Cisco’s Annual Cyber Security Report was released today and as always it is filled with interesting insights about both sides of the cyber security battle.

Insights into Hackers and Attackers

1. Adversaries are taking malware to unprecedented levels of sophistication and impact.

Malware, especially self-propogating “worm” malware such as WannaCry and Petya played a pivotal role in some of the biggest attacks and infections of 2017.

2. Adversaries are becoming more adept at evasion— and weaponizing cloud services and other technology used for legitimate purposes.

One trend is the use of encryption by hackers to protect themselves from detection, especially C2 types of activities.

3. Adversaries are exploiting undefended gaps in security, many of which stem from the expanding Internet of Things (IoT) and use of cloud services.

Defenders are deploying IoT devices at a rapid pace but often pay scant attention to the security of these systems.

Insights into Security Defenders

1. Budgets are perceived to be relatively stable, growing and appropriate.

2. Breaches appear to be the biggest driver of future investments and improvements in technology and process.

3. The use of outsourcing is growing as a means of dealing with security threats, especially in the areas of monitoring and incident response.

Konsultek’s Take

Cisco’s report is well written, easy to read and full of valuable insights. Many of these insights such as the growing reliance on outsourcing correlate closely with our own findings. As a pioneer in outsourced security solutions we too have seen strong growth in both the variety and volume of services our clients outsource to us.

Managed services are a cost effective way to improve security efficacy as well as scale security solutions in a growing organization. If either of these are of interest to you and your organization please give us a call to set up an introductory meeting.


read more

You could say that Mordechai Guri, director of the Cybersecurity Research Center at Israel’s Ben Gurion University, is obsessed with the “air gap”. His obsession, as described in depth in a fascinating article has resulted in some of the most arcane ways to beat the “air gap” ever devised.

Connectivity Beyond Wires and WiFi

One of the best ways to secure sensitive data is to have it stored on machines that are isolated from the network and Internet by both wire and WiFi, or so called “air gapped”. Makes sense, right? If your machine is not connected to the outside world it should be impossible to breach from the outside world.

Want to take your security a step further? Place your machine in a secured metal clad room or Faraday pouch to prevent the transmission of electrical signals.

Still Not Enough

What Mordechai has proven is that a hacker who is determined and skilled enough can overcome virtually any isolation if given enough time and resources.

Here is a list of some of his most creative ways to extract data to date:

  • Altering the noise the machine’s internal fan generates
  • by changing air temperatures in patterns that the receiving computer can detect with thermal sensors
  • by blinking out a stream of information from a computer hard drive LED to the camera on a quadcopter drone hovering outside a nearby window.

And a Couple of Videos Showing the Techniques in Action


The Saving Grace

The one saving grace and defense to most of these techniques is that they rely upon the system having been previously compromised with malware. The malware itself would likely have been injected via a corrupted USB drive – think Stuxnet. Still, fascinating research and a great reminder that the concepts of security need to constantly be challenged.



read more

Just a couple days after the confetti had settled in Time Square, security researchers revealed two massive vulnerabilities that exist in virtually every pc and server in the world.


The vulnerabilities, Named “Meltdown” and “Spectre” (James Bond fans, are we?) by the researchers who discovered them, exist at the processor level. The two vulnerabilities differ in that Meltdown affects only processors designed and built by Intel while the Spectre flaw is so deeply embedded in modern chip architecture design that it affects virtually all modern processors regardless of manufacture.

Patching Things Up

Researchers, manufacturers and cloud service providers have been feverishly working to develop patches for Meltdown. The good news is that it does appear that patches are on their way for both Windows and Linux machines and that this vulnerability will be fixed before it can wreak havoc on cloud computing providers, hosting providers, businesses and individuals. – I suspect this means that PC users around the world will be getting a Windows update dropped in their lap shortly. Oh and according to some sources, expect your PC to run upwards of 30% slower once the patch is in place!

As for Spectre, early indications are that nothing short of changes to fundamental chip architecture will be able to fully patch this vulnerability. This of course means a legacy vulnerability may well exist for many years until PCs, phones, servers etc. are replaced as part of the normal life cycle.

2018 is Starting Off with a Bang!

Two huge vulnerabilities and the coldest holiday season on record for much of North America! Stay warm, stay inside and focus on security!


read more

According to take budgets were going to be increasing in 2017 with marked increases in security spend.

Did your organization ride this trend or buck it?

read more

What are the four questions every CEO should ask after a breach? According to an article on they are:

1. What information was impacted?

All information is not created equal or valued equally. In general, Personally Identifiable Information (PII) is valued more highly by both cybercriminals and regulators. This means that the ramifications for losing this type of information are greater than for losing other types of more generic information.

