Tag: Security

Categories
Casserly Consulting Blog

11 Ways to Enhance Android Security

security_android_400.jpg

It should come as no surprise that hackers are always trying to get ahead of security developers, just as it should be no surprise that these hackers often target the Android operating system. After all, the Android OS is used on mobile devices all over the world. If your business leverages these devices, there are quite a few security considerations you need to keep in mind.

Remember Security Basics
There are multiple ways to help your mobile security that take relatively little effort on your part. If you aren’t already in the habit, get used to locking your device whenever it isn’t in use. To unlock your device, you should require a PIN at the very least, and leverage biometric authentication whenever possible. This will help to keep your phone secured if it should be lost or stolen in public.

Use Google Play to Keep Your Devices Organized
Whenever you download an application from the Google Play Store, you are given the option to install the app on any device associated with your Google account. This list is also used to locate a misplaced device. You can help to make this easier by renaming your devices to differentiate between them more easily. Should you need to remove a device from your list, all you have to do is uncheck the box labelled Show in Menus.

Make Sure Your Trusted Devices are Updated
Every device you access your Google account with is automatically added to a list of trusted devices. You should make sure that this list only has devices on it that you know and trust. If there is a device that is unfamiliar on this list, you should remove it and change your password immediately. To check which devices have access to your Google account, visit https://myaccount.google.com/device-activity.

Finding a Lost Device
In the event that your device is misplaced, Google has a solution that you can leverage to find it more easily by taking a few proactive measures. First, open up your Android device’s Settings and find the Google option. From there, select Security and activate the Find My Device setting. While in settings, you should also confirm that your Location settings are activated so that Find My Device will work properly. You can even use the web version of Find My Device to make your lost device ring and help to find it.

Leverage Google’s Security Check
If you ever suspect that your Google account is vulnerable to access by unauthorized parties, the web giant provides a security checker that evaluates your preparations. This tool can be found here: https://myaccount.google.com/security-checkup.

Review the Passwords Saved to Smart Lock
One of Google’s features is a handy one, but could foreseeably create some difficulties in the future. Smart Lock will save the credentials you use to access different accounts with the device. However, you should periodically check and be sure that the passwords are properly updated to avoid issues when you try to access your saved accounts.

Connect with Caution
While it can be handy to connect an app to your Google account, this isn’t a permission you should grant willy-nilly. Some apps will only be needed once or twice, and others will become a tool you regularly use. If you no longer have use for an app, it is best that you remove it from your account. After all, the more connections your account has, the more vulnerable it is to attack. You can edit your account permissions by visiting https://myaccount.google.com/permissions.

Be Discerning When Downloading Apps
Even the Google Play Store can have a threatening application available, despite the best efforts to screen out such apps. As a result, you should be sure to only download applications from the Play Store, and even then, consider each app and its permissions before adding it to your device.

Leverage Android’s App-Scanning Capabilities
Android has a security scanning feature built in, eliminating the need to download a third-party app to accomplish the same thing. In Settings, access Security & Location. Under Google Play Protect, make sure that Scan device for security threats is selected. Your device will now periodically run automatic scans in the background for threats, only notifying you if an issue is discovered.

Reinforcing with Third-Party Apps
Despite the incorporation of Android’s security scanning capabilities, it may not hurt to add additional protections. A trusted IT provider will be able to recommend solutions that you can rely on to protect your devices.

Incorporating 2FA
2FA, or Two-Factor Authentication, is another excellent way to keep others from accessing your accounts. With a solution like Google Authenticator or many others, a single-use code will be generated that is a necessary credential along with your username and password. You’ll want to lean on your IT provider to ensure you have a trustworthy 2FA solution that meets a business’ needs.

If you want to learn more about mobile security, or any other IT topic, lean on the resources at COMPANYNAME. We’re available at PHONENUMBER.

Categories
Casserly Consulting Blog

Would Your Users be Tricked by Social Engineering?

social_engineer_earth_400.jpg

The term social engineering may not seem nearly as intimidating as other cybersecurity terms like ransomware or denial of service. Don’t be deceived! Some of the biggest threats to your company’s data and network security use social engineering to manipulate targets into taking a specific action – like disclosing personal information that can be stolen and exploited.

Often overlooked by the media in favor of major data breach events, there are few types of social engineering hacks that have the capability to devastate a business.

