Tag: Security

Categories
Casserly Consulting Blog

Android Ransomware Kits on the Rise

android_phone_ransom_400.jpg

The do-it-yourselfers of the world have enjoyed the autonomy that the Internet brings into their lives. They can now look up how-to guides and YouTube videos on how to do just about anything. However, the Internet has also given hackers and other cybercriminals access to all sorts of technology that makes using malware and other threats easier than ever before–even for inexperienced users.

Malware kits are certainly not a new concept, although you might be surprised to hear that the first kits first emerged as early as the 1990s. The introduction of the Dark Web made the transfer of illegal goods and services easier on a global scale, and developing technologies like cryptocurrency have only contributed to the rise of contraband being spread without consequences. The anonymity provided by virtual private networks is simply the icing on the cake, making it difficult for authorities to investigate the activity.

While most of these kits target the Windows operating system, there is an increasing number of malware kits that target other operating systems. In the past year alone, cybersecurity analysts expect an increase in ransomware kits that target Android smartphones. These types of kits are called “ransomware as a service,” in which just about any user with basic knowledge of how computers work to pull off a legitimate ransomware attack.

The type of malware that’s targeting Android smartphones can potentially cost your business thousands of dollars, and that’s not mentioning the data and reputation lost from the incident. These kits go for about $200 on the black market, making them a very lucrative solution. To make matters worse, there are plenty of reasons why Android devices are ideal targets for these types of attacks. Android is used on the vast majority of smartphones–approximately 86% of smartphones around the world. The fact that a $200 investment can yield untold profits makes it tempting, regardless of how ethical the decision is.

Furthermore, statistics show that many Android users are running outdated versions of the operating system, which means that there are patches and security updates that aren’t being implemented on these devices. This makes it more likely that the ransomware attack will succeed on Android-based devices.

It’s almost guaranteed that your business will eventually have to deal with mobile devices in the workplace, accessing important data and information from your network. The best way to ensure that mobile devices are secure from these types of threats is to implement a mobile device management policy that takes into account security and network access. To learn more about how you can keep your business safe from ransomware, reach out to us at PHONENUMBER.

Categories
Casserly Consulting Blog

Email Attachments are Schrӧdinger’s New Cat

Schrdingers_Cat_Lives_Dies_400.jpg

Have you ever heard of the physicist Erwin Schrӧdinger? He is most well-known for explaining a paradox related to quantum physics which involves a cat. Even though the theory behind Schrӧdinger’s cat is meant to explain something quite different, it can still be applied to a lot of different concepts. In particular, when explaining email security.

The thought experiment works as follows. The Schrӧdinger’s Cat scenario was created to strike down an interpretation of quantum mechanics that states an object can exist in all states but will revert to just one if it’s observed. As for Schrӧdinger’s experiment, a cat was hypothetically shut in a box with a small amount of radioactive material. This material had about a 50% chance of setting off a geiger counter. In this case, a hammer would smash a container filled with poison, killing the cat. If the Copenhagen interpretation is presumed to be correct, the cat would be both alive and dead until you see which one it really is.

At the time, Schrӧdinger’s cat was designed to challenge the Copenhagen interpretation, but a more modern version of this experiment can be seen in a business email solution. The primary topic associated with this line of thought is email attachments.

Spam and phishing emails are some of the more popular ways that cybercriminals use to spread their influence. The idea of how this ties into Schrӧdinger’s hypothetical cat involves approaching each email as both a normal message and a real threat at the same time. The only issue here is that there’s a lot more at risk with your business’s infrastructure than with a hypothetical scenario (no cats were harmed in the creation of this blog). After all, you don’t want to click on an email attachment unless you’re absolutely sure that it’s not going to cause problems for your organization.

Thankfully, there are ways that your business can protect itself from advanced threats that make their home attached to email messages, especially spam and phishing threats. Preventative measures like antivirus and anti-malware tools are great for keeping threats off of your infrastructure, and spam protection can help remove messages from your inbox before they become a cause for concern.

Your inbox needs to be secure, so why not do it the right way? To get started with network security solutions, call COMPANYNAME at PHONENUMBER today.

