Menu

Category Archives:
Cybersecurity Archives - International Consultants & Investigations (ICI)

Home / blogs-old / Cybersecurity

International Consultants and Investigations Inc – Corporate Due Diligence

New York, NY, April 6, 2025: Earl R. Johnson, PhD, CII and President/CEO of International Consultants and Investigations, Inc. (ICI) has announced that ICI has been chosen by a Canadian based law firm to provide corporate due diligence on a company based in Saudi Arabia.

International Consultants and Investigations, Inc. (ICI) has been providing consulting and investigative services worldwide for over 30 years. A certified member of the Council of International Investigators and the World Association of Professional Investigators, ICI is licensed in New York, Florida and Nevada with offices world wide. For further information or inquiries email Earl R. Johnson  [email protected] or phone (212) 582-3115.

ICI To Take Counterfeiting Investigation to Next Stage

New York, NY, April 6, 2025: Earl R. Johnson, PhD, CII and President/CEO of International Consultants and Investigations, Inc. (ICI) has announced that a Middle Eastern based corporation has requested that ICI continue to assist in an ongoing investigation into a counterfeiting operation. During the initial stages of this investigation ICI was able to develop information of relevance allowing the investigation to proceed to its next stage.

International Consultants and Investigations, Inc. (ICI) has been providing consulting and investigative services worldwide for over 30 years. A certified member of the Council of International Investigators and the World Association of Professional Investigators, ICI is licensed in New York, Florida and Nevada with offices world wide. For further information or inquiries email Earl R. Johnson  [email protected] or phone (212) 582-3115.

ICI Announces It Is Now An Approved Vendor for Greenberg Traurig, LLP

ICI Announces It Is Now An Approved Vendor for Greenberg Traurig, LLP

New York, New York, May 27, 2024:

International Consultants and Investigations, Inc. (ICI) announced it has been selected as an approved vendor by the law Firm of Greenberg Traurig LLP.

Earl R. Johnson, PhD, CII, and President/CEO of International Consultants and Investigations, Inc. (ICI) has announced that ICI has been approved as a vendor and service provider by the law firm of Greenberg Traurig LLP (GT). Greenberg Traurig is located in 47 locations and 14 countries employing over 2,700 attorneys. ICI is proud to become a trusted vendor of this prestigious Firm.

International Consultants and Investigations, Inc. has been providing consulting and investigative services worldwide for over thirty years. A certified member of the Council of International Investigators and the World Association of Professional Investigators, ICI is licensed in New York, Florida and Nevada with offices worldwide. For further information or inquiries email Earl R. Johnson, [email protected], or by phone: (212) 582-3115.

The Convergence of Physical Security and Cyber Security

The Convergence of Physical Security and Cyber Security

In an increasingly interconnected world, the lines between physical security and cybersecurity are becoming increasingly blurred. The convergence of these two domains is not just a trend but a necessity, as modern threats often encompass both physical and digital elements. This comprehensive approach ensures a holistic defense strategy that can effectively mitigate risks in today’s complex threat landscape.

The Convergence of Physical and Cyber Threats

Historically, physical security focused on protecting tangible assets like buildings, equipment, and personnel. This included measures such as locks, surveillance cameras, and security guards. Cybersecurity, on the other hand, aimed at safeguarding information and systems from digital threats like hacking, malware, and data breaches.

However, the advent of the Internet of Things (IoT), smart devices, and advanced networking technologies has intertwined these two realms. Physical devices are now often connected to networks, making them susceptible to cyber attacks. Conversely, cyber attacks can have physical consequences, such as shutting down critical infrastructure or manipulating security systems.