  1. Vishing: Given the fact that the number of people who fall for phishing attacks and other email scams has declined significantly, it was only a matter of time before hackers found an alternative avenue to exploit their targets. After abandoning it a few years ago in favor to digital scams, vishing – a fraudulent voice call that seeks personal information – have once again returned as a favorite among hackers and thieves.
  2. HTTPS: SSL certificates used to ensure that a website was legitimate and secure enough to protect your personal information. Websites that have ‘https’ no longer signifies security, as hackers have begun using websites that give away SSL certificates for free and using them to lull victims into a false sense of security. To make sure a website is secure, you’ll want to look for indication of an extended validation SSL (EV-SSL) which are not offered for free! EV-SSLs are signified with a green bar.
  3. Website Copy-Cats: Scammers have become very skilled at making spoof websites that look and feel just like the authentic website but are actually littered with all typesof malware. For example, after the Equifax data loss event in June 2017, Equifax set up a website to help their clients who had their information compromised with the URL: equifaxsecurity2017.com. A spoof of that website, with the domain securityequifax2017.com, was so convincing – it even tricked Equifax themselves! A few things to keep an eye out for when trying to determine if a website is legitimate, include:
    1. Make sure the URL is correct.
    2. Avoid giving out information unless a site has an EV-SSL.
    3. Look for seals of trust from other IT security websites.
    4. Beware of misspellings, typos and broken English.
  4. Every Word Password Theft: There are a lot of hacking tools that will scan through databases – including every word in the dictionary. These tools significantly increase the likelihood that a password that includes an actual word will be cracked and exploited. The best practices are ones that mix numbers, letters and symbols that make no sense.

When it comes to digital threats, for every exploit or hack that is prevented, a few, more advanced ones are developed. The best way to keep your business, and it’s data, safe is to take proactive measures and execute safe internet practices all times – and that goes for your employees, as well! Would you like to learn more about how you can stay ahead of hackers? Call us at COMPANYNAME.

Categories
Casserly Consulting Blog

Google Is Increasing Security For High-Risk Users

explosion_computer_400.jpg

Wouldn’t it be great if you could take advantage of a built-in security feature that could lock down your Google services in the event of a potential data breach? Thanks to attacks on high-profile users, Google is now offering this service to those who are at considerable risk of having their accounts hacked. This type of advanced service, called the Advanced Protection Program, is only available to a select few, but it promises to assist in the challenge of protecting sensitive information.

Specifically, the Advanced Protection Program will be designed to help those who are most likely to experience troublesome hacking attacks, including those who work as election and campaign officials, those who are victims of domestic violence, and others who find themselves to be at risk. The service is marketed as greater security, while trading off some of the convenience that might be found with the base-level Google services.

Among the affected Google services are Gmail, Google Drive, and YouTube. Once someone has been onboarded into the Advanced Protection Program, their accounts will automatically be updated with all of the latest and greatest security solutions available for Google’s services. The implementation of this service is in light of the various high-profile hacking attacks associated with various officials during the 2016 United States presidential election. Google was forced to endure plenty of backlash in the aftermath of the John Podesta controversy in which his Gmail account was hacked via a phishing attempt. This new initiative by Google is an attempt to ensure that they don’t have to deal with this backlash again.

The tactic used by Google’s Advanced Protection Program is a security key. While a USB key is generally considered a better two-factor authentication practice, Google is also equipping users with a Bluetooth key verification process that can be used on both a smartphone or a laptop.

At the moment, Google’s Advanced Protection Program blocks access to information on your Google account by any third-party source–that is, any program that’s not developed by Google itself. Furthermore, it implements a slower account recovery process that’s more difficult for a hacker to replicate. While it takes away from some of the ease of recovery that Google users know and love, it makes for a more secure experience overall.

Would you take advantage of this new service from Google if need be? Let us know in the comments section below.

Categories
Casserly Consulting Blog

Swipe With Care: Your ATM Might Be Controlled By A Hacker

debit_card_lock400.jpg

One of the most enticing credentials that hackers desire is your credit card number, along with its expiration date and the code on the back. Hackers are also willing to go great lengths to achieve their goal of stealing these credentials, even so far as to make physical changes to automatic teller machines (ATMs) to do so. In fact, hackers will often install skimming devices on ATMs that are so subtle that they can be difficult to detect.

Take, for example, this news article from July 2017 that showcases a rather specific case of ATM skimming. The device in question simply slips over the ATM card reader in a discreet way to give the user the impression that they are using a legitimate machine. Any unsuspecting user could accidentally throw their credentials right to a hacker.

Furthermore, there have been cases of hackers implementing custom hardware into ATMs designed to harvest credentials. These devices are often installed onto ATMs so that they can wirelessly transmit credentials, to perpetrators lurking nearby. Either way, the result is the same; stolen credentials and upset victims.