Categories
Casserly Consulting Blog

How to Spot Three Forms of Phishing Attacks

three_phishing_scams_400.jpg

One of the crazy things about hackers is that they will do whatever it takes to ensure that they steal as much information and sensitive data as possible. One of the more innovative ways that hackers spread threats is through spam. Unwanted messages have grown from simple annoyances, to the spread of unwanted software and malware, all the way to sophisticated attacks on targeted individuals known as phishing attacks. Do you have ways to secure your business?

Phishing attacks come in various shapes and forms. Here are some of the most common ways that hackers will use elaborate phishing attacks to scam your business, including phone calls, normal emails, and social media.

Phishing Calls
If you receive calls from strange numbers that don’t leave messages, there’s a solid chance that you could be the target of a phishing call. These messages are designed to target specific employees within your organization to coax information out of them. They might try to be from IT support to steal a printer model number, or perhaps they are hoping to steal usernames and passwords. Either way, the point stands that your organization contains lots of information that a scammer finds helpful.

It’s incredibly important that you teach your employees to know the difference between a fake phone call and a real one. Put them through the ringer when they call and try to guarantee their authenticity (or lack thereof). You should always cross-check contact information before giving up any information to anyone. When in doubt, simply don’t give away anything important.

Phishing Emails
While a phishing phone call will be pressuring your staff to make an immediate decision, a phishing email will likely give you more time to decide if you want to hand over information or commit to a decision. Tailor-made and customized phishing messages have risen in popularity with the intention of stealing specific information from a specific user. Often times, phishing emails will convince the user to click on a malicious link or download an attachment.

Implementing a spam filter and employee training exercises can go a long way to secure your company from phishing attacks. However, it’s still important to be able to identify the throwaway signs of spam and phishing. You should look for spelling errors or incorrect grammar, falsified information, and just about anything else that doesn’t necessarily belong. Still, phishing messages have become more elaborate than ever before, so make sure to consult security professionals if you truly can’t tell the difference between a real and fake message.

Phishing Accounts
It’s easy to use social media for bad purposes. Hackers can use them to attack their targets through the identity of someone else. A hacker can take on any identity they want, which makes phishing accounts even more difficult to identify–particularly if they have taken the identity of someone you might know. In general, just try to avoid messages that come out of the blue, and use your previous interactions with the sender to see if they are (or aren’t) who they claim to be.

Overall, just ensure that you approach potential phishing incidents with skepticism. It’s the best way to make sure that your business doesn’t fall to spam and phishing attacks. To learn more about how you can secure your company, reach out to us at PHONENUMBER.

Categories
Casserly Consulting Blog

IRS to CPAs – Hackers are Targeting You

income_tax_calculation_400.jpg

The IRS has issued a warning to tax professionals to step up their cyber security to prevent sensitive taxpayer information from being stolen. CPA firms, large and small, are being targeted by hackers and identity thieves, especially during the high traffic tax season.

CPAs collect and store a treasure trove of sensitive information that is deemed valuable to cybercriminals. This includes client contact information, credit card information, and social security numbers. Plus, the bad guys know that even though smaller, local tax professionals might not have as many clients as a nationwide firm, but the chances that their data is easier to get to makes them a viable target.

How easy could it be for someone to steal all of your clients’ sensitive information? Depending on the security you have in place, it could be shockingly simple. All it takes is parking near a CPA firm and finding an exploit to get connected to their Wi-Fi. If proper measures aren’t in place, that is enough to give the criminal carte blanche access to any data that isn’t properly protected. Then they can simply drive up to the next tax professional in town and attempt it again.

If the hacker wants to save on gas, they could also target hundreds of thousands of tax professionals at once with a single mass email. The email could look like a legitimate message from a client or organization, but contain an attachment that installs malware and instantly gives the hacker access to what they want.

The time to protect yourself (and your clients) is now. The IRS is urging tax professionals to encrypt all sensitive data and ensure that their network is equipped with the proper measures to protect data. Educating employees on how to not get baited into fake phishing emails is also critical. COMPANYNAME can audit your network and help you protect the identities of your clients. Don’t wait. Give us a call today at PHONENUMBER to get started.