Key Integration Areas

  1. Access Control Systems Modern access control systems integrate both physical and cybersecurity measures. For instance, biometric scanners and smart cards not only control physical access to buildings but also interact with digital databases to verify identities. A breach in the digital component can compromise physical security, allowing unauthorized access.
  2. Surveillance Systems Surveillance cameras and sensors are now often IP-based, meaning they are connected to the internet and can be accessed remotely. While this enhances monitoring capabilities, it also introduces vulnerabilities. Hackers can potentially gain control of these systems, disable them, or manipulate the footage, which compromises both physical and cybersecurity.
  3. Industrial Control Systems (ICS) Industrial facilities, such as power plants and manufacturing units, use ICS to manage their operations. These systems are increasingly networked for efficiency but are also becoming targets for cyber attacks. A successful breach can lead to physical damage, such as sabotaging machinery or causing explosions.

Integrated Security Strategies

To address these interconnected threats, organizations need to adopt integrated security strategies that encompass both physical and cybersecurity elements. Here are some essential steps:

  1. Unified Risk Assessment Conduct comprehensive risk assessments that consider both physical and digital threats. This holistic approach ensures that all potential vulnerabilities are identified and addressed.
  2. Cross-Disciplinary Teams Establish teams that include both physical security and IT professionals. Collaboration between these experts ensures that security measures are robust and comprehensive, covering all potential attack vectors.
  3. Advanced Monitoring Solutions Deploy advanced monitoring solutions that can detect and respond to both physical and cyber threats in real-time. For example, integrating video surveillance with cybersecurity incident detection systems can provide a more complete picture of security incidents.
  4. Training and Awareness Train employees on the importance of both physical and cybersecurity. Awareness programs should highlight how actions in one domain can impact the other, fostering a culture of security consciousness throughout the organization.
  5. Incident Response Planning Develop and regularly update incident response plans that address both physical and cyber incidents. These plans should include protocols for communication, coordination, and recovery to minimize the impact of any breach.

The Role of Emerging Technologies

Emerging technologies like artificial intelligence (AI), machine learning (ML), and blockchain are playing a significant role in enhancing the integration of physical and cybersecurity. AI and ML can analyze vast amounts of data to identify patterns and predict potential threats, allowing for proactive security measures. Blockchain technology, with its decentralized and immutable nature, can secure transactions and communications between physical and digital systems, reducing the risk of tampering and fraud.

Summary

In conclusion, the intersection of physical and cybersecurity is a critical area that organizations must address to protect their assets and operations effectively. By adopting integrated security strategies, leveraging emerging technologies, and fostering a culture of security awareness, organizations can build resilient defenses against the multifaceted threats of the modern world. As technology continues to evolve, so too must our approaches to security, ensuring that we stay one step ahead of potential adversaries.

Understanding W-2 Phishing and Its Impact During Tax Season

Understanding W-2 Phishing and Its Impact During Tax Season

As W-2’s are due to employees by the end of January, businesses face not only the annual task of filing tax statements for employees but also an increasing threat from cybercriminals targeting sensitive employee information through W-2 phishing scams. Understanding the risks and implementing preventive measures is crucial to safeguarding your business, ensuring the protection of the personal information of your employees, and protecting employees from potential financial and reputational damage.

What is W-2 Phishing?

W-2 phishing is a type of cyber attack where scammers impersonate company executives or human resources personnel to trick employees into providing copies of W-2 forms or other sensitive personal information. These forms contain valuable data such as Social Security numbers, earnings, and tax withholdings, which are essential for filing tax returns.

How Does W-2 Phishing Work?

  1. Email Spoofing: Cybercriminals send emails that appear to come from company executives or HR departments. These emails typically request that employees provide W-2 forms or other sensitive information urgently. The emails also can target HR departments from other departments, such as finance, to gather the information of multiple employees at once.
  2. Social Engineering: The emails often use urgency or authority to manipulate employees into complying with the request. They may also contain links to fake websites where employees are prompted to enter their login credentials or sensitive information.
  3. Data Theft: Once scammers obtain W-2 forms or personal information, they can use it for various fraudulent activities, including filing false tax returns, identity theft, or selling the data on the DarkWeb.