Imagine waking up, checking your bank account, and noticing that you’re missing the entirety of your checking account balance. Or, even worse, finding out that your account has sunk into the red because someone in a foreign country has purchased your information and used it for their own purposes. How can you keep this from happening to you? The easiest way is to be wary of ATM skimmers in the first place. You should keep the following in mind when using an ATM.

  • Cameras surrounding the machine: If you are in an area where there are plenty of cameras, there will be less of a chance that the ATM will have been tampered with. In fact, most ATMs actually have built-in cameras, but it helps to have some extra caution to take a look around whenever you want to use one.
  • Tampering with the device: Examine the device before you use it. Are there any issues with the way it looks? Are any faceplates removed or devices plugged into it? If there are, you know that it’s not a machine that you can trust.
  • Additional “testing”: Before you insert your card into the device, try jostling the slot to see if it’s something that was artificially placed over the actual reader. Carefully inspect the machine before you insert your card. Spending a few moments to check the device before using it can save you a whole lot of pain in the long run.

What are your thoughts on ATM skimmers? Are you confident that you can identify one that has been tampered with? Leave your thoughts in the comments.

Categories
Casserly Consulting Blog

TheDarkOverlord Solutions Is at It Again! This Time the Hacker Group Is Targeting Schools

ransomware_school400.jpg

While many youngsters enjoy it when their school shuts down, this was likely not the case in Flathead Valley, Montana, where the cybercriminal group ‘TheDarkOverlord Solutions’ targeted the entire Columbia Falls school district. This attack caused the three-day closure and otherwise disrupted over 30 schools, and the personal information of teachers, students, and school administrators was supposedly to be released if the group didn’t receive a ransom payment.

Furthermore, and more alarmingly, parents received reportedly graphic death threats against their children from the group. These threats alluded to an infamous, and still painfully recent, school shooting. This is the first time that TheDarkOverlord Solutions have gone to these lengths as far as is known.

The district server for Columbia Falls was ultimately targeted; records detailing the addresses, medical history, behavioral history, and other pieces of information valuable to cybercriminals were accessed that detailed the personal data of current and former students, their parents, and the school’s staff members. As a result, the 30 schools closed (as referenced above) and weekend events and activities were cancelled. With a heightened security presence, students returned to classes on Tuesday, September 19th.

TheDarkOverlord is no stranger to the news, or to targeting vulnerable individuals. In July of 2017, there was an online sale for a tantalizing data set that would allow cybercriminals to leverage information harvested from healthcare providers, just weeks after putting almost nine and a half million records for sale. These records came from a clinic, a healthcare provider, and a health insurance provider.

Somewhat less threateningly, the same group also took credit for releasing the fifth season of the Netflix hit series Orange is the New Black before its official release date, despite receiving about $50,000 worth of cryptocurrency in ransom from an audio post-production studio.

This piece of history shows why the Columbia Falls school district is right in their decision to not pay the ransom, as it in no way guarantees that the cybercriminal (or group) responsible will hold up their end of the bargain. Even if they do, it only proves that the victims are willing to pay, designating themselves as the perfect target for repeated attacks.

The key to your safety is to ensure your data is secure against the entire spectrum of threats. COMPANYNAME can help you to do so. Call us at PHONENUMBER to get started.

Categories
Casserly Consulting Blog

Artificial Intelligence Can Be Useful To Hackers, Too

ai_head_circut400.jpg

Man matching wits with computer isn’t new territory. In 1830, a locomotive raced a horse to see which was superior in terms of speed and distance. 1956 saw the first time a human played chess against a computer. Today, the time has come when an artificial intelligence has begun to break into a new territory that was dominated by humans for thousands of years: crime.

At a recent technology expo, a human hacker and a sophisticated computer that is capable of machine learning each attempted to spear-phish as many victims as possible through Twitter. For two hours, both entities refined their message in an effort to be more effective against the target. At approximately 1.075 tweets per minute, the human was able to make 129 tweets, 49 of which were successful. The computer was able to make 810 tweets in two hours, which is about 6.75 tweets per minute. In that time, 275 victims were converted.

Even though humans had a higher attempt-to-victim percentage, the machine was able to get 5 times as many victims in the same amount of time.

