Skip to main content

Greenbrier School Website Hack

By Industry News

CHESAPEAKE — The people responsible for hacking into Greenbrier Christian Academy’s website over the weekend has no ties to Islamic groups, according to school officials.

The FBI joined Virginia State Police in the investigation into the cyber attack.

The malware attack happened during an upload of information to the website, according to a press release from the school.

Superintendent Dr. Ron White told 13News Now the school became aware of the cyber attack Sunday morning.

The hacker left pro-islamic messages on the website, while pop band Maroon 5’s “Payphone” song played in the background.

Although at first glance it appeared an Islamic group took over the domain, White said he tended to believe local teenagers were behind it.

The website was pulled down entirely Monday afternoon, but had been restored Tuesday.

Christina Pullen, a spokeswoman with the FBI, said the bureau is pursuing this and other recent reports involving other Web sites aggressively. She added that it looks like the cases are limited to defacements.

Understanding the motive behind the attack could be key in finding a suspect, said Jeri Prophet, a cyber security expert and head IntellectTech Inc.

“What is it worth to a hacker? What kind of data sits behind the website, how hard is it to get to? Those are the type of things that go through a hacker’s mind,” Prophet said.

Monday, 13News Now reached out to White to find out if personal data was swiped during the breach, but he did not immediately respond for comment.

Dairy Queen Data Breach

By Industry News

NEWPORT NEWS – A Peninsula Dairy Queen is one of four in Virginia and among hundreds across the country affected by hackers.

Dairy Queen says that its payment systems were breached by hackers who may have gained access to customer names, credit and debit card numbers and expiration dates.

The ice cream and fast food chain says 395 of its stores around the country were affected. The data breach happened between August and September.

The Newport News store is inside Patrick Henry Mall and the breach occurred from August 5 through August 29.

Other Virginia locations are in Salem, Leesburg and Fairfax.

“It’s just getting frightening that someone’s out there trying to steal information all the time–24 hours a day,” customer Phillip Meriritt said.

Dairy Queen says it worked with law enforcement authorities and credit card companies to investigate the breach. It says there’s no evidence Social Security numbers, personal identification numbers or email addresses were accessed. The Edina, Minnesota-based company is offering customers free identity repair services.

A number of retailers, including Home Depot, Target and Michael’s have been the target of cyberattacks in the past year.

Here are five ways to protect yourself:

1. CONSIDER ANOTHER WAY TO PAY

Try newer ways to pay, such as PayPal or Apple Pay. “Any technology that avoids you having your credit card in your hand in a store is safer,” says Craig Young, security researcher for software maker Tripwire. Those services store your credit card information and it’s not given to the retailer when you make a payment. Many big retailers, including Home Depot, accept PayPal at their stores, but many others don’t. Apple Pay, which was only introduced this month, has even more limitations: It is available in just a small number of stores so far and only people with an iPhone 6 can use it.

Stored-value cards or apps, such as the ones used at coffee chains Starbucks and Dunkin Donuts, are also a safer bet, says Gartner security analyst Avivah Litan. That’s because they don’t expose credit card information at the register.

2. SIGN IT, DON’T PIN IT

If you’re planning on paying with a debit card, sign for your purchase instead of typing in your personal identification number at the cash register. You can do this by asking the cashier to process the card as a credit card or select credit card on the display. Not entering you PIN into a keypad will help reduce the chances of a hacker stealing that number too, Young says. Crooks can do more damage with your PIN, possibly printing a copy of the card and taking money out of an ATM, he says. During Target’s breach last year, the discount retailer said hackers gained access to customers’ PINs. Home Depot, however, said there was no indication that PINs were compromised in the breach at its stores.

3. BEWARE OF EMAIL SCAMMERS

After big data breaches are exposed, and get a lot of media attention, scammers come out of the woodwork looking to steal personal information. Some emails may mention Home Depot or offer free credit monitoring, but you should never click on the links. Many are for fake sites that try to steal bank information or passwords. “Avoid these entirely,” Young says. If an email looks credible, go to Home Depot’s site directly instead of clicking on links.

