TitanHQ News

Security Awareness Training Added to TitanHQ Portfolio with Cyber Risk Aware Acquisition

TitanHQ, the leading cybersecurity SaaS business, has announced its acquisition of Cyber Risk Aware. Established in 2016, Cyber Risk Aware is a global leader in security awareness and mitigation of human cyber risk, assisting companies to help their staff protect the company network.

Cyber Risk Aware delivers real-time cyber security awareness training to staff in response to actual staff network behavior. This intuitive and real-time security awareness training reduces the likelihood users will be impacted by the latest threats such as ransomware, BEC attacks, and data breaches, whilst also enabling organizations to meet compliance obligations.  Leading global businesses that trust Cyber Risk Aware include Standard Charter, Glen Dimplex, and Invesco.

The acquisition will further bolster TitanHQ’s already extensive security offering. The combination of intelligent security awareness training with phishing simulation and TitanHQ’s advanced email protection, DNS security, email encryption, and email archiving solutions create a powerful, multi-layered cybersecurity platform that secures end users from compromise. This is the go-to cybersecurity platform for IT Managed Service Providers and internal IT teams.

“This is a fantastic addition to the TitanHQ team and solution portfolio. It allows us to add a human protection layer to our MSP Security platform, with a fantastic feature-rich solution as demonstrated by the high-caliber customers using it. Stephen and his team have built a great company over the years, and we are delighted to have them join the exciting TitanHQ journey.” said TitanHQ CEO Ronan Kavanagh.

Stephen Burke, CEO of Cyber Risk Aware, commented: “I am incredibly proud that Cyber Risk Aware has been acquired by TitanHQ, cybersecurity business that I have greatly admired for a long time. Today’s announcement is fantastic news for both our clients and partners. We will jointly bring together a platform of innovative security solutions that address the #1 threat vector used by bad actors that cause 99% of security breaches, “End User Compromise”. When I first started Cyber Risk Aware, my aim was to be the global security awareness leader in delivering the right message, to the right user at the right time. Now as part of TitanHQ, I am more excited than ever about the unique value proposition we bring to market”.

The solution is available to both new and existing customers and MSP partners at TitanHQ.com and is now branded as SafeTitan, Security Awareness Training. Cyber Risk Aware existing clients are unaffected and will benefit from improvements in the platform in terms of phishing sims content and an exciting, innovative product roadmap.

For more information on TitanHQ’s new Security Awareness Solution, visit https://www.arctitan.com/safetitan/

Spam Emails Spreading Squirrelwaffle Malware Loader

 

Squirrelwaffle, a new strain of malware that is being distributed using spam email messages, has been discovered in the last six weeks.

The disabling of the Emotet botnet last January 2021 created a vacuum within the malware-as-a-service market, a gap that a number of malware strains have attempted to take advantage of. Squirrelwaffle boasts similar capabilities to the Emotoet banking malware. Squirrelwaffle allows threat actors to gain a foothold in networks, which the operators of the malware can abuse. However, the access is being sold to other cybercriminals.

A review of this campaign has indicated that it is being leveraged to download Qakbot and Cobalt Strike. However, there is nothing to suggest that these are the only two malware strains that are being delivered by this malware. The Squirrelwaffle emails feature a hyperlink to a malicious website which is used to download a .zip file that includes either a .doc or .xls file. The Office files contain a malicious script that will install the Squirrelwaffle payload.

The Word documents implement the DocuSign signing service to trick recipients into enabling macros, stating that the document was set up with an older version of Microsoft Office Word so the user must “enable editing” then click “enable content” to access the contents of the file. Doing so will run code that will install and execute a Visual Basic script, which downloads the Squirrelwaffle payload from one of 5 hardcoded URLs. Squirrelwaffle is sent as a DLL which is then executed when downloaded and then silently places Qakbot or Cobalt Strike on the device/network, which will allow constant access to compromised devices.

As happened with the Emotet Trojan, Squirrelwaffle can take over message threads and insert malware. As replies to authentic messages are sent from a legitimate email account, a reply to the message is more likely. This attack method was very successful for the Emotet Trojan. In most cases, the attacks take place in English; however, security experts have discovered emails in different languages such as French, German, Dutch, and Polish.

Due to the similarities with Emotet, it is likely that those responsible for the deactivated botnet are trying to make a comeback. However, it is possible that this is an attempt by unrelated threat actors to fill the market vacuum that was created when Emotet was taken down. At present, the malware is not being distributed to the same extent that Emotet was but that may change in the near future. 

