Netizen Cybersecurity Bulletin 02 January 2019

In This Issue:

In this week’s issue, you’ll find information regarding the most current critical threats and preventative measures to lessen the chances of a breach.

  • Welcome 2019!
  • Tribune Newspaper Hack
  • China Hacked Hewlett Packard Enterprise Co. and IBM
  • Phish Tale of the Week
  • How can Netizen help?

Welcome 2019!

Welcome to 2019!

Netizen Corporation hopes the New Year is happy, healthy, and prosperous for all.

If you haven’t already, resolve to keep yourself and your business CyberSecure. Netizen is here to help!

A look back at Netizen Corporation’s 2018

Tribune Newspaper Hack

Newspaper print operations at Tribune Publishing were disrupted by a virus over this past weekend, preventing the printing of such titles as the Los Angeles Times, New York Times, and The Morning Call of the Lehigh Valley.

The cause was identified as a virus which is suspected of originating from overseas. It is still too early to identify why Tribune was targeted, or which nation may have been responsible, but the event is a prime reminder to review your company’s Incident Response Plan (IRP). An IRP is designed to address and manage the aftermath of a security breach or cyberattack or any other IT incident. The goal is to handle the situation in a way that limits damage and reduces recovery time and costs.

When more information regarding the Tribune incident is available, Netizen will detail it in a future Bulletin.

China Hacked Hewlett Packard Enterprise Co. and IBM

China has struck once again as they went after Hewlett Packard Enterprise (HPE) Company and IBM, two Fortune 500 technology companies. The Chinese hackers, working on behalf of China’s Ministry of State Security, are part of the campaign Cloudhopper, which is said to infect technology service providers in order to steal secrets from their clients.

The hackers succeeded on breaching the networks of IBM and HPE, and used the access to gain entry to their clients’ computers. IBM commented on the situation stating, “it had no evidence that sensitive corporate data had been compromised.” HPE wouldn’t comment on the situation of the hacking.

Businesses and government are increasingly looking to technology companies known as managed server providers (MSPs) to remotely manage their technology operations including servers, storage, networking, and help-desk support. The Cloudhopper campaign targets MSPs to access client networks and steal corporate secrets from companies around the globe, according to a US Federal indictment of two Chinese nationals.

A way to protect your company from a hacking is to make sure your MSP is taking the proper steps to protect your assets. Make sure your company implements strict policies on how to handle data and implement least privileged access to certain data. Another way to protect your company is implementing a good password policy and regular compliance checks against your company for abnormal or suspicious logins.

Phish Tale of the Week

The year is still too new for any fresh phish, so we’ll simply remind you of our recommendations to stay secure:


A phishing email will typically direct the user to visit a website where they are asked to update personal information, such as a password, credit card, social security, or bank account numbers. A legitimate company already has this sensitive information and would not ask for it again, especially via email.

  • Scrutinize your emails before clicking anything. Did you order or ask for anything for which you’re expecting a confirmation? Did the email come from a store you don’t usually order supplies from or a service you don’t use? If so, it’s probably a phishing attempt.
  • Verify that the sender is actually from the company sending the message.
  • Did you receive a message or email from someone you don’t recognize? Are they asking you to sign into a website to give Personally Identifiable Information (PII) such as credit card numbers, social security number, etc. A legitimate company will never ask for PII via instant message or email—this is a huge red flag.
  • Do not give out personal or company information.
  • Review both signature and salutation.
  • Do not click on attachments.
  • Do not click on unrecognized links. If you do proceed, verify that the URL is the correct one for the company/service and it has the proper security in place, such as HTTPS.
  • Be wary of poor spelling, grammar, and formatting. As can be seen with the with this email, there are multiple spelling, grammar, and formatting errors, leading us to believe that the message is illegitimate. If an email is visually unprofessional, the sender is likely not who they say they are.

Many phishing emails pose a sense of urgency or even aggressiveness to prompt a form of intimidation. Any email requesting immediate action or that is addressing you in a threatening manner should be questionable. Also, beware of messages that seek to tempt users into opening an attachment or visiting a link. For example, an attachment titled “Staff Pay Raises 2018” may seem like something you really want to know about, but it could just be a ploy to plant malware on your system or steal your credentials.

How Can Netizen Help?

Netizen ensures that security gets built-in and not bolted-on. Providing advanced solutions to protect critical IT infrastructure such as the popular “CISO-as-a-Service” wherein companies can leverage the expertise of executive-level cybersecurity professionals without having to bear the cost of employing them full time.

We also offer compliance support, vulnerability assessments, penetration testing, and more security-related services for businesses of any size and type.

Additionally, Netizen offers an automated and affordable assessment tool that continuously scans systems, websites, applications, and networks to uncover issues. Vulnerability data is then securely analyzed and presented through an easy-to-interpret dashboard to yield actionable risk and compliance information for audiences ranging from IT professionals to executive managers.

Netizen is an ISO 27001:2013 (Information Security Management) certified company.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.