In a Cylance poll held during ConFab, attendees were asked if criminal hackers will use AI for offensive purposes in the coming year, to which 62 percent answered in the affirmative. Even though no one could cite any specific incidents, the overwhelming consensus among experts is that hackers have already begun using AI. Like all high-tech crimes, AI is a global issue that changes fast and often, making it extremely difficult for law enforcement to find and prosecute perpetrators. Even when they’re able to identify offenders, they often run into issues where the laws and statutes are well behind the technology in question.

Another reason that identifying and combatting AI is so difficult is because there are constant debates among experts around the globe on what exactly constitutes as AI. Think about it like this: millions of people consult virtual assistants, like Siri and Alexa, every day. However, if you ask the majority of them if they were using artificial intelligence, they’d say ‘No.’ In reality, they are both examples of AI being put to use to enhance the lives of its users.

There are a lot of potential uses for AI by cyber criminals. For example, hackers could use machine learning capabilities to write programs that personalize emails with malware attachments. As that technology is developed, there will likely be a time when distinguishing actual email and phishing attacks is nearly impossible. Another probable use of machine learning and AI for hacking is drastically reducing the time and resources it takes to find and exploit vulnerabilities in software though automation.

For a small business, AI might not be not something that you need to concern yourself with – and perhaps it isn’t, at the moment. However, AI is already being incorporated into many aspects of business with great success and many experts feel it will be very important in the near future. What do you think? Would you be willing to give AI a try? Let us know in the comments!

Categories
Casserly Consulting Blog

Tip of the Week: The Holidays Can Be A Time Of Work And Play, Even While Traveling

travel_computer400.jpg

The holidays are approaching, whether we are ready for them or not. With the holidays comes time off, which means that it’s awfully easy to fall behind post-vacation. Another concern is the amount of identity theft and credit card fraud that comes about during this time of year. We’ll discuss some of the many ways that your organization can take advantage of technology this holiday season without putting yourself in harm’s way.

Know Your Wi-Fi Options
You can’t be productive without an Internet connection. This includes either mobile data or Wi-Fi. Chances are you’d rather look for an open wireless network than waste your mobile data, but unsecured networks can put your data at risk. One option you have is to check the reviews on sites like Yelp! and Trip Advisor to see what other guests have to say about Wi-Fi connections. Ideally, you want a VPN to secure your data while it’s in transit.

Bring Along Extra Accessories
You never know when that extra LAN cable or micro-USB cord will come in handy. Furthermore, if you’ve ever done any traveling, you’ll know that buying new equipment from an airport can be more expensive than you’d like.

Carry On Your Devices
If you need to travel for business, be sure to put your devices into your carry-on baggage at any airport. The last thing you need is for a screen to get cracked while your luggage is rolling around the cargo area of a plane. Furthermore, you don’t want your luggage to be either lost or stolen while in-flight. It’s just safer for you to keep anything important in your carry-on luggage.

Be Wary of Free Wi-Fi
You should keep your device from automatically connecting to any open wireless connection that it latches onto. The reasoning for this is that hackers will literally lurk on them, waiting to steal any data that presents itself to them. This can put both your own data and that of customers at risk–all because you checked your email.

Turn Off Your Autofill and Password Management
A password manager keeps you from entering in the same information over and over, but it should be disabled while you’re traveling. What if someone steals your device? They would have access to anything that was auto-filled on it. It’s like leaving the keys to your car in the front seat without locking the door. It’s not impossible to go a few days without auto-populating passwords, and it sure beats the fallout of losing a device.

Use External Drives and USB to Back Up Data
What if you are working on a project while out of the office on vacation, and you misplace your device or it’s damaged beyond repair? All of that progress would be gone. Now, imagine that you have that data backed up to an external hard drive. Now you don’t have to worry about losing data or progress while working out of the office.

There are just a few practices that can keep your organization from succumbing to the dangers of traveling and working at the same time. If you have any questions, thoughts, or concerns about using technology while out of the office, reach out to us at PHONENUMBER.

Categories
Casserly Consulting Blog

Your Guide To Mobile Device Management as an SMB

mobile_device_management_400.jpg

The use of mobile and personal devices for work purposes can be beneficial to your business operations. When handled, and supported properly, they have been shown to improve communication methods and increase productivity. However, the popularity of mobile computing, as well as the Internet of Things’ rapid expansion, means it’s more important than ever to make sure that you don’t allow dangerous devices to access your network. To keep your network safe, there are a few Mobile Device Management best practices that you should begin enforcing.

Define Acceptable Devices and Limitations: To prevent the abuse of your network, it’s a good idea to define which type of devices are allowed. Even though there have been some improvements in IoT security, many devices still have no defense and put your network at risk when connected. A good way to protect your data and network is to only allow network access to devices that can be used in a professional capacity.

