Posts

Social Engineering: 2020s Top Cybersecurity Threat

Social Engineering attacks are the most potent cybersecurity threats plaguing enterprises. They owe their power to their innovative undetectability. Forbes puts social engineering as a top cybersecurity threat for 2020. 98% of cyber attacks rely on social engineering. How can an organization protect itself from an insider threat? We explore the what, why and how of this damaging cybersecurity menace.

This article contains:

What is Social Engineering?

Social engineering refers to crafty ways hackers trick unsuspecting victims into downloading malware, and/or leaking credentials via social platforms. The types of social engineering include:

  • Phishing/vishing/smishing: Fraudulent emails or voice messages or text messages are used to extract personal information or download malware.
  • Spear-phishing: Phishing that is custom-tailored to target key employees, particularly C-level ones, via social media or email.
  • Baiting: Using a lure such as a planting an infected device or the promise of the latest movie to get victims to bite the bait.
  • Pre-texting: Using false impersonation to gain the victim’s confidence – a call from your bank’s customer support team asking for your credentials to prevent an “unauthorized withdrawal”.

Why are Social Engineering attacks so damaging to cybersecurity?

social engineering attacks What makes social engineering so potent is its ability to escape detection as it craftily preys on employees themselves to execute the attacks. Insider threats escape typical methods of prevention and detection. Additionally, attacks are getting increasingly sophisticated and personalized; even using AI and machine learning (ML) to target their victims.

If you’re about to say, “They definitely can’t fool our employees!”, consider a video or voice message in exactly the same appearance or voice of your manager asking you to urgently send some critical business documents. You’ve been “Deepfaked” – an advanced form of social engineering that can dupe even the most discerning.

The FBI estimates that Business Email Compromise, a form of fine-tuned phishing has caused $26 billion in losses in just the past three years. Facebook, Sony, Target, RSA, Associated Press, political parties and top governmental organizations – no sector no matter how secure and well-guarded – have been spared from the ingenuity of social engineering attacks.

How can organizations protect themselves?

  • Inform and Train: Social engineering cannot work without the complicity, unwilling as it may be, of the employee. Conduct regular security training in good email and cybersecurity hygiene, keep employees informed about the latest flavors of malware vectors, and encourage employees to forward suspicious emails to the security team. Champion, gamify and incentivize good cybersecurity practices. It is well worth it!
  • Use in-built mechanisms: Platforms such as Office 365 come with anti-phishing policies that can secure your organization. Explore and harness them, particularly for sensitive data and high-profile groups.
  • Secure Authentication: A majority of security breaches are attributed to compromised credentials. Multi-factor Authentication/Two-factor Authentication (MFA/2FA) is proven to block 99.9% of account hacks. Ensure that your applications, particularly third-party ones, support it.
  • Basic safeguards: Don’t forget the basics such as up-to-date anti-virus software, spam filters, and network monitors. Consider methods such as sandboxing emails to validate links.

How CloudAlly can help

While organizations work hard to prevent and detect social engineering attacks, a strong offense in the form of rapid disaster recovery may be the best defense. Seamless data recovery is central to quickly recovering from data loss and minimizing its damage.

SaaS Data Needs Protection, Start Free Trial Now!

CloudAlly’s SaaS backup and restore solutions automatically back up business-critical cloud data with support to easily recover it from any-point-in-time. All major SaaS platforms such as Office 365, SharePoint/OneDrive, G Suite, Salesforce, Box and DropBox are supported. More critically, our solutions are stringently secure with Amazon S3 storage, OAuth/MFA/2FA capability, global data centers, and GDPR/HIPAA compliant. With provisions to restore to the database of your choice, flexible licensing, and 24×7 real-person, responsive support – we fit right into your setup.

Try our full-featured trial now and protect your SaaS data from the dangers of social engineering. 

Blunt social engineering attacks

Backup your SaaS today!

Cloud Backup For Higher Education

Backup for Salesforce and Office 365 Solution Gives IBA Conviction in the Cloud

Sean Bates the former ICT Manager, Australian Institute of Business (AIB), understood that securing data on cloud, for the higher education organisation he worked for was paramount.

Using powerful business solutions like Microsoft Office 365 and Salesforce.com can pose significant data protection challenges for an organization.  While Microsoft provides every precaution possible to safeguard their clients business data, it’s indeed very difficult for Microsoft to administer and supervise occurrences on the customer side, like accidental & malicious deletion.  The enormous risks in data loss on  cloud applications are tremendous, but can be minimized greatly with cloud to cloud backup.

