SCORE Website Cybersecurity Presentation DASHBOARD INTERACTIVE - PowerPoint PPT Presentation

SCORE Website Cybersecurity Presentation

DASHBOARD INTERACTIVE Digital Marketing Firm that • emphasizes Website Security Founded in January of 2006 • 13 Team Members • Work with Small and Medium Sized • Businesses and Agencies Google Certified Partner • Focus: Digital Marketing, Website • Development, Website Cybersecurity, Google Penalty Removal

WHAT MAKES DASHBOARD UNIQUE Certified Cybersecurity Expertise Certified Website Google Expertise Expertise Website Cybersecurity Expertise Dashboard Interactive is one of a handful of Agencies in the U.S. that has Certified Cybersecurity, Google and Website Expertise.

DID YOU KNOW THAT… 32,000 Websites are Hacked Every Day • As of July 1, 2018, Google deemed 821,549 websites as dangerous due to • Phishing As of July 1, 2018 Google deemed 284,375 websites as dangerous due to • Malware That there are only 500, Fortune 500 companies and only 1,000 Fortune • 1,000 companies… – That leaves a lot of Small and Medium Sized Business with Websites that Have Security Issues And in many cases, the business owner, website developer and hosting provider is • unaware that a problem exist.

INFECTED WEBSITE PLATFORM

QUESTIONS OF THE DAY If your website was down, how might that impact your business? • If your website was down, and your competitors websites were up, might • you be at a competitive disadvantage? And what if your website is down, and your competitors websites are up, • (when potential customers were about to make a buying decision) Would your company be viewed favorably? –

POTENTIAL ADDITIONAL RAMIFICATIONS OF A HACK Significant Unexpected Costs to cover the Resolution of the Hack • Need to Reallocate financial resources to cover the costs of Cleanup • Impact the ability to pay some existing outstanding commitments, on time • Sometimes companies obtain credit to help cover costs – If its an eCommerce site or site that heavily relies on Google to generate sales • leads, revenue generation is severely impacted. Lawsuits • Reputation suffers • Occasional Bankruptcy •

CASE STUDY – MANUFACTURING CO. Platform: WordPress • Problems: • Outdated theme – PHP vs current WordPress platform PHP – Security plug in not compatible with the canvas theme was being used – Plug ins not updated in over a year – No manual monitoring of the code or the server system – No human level inspection – Server config from 2008 was adapted, then a new server update occurred and the aged windows system was – not updated (not keeping up with server technology) Older windows server configuration – Shared Server – non secured – Misconfigured SSL – cheap 3 rd party SSL – Server was the target. All sites on the server were most likely impacted – Website was about to get flagged – didn't take it serious. Google then flagged the • website. Challenges: Hosting provider, Developer, Company relationship with IT •

WEBSITE CYBERSECURITY Cybersecurity in the • News The Facts • What you need to know

CYBERSECURITY IN THE NEWS… Unpatched WordPress Flaw Gives Attackers Full Control Over Your Site Discovered by researchers at RIPS Technologies GmbH, the " authenticated arbitrary file deletion " vulnerability wasreported7 months ago to the WordPress security team but remains unpatched and affects all versions of WordPress, including the current 4.9.6 Ticketmaster Suffers Security Breach – Personal and Payment Data Stolen Global entertainment ticketing service Ticketmaster has admitted that the company has suffered a security breach Gandcrab Ransomware Exploits Website Vulnerabilities Researchers find campaigns distributing Gandcrab by hosting malware on legitimate websites with poor security measures. Attacker Dwell Time Still Too Long, Research Shows New DBIR and M-Trends reports show the window between compromise and discovery are still way too long 2.6 Billion-Plus Data Records Breached Last Year Most exposed data records caused by human error. Google 'Distrust Dates' Are Coming Fast All the tools are in place for the migration of SSL digital certificates on a scale that is unprecedented for the certificate authority industry. Are you ready? Number of Sites Hosting Cryptocurrency Miners Surges 725% in 4 Months The dramatic increase in cryptocurrency prices, especially for Monero, is behind the sudden explosive growth, says Cyren. Millions of Office 365 Accounts Hit with Password Stealers Phishing emails disguised as tax-related alerts aim to trick users into handing attackers their usernames and passwords.

