Hawes Technologies specializes in security and compliance Network Audits for City and County governments. Our Network Audits are designed to uncover all existing and potential threats to your Network’s Security.
No Network is ever 100% secure, yet regular, annual Network Audits that assess and evaluate everything that goes on in your Network, can greatly reduce the threats to your system.
Hawes Technologies also helps government entities create and implement policies in line with HIIPA, PCI.
Network demands change as organizations evolve, grow and shrink. System mergers take place, and equipment & devices pass from one operational team to another, exposing Networks to many vulnerabilities.
Unsecured Network Assets
Unchecked and improperly secured hardware devices and software can be added to a company's network by anyone within the organization, often without the Network Administration's awareness.
Bring Your Own Device (BYOD)
BYOD use has increased exponentially, with over 80% of organizations now allowing employees to use personal devices to connect to corporate networks. While this provides a cost saving advantage to the employer, and a convenience for the employee, it also exposes your organization's network to major security issues.
Spear Phishing Attacks (SPAs)
SPAs are designed to infiltrate a Network and access sensitive data. Appearing to come from a trusted source, SPAs are delivered through emails that contain a link. Clicking this link usually results in the download of malware, spyware and/or Trojan Horses.
Removable media, such as MP3 players and USB devices can bring harmful malware into your Network System, as well as steal sensitive data out of it.
Network Upgrade & Refresh
If Networks are not updated and refreshed on a regular basis (preferably yearly), security can become compromised - Before upgrading, you will want to perform a Network Audit to access what is going on in your system. For instance:
Network Penetration Testing
Tests & verifies the security of your company's IT systems, networks, perimeter security controls and web applications, and recommends safeguards to strengthen your level of protection.
Network Security Maintainance
Hawes Technologies offers proactive and scheduled maintainance for your server, storage and backup systems.
Identifies potential vulnerabilities within the physical network, connected servers and network devices, including:
The recent “WannaCry” ransomware attack , that affected businesses and large institutions, including FedEx and Britian’s National Health Service, as well as many victims across Asia, is a timely reminder of why regular Network Audits are so critical.
Ransomware is a malware that takes control of systems. It prevents the user/business from accessing their data unless they pay a “ransom”.
Regular Network Audits can greatly ameliorate the devastation of insidious malware attacks like “WannaCry” by ensuring vulnerabilities within your Network are identified and addressed.
US Department of Justice Ransomware Statistics
In 2016, the US Department of Justice reported that ransomware is the fastest growing malware threat. Government statistics state that more than 4,000 ransomware attacks have occurred daily since January 1, 2016 - A 300% increase over the approximately 1,000 attacks per day seen in 2015.
Ransomeware - Threats to a City's Water Supply
Georgia Institute of Technology (GIT) researchers created a proof-of-concept ransomware that, within a simulated environment, was able to gain control of a water treatment plant and threaten to shut off the entire water supply or poison the city's water by increasing the amount of chlorine in it.
Dubbed LogicLocker, the ransomware, presented at the 2017 RSA Conference in San Francisco, allowed researchers to alter Programmable Logic Controllers (PLCs) - the tiny computers that control critical Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) infrastructure, like a power plant's or water treatment facilities.
This in turn, gave them the ability to shut valves, control the amount of chlorine in the water, and display false readouts.
Initially, ransomware targeted regular internet users; however, most recently, the threat has begun to target enterprises, educational facilities, hospitals, hotels and other businesses.
ref: Out of Control: Ransomware for Industrial Control Systems