2. How many customers were impacted?

Of course, the more customers, the worse the breach in general and the more likely you are to find yourself in the press. But beyond that, the size of the breach determines how you will notify the victims and whether or not you may find yourself in a class action law suit.

3. What geographies were impacted?

Breaches are handled differently in different parts of the world. Who you must report to, how quickly you must report and what is considered personal information all varies depending upon who has jurisdiction.

4. Do we have logs?

Logs are the history of what actions took place on a database or server. Logs are crucial! They hold the entire history of the event and the more accurate and detailed the better. Without good logs your technical team is at a huge disadvantage when attempting to piece together how the breach occurred and what actions were taken in response.

Your Quick-Start Road Map

In summary, knowing what information was compromised, how many individuals were impacted, where they were impacted and how well your team and security measures responded to the breach provides you and your C-Team the information you need in a capsule summary format.

You will quickly know what types of ramifications to expect and what other resources you will need. Of course, as the event continues to unfold you will need additional, more granular information but the answers to these four simple questions will serve you well as a “quick-start road map” to your journey ahead.

The Case for Managed Security Services

If an ounce of prevention is worth a pound of cure, then Konsultek’s managed security services may be the best way to keep your organization out of the headlines and focused on your core competencies. To learn more about the advantages of managed security services, please give us a call.



read more

It’s hard to imagine but the FBI’s IC3 turns 17 this year and in the spirit of National Cyber Security Month we thought we’d take a moment to highlight this valuable resource.

The Internet Crime Complaint Center (IC3)  was established in May 2000 as a partnership between the National White Collar Crime Center (NW3C) and the Federal Bureau of Investigation. The organization gives victims of cybercrime a convenient and easy-to-use reporting mechanism that alerts authorities of suspected criminal or civil violations. IC3 provides law enforcement and regulatory agencies at all levels a central referral system for complaints involving Internet-related crimes.

Here’s How the Process Works Today

Filing a Complaint with the IC3

The IC3 accepts online Internet crime complaints from either the actual victim or from a third party to the complainant. You can file yourself, or someone can file for you (for example, your security provider). The IC3 works best when they receive complete and accurate information so before you click the big red button we suggest you follow their recommendations regarding what information to have at the ready.

Here is that list:

  • Victim’s name, address, telephone, and email
  • Financial transaction information (e.g., account information, transaction date and amount, who received the money)
  • Subject’s name, address, telephone, email, website, and IP address
  • Specific details on how you were victimized
  • Email header(s)
  • Any other relevant information you believe is necessary to support your complaint

Konsultek and the FBI

In the past Konsultek has had the pleasure of having members of the FBIs cyber crime team join us for lunch-n-learn opportunities. We have an upcoming event in the works so be sure to check our events page frequently because the FBI appearances are always extremely popular and seating goes fast.


read more

While the alarming news about the massive Equifax breach is just days old, Joshua Browder, the entrepreneur behind the robo-lawyer DoNotPay.UK has already taken action on it.

Head over to the DoNotPay website and you’ll be greeted by this splash screen:


Browder and his team have built upon their “chatbot” technology which has reportedly already helped nearly 400,000 people successfully fight traffic tickets in New York.

The national aspect of the Equifax breach introduced complexities beyond the relatively simple types of legal matters, say parking tickets in Chicago, which the bot has been helping with so far.

According to reports, his biggest challenge was determining who to sue in each state and the various indiosyncracies of each state’s system.

You can learn more details at and get a different perspective on this approach to suing Equifax over at

Security Experts, Not Lawyers

Whether using a chatbot to sue Equifax in small claims court is a good decision or not is not our area of expertise. Keeping breaches from happening is! At Konsultek we develop customized, holistic security solutions for organization of all shapes and sizes.

When you’re ready to learn how we can make a difference in your organization’s security, just give us a call and talk to one of our real experts, not a chat bot!


read more

Today is the last day to file your federal income taxes. And the looming 12:00 a.m deadline has thousands, if not millions of citizens stressing out and more susceptible to phishing scams than usual.

Every good cybercriminal knows this and they are working overtime churning out fake emails from the IRS and other taxing authorities in the hopes of snagging victims, stealing valuable information and ultimately,  making some money.

IRS Phishing PSA

For those of you who stumble across this blog post hoping to find a quick answer to the question “How do I know if this email from the IRS is real?” here is the quick answer.
The IRS will NEVER ask you to send along personally identifiable information such as your social security number or bank account details. So, if you are looking at an email that purports to be from the IRS and it is asking for this information it is a fake, phishing email and you should discard it ASAP!

