Network Critical - The Window to your Network

March Madness


Welcome to March Madness. In the United States, the major colleges engage in a 64 team single elimination basketball tournament. The teams are assigned to brackets early and in March and many Americans fill out their own version of which teams will progress and which will fall away.

As the tournament progresses, fans need to follow the bracket changes and root for their favorite teams. This is done day and night throughout the month meaning that work time is also used to update brackets, manage office betting pools and actually watch games. With games now being multicast across a variety of devices it is easy to watch any team at any time. The estimated productivity loss for U.S. businesses during the month of March is about US$2.1 billion.

Another form of March Madness that is expensive to U.S. businesses is data theft. This cyber crime takes on many different personas but distracted employees are a favorite target. On March 2, 2017 NSC Technologies Worldwide was breached by a phony email scheme and employees sent the W-2 tax forms of all the company employees to the hackers. The W-2 form contains important personal information for each employee including wages and social security number. This information can be used by cyber criminals to file false income tax returns in the names of these employees and have the refunds sent to false bank accounts.

March, 2015 Morongo Casino among others fell to this scam. March 2016 the Main School System, Sunrun, Sprouts Farmers Market, Seagate Technology among many other firms were targeted. In fact this W-2 phishing scam is growing by 25% according to the Vice President of Data Breach at Experian. Why March? Because that is “tax season” in the US when employees are compiling their income data and forms to file with the Internal Revenue Service.

Here is what happens. The hackers sent phony emails to employees that looked like they came from the CEO of the company. The CEO, in the email, asks the employees to download a file with all the employee W-2 forms and send it to him immediately. Of course, the email was not really from the CEO so the employees who thought the email was real, sent all the W-2 information to the hackers.

Now, if you think about this scam you wonder. What were these employees thinking…or, were they thinking? There are two solutions to this problem. One is technical and one is personal.

Personal

I you work in Payroll compiling employee data and filling our forms, how often do you get emails from the CEO? How often does he ask you to send him information for which he already has full access? What on earth would the CEO of the company want with the W-2 form for every employee in the company? If employees would just use a little common sense and think about these requests, it would be pretty obvious that this request, at a minimum, should be vetted prior to being executed. Further, why do these payroll and finance employees have download access to all the W-2 files in the company? This leads us to the technical part.

Technical

There is no substitute for hiring smart, inquisitive employees. There is also no substitute for continually training all employees in computer safety, security and how to recognize potential scams. All employees should also be given safe email policies and procedures to follow.

But there are technical solutions to network security that should also be investigated, budgeted and deployed. One particular solution that fits in nicely this March tax scheme is Data Loss Protection (DLP). Data Loss Protection appliances connect to network links and allow policies to be set for what data can be downloaded, to what devices and who has download privileges.

For example, a social security number has the format xxx-xx-xxxx. A company can set a policy in the DLP appliance restricting any data with this unique format from being sent to certain devices. This appliance deployed with the proper policies could eliminate the possibility that employees could inadvertently send this critical information to outside requestors regardless of who they thought they were.

Now these appliances also need to bp connected in-line and work real time on the network. In order to set up DLP appliances and not impact network availability or reliability, intelligent TAPs should be deployed as the connection between the DLP appliance and the network link.

Summary

Hire inquisitive employees, not drones. Set prudent email communication policies and train all employees in policy and consequences. Deploy technology to prevent embarrassing and expensive breaches. The cost of robust network protection equipment and employee training is far less than enduring the embarrassment and expense of remediating critical breaches.

The teams that will survive the early rounds of the tournament and play in the “Final Four” will be the teams with a good game plan, smart players and strong defense…and the team that wins it all will also have a little luck as well.

Good luck on your brackets!

Posted: 30/03/2017 15:18:43 by Network Critical with 0 comments
Trackback URL: http://www.networkcritical.com/trackback/1c3a78d5-0283-4fe7-861a-0a0b99fbf16a/March-Madness.aspx?culture=en-GB

Comments

Blog post currently doesn't have any comments.