4. KEEP UP WITH STATEMENTS

Scan credit card statements every month for any unauthorized charges. And keep an eye out for smaller charges. Thieves will charge smaller amounts to test to see if you notice and then charge a larger amount later, Litan says. They may also steal a small amount from millions of accounts, scoring a big payday, she says.

And check your credit report for any accounts that crooks may have opened in your name. Credit reports are available for free, from each of the three national credit reporting agencies — Equifax, Experian and TransUnion — every 12 months from AnnualCreditReport.com. Home Depot is also offering free credit monitoring and identity protection services to customers. Customers can go to the company’s website for more information or call them at 800-466-3337.

5. GO OLD SCHOOL

Use cash. When possible, the safest bet is to not swipe a card at all. Even if security gets stronger at stores, hackers are likely to figure out a way around it. “It’s always a cat and mouse game,” Young says.

U.S. Department of Veterans Affairs Data Vulnerabilities

By Industry News

NORFOLK — An internal memo prepared by top IT professionals inside the U.S. Department of Veterans Affairs says the agency’s computers that hold private information for hundreds of thousands of military veterans are essentially wide open.

A 13News Now investigation obtained a copy of the memo from the House Committee on Veterans’ Affairs.

The memo was prepared in July after a security assessment had been performed on the agency’s data. It doesn’t mince words when talking about the potential for a breach.

‘It is practically unavoidable that a data breach to financial, medical, and personal Veteran and employee protected information may occur within the next 12 to 18 months, with no way of tracking the source of the breach,’ the memo reads.

Despite the dire warning, veterans were faced with a data breach in January of 2014 when personal information for veterans became accessible to other users on the VA’s e-benefits site.

Cybersecurity expert Jeri Prophet said the VA should have used that memo as a call to act.

‘Something was blaringly, obviously wrong with that data network to say if it is like this, you know, there is a definite vulnerability,’ Prophet said. ‘The fact that no one took time to address it or look at it, I mean, that’s negligent.’

Congressman Jeff Miller (R-FL), chair of the House Committee on Veterans’ Affairs, said he’s been voicing concerns over the lack of data security at the agency for the past year.

‘It’s unacceptable that the VA has been very slow to react,’ Miller said. ‘What little reaction they have had has been minimal at best.

January’s security breach is just the latest in a string of incidents that have put veterans’ private information at risk.

The Navy Times reported in 2010 that roughly 3,800 veterans’ personal information was compromised when an unencrypted laptop with confidential data was stolen.

In a statement to 13News Now on Thursday, the VA said the memo provided by the House Committee on Veterans’ Affairs was focused only on specific risks and not the agency’s entire data network.

‘VA takes seriously its obligation to properly safeguard any personal information within our possession,’ the statement said. ‘VA has in place a strong, multi-layered defense to combat evolving cybersecurity threats.’

‘VA is committed to protecting Veteran information, continuing its efforts to strengthen information security, and putting in place the technology and processes to ensure Veteran data at VA are secure.’

Prophet, who is a Navy veteran herself, said the string of security breaches could have far-reaching ramifications for veterans whose information is stolen. She suggested veterans and their families begin monitoring their credit for any irregularities.

‘As a fellow veteran it’s upsetting because that’s my data,’ Prophet said.

Hiring Veterans Open House

By Industry News

IntellecTechs was featured, during our 6th Anniversary Celebration and Open House event, in WVEC 13News Now’s segment entitled “Governor proposes bill aimed at hiring more veterans”. Watch the video above or get in touch with us for more information.

“Thank You for all the hard work and dedication you continue to demonstrate in order to accomplish great things like we did today. It was perfect. Open House 2015 will be written in the history books.”

Cheers… to an excellent start to 2015!

Jeri Prophet
IntellecTechs, Inc.
Founding President & CEO

Happy Birthday, Jeri!

By Industry News

Jeri,
Hamlet lamented suffering the slings and arrows of outrageous fortune . . .
Okay, look: we’re only quoting Shakespeare to impress you. We don’t know what he means. He wrote in iambic pentameter, not binary. So, scratch that—instead, here’s an archer whose slings and arrows should not only bring an outrageous fortune, but love and health, too:

Happy Valentine’s Day!

