Previous All Posts Next

Network Security Gaps That Become Major Breaches

Posted: April 10, 2017 to Cybersecurity.

Tags: Ransomware, Data Breach, Malware

We often talk about hackers who breach networks and completely shut them down or steal personal information, but if every hack was that damaging most people would have sworn off technology by now. Even though every week we hear about another company that’s had a breach that will cost them millions, there are thousands of smaller hacks all over the world that don’t grab headlines because they either go unnoticed or don’t grab anyone’s attention. So why should you know about them? Because most people believe that unless ransomware has shut down their network or their identity is stolen hacking doesn’t affect them. The truth is that those harmful hacks like ransomware and identity theft begin with small breaches due to simple laziness. Take Instagram phishing apps for example. Just last week 13 fraudulent apps were discovered and removed from all Android platforms. The apps promised to increase the number of followers and likes for people who downloaded them. Once the apps were downloaded though, the user was asked to enter their Instagram credentials. Ironically, once the credentials were entered the hackers behind the app actually used the breached accounts to increase followers and likes for other accounts. The creators were so successful at baiting users and disguising the apps that they were downloaded over 1.5 million times. Just this week, Google announced that they’d discovered and destroyed an Android malware family Chamois. Chamois’ purpose was to be downloaded as a app and then display fraudulent pop-up ads. It was particularly nasty because not only would the apps it affected not show up in the list of active apps on the device, so it couldn’t be easily deleted, but Chamois actually downloaded other apps and plugins like it to increase the number of adds the user would see. While the numbers on how many devices Chamois infected and how much it earned its creators is unknown, a similar form of malware called Hummingbad infected 10 million devices and earned $300,000 a month through fraudulent advertising. The thing that frustrates companies like Google and Apple is that they’ve created software that can scan their app stores and flag fraudulent apps, but people still go to third party stores that cannot be verified to find and download apps, and while the consequences don’t sound as dramatic as the hacks you hear about in the news they can be just as damaging. Malware like Chamois and the Instagram phishing apps are cracks in your security that will eventually lead to a catastrophic failure. For example, say you accidently gave your Instagram credentials out. In the short run, the only problems you might see are annoying ads and random accounts but unless you take the time to create strong passwords the hackers could use your Instagram password to guess the passwords to more important online services like email or online banking. Don’t believe it? Just think of how much personal information you’ve put online through social media and online messaging services. Plus, when your device is flooded with fraudulent ads all it takes is one careless click and your device could be infected with something much worse. Small cracks like Instagram fishing and Chamois are what allow hackers to get a foothold and work their way to your most sensitive information, so please, don’t think that just because there aren’t consequences today for downloading a questionable app or clicking a bad link you won’t pay for your mistakes big time down the road. People often think that they’ll never be targeted by hackers because they’re just an average person among billions, but these small mistakes are exactly how hackers find you. Don’t make yourself a target, find and follow sound cybersecurity practices today.

Protect Your Business Today

Petronella Technology Group has provided cybersecurity, compliance, and managed IT services from Raleigh, NC for over 23 years. Contact us today for a free consultation and technology assessment.

Need help implementing these strategies? Our cybersecurity experts can assess your environment and build a tailored plan.
Get Free Assessment
Explore Our Services
Cybersecurity AI Services Compliance HIPAA CMMC Managed IT

Related Articles

NIST CSF 2.0: What Changed, Why It Matters, and How to Update Your Cybersecurity Program [Video + Guide] NIST CSF 2.0: What Changed, Why It Matters, and How to Update Your Cybersecurity Program [Video + Guide] Incident Response Planning: Build a Cyber Incident Response Plan That Actually Works in 2026 [Video + Guide] Incident Response Planning: Build a Cyber Incident Response Plan That Actually Works in 2026 [Video + Guide] Email Security for Business: Stop Phishing, BEC, and Email-Based Attacks Before They Cost You Millions [Video + Guide] Email Security for Business: Stop Phishing, BEC, and Email-Based Attacks Before They Cost You Millions [Video + Guide] Network Segmentation Guide: How to Contain Breaches and Protect Critical Systems with Proper Network Design [Video + Guide] Network Segmentation Guide: How to Contain Breaches and Protect Critical Systems with Proper Network Design [Video + Guide]

About the Author

Craig Petronella, CEO and Founder of Petronella Technology Group
CEO, Founder & AI Architect, Petronella Technology Group

Craig Petronella founded Petronella Technology Group in 2002 and has spent more than 30 years working at the intersection of cybersecurity, AI, compliance, and digital forensics. He holds the CMMC Registered Practitioner credential (RP-1372) issued by the Cyber AB, is an NC Licensed Digital Forensics Examiner (License #604180-DFE), and completed MIT Professional Education programs in AI, Blockchain, and Cybersecurity. Craig also holds CompTIA Security+, CCNA, and Hyperledger certifications.

He is an Amazon #1 Best-Selling Author of 15+ books on cybersecurity and compliance, host of the Encrypted Ambition podcast (95+ episodes on Apple Podcasts, Spotify, and Amazon), and a cybersecurity keynote speaker with 200+ engagements at conferences, law firms, and corporate boardrooms. Craig serves as Contributing Editor for Cybersecurity at NC Triangle Attorney at Law Magazine and is a guest lecturer at NCCU School of Law. He has served as a digital forensics expert witness in federal and state court cases involving cybercrime, cryptocurrency fraud, SIM-swap attacks, and data breaches.

Under his leadership, Petronella Technology Group has served 2,500+ clients, maintained a zero-breach record among compliant clients, earned a BBB A+ rating every year since 2003, and been featured as a cybersecurity authority on CBS, ABC, NBC, FOX, and WRAL. The company leverages SOC 2 Type II certified platforms and specializes in AI implementation, managed cybersecurity, CMMC/HIPAA/SOC 2 compliance, and digital forensics for businesses across the United States.

CMMC-RP NC Licensed DFE MIT Certified CompTIA Security+ Expert Witness 15+ Books
Related Service
Protect Your Business with Our Cybersecurity Services

Our proprietary 39-layer ZeroHack cybersecurity stack defends your organization 24/7.

Explore Cybersecurity Services
Previous All Posts Next
Free cybersecurity consultation available Schedule Now