The best way to protect devices and servers from an attack like this is to configure email security measures to block the malspam at source and see to it that the malicious messages do not land in inboxes. It is important to implement a spam filtering solution that also scans outbound emails to identify compromised devices and stop attacks on other employees and business contacts from corporate email accounts.

Lots of Awards for TitanHQ at Expert Insights Annual Awards

TitanHQ’s products have ranked No1 in their respective categories by Expert Insights for the Fall 2021 Best-of Cybersecurity Awards.

This means that TitanHQ has now completed a clean sweep and headed the list for Best Email Security Gateway, Best Web Security Solution, and Best Email Archiving Solution for Business for two years running. Additionally the Best Email Security Solution for Office 365 category was won by SpamTitan.

Ronan Kavanagh, TitanHQ CEO commented on the achievement saying: “TitanHQ are proud to have received continued recognition for all three of our advanced cybersecurity solutions. As the threat landscape continues to be a significant risk to organizations across the globe, we are dedicated to continuous innovation to provide consistent, secure, and reliable protection to our customers”. The annual awards aim to award the best cybersecurity and their solutions, with the winners chosen after taking into account industry recognition, customer feedback, and research conducted by its editorial team and independent technical specialists.

Expert Insights is a recognized online cybersecurity publication and industry analyst that has technical and editorial teams in both the United States and United Kingdom. The publication covers cybersecurity and cloud-based technologies, and its website is used by more than 80,000 business owners, IT admins, and others each month to research B2B solutions. Expert Insights produces editorial buyers’ guides, blog posts, conducts interviews, and publishes industry analyses and technical product reviews from industry experts.

SpamTitan Email Security and WebTitan Web Security were both recognized for their powerful threat protection, and along with ArcTitan Email Archiving, were praised for ease-of-use, cost-effectiveness, and industry-leading technical and customer support.

The high standard of threat protection, simplicity-of-use, and competitive pricing of the solutions are just some of the factors that make TitanHQ the leading provider of cloud-based security products solutions for managed service providers currently on the SMB market. These factors have resulted in the TitanHQ product range being marked as the gold standard for SMBs looking to enhance security and make compliance easier.

Email Retention Legislation in the U.S.

Email retention legislation in the U.S. requires companies to maintain copies of emails for many years. There are federal laws that apply to all companies, data retention laws for specific industries, and a swathe of email retention laws in the United States at the individual state level. Ensuring compliance with all the proper email retention laws in the United States is vital. Noncompliance can prove incredibly expensive and multi-million-dollar fines await any company found to have breached federal, industry, or state regulations.

Certain types of data must be retained by U.S companies in case the information is required by the courts, and that includes email. eDiscovery requests often require massive volumes of data to be provided for use in lawsuits and the failure to provide the data can land a company in serious trouble. Not only are heavy fines issued if data cannot be produced in eDiscovery, companies  can face criminal proceedings if certain data has been erased.

For decades, U.S companies have been required to store documents by law. Document retention laws are included in numerous legislative acts such as the Civil Rights Act of 1964, the Executive Order 11246 of 1965, the Freedom of Information Act of 1967, the Occupational Safety and Health Act of 1970, and the Reform and Control Act of 1986, and data retention laws in the United States were updated a dozen years ago to expand the definition of documents to include electronic communications such as emails and email attachments.

To enhance awareness of the many different email retention laws in the United States, a summary has been included below. Please remember that this is for information purposes only and does not constitute legal advice. For legal counsel on data retention laws in the United States, we recommend you get in touch with your legal representatives and industry and federal electronic data and email retention legislation in the United States are periodically updated.

As you can see from the list below, there are several federal and industry-specific email retention legislative acts in the United States. These laws apply to emails that are sent and received, and include internal as well as external emails.

Reduce storage space, eliminate mailbox quotas and improve email server performance. Book a FREE demo of ArcTitan.
Book Free Demo

Federal Email Retention Legislation in the U.S.

Email retention legislation Who it is applicable to How long emails must be kept
IRS Regulations All companies 7 Years
Freedom of Information Act (FOIA) Federal, state, and local agencies 3 Years
Sarbanes Oxley Act (SOX) All public companies 7 Years
Department of Defense (DOD) Regulations DOD contractors 3 Years
Federal Communications Commission (FCC) Regulations Telecommunications companies 2 Years
Federal Deposit Insurance Corporation (FDIC) Regulations Banks 5 Years
Food and Drug Administration (FDA) Regulations Pharmaceutical firms, food manufacturers, food storage and distribution firms, manufacturers of biological products Minimum of 5 years rising to 35 years
Gramm-Leach-Bliley Act Banks and Financial Institutions 7 Years
Health Insurance Portability and Accountability Act (HIPAA) Healthcare groups (Healthcare providers, health insurers, healthcare clearinghouses and business associates of covered bodies) 7 Years
Payment Card Industry Data Security Standard (PCI DSS) Credit card businesses and credit card processing groups 1 Year
Securities and Exchange Commission (SEC) Regulations Investment banks, investment advisors, brokers, dealers, insurance agents & securities companies Minimum of 7 years up to a lifetime

Email retention legislation in the United States at the state level has not been included in this article. You should seek legal advice about any state-level laws. You should must also consider legislation in other countries where you do business. If you deal with individuals in Europe, or they can access your website, you will need to comply with the General Data Protection Regulation (GDPR) email requirements.