IRS Issues Scam Warning

The prevalence of phishing scams this tax season prompted the IRS to issue a warning on March 17, 2017.
In the warning the IRS urged both tax professionals and taxpayers to be on guard against suspicious activity.Two scams were highlighted in the warning. In the first, which targets tax preparers, a fake email is sent to the preparer, (ostensibly from the client) asking the preparer to change the refund destination, often to a pre-paid debit card.The second scam targets users of tax preparation software or similar services. Users receive emails from these entities asking them to update their online accounts.Of course, those nostalgic for the good old days should be happy to know that telephone scams are still plentiful with the “IRS” robo-calling with urgent messages that require immediate action.

From Phishing to Malware

The purpose of these phishing emails is often not to directly collect account information but rather to install malware that can then access all the information stored on the infected device and even hijack the camera. That, according to

The Zscaler ThreatLabZ team has detected a rise in Java-based remote access Trojan variants — jRATs — which give attackers a backdoor into a victim’s system and can be capable of remotely taking control of the system once it’s infected. Malware authors are using numerous tactics to entice unsuspecting users to open infected attachments, which arrive as malicious JAR files. Most recently, we’ve seen filenames such as “IRS Updates.jar” and “Important_PDF.jar,” claiming to contain important tax deadline information from the IRS.

Security is a 24X7X365 Job

Today it’s tax filing, tomorrow the scam will focus on something else. It appears that cybercriminals never sleep and never take a day off. Somewhere in the world there is always someone or some bot attempting to fleece unsuspecting individuals and organizations. I think we have finally “progressed” as a society to the point when we can confidently say that the only things certain in life are death, taxes and cybercrime!

read more

This week McAfee became an independent security company for the first time since it was acquired by Intel in 2010.

The newly independent McAfee has an enterprise value of $4.2 billion, down from the $7.62 billion price tag that Intel paid.

Intel will retain a 49% ownership in McAfee with the remaining 51% being owned by private equity firm TPG Capital.

McAfee, arguably the world’s oldest and one of the largest pure security firms on the planet has over 7,500 employees worldwide and a substantial war chest of security IP including over 1,200 security related patents.

The newly independent McAfee should be better positioned to help its private and enterprise level clients deal with the rapidly evolving cyber-threat landscape.

In an interview with VentureBeat, McAfee’s Chief Technology Officer, Steve Grobman said “he believes both Intel and McAfee will be able to focus on their businesses better as separate companies. He said that cybersecurity is changing fast, and the company needs to think about challenges such as ransomware, the weaponization of data, and political leaks of digital information.”

In his letter to the public dated 4/3/17, McAfee CEO, Christopher Young states “Today, a new McAfee is born. One that promises customers cybersecurity outcomes, not fragmented products. One that vows to move this industry forward by working with competitors, not just partners. And, one that offers employees a calling, not simply a career.”

Konsultek  Welcomes McAfee Back

At Konsultek we are always looking to bring our customers the best solutions on the planet. We look forward to seeing what the newly independent McAfee can bring to the market in the way of innovative and world class solutions.


read more

Yet, Consumers Implicitly Trust Them According to a CapGemini Report

According to the CapGemini report, while banks and financial institutions enjoy an extraordinary 83% positive level of trust in the cybersecurity of their systems, just 1 in 5 banking executives surveyed are “highly confident in their ability to detect a breach, let alone defend against it.”

For comparison, e-commerce firms enjoy just a 28% positive level of trust while telecom companies and retailers score a paltry 13%.

The full CapGemini Report Can be downloaded here

Trust is a HUGE Factor In Consumer Choice

According to the report authors, trust in an institution’s ability to protect private data and provide a secure environment is a significant factor for 65% of consumers when choosing which bank to do business with.

And yet, while approximately 25% of all financial institutions have reported being a victim of some level of hack only 3% of consumers believe that their own financial institution has ever been breached. It would seem that indeed there is a “trust halo” being enjoyed by banks that the numbers suggest they do not deserve.

If this halo were to become tarnished banks could be in trouble. According to the report 74% of consumers would switch their bank or insurer if they became aware of a breach.

GPDR Regulations Will Likely Drive Transparency

The GPDR regulations set to be introduced next year should drive more transparency and quicker reporting of breaches and this may result in some tarnished halos.

“When GDPR is introduced and all breaches are likely to be made public soon after they occur, many people will be in for a surprise,” said Zhiwei Jiang, Global Head of Financial Services, Insights & Data at Capgemini. “The introduction of GDPR legislation next year is a prime opportunity for business transformation for banks and insurers to become the digital fortresses consumers believe them to be.”

Konsultek Knows Security

From financial institutions to university and healthcare organizations, Konsultek builds customized security solutions that protect networks and the data they house. If you are interested in learning exactly how your network may be vulnerable just give us a call and we’ll discuss how we can find your vulnerabilities before they are found by cybercriminals and hackers.


read more