Impact on Business

W-2 phishing can have serious consequences for businesses such as:

  • Financial Loss: Businesses may incur financial losses due to fraudulent tax filings or legal expenses resulting from identity theft claims.
  • Reputational Damage: A data breach can damage trust and reputation with employees, customers, and stakeholders.
  • Regulatory Penalties: Businesses may face penalties and legal consequences for failing to protect employee information adequately.

Preventive Measures

Protecting your business against W-2 phishing requires a proactive approach:

  1. Employee Training: Educate all employees about phishing scams, emphasizing the importance of verifying email requests for sensitive information before responding. Also make sure that your Finance and HR departments are fully aware of the threat of W-2 phishing during tax season. An annual reminder does not hurt.
  2. Verification Procedures: Establish clear procedures for verifying requests for sensitive information, such as W-2 forms, particularly when received via email or phone.
  3. Multi-Factor Authentication (MFA): Require MFA for accessing systems that contain sensitive employee information to prevent unauthorized access.
  4. Vendor Due Diligence: Verify the security measures of third-party vendors who have access to employee data, such as payroll service providers.

Conclusion

As tax season approaches, businesses must remain vigilant against W-2 phishing scams. By educating employees, enhancing email security measures, and implementing robust verification procedures, you can significantly reduce the risk of falling victim to these cyber threats. Protecting sensitive employee information not only safeguards your business from financial losses and legal liabilities but also preserves trust and credibility with your workforce. Stay informed, stay proactive, and prioritize cybersecurity to defend against W-2 phishing and other evolving cyber threats. Your diligence today can prevent potential disruptions and protect your business’s future.

TEGO CYBER SECURITY – ICI’s exciting new client

ICI’s exciting new client, Tego Cyber has requested the we enlighten our associates and clients to this powerful new cyber security solution. As a rule, we do not disclose client names but, in this case, we feel compelled to release this information.

TEGO Cyber’s mission is to deliver an intelligent, state-of-the-art threat intelligence platform with a proprietary process of collecting and enriching threat data to help enterprises identify threats within their environments.

TEGO Cyber threat intelligence application helps enterprises meet the challenges of today’s connected business world. This is an advanced threat intelligence platform utilizing proprietary software solutions for the enterprise space; the founding team is highly experienced and recognized within the cyber security field. The TEGO threat intelligence [platform (TTIP) integrates with top end security platforms to gather, analyze and proactively identify threats to an enterprise network. As a result:

A proprietary process is used to compile, analyze and then deliver data to an enterprise network in a foprmat that is timely, informative and relevant. This data is provided in context and included specific details for the enterprise to identify and counteract threats.

 

Stay tuned for more on Tego Cyber!

Airport and Hotel Wi-Fi Hacks

Connecting to public Wi-Fi gives savvy hackers easy access to your personnel information.  Too avoid these scams use your smart phone to connect to the internet more securely.  You might also invest in a virtual private network (VPN), a service that encrypts your data to keep unscrupulous hackers from stealing sensitive information online.  A VPN costs about $30 to $100 a year.

AARP Bulletin June 2021

Earl Johnson, CEO of ICI, reacts to CIA Director’s Comment

Recently the CIA Director addressed a Congressional committee on Capitol Hill. His report provided the Agency’s assessment of cyber threats and recent attacks on the United States. A key point addressed was Cyber security and the serious threats that  ISIS and other enemies of the US pose.

Business leaders, as well as the public, need to fully understand the potential problems we face as a nation due to cyber threat. Becoming educated regarding this issue and available solutions is paramount.  Earl Johnson, the CEO of International Consultants and Investigations, Inc., agrees with what was discussed at the Committee. He was quoted saying that key points were mentioned and that all businesses have to take the threats of Cyber Crime seriously. Preventative Cyber Security measures are available and need to be implemented.

For further information as to how ICI Cyber Solutions can fully prepare and protect you or your business against Cyber attacks contact: www.icicompanies.com

ATM Users – Beware!