Happy birthday, happy Valentine’s Day, and here’s to your continued success.

Love,
The ITS Team

The Regional Tidewater Science and Engineering Fair

By Industry News

Romeo Spino, Director of Strategic Accounts for IntellecTechs, along with the Armed Forces Communications and Electronics Association (AFCEA) of Hampton Roads supported the Regional Tidewater and Science Engineering Fair as Judges for the category of Engineering: Electrical and Bioengineering for both Senior and Junior divisions at Old Dominion University.

The Regional Tidewater Science and Engineering Fair encourages middle school and high school students from The Hampton Roads, Virginia area to become involved in, and excited about learning the processes of research and technical writing skills needed to clearly and effectively communicate the results of their experiments.

By hosting the annual event, it provides students the opportunity to exhibit and discuss their projects with judges and evaluators from academia and industry. In order that students may progress to state and national competitions, the protocols, application process and evaluation criteria conform to the standards of the Virginia State Science and Engineering Fair, as well as the Intel International Science and Engineering Fair (ISEF).

IntellecTechs would like to congratulate presenter Vashaana Sahadeo from The Math and Science Academy at Ocean Lakes High School for her project:
Non-Invasive Glucose Monitor with Interface Technology. She is on her way to Harvard with a full scholarship. We’re so proud of the next generation!

Electrical and Bioengineering Winners for Senior Division

Electrical and Bioengineering Winners for Junior Division

AFCEA Luncheon

By Industry News

The IntellecTechs team made their way to the Armed Forces Communication and Electronic Association Luncheon in where Romeo Spino, Director of Strategic Accounts, spoke to attendees about IntellecTechs’ capabilities and contributions to the Cyber Warfare and Cyber Defense operations supporting the Department of Navy. The Keynote speaker of the luncheon was, Captain Douglas A. Powers, the commanding officer from the Navy Cyber Defense Operations Command.

CAPT Powers, a native of Silver Spring, MD, graduated from Drexel University with a Bachelor’s of Science in Mechanical Engineering, receiving his commission through the Navy Reserve Officers Training Corps of Philadelphia. He also holds a Master’s of Science in Electrical Engineering from the Naval Postgraduate School, a Master’s of Science in Foreign Affairs and National Security Resource Strategy from the Eisenhower School at National Defense University, and a diploma in Modern Standard Arabic Language, Regional and Cultural studies from the Defense Language Institute.

His sea duty assignments included surface warfare direct support duty at Naval Security Group Activity, Pearl Harbor, HI, where he deployed to the Arabian Gulf aboard USS KITTYHAWK (CV 63), USS INGERSOLL (DD-990), and USS LEAHY (CG-16) in support of Operations DESERT STORM (Iraq) and RESTORE HOPE (Somalia), completing multiple Western Pacific and Middle-Eastern deployments. He later qualified as an airborne direct support officer at Naval Security Group Activity, Rota, Spain, where he logged over 1000 flight hours with Fleet Air Reconnaissance Squadron Two (VQ-2) in support of Operations JOINT ENDEAVOR (Bosnia) and SHARP GUARD (Former Yugoslavia). He also served as Officer-in-Charge of Naval Aircrew Detachments in Souda Bay, Crete, Greece and Siganella, Sicily, Italy, and as a submarine direct support officer deploying aboard submarines in support of Commander, Submarine Forces Pacific. As a Lieutenant Commander, he served as the Cryptologic Resource Coordinator to Commander, Carrier Strike Group SEVEN embarked on USS JOHN C. STENNIS (CVN 74) deployed to the Western Pacific assuming the role as Commander, Task Force 70.