Categories
Casserly Consulting Blog

Why Your IT Toolkit Should Include a VPN

Your_IT_Toolkit_Should_Include_a_VPN_400.jpg

Have you ever felt like someone was watching you while you’re doing your work from somewhere outside of your business’ infrastructure? If you’re working from a remote location, this situation might not be far from the truth. If you’re not using a private connection, onlookers could see everything that you’re doing or steal data. How can you keep your business secure while working out of the office?

The easiest way to do so is with a virtual private network, or VPN. You might have already heard quite a bit about VPNs thanks to the Federal Communications Commission’s verdict on Net Neutrality. Many users are hoping to take advantage of VPNs to limit the potential issues caused by ISPs selling browsing information to advertising companies, and just in general to protest the ruling. However, VPNs have a very important role in the business world as well, and they are an essential part of securing your organization.

Basically, a VPN works by encrypting your connection to important assets on your company’s network. This data is encrypted while it’s in transit, meaning that even if a hacker could intercept it, they would see nothing but a bunch of jumbled up letters, numbers, and symbols. Encrypted data is often simply useless for hackers as the time needed to crack the code is rarely worth spending. This goes for any data that’s being sent to or sent by your device, meaning that essentially any data that you need to send or receive is protected by military-grade encryption.

Think of it like this; you’re sending a letter to someone, but it’s locked in a box. The box can only be opened by specific users that have the key to it. Therefore, anyone hoping to intercept the box won’t be able to take the contents. Sure, they could steal the box if they want, but without the key, it won’t be of any use.

Overall, a VPN is the best way to keep your business from suffering data leaks or loss altogether. However, you want to ensure that the one you implement is an enterprise-level VPN that is capable of securing all of your business’s devices. If your business is in need of a powerful VPN, COMPANYNAME can help. To learn more, reach out to us at PHONENUMBER.

Categories
Casserly Consulting Blog

Tip of the Week: How to Avoid Spam Emails

Spam_avoid_emails_400.jpg

Would you just give your bank account information to anyone who called you up and asked for it? Probably not. For the same reason, you wouldn’t just download attachments from your email messages without a second thought. This can be a dangerous practice, as some of the most common threats nowadays spread themselves via unwanted email attachments. It’s important that you can identify when it’s the right time to download an attachment, and when it’s best to just leave it be without exposing your business to unnecessary risk.

First, a little information about why you might be forced to make this decision in the first place. Spam messages are often the easiest way to spread the influence of malware and other threats. It’s simply a fact that you can send one message to countless individuals knowing that at least some of them will be fooled into downloading the attachment, and in turn, downloading all of the nasty things found on it.

For example, ransomware makes its home on workstations due to infected attachments. Your company might receive an unsolicited message from a prospective employee, who has attached their resume for review. Before your HR department knows what’s happening, their files are encrypted due to the attachment actually containing malware from a hacker. Surprise–your organization has fallen victim to a targeted phishing attack, with an infected infrastructure being the fallout.

While your spam filter might flag some of these messages as dangerous, it’s unlikely that the most dangerous ones will be caught in its web. Be wary of messages that claim to be receipts, shipping information, resumes/CVs, and other information that might be important for your organization. Hackers understand this and want to take advantage of that knowledge, which could potentially put your company in a tight spot.

Ultimately, the best way to keep your company safe is by taking a two-pronged approach–educating your employees on the importance of email security, and a technology solution designed to eliminate the majority of spam in the first place. The first can be maintained simply by holding awareness training and actively practicing proper email etiquette. Teach your employees that they should never open attachments from anyone they don’t know, and to always investigate the source of the message before declaring that it’s safe enough.

For the second measure, you can rely on COMPANYNAME to help you out. Our technicians can hook you up with an enterprise-level spam blocker to keep the majority of dangerous messages from making their way to your inbox in the first place. It’s a great measure that can minimize your employees’ exposure to risky elements. To learn more, reach out to us at PHONENUMBER.

Categories
Casserly Consulting Blog

Tech Term: Understanding Encryption

term_encryption_400.jpg

With data security becoming paramount for almost everyone, encryption is one of the more important technology terms you will need to know. Since data security has to be a priority–not just for your business–but for you, understanding what encryption is, and how its used can put you in a better position to understand tomorrow’s security solutions. For this week’s tip, we will take you inside cryptography, and more specifically, data and network encryption.