AIB ICT manager recognized the possible issues & problems and adopted backup as an imperative organisation task, so that all relevant data records, intellectual property, sales information, research, and general communication would remain safe & secure, (and available to restore from any point-in-time).

View the complete customer story…

to learn why this upstanding higher educational institution chose CloudAlly for its cloud to cloud backup & restore needs.  Read about the reasons CloudAlly was chosen to provide this backup, its excellent customer support, and learn how and why the experts choose CloudAlly for backup on the cloud, to safeguard against data loss.

 

 

 

Google Drive Down Worldwide: Averting Problems with Google Drive Backup

G Suite Drive Down

Here’s the scenario: you get to work, ready to pull up the spreadsheet you’ve been working on from Google Drive. But there’s a problem: Google Drive is down. You wait. Check again. Google drive is still down, and it stays down. For over an hour. What are you going to do now? The answer: keep waiting, even as you waste time. While there is certainly nothing wrong with using Google Drive to back up your G Suite apps, recent issues like this one prove that Google Drive alone is not reliable enough to be your only backup. CloudAlly’s G Suite/Google Apps Backup gives you the security that your data will be protected, even if Google Drive fails.


What this article is about:


What happened?

Right now, Google Drive aims to simplify G Suite users’ storage and file sharing in the cloud, but the program regularly has its snafus.

Case in point about Google Drive’s unreliability: on the morning of September 7, Google Drive users started receiving error messages from the file storage service. Users around the world could not load their files.

At 10:37am EST on September 7, 2017, Google announced that it was working to resolve the issue:

“We’re investigating reports of an issue with Google Drive.” Google Drive was down for an entire hour. By 11:38am EST, the program had been restored for some users, but it was still down for others.

Google issued another message that users could “expect a resolution for all users in the near future,” but the company could not provide a concrete timeline. Only by 12:24pm EST – nearly two hours after Google started working on the problem – was Google Drive restored for all users. The tech giant apologized for the inconvenience and said that it planned to develop “continuous improvements to make our systems better.”

Sure, Google says they’re working to make Google Drive infallible, but what if they don’t deliver on their promise, like they most likely will? If Google Drive fails when you need important data, you’re stuck, waiting until Google recovers. Without a third-party program, there is nothing you can do about Google Drive’s unreliability.

You might think, Google Drive was down for a few hours. So what? The problem speaks to a common issue of unreliability with the service. Just a few days after the first issue, on September 11, nearly 3,000 people reported issues with Google Drive again.

Sure, Google Drive is helpful. But it is by no means complete.

Google Drive’s Unreliability?

Google Drive does back up your files and data. However, the protection it provides is not enough.

Take malware and ransomware. Does Google Drive protect your files from these malicious viruses?

Nope. Even if your files are stored on the Google Drive cloud, your data could be infected. Only a third-party software like CloudAlly can protect your Google Drive files from corruption or ransom.

But, you might think, at least Google Drive will be around forever, right?

Again, the answer isn’t certain. Google Drive’s future is at risk. In early September 2017, users feared that Google Drive was shutting down altogether. While this turned out to be hype, Google is shutting down its Google Drive app for Windows and Mac, replacing it with a new backup up.

Right now, though, take a breath. Google Drive is still accessible to all users through browsers on all devices, but this replacement demonstrates Google doesn’t love Google Drive enough that they’ll never change or replace it. Google Drive may not be around forever, and while Google Drive will likely not shut down without notice, it still makes sense to have a third-party software like CloudAlly to back up all your data.

CloudAlly’s G Suite/Google Apps Backup

Returning to the interruption of Google Drive on September 7.

Google Drive users without third-party backups just had to wait. And click to see if Google Drive had come back online. And wait. And click.

But if you were using CloudAlly, you could have exported critical documents instantly. You wouldn’t have wasted any time. CloudAlly lets you export your data to any and all of the programs or devices you need using efficient zip downloads. Instead of waiting for Google to repair Google Drive on September 7, you could have kept on working like nothing was wrong.

Besides, CloudAlly’s Google Apps Backup does more than protect your Google Drive files, too. It backs up all your G Suite apps, including Gmail, calendar, contacts, tasks, and chats on an automated, daily basis.

