immediately when faced with a threat. Your business has a greater chance now than ever to be targeted for a phishing scam or worse. Ostra Cybersecurity provides active defense protection for your businesses’ data and acts immediately instead of monitoring and alerting like many anti-viruses do.

Want to find out more? Contact us today!

 

Ostra Cybersecurity

Schools Facing an Increase in Cyberthreats

/in /by

Every year, technology becomes a larger part of the classroom in the U.S. school system. With that comes a greater risk of cyber-threats, especially without the cyber-security training that most schools lack.

There has never been a more important time for school districts to upgrade their cybersecurity program. In 2019 alone there were 3 times as many attacks on US schools and districts than in 2018. That is a scary statistic once you realize that in 2019, only a few schools operated remotely which largely increases the risk of a cyberattack.

Now it is 2020, schools have moved online, many completely unprepared without a full-time cybersecurity program or expert to help defend against cyberthreats.

The FBI has recently published a public service announcement about how cyberattackers are taking advantage of the COVID-19 pandemic to exploit the increased use of remote learning environments.

Many cyberattacks on schools start with a phishing plot deployed by the attackers. Where they attempt to scam employees into either giving them sensitive and private information or installing malware through attachments/downloads. It is important for schools to provide in-depth training to keep their employees prepared

How schools can improve their cyber-security for 2020

Some schools have announced in-person classes for the fall semester; however, many schools and students are still uncertain what their future holds. Without a doubt, there will be a lot of schools continuing their remote learning program.

As long as schools are continuing remote work, the threat of an attack only grows. Schools need a cybersecurity program with active defense that responds immediately to threats. A program that can provide insurance against human error, like falling for a phishing scam.

Ostra Cybersecurity provides active defense for businesses and schools by protecting staff AND student access to the internet whether at home or at school

Want to find out more? Contact us today!

Ostra Cybersecurity

Smaller Companies are Bigger Targets for Cybercriminals

/in /by

It is a common misbelief that cybercriminals primarily pursue high-profile targets like airlines, car manufacturers, or hospitals. However, the media only reports the attacks that will create a lot of attention and make a good headline while ignoring the attacks on smaller operations.

Analysts who have been documenting cybercriminals during the pandemic say that “they are hitting lesser-known targets harder, especially those closely linked with big, influential companies”. By targeting smaller businesses, hackers aim to disrupt the operations of other companies related to where the actual hack took place. Small businesses with many clients are the most vulnerable for ransomware attacks. Because when an attack happens, the victim’s business is under a lot more pressure from its clients. This will increase the odds that the cybercriminals get their money while creating downtime that will cost the victim more than the ransom payment alone.

More than 60% of ransomware attacks in 2019 targeted small/medium-sized businesses

It is more important now than ever for smaller businesses to protect themselves with the same level of cybersecurity as the big businesses. Ostra Cyber Security offers a Fortune 100 caliber solution, that is simple to deploy and use whether you’re 20 people or 2000.

Want to find out more? Contact us today!

 

Ostra Cybersecurity

If you think your business is safe from cyber-attacks, think again. The company that makes your car just fell victim to one.

/in /by

Honda, one of the top global car manufacturers, has just experienced a cyber attack on its global operations. More specifically a file-encrypting ransomware attack, which was made to encrypt files and demand a ransom. This caused Honda to temporarily shut down production facilities as well as their financial services and customer service operations. However, there was no reported evidence to show a loss or theft of personal identifiable information. This temporary network shut down, which lasted for a couple of days, resulted in the loss of important business and profits in a time where most companies rely on online traffic.

It is not a coincidence that this cyber-attack occurred during this time when most employees are working from home. A CEO of a nationally recognized cybersecurity platform said that “The coronavirus pandemic has created a sizable remote workforce which has increased businesses’ attack surfaces and heightened existing vulnerabilities”. With today’s increased risk of a cyber-attack, it is important to have cybersecurity that will protect your network and information immediately when faced with a threat. Ostra Cyber Security provides active defense protection for your businesses’ data and acts immediately instead of monitoring and alerting as many antiviruses do. If it can happen to Honda, it could happen to you.

https://www.forbes.com/sites/daveywinder/2020/06/10/honda-hacked-japanese-car-giant-confirms-cyber-attack-on-global-operations-snake-ransomware/#164c706853ad

Want to find out more? Contact us today at protection@ostra.net

Ostra Cybersecurity

With cyberattacks up during COVID-19, Ostra offers free cybersecurity solution for local businesses

/in /by

For Immediate Release

Ostra protects vulnerable businesses from cyberthreats while employees work remotely

WAYZATA, Minn. – April 16, 2020 – In response to the more vulnerable remote working situations that businesses are experiencing during the COVID-19 pandemic, Wayzata-based cybersecurity company Ostra today announced that it is offering its proprietary cybersecurity solution free of charge to all Minnesota businesses. The solution can be activated quickly and virtually and is proven to protect data and devices no matter where they are or how they are connecting. Ostra is offering this solution at no cost for two months with no obligations as companies navigate the turbulent economy and their newly remote workforces.