What is Cryptography?
Simply put, cryptography is the art (or science) of writing or solving written or generated codes. Cryptography is the strategy of using a predefined key to convert data into a format that is indecipherable. Since no entity can view the information without the key, the information secured by encryption is able to be stored and transmitted securely. To decode the message, you need a cipher or a key.

A Short History of Cryptography
As long as there has been human communication, there have been secrets. The first known evidence of the use of cryptography was found carved in hieroglyphics on a wall in Egypt, and has subsequently been used throughout human history to send and receive secret messages.

Centuries later, Julius Caesar was known to use a form of substitution cipher that shifts each letter three spots in the alphabet to encode a message. In fact, there are some that still call this type of cipher a Caesar cipher. The Caesar cipher looks like this:

ib cipher 1

It’s clear that this type of cipher is dependent on the secrecy around the system, not a dedicated key to unlock the cipher. Once the system is known, these basic codes become known almost immediately. In fact, most substitution ciphers can be broken with a simple pad and paper.

This changed in the 16th century when Giovan Battista Bellaso came up with an improvement by using a series of interwoven ciphers. The process was misattributed to Blaise de Vigenère, and has since been referred to as the Vigenère cipher.

Despite all the coded messages sent and received over the centuries, cryptography as we know it has only come into fashion over the past century as technological advancements have facilitated more sophisticated methods of encryption. In the early 20th century, Edward Hebern, while sitting in jail for stealing a horse, came up with a method of encryption using an old typewriter fashioned with a rotor. The purpose was to turn what to the user was a simple Caesar cipher into a Vigenère cipher with the use of Hebern’s two-way rotor machine. A user would push a key and the rotor would provide the corresponding substitution key to decrypt the message. b2ap3_thumbnail_ib_cipher_2.png

If this machine started modern encryption, Enigma changed it forever. Shortly after Hebern’s invention, German engineer Arthur Scherbius innovatively built what was essentially a Hebern device with multiple rotors and called it Enigma. For a decade German naval superiority over mainland Europe had as much to do with their ability to send and receive coded messages as it did to their manufacturing might.

Modern Encryption
When we speak of encryption today, we are just talking about the same type of thing that Hebern and Scherbius were doing: cloaking data to provide privacy or security to the parties involved in the correspondence. Today, data is worth more than ever; as a result businesses are spending more on their encryption solutions.

All businesses collect a fair amount of personally identifiable information (PII). This information includes names, birth dates, Social Security numbers, and financial and medical information. The liability companies have today is immense, as they can (and often are) sued if a customer, employee, or vendor’s PII is stolen and leaked or shared.

The modern business uses several types of encryption. Individual file encryption encrypts specific data; volume encryption secures a container where files and folders can be stored; and, full-disk encryption secures all the information on a computer or server. To ensure that the data is protected from theft, encrypting all the information deemed sensitive should be a priority.

In order for your business’ encryption initiatives to be successful, there are some best practices that users need to know. One is password security. Often the key to your encrypted information is a simple password. In order to mitigate risk and keep encryption working for you, there are some password management tips you should adhere to. Following these will keep your encrypted data, and your business safe. They include:

  • Use passwords with eight characters or more.
  • Use different passwords for different files, computers, and systems.
  • Change your passwords frequently.
  • Utilize upper and lowercase letters, numbers, and symbols in your passwords.
  • Don’t use common words or phrases.
  • Don’t use words spelled backwards, common misspellings, or abbreviations.

More Encryption
Other than your standard protection against the loss of data, there are security solutions that allow you to encrypt communications you have with your customers, staff, and vendors. Email encryption has become an essential business tool. Many of today’s enterprise email solutions come with options to encrypt your messages, keeping communications secure.

Another way encryption is leveraged by the modern business is with the use of a virtual private network (VPN). The VPN offers users who are outside of a network to get an encrypted and secure pathway to share and receive files from a centralized server. Remote file exchange is important for many businesses, and the use of VPNs can go a long way toward quelling the risks inherent in this process.