CYBERSECURITY IN THE NEWS… Facebook Suspends 200 Apps Thousands of apps have been investigated as Facebook determines which had access to large amounts of user data before its 2014 policy changes. When Russian hackers targeted the U.S. election infrastructure (60 Minutes) Russian operatives launched a widespread cyberattack against state voting systems during the 2016 presidential election. Sears & Delta Airlines Are Latest Victims of Third-Party Security Breach An insecure ecosystem of third parties connected to an enterprise network poses a growing risk, security analysts say. Best Buy says some customers could be affected by data breach of third-party vendor Sears and Delta also said the vendor, [24]7.ai, might have exposed their customers' data. Criminals Targeting Magento Sites with Brute-Force Password Attacks Flashpoint says it is aware of at least 1,000 sites using Magento's e-commerce platform that have been recently compromised. Panera Bread Leaves Millions of Customer Records Exposed Online Personal information exposed in plain text for months on Panerabread.com and the company's response failed to rise to the challenge. Hudson's Bay Brands Hacked, 5 Million Credit Card Accounts Stolen The infamous Carbanak/FIN7 cybercrime syndicate breached Saks and Lord & Taylor and is now selling some of the stolen credit card accounts on the Dark Web.

CYBERSECURITY IN THE NEWS… Under Armour App Breach Exposes 150 Million Records A breach in a database for MyFitnessPal exposes information on 150 million users. Baltimore Hit with Hack on 911 System An attack took down part of Baltimore's 911 system for 17 hours over the weekend, and details are still in short supply. City of Atlanta Hit with Ransomware Attack FBI investigating computer outages in the city's network possibly tied to Samsam-type ransomware variant. Atlanta hit with cyberattack demanding ransom for access to files Cybercriminals Launder Up to $200B in Profit Per Year Cybercrime funds make up 8-10% of all illegal profits laundered and amount to $80-200 billion each year. Trump Administration Slaps Sanctions on Russian Hackers, Operatives A two-pronged and mostly symbolic strategy names and shames Russia for US election-tampering and hacking of critical infrastructure. 77% of Businesses Lack Proper Incident Response Plans New research shows security leaders have false confidence in their ability to respond to security incidents. Equifax Finds 2.4 Million Additional US Victims of its Data Breach Total of victims now at 147.9 million customers.

CYBERSECURITY FACTS Hackers Attack Every 39 Seconds http://www.securitymagazine.com/articles/87787-hackers-attack-every- • 39-seconds More than 70% of attacks target small businesses. https://www.inc.com/thomas-koulopoulos/the- • biggest-risk-to-your-business-cant-be-eliminated-heres-how-you-can-survive-i.html 64% of companies have experienced web-based attacks. 62% experienced • phishing & social engineering attacks. 59% of companies experienced malicious code and botnets and 51% experienced denial of service attacks https://nudatasecurity.com/blog/scary-cyber-halloween/ More than 4,000 ransomware attacks have occurred every day since the beginning • of 2016 https://blog.barkly.com/cyber-security-statistics-2017

…MORE CYBERSECURITY FACTS The median number of days that attackers stay dormant within a network before • detection is over 200 https://swimlane.com/10-hard-hitting-cyber-security-statistics/ Average time to detect a malicious or criminal attack by a global study sample of • organizations was 170 days https://heimdalsecurity.com/blog/10-surprising-cyber-security-facts-that-may- affect-your-online-safety/ Unfilled cybersecurity jobs will reach 1.5 million by 2019 • http://www.streetinsider.com/Press+Releases/Cybersecurity+Jobs+Report%3A+Workforce+Shortage+to+Reach+1.5+million+ by+2019/11145582.html Only 38 percent of global organizations claim they are prepared to handle a • sophisticated cyberattack https://swimlane.com/10-hard-hitting-cyber-security-statistics/

WEBSITE CYBERSECURITY The mind of the • Hacker Ease of hacking a • website The Realities