Storing emails for a few years is not likely to take up masses of storage for a small company with a few of members of staff; however, the more employees a company has, the greater the need for extensive resources just to store emails. The average size of a business email may only be 10KB, but multiply that by 123 – the average number of emails sent and received each day by an average company employee (Radicati email statistics report 2015-2019), by 365 days each year, and by the number of years that those emails need to be maintained, and the storage requirements become massive.

If any emails ever need to be obtained, it is vital that an email archive or backup can be searched. In the case of standard backups, that is likely to be an incredibly long process. Backups were not created to be searched and finding the right backup alone can be almost impossible, let alone finding all emails sent to, or received from, a specific company or person. Backups have their uses, but they are not suitable for companies for email retention purposes.

For that, an email archive is necessary. Email archives contain structured email data that can easily be reviewed and searched. If ever an eDiscovery request is received, finding all email correspondence is a quick and simple task. Since many email archives are cloud based, they also do not require large and expensive op-premises storage resources. Emails are stored in the cloud, with the space provided by the service supplier.

ArcTitan is a cost-effective, quick and easy-to-manage email archiving solution supplied by TitanHQ that meets the needs of all businesses and enables them to adhere with all email retention laws in the United States.

ArcTitan includes a variety of security protections to ensure stored data is kept 100% secure and confidential, with email data encrypted in transit and storage, replicated and backed up to ensure constant availability. As opposed to many email archiving solutions, ArcTitan is fast. The solution can process 200 emails per second from your email server and archived emails can be retrieved instantly though a a browser or Outlook plugin. Emails can be archived from any location, whether in the office or on the go via a laptop or tablet. There are no restrictions on storage space or the number of users and the solution can be scaled up to meet the needs of companies of all sizes.

To find out more about ArcTitan, get in touch with the TitanHQ team today.

Frequently Asked Questions (FAQs)

How does email archiving work?

Email archiving involves sending an exact copy of a message outside the email system for long term storage. The messages are usually deduplicated and compressed to save on storage space and are indexed prior to archiving to ensure the archive can be rapidly searched. Email archiving solutions typically have end-to-end encryption to ensure messages cannot be intercepted and the emails are maintained in a tamper-proof repository and can be quickly retrieved on demand.

Is email archiving necessary?

Emails must be retained for compliance and need to be produced quickly for audits and e-discovery. Email recovery is far faster with an email archive. Most businesses have important data stored in email accounts that is stored nowhere else. That data is at risk if it is not sent to an archive. In the event of a ransomware attack that also encrypts backups, email data could be lost forever or cost millions to recover. The regulatory fines for loss of email data can be astronomical. Data loss is not possible with an email archive.

Is email archiving expensive?

Email archiving in the cloud is a low-cost solution that allows businesses to retain a tamper-proof copy of all messages to meet compliance requirements and for disaster recovery. An email archive saves on mail server storage space, which will increase performance. When you factor in productivity improvements and the reduced time producing emails to resolve customer complaints, for audits, and E-discovery requests, an email archive is money well spent.

Is email archiving the same as backing up email?

Email archiving and backing up email are not the same. Backups are intended for short term email storage for disaster recovery purposes. Entire mailboxes can quickly be restored from a backup if a mailbox is corrupted, deleted, or encrypted with ransomware. An email archive is a long-term email storage solution. In contrast to a backup, an archive can be rapidly searched allowing individual emails to be quickly found and recovered.

How much space can be saved with an email archive?

The amount of space saved by implementing an email archiving solution will vary from business to business, but typically businesses can reduce storage space by up to 80% by implementing an email archive and further, if emails ever need to be recovered, the archive can be rapidly searched, and emails retrieved in seconds.

Reduce storage space, eliminate mailbox quotas and improve email server performance. Book a FREE demo of ArcTitan.
Book Free Demo

Tackling Phishing Scams in 2021

 

There was a huge surge in phishing campaigns conducted during 2021, most companies are now very familiar with them and the danger(s) that they pose. Due to this is it now more important than ever to be aware how to tackle this type of attack head on.