Types of Encryption Finally, understanding what types of encryption there are can help you understand what position your organization is in, in regards to file, server, and communication security. The types of encryption used today include:

  • Triple DES – Designed as a replacement to the single Data Encryption Standard (DES) that doesn’t hold up against the tools modern hackers have. Triple DES uses three individual keys with 56 bits each, which in total adds up to 168 bits, however experts place it closer to 112 bits of key strength.
  • RSA – RSA is a public-key encryption algorithm and is currently the standard for secure transmission of data over the Internet. Since it uses two keys, a public key to encrypt it and a secure private key to decrypt it, it makes it very difficult for hackers to decipher.
  • Blowfish – Designed to replace DES, Blowfish is a symmetric cipher that splits messages into blocks of 64 bits and encrypts them individually. As a result, it is extraordinarily secure and often used in e-commerce platforms and password managers.
  • Twofish – The developer of Blowfish has released Twofish as a faster option that makes it a perfect encryption tool for hardware and software systems.
  • AES – Available in 128-bit, 192-bit, and 256-bit options, the Advanced Encryption Standard is basically uncrackable. Used by governments and other organizations that deal in extraordinarily sensitive information, AES has begun to become the standard in encryption due to its impenetrable record.

Data security is more important today than ever. At COMPANYNAME, our knowledgeable technicians can help your organization come up with data and network security plan that is sure to keep your data safe, and keep your business running efficiently. To learn more, don’t hesitate to call us today at PHONENUMBER.

Categories
Casserly Consulting Blog

Cisco Bug Ranks as One of the Worst

cisco_bug_400.jpg

A new exploit is making the rounds in the security environment, and this time, it affects virtual private networks. According to Cisco, the flaw affects its Adaptive Security Appliance (ASA) tool, and it should be patched as quickly as possible. If you don’t do so, your organization could be subject to remote code exploitation as a result of this vulnerability.

Cisco has showcased that the VPN bug can essentially allow hackers to infiltrate their security devices using the ASA operating system. The vulnerability is found in the Secure Sockets Layer (SSL) and can, according to Cisco, “allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code.” What does this mean in plain English? In theory, an attacker could take complete and total control over a system (a considerable threat for any organization, especially considering the ramifications from a physical security standpoint). This vulnerability is so dangerous that it has earned a 10-out-of-10 on the Common Vulnerability Score System, taking its place among the upper echelon of major vulnerabilities.

While the vulnerability is only allowed if WebVPN is enabled, it’s still a major threat that you don’t want to overlook. According to ZDNet , here are some of the devices that are affected by this vulnerability:

  • 3000 Series Industrial Security Appliance (ISA)
  • ASA 5500 Series Adaptive Security Appliances
  • ASA 5500-X Series Next-Generation Firewalls
  • ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers
  • ASA 1000V Cloud Firewall
  • Adaptive Security Virtual Appliance (ASAv)
  • Firepower 2100 Series Security Appliance
  • Firepower 4110 Security Appliance
  • Firepower 9300 ASA Security Module
  • Firepower Threat Defense Software (FTD).

At its time of discovery, the bug was not being exploited in the wild, but Cisco has been made aware of attempts to leverage of the vulnerability. Since the announcement, the vulnerability has been spotted in the wild, and the initial patch that Cisco implemented to combat this vulnerability proved to insufficient, as there were additional features and attack vectors that were not identified until later.

Cisco has released an updated patch for this vulnerability, so you need to implement it if you don’t want to take a needless risk, and endanger your network and data. It’s a good rule of thumb to never let known vulnerabilities linger too long, as you could be placing your business in harm’s way.

It’s incredibly important that your business be mindful of not just these vulnerabilities, but all vulnerabilities found in critical business software and hardware. This Cisco bug isn’t the first software vulnerability to be found, and it certainly won’t be the last. Hackers are always working to undermine the efforts of developers who are trying to keep their software as secure as possible. It’s up to you to ensure your organization isn’t exposing itself to threats by neglecting patches and security updates.

COMPANYNAME can help your organization ensure that patches and updates are applied as needed. We can do this remotely in most cases, without the need for an on-site visit. It’s a great way to get more value out of your business’ technology without sacrificing security. To learn more about how you can make technology work for you, reach out to us at PHONENUMBER.