Don’t put your data safely entirely into Google’s control; take matters into your own hands! Want to see for yourself how CloudAlly is more reliable than Google Drive? Try our free backup for 15 days.


Now that you know about Google Drive backup, you might want to have a look at what we created for you…

L20-Get-Our-Quick-Guide-To-G-Suite-Backup

Why Should You Backup Google Contacts And How To Do It?

Using G Suite for your company’s email service is smart. It is simple, easy to use, and employees can log in to collect their messages from just about anywhere. You feel safe with Google and you should. Google has a reputation for having reliable security. While they do provide excellent security, they are a slew of reasons that can cause you to lose your Google Contacts. There are three ways you can backup Google Contacts and restore them.


What this article is about:


Main Causes of Your Google Contacts Data Loss

New call-to-action

  • Syncing and merging problems are simple and often overlooked when contact details are lost. If you select the wrong files or too many files at once, you can lose your contacts. It may not be obvious that the loss occurred. Like merging address books, syncing your Gmail contact list with your phone contact list can also result in missing information. If the device has a misconfiguration, you can lose information from both the device itself and your Gmail account.
  • Hackers: Even though the Gmail account may be through G Suite, that does not make it impenetrable to hackers. Google does offer additional security features to make it more difficult for a hacker to access your account without your knowledge. Unauthorised access does still happen, and their primary goal is to send out as many spam as possible. Hackers often delete your email history, sent files, and contact list. This way your contacts cannot alert you to their presence. The best defense against hackers is a complex password, changed regularly, and 2FA (two factor authentication). You can also set Google to alert you when a new sign in has occurred. With the email alert system, you always know when someone has logged in from a new location.
  • Human error: The most common reason for contact deletion is simple human error. Removing data from your Google account is straightforward. While you may be prompted from time to time to confirm the deletion, that is not always the case. Sometimes, you mean to delete one thing and then accidentally select a different name. When you confirm the deletion, you believe you are correct but turn out to be mistaken. Sometimes you realise your error immediately, other times it could be days or weeks before you realise that the name you need is no longer in your address book.

Option#1: DIY User Level Backup

There are ways for you to back up contacts yourself. You can just export the data to a CSV document on your computer. If you update your contact page frequently, you might want to export your contacts about once a week. Saving a current CSV file once a month is enough to keep this information safe otherwise. If you are using the newest version of Contacts, you may be prompted to change back to the older version for export.

Option#2: DIY Google’s Built-In User Level Time Machine

Google offers a basic backup option.You do not have to turn on any settings – this is an automatic feature. Their service retains deleted contacts. However – this retention policy is limited to 30 days only!  Restoring contact information using this approach is simple but potentially destructive. Instead of just restoring the items, it turns back the clock on your ENTIRE contact list – it is a time machine for your Google Contacts, which means that any new names added go away.

>> To restore contacts through Google, start by logging into your Gmail account.

Once logged in, click on the Google Applications icon on the top right of the screen.

backup google contacts

>> Open the Contacts page by selecting Contacts from the drop-down menu.

>> On the Contacts page, choose More. In the newest version of Google contacts, the More option is on the left-hand side of the screen. Older versions of contacts, the More option is located above the contact list.

Then…

>> From here you can choose Undo Changes and select the time frame from the pop-up box.

>> Completing an Undo option restores any contacts lost from within the period selected.

Within older versions of Google Contacts you choose restore instead of undoing. The same time frame options appear.

Option#3: Use a Third-Party Backup Solution

The best way to ensure you lose none of your Gmail contacts is to use a third-party backup like CloudAlly. CloudAlly backups all your contacts and restore them without deleting any new details. CloudAlly backs up all your contacts from any connected Google or Gmail account. To backup, log into your CloudAlly account and select the Add New Backup Task option. Then choose Google Account.

>> Select the Next button to give CloudAlly permission to access and save information from the selected account.

>> After giving Google permission, select the account you want to connect.

The backup begins automatically and runs at the same time each day. Updates made to your contact list are added, while any deleted names remain accessible for later restore.

When restoring contacts, you can choose to restore all names from a particular date with the Snapshot restore, or a specific contact by using the Search option. When restoring, CloudAlly reinserts the information into your address book. Unlike with Google’s contact recovery feature, all existing entries remain even if they were added after losing the restored information.