His shore duty assignments included leading interactive on-net cyber operations at Naval Information Warfare Activity (NIWA), Suitland, MD for duty within the National Security Agency’s (NSA) Tailored Access Operations (TAO) and as a plank-owner of the Remote Operations Center (ROC). In the Pentagon, he served as the Navy’s Program Manager for all Command, Control, Communications, Computers, Combat Systems and Intelligence (C5I) programs for the Chief of Naval Operations (OPNAV 80). He returned to NSA for his joint duty assignment as the first military Director of Cybersecurity Operations within the NSA’s Threat Operations Center (NTOC) defending the Department of Defense’s information networks worldwide. Most recently, he served as the Senior Detailer for Information Warfare Officer global assignments (PERS 472) at Navy Personnel Command in Millington, TN.

CAPT Powers previously commanded Navy Information Operations Command, Whidbey Island, WA, providing Electronic Warfare (EW) direct support to Operations IRAQI FREEDOM and ENDURING FREEDOM. In August 2013, he assumed command of Navy Cyber Defense Operations Command and Task Force 1020, which has included leading Navy’s cyber warriors to successfully defend Navy’s global networks during Operation ROLLING TIDE, the largest cyber defense operation in Naval history. His military decorations include the Defense Superior Service Medal, Defense Meritorious Service Medal, Meritorious Service Medals, Air Service Medals, Joint Service Commendation Medal, Navy Commendation Medals, Navy Achievements Medals, and several campaign medals and unit awards.

Crypto Locker Virus Infects Thousands of Computers

By Industry News

There is a new threat out on the internet called Crypto Locker. The Crypto Locker virus is considered to be one of the most historically devastating viruses to date and, as such, it holds your computer’s data hostage until you pay a ransom or decide that you can live without it.

Cryptolocker comes in the door through social engineering. Usually the virus payload hides in an attachment to a phishing message, one purporting to be from a business copier that is delivering a scanned image, from a major delivery service offering tracking information, or from a bank letter confirming a wire or money transfer.

This infection CAN COME IN ~70 FILE FORMATS/EXTENSIONS. Mostly, we have seen it in e-mails as .ZIP or .PDF attachments.

DO NOT open any files coming from these sources with attachments.

What does it do?
After opening an infected file, this virus will infect a computer within an hour or so
It then encrypts all of the user data files on the computer (Word, Excel, PowerPoint, etc. documents)
Then, it moves onto encrypting all of the user data files on all shares (Server Data) that are connected to the computer
Finally, the screen turns red and the ransom message (pictured below) pops up informing the user that within 72 hours they have to pay $300 to decrypt the data

Crypto Locker ransom

Once infected, what do I do?
You can restore your data from a known good backup, or
You can get a MoneyPak card, fill it with $300, and pay the ransom (this has worked for some, but not all, users)

How do I prevent it? Can you protect me?
Sophos Antivirus is catching it, but will NOT prevent hostile encryption
Remove access/permissions for installing programs to local computers
Download and install CryptoPrevent (a Crypto Locker prevention kit)

IntellecTechs is currently scanning e-mails and implementing restriction policies for our clients. We are also in the process of deploying CryptoPrevent in hopes of preventing any further infection.

Please educate yourself and do NOT open any attachments from unknown recipients; also, be sure check in with known/trusted recipients to ensure they have intentionally sent you an attachment before opening it (as they may already be infected and spreading the virus unknowingly).

IntellecTechs strongly recommends that you download and install CryptoPrevent (the download link is at the bottom of the page). If you have been infected or are having trouble implementing protection methods for yourself or business, please call us at (757) 962-2487 or e-mail us at support@intellectechs.com.

IntellecTechs Offering Free Training Classes Once Again

By Industry News

After the completion of a year-long expansion project that spanned over 10,000 square feet of newly designed office space, IntellecTechs, an award-winning government and commercial IT firm, announced plans to resume their free business, social media, and technology classes for the public (Eat IT for Breakfast), starting in May, 2015. In previous years, the budding company hosted a multitude of classes, and received a great response from the community at large.

“It’s such a great opportunity to offer people expert direction and instruction that may not have the opportunity to get it elsewhere,” said Jeri Prophet, President/CEO of IntellecTechs.

The kick-off class will take place on May 12th from 8am-9am at the IntellecTechs corporate office, and will cover Smartphone and Mobile Device Security. Refreshments and coffee will be served. For registration information, visit www.www.intellectechs.com or call 757.962.2487