Categories
Casserly Consulting Blog

Preventing Issues is Easier with Remote Monitoring and Management

RMM_automated_400.jpg

Do you know who manages and maintains your business’ technology? In most cases, it will be either a small in-house IT department or technical individual, but often times small businesses simply don’t have the assets to throw around on this. More importantly, they often ignore technology maintenance, either because they can’t afford it, or there’s nobody to do the work.

This shortcoming brought about a shift in the way small businesses approach technology management. An internal IT department is certainly one way to resolve this issue, but not all companies can afford to hire dedicated personnel for this purpose. The natural course of action became to outsource the responsibility to a third party, but the way that it’s outsourced can have a considerable impact on how much value is received from the relationship.

For example, if you only respond to issues but do nothing to prevent them in the long run, you will end up spending too much on repetitive repair costs. Conversely, if you take an active role in the prevention of IT issues, you save money by minimizing the damage done by potentially catastrophic problems. Ultimately, your organization stands much to gain from keeping small issues from evolving into major problems, and the best way to do so is by implementing an automated remote monitoring and management solution from COMPANYNAME.

Remote monitoring and management, or RMM for short, is a tool that allows managed service providers like COMPANYNAME to take care of your technology solutions without being in your office. For example, we can monitor your business’ network for any security discrepancies or weaknesses in your infrastructure. We can remotely deploy patches and security updates to ensure that your systems are protected.

Considering how this type of solution requires very little hands-on work from your in-house team, it almost counts as an automated solution all its own. We can resolve the majority of issues with your infrastructure without an on-site visit, which lets your business save a considerable amount of capital without paying for traveling costs or other expenditures. It also makes for a much more convenient way of getting the management and maintenance that your network needs, as you won’t have to wait–we’ll administer service according to your service level agreement, and we can do it without taking up any of your staff’s time with an in-house visit.

Granted, some problems will need an on-site visit, but we generally try to keep those to a minimum. We’re all about making sure that your company has the most convenient experience possible with COMPANYNAME’s services. To learn more, or ask us about our remote maintenance and management solution, reach out to us at PHONENUMBER.

Categories
Casserly Consulting Blog

Tip of the Week: The Internet of Things Poses Threats to Your Organization’s Network

internet_of_things_all_connected_400.jpg

The Internet of Things has become one of the central parts of connectivity in a tech-centric world. Despite the incredible convenience that these devices offer to users, they come with considerable security risks that absolutely need to be kept in mind. We’re going to discuss some of the ways you can keep the IoT from being a security hazard while optimizing how much you get out of it.

Does the Device Need Connectivity?
The first question you should ask about your IoT device is if it actually needs to be connected or not. The reason for this is simple; the more connected devices on your company’s network, the more risk will be involved with your network. Certain IoT devices could be leveraged by hackers and other dangerous entities to spy on you, steal your data, or track your current location. If the device is worth the risk, you could potentially take advantage of great services that you might otherwise not get. If it’s not worth it, though, perhaps you’re better off not using the device. If the device is that of an employee, you should ask them to leave it disconnected during the day.

Have You Optimized Security?
In any environment where you’re using an IoT device, you need to make sure that security is at the top of its game. Ensure that all of your firmware is updated, as well as any security patches to fix any major vulnerabilities that might be present on your network have been applied. To make things easier, this process can largely be automated. You should also consider investigating your router to make sure that it’s updated properly as well.

It is also worth mentioning that your router may support guest networking, which means that you can use this capability to protect your business network from the risks of the IoT. By relegating IoT devices to the guest network, you can protect the business side of things from potential issues.

Passwords are a great way to make sure that security is at its maximum. You should never reuse passwords for devices or accounts. If these guidelines are followed, you’ll have easier time keeping your accounts from being compromised.

Make Sure Your Devices Are Maintained and Monitored
Your business should have practices put into place that promote transparency with the ongoing use of Internet of Things devices. For example, you should be monitoring user permissions.

Most of your IoT device issues can be resolved just by asking yourself one simple question: Do you even need the devices in the office? If not, they shouldn’t be there.

If your business needs help with managing devices in the workplace, reach out to COMPANYNAME at PHONENUMBER.