This type of attack typically begins with an email being sent to your inbox which appears 100% authentic and includes a request for you to complete an action urgently.  While you probably think that you would be adept at spotting a ploy such as this, every day three billion spoofing emails are transmitted so there is every chance that if you are not tricked, someone in your organization make take the bait and click a link that will lead to a lot of pain for your group.

To assist you in your fight against spamming, we have put together a number of measures you can introduce at your organization.

Investigate How the Sender is Aware of You

All a phisher will do is sometimes launch a campaign where millions of spoof emails are broadcast pretending to be genuine well-known and reputable companies. They know that companies that operate on a global basis will have millions of customers so there is an excellent chance that the message will reach the inboxes of some actual clients. Always treat the message with suspicion even if it is from a company that you have an existing business relationship with.

Check for Spyware

It is important to check for spyware if you are finding yourself in receipt of a large number of spoof emails that appear to be sent from companies whose web portals you use a lot. If this is the case it is likely that one of your devices has been infiltrated with spyware which is recording your web traffic. This can be managed with a strong endpoint security application or spyware cleaner to make your device safe again.

Review the Email Address that is Contacting You

Even if a phishing email includes everything to make the message appear authentic such as a company logo/image and corporate header, you should pay very close attention to the sending email. Phishing emails are normally uncovered by the sending name and sending email address being completely different from each other. 

Check for Standard Phishing Email Claims

These include: 

  • Someone contacts you to confirm some personal information in relation to an account you hold.
  • You are made aware of suspicious activity on an account that you hold and asked to complete an action like visiting a link to change your password.
  • You are informed that you are entitled to claim a tax refund or government subsidy
  • An email from “IT Department” or “Help Desk”  asking you to complete an action.

Tackling Phishing Emails

Using a strong security solution like SpamTitan will prevent phishing, ransomware, and malware variants attacks while also safeguarding all financial accounts using multi-factor authentication.  

Having this in place will prevent your details from ever being exposed. It is important for companies to recognise the danger posed by cyberattacks and take steps, like configuring SpamTitan, in order to address it. 

Contact TitanHQ as soon as you can in order to find out more about how SpamTitan Email Security helps you tackle phishing attacks.

 

Supply Chain Targeted by Hackers

Supply Chain Targeted by Hackers

As cybercriminals look for more new targets that might bear them some profit it appears that they have now shifted some focus towards infiltrating supply chains.

These attacks occur when hacking groups manage to infiltrate servers and components that companies will likely buy from third party suppliers. IT departments would presume that new equipment has not been infiltrated and happily install it onto their networks. This type of attack is now increasing, particularly evident within state-sponsored campaigns that may make it easier for cybercriminals to gain access during the production process. 

Igt will come as no surprise that, due to lower costs, the majority of technology components are manufactured in China. These components are then ordered by the manufacturer and they are instructed how to add them to their own equipment. The manufacturing/purchaser configures these components to build their systems locally before sending them on to the final destination. This means that all #malicious components inserted into hardware design will, more than likely, not be detected.

There is a small chance that some groups will carry out penetration tests on new equipment installed into their infrastructure. However, the vast majority of IT professionals will take it for granted that a brand new system will not feature weak points once it is set up and all software remains updated. Sadly there is a possibility that an opening could have been created for cybercriminals to target, allowing private data to be accessed. 

Occasionally, new equipment will transmit a signal to alert cybercriminals that malicious components are now operational. Once this is sent it is possible that a hacker could access data, review the network, remove data to a third-party server, download passwords, or configure more malware on other equipment. In more complex attacks, the malicious equipment could allow a state-sponsored threat actor remote management of the local system.

Anything configured on your network should be dealt with carefully until it’s validated and tested. Most system managers conduct tests on new hardware to see to it that there are no bugs or defects so that performance is at an optimal level. It is now just as important to review this hardware for any possible security issues.

Penetration testing should be completed in order to guarantee that there is no chance of malicious activity taking place after the system becomes operational. Any company installing hardware from third parties can mitigate risk by mapping the supply chain carefully. System penetration testing should also be completed to uncover unusual traffic patterns and activity on the local network. Backdoors might be present in order to transmit data back to the cybercriminals. 

As the targeting of supply chains becomes more prevalent companies will have to increase their testing efforts to ensure the new hardware is safe before it is made operational within a system. TitanHQ can safeguard supply chains from cybercriminal-led.

Contact the TitanHQ team now to discover more about the cybersecurity solutions like email filtering that can be added to your company’s security suite.