“Companies everywhere are adapting to huge changes during the COVID-19 pandemic and many have launched work-from-home setups with little planning or preparation,” said Ostra Founder Michael Kennedy. “We all have to rally as a community to do our part right now. We want to help protect businesses during this volatile time so that they can focus on the things that matter.”

Today’s environment lends itself to an increase in malicious digital attacks, with remote work environments, personal devices and home routers putting sensitive business data at risk. According to a report from Google, phishing attacks have increased 350% since the coronavirus pandemic began. Experts also report an increase in cyberattacks ranging from credential phishing to fake landing pages to malware, ransomware strains and more. Data breaches can take businesses offline quickly – sometimes for several days – resulting in significant financial and reputational costs that many businesses never recover from.

“Cyber attackers are targeting smaller businesses who may not have the same extensive protection as large corporations,” said Kennedy. “Businesses must enhance their preventative measures because if they are forced to react, it’s already too late.”

Firewalls and antivirus software only cover about 20% of incoming cyberattacks. Ostra utilizes robust technology typically only available to Fortune 100 companies to bring comprehensive, affordable cybersecurity service to businesses of all sizes. The enterprise-grade software is a simple download, paired with remote personal support which immediately protects sensitive information and devices. Ostra provides a 24/7 proactive defense without requiring additional bandwidth or resources.

Contact protection@ostra.net to learn more.

About Ostra

At Ostra, our mission is to provide the world’s best-in-class Internet protection for our customers against known and unknown threats. Ostra is the pre-eminent digital security platform that safeguards your entire business by proactively mitigating threats before they become issues. Find out more about our tools and services at Ostra.net.

###

Contact: Madeleine Rush | 651-214-6937 | madeleine@goffpublic.com

Ostra Cybersecurity

The state of cybersecurity in the time of coronavirus. Important considerations while working remotely.

/in /by

While businesses hustle to migrate their workforce online, cyber attackers seize the moment. 

Now that sheltering in place is commonplace, digital collaboration is the new norm. Cyber security is more important than ever. Remote work environments including personal devices, home routers, and anxious employees put sensitive business data at risk. As we widen the net of devices connected, we are also inadvertently providing more access points for malicious activities.

With the quick rush to set up remote office environments, security has often been deprioritized in favor of moving quickly. We want to help protect your business and your data in a way that won’t slow down your team. 

Phishing attacks have already increased by 350% amid the quarantine.

At least 300,000 suspicious COVID-19 websites were created over two weeks in March.

In a chaotic time with employees operating from an increased sense of fear, they are more susceptible to phishing scams. Bad actors are impersonating trustworthy health organizations and other government agencies to lure people into clicking, downloading, and giving sensitive information. Ransomware and cyber espionage is on the rise with known global cybercriminal groups already infiltrating and exposing sensitive information of businesses and their clients. Many of the companies and hospitals that have been hit are being held liable for these breaches by the clients and patients who have been affected.

The importance of digital security hygiene

While cyber-attackers seize the moment, remote employees may not implement proper security hygiene while working across their devices creating the perfect conditions for infiltration. Now more than ever before it is important to take vigilant steps to safeguard your business and use secure VPNs and WiFi networks, password managers, and have a more critical eye while navigating online.

Business cannot afford the cost or risk of losing their vulnerable data to ransomware attacks. In addition to prevention, early detection is key. With a comprehensive system virus’s and other infections are detected, contained, and remediated quickly, mitigating destructive breaches and costs.

Cyber attacks are on the rise

FireEye reports that 75% of ransomware attacks happen within three days, and often strike during off-hours or weekends, making around the clock monitoring critical. For organizations monitoring from a distance or working on a skeleton crew, detecting attacks within the nick of time may not be possible. Some good news, we can take proactive steps today to mitigate risks to companies, employees, and clients before they become issues. 

Ostra offers a free solution to cover your needs

In response to more vulnerable remote working situations, Ostra is offering our proprietary cybersecurity solution free of charge to new clients to help with the next couple of months, or whenever this blows over. We can help you provide secure VPN access and protection for email, end-points, and against malware and ransomware attacks. Our system can be installed remotely and have you up and running quickly.  If you partner with us during this time, you will receive regular reporting detailing the malicious threats we blocked and we may ask for feedback on our services along the way.

We’re here to provide a sphere of protection around your digital world, so you can focus on your business, employees, clients, and families during these challenging times and year-round.

Contact us today for more information!

Ostra Cybersecurity, Inc.
6101 Baker Rd, Suite 202
Minnetonka, MN 55345
contact@ostra.net
(866) 336-7872

Access our Partner Portal
Subscribe to Our Newsletter