Information technology blog, cybersecurity blog

During tax season, personal information is being exchanged at a much higher rate than any other time of year. Documents like W2s with Social Security numbers on them are just par for the course. It’s also a time of year when employers and employees engage in tax-related tasks that aren’t routine to them. There’s often a bit of chaos getting everything in order and even a bit of anxiety over doing it right. For hackers and scammers who rely on human error and deception, all of this combines to create ideal conditions. I was recently on FOX61 Morning news to offer tips to viewers to avoid tax season scams.

The world learned last week that the information of over 10 million hotel guests at MGM Resorts was obtained by hackers. The data breach is the result of a security incident that occurred last year, but the data was being shared in hacker circles recently and discovered and verified by ZDnet. Most of the data is limited to hotel stay info, addresses, and phone numbers dating back to 2017 and earlier. Since Kelser is a trusted, local managed service and cybersecurity provider, FOX61 News had Kelser CTO Jonathan Stone on following the breach to discuss what hackers can do with this type of apparently harmless information.

The latest issue of Corporate & Incentive Travel Magazine tells the story of how I was at a conference—a cybersecurity conference of all things!—and it provided an unsecure general access wireless network. There was no preregistration for this network and the password was distributed freely to attendees. Most attendees wound up using the hotspots on their phones. Many conferences and events of all types have inadequate cybersecurity protections in place. The Wi-Fi networks offered at these events may seem more secure than public Wi-Fi, but in most cases, they are not. In fact, they could be more dangerous to use because hackers interested in a particular type of data can target the network of a specifically relevant conference (rather than the general network of a coffee shop, for instance).

Hopefully you’re reading this on a device that is running an operating system other than Windows 7. If not, I have some bad news for you. You’re on your own.

IoT devices pose uniquely terrifying security threats. Just ask a Waterbury, Connecticut, family who was awakened and harassed by hackers accessing their Ring security cameras. As part of their coverage of this incident, WFSB Channel 3 news asked Kelser to offer some insight into how hackers may have gotten access, and what can be done to secure IoT devices.

Simply having or transmitting data is a risk. It’s often a necessary risk—companies have to store and share data constantly in order to do business—but it’s important to remember that if something is deleted or isn’t shared, it’s much less likely to fall into the wrong hands. This is something we talk about with our cybersecurity clients throughout Connecticut on a regular basis. Part of our process is to take stock of who they are sharing data with and why. If there’s not a reason to be sharing a particular type of data with a particular party, then not sharing it cuts down on risk of it being breached at some point. If data isn’t in use anymore, deleting it eliminates something a hacker could get a hold of.

Connecticut-based Starling Physicians, which operates 32 locations in the greater Hartford area, announced a data breach this month linked to a cyber attack dating back to February. When we first learned of this breach, we were discussing it around the office and quickly learned that three Kelser employees are parents of kids who are patients at a Starling practice. NBC Connecticut stopped by our office both to hear from these parents and for insights on cybersecurity from me.

In case you haven’t heard, October is National Cybersecurity Awareness Month! Perhaps you’ve already checked out some tips and best practices to help keep you more secure. If you haven’t, not to worry as we have you covered with a roundup of tips and resources from our experts. If you have, you might find additional valuable cybersecurity awareness info below!