ATM Users – Beware!

ATM users be advised, this counterfeit $20.00 bill, seen below, is one of 100 inserted into an ATM machine in one stack; this is what placed it out of order.  The perpetrators planned to recover an advance fee from the bank of $200.00 utilizing a bank account opened with a stolen identity. This is just one scam involving the ATM machines of major financial institutions as well as the smaller regional banks.

CONCERNS:

First main concern:  bad guys will intentionally place a machine out of order utilizing a jamming device to set up an armed robbery while a technician is repairing the system.  The bank customer may also be forced at gunpoint to withdraw money by an armed robber who will remove the “jam”.  This, unfortunately is more common than most expect, especially at night in remote locations.  Remember,   each ATM machine contains substantial amounts money and is, therefor, a popular target for thieves.

Second main concern: there are mutable capabilities provided bad guys via high tech to obtain your personal data including your account information even as you use the machine.  Avoid using machines not owned by financial institutions such as those found in bodegas, convenience stores, etc.

In the past, a criminal could steal the whole ATM machine.   Mega structures containing these machines have made it very difficult if not impossible to succeed at that.  More reason, therefor, for you to be concerned that you are the “soft” target.

You must be always alert, avoid late night visits to ATM’s in areas of large shopping malls; especially stand alone island machines.  Make sure you observe the surrounding area looking for individuals standing around, often under the influence of alcohol or drugs.  At drive-up machines, as you approach the kiosk, be aware of occupied cars in an overlook position within the area of the ATM.

While utilizing an ATM system: 1) maintain due diligence, make sure you’re not being watched and/or someones has not sidled up to you, 2) If you drove up to a system, once again keep your eyes open for approaching individuals during or persons loitering in a automobile or being a column, 3) avoid machines not operated by financial institutions and 4) If possible avoid late night visits to utilize the ATM system.

Emerging Cyber Security Threats, 2021 and Beyond – Part 3

Internet of Things – The internet of things is exploding. Everything around us is becoming “intelligent” and connected. From the refrigerator that tells us when we need to buy more food, to the connected thermostats and light bulbs in our homes, everything is getting a chip inside. This means that hackers have new ways to get into our homes. There have been many reports of a hacker taking control of a baby monitor and was talking to the child through the internet. Home camera systems allow for hackers to watch our every move. They know when we are home, and when we are not.

One of the major areas of concern for IoT security is with medical devices. There have been numerous recent cases of vulnerabilities with connected medical devices that lacked security to keep hackers from making changes to medication dosages.

With the internet of things, we must begin to have a standard of security before allowing these technologies in our home. We are constantly researching new “IoT” items and looking for the vulnerabilities. We work with manufacturers to plug these security holes.

Mobile vulnerabilities – There are now malware and ransomware specifically designed for mobile devices that can lock your device or steal data from it. Hackers are using smart phone vulnerabilities to track people with GPS. We have found many cases where people were surveilled by criminals after having their phone infected. Hackers are also using ransomware to lock your smartphone and ask for money to unlock it. In some cases, this malware allows the criminals to steal valuable banking data from your device which can give them access to your bank account.

With many businesses having Bring Your Own Device (BYOD) policies, enterprises must be aware of the risks of mobile devices being active on business networks. With the lines between business and personal usage of mobile devices being blurred, there is an increase for the business that allows personal devices to be used for business purposes.

Careers in cyber security – There is a tremendous shortage of qualified candidates with cyber security skills. There is an estimated 1 million unfilled cyber security jobs across the globe. By 2025, it is expected that there will be over 1.5 million vacancies unfilled.

In the US, not a single one of the top 10 computer science universities require a cyber-security course in order to graduate. Higher education needs to begin to start cyber security education programs in order to give the workforce of the future the skills they need to succeed.

As the world becomes more connected and reliant on technology, the need for cyber security will only grow. Now is the time to start getting involved, start educating, and start securing the future.