Of course, there is also a distraction-factor when there is an excessive use of these devices – even if they’re technically allowed. For example, if you have several employees with smartphones, laptops, tablets, and wearable devices that are all constantly sending and receiving data, the likelihood of interruption increases and productivity decreases. Consider limiting the number of devices per person that are allowed to access your network at one time.

Develop Access Policy: One of the biggest reasons for data loss is accidental human error. To make your employees aware of the dangers of abusing the use of mobile devices on your network, it’s a good idea to create a policy that makes them aware of their role. The policy should include password requirements, antivirus expectations, privacy terms, data loss security reporting process, and even things like penalties of texting and driving while using a company device.

Mobile Device Management Solutions: To take that extra step beyond developing/enforcing a policy regarding the use of mobile devices, a mobile device management solution (MDM) gives your company more control over mobile devices on your network. MDM applications enforce proper use, as well as requiring maintenance and security patches to be up-to-date. Many of these MDM solutions have the ability to remotely wipe data from the device in the event it’s lost or stolen.

Studies show that employees who are allowed to use their personal mobile devices for work are more satisfied with their job. Smartphones and mobile devices are a permanent part of business technology and can’t be ignored. With the constant threat of cybercrime, SMBs need to be vigilant about allowing only authorized users to connect mobile devices on their network. Questions on keeping your network safe or if an MDM solution is right for you? Contact us at PHONENUMBER.

Categories
Casserly Consulting Blog

Security Terms That Every User Needs To Know

patching_information_400.jpg

Chances are that you’ve seen quite a lot of stories on the Internet, or in the news, about the many security threats out there. Some of these, including ransomware, exploits, and reluctance to update software, might fly over your head if they’re not part of your everyday business vocabulary. Knowing what these terms mean is of the utmost importance in today’s workplace. We’re here to help you understand what some of these security terms mean for your organization.

Ransomware like WannaCry are one of the primary reasons why it’s so important to understand how network security works, and all of the terminology behind it. After all, hackers understand how to exploit your network’s weaknesses, so you’ll want to know all about the primary way to protect your business’s data from them: security patches.

These patches are issued by software developers to resolve certain issues or troubles found in their products. For example, a patch might be designed to address a recently found vulnerability in the program’s code, or resolve a particularly troublesome issue with the user interface. Understanding how these patches work is critical if you want to ensure the security of your business, your personal computer, and everything in between. Here are five of the most common terms used when speaking of security patches.

Patch Tuesday
Even if you allow your computers to update and install patches automatically, you should still have an idea when these patches are installed. Microsoft has a set schedule that they use to release these patches. They are released on specific days of the week, including the second Tuesday of each month, and sometimes the fourth as well. Perhaps in the future, data exchange will allow newer operating systems to be updated more frequently, or at the very least in real time, keeping your systems more secure.

Security Patching
Patches are basically issued to fix something that’s wrong with a computer application or program. It is these patches and updates that are provided on all of the official patch days, like Patch Tuesday. Of course, immediate patches to imminent threats of Microsoft’s software are issued for release as soon as one is created. These zero-day threats are so dangerous that they need to be resolved as soon as possible, making them top-priority for your organization.

Hotfixes
These are sometimes called quick fix updates, quick-fix engineering updates, and general distribution releases. These hotfixes generally include a patch that fixes just one small thing wrong with your application. These small issues are usually important enough that they need to be issued immediately without waiting for the next batch of patches. Even though Microsoft has long since forsaken the term “hotfix” specifically, it’s still used as a common way to refer to these fixes in the technology sector.

Zero-Day Threats
These types of weaknesses are those that are being used by hackers even before they are discovered by security professionals. The name “zero-day” refers to the fact that the software developers have no time, or zero days, to develop a patch to resolve the issue. These are some of the most dangerous threats out there, and need to be a priority for companies trying to keep damage to a minimum.

Whitelisting
Whitelisting is the process through which a patch or application is deemed secure or safe for your business. This allows your whitelisted app to access information found on your network. Contrary to whitelisting, blacklisting is the process of banning network access to certain apps. Whitelisting was a popular term used to discuss the security patch resolving the issue with the WannaCry ransomware, as IT departments wanted the patch to be “whitelisted” first to guarantee that the patch would be enough to stop it.

Is your business security-savvy enough to identify major problems with your network infrastructure? To learn more about how you can protect your business, reach out to us at PHONENUMBER.

Categories
Casserly Consulting Blog

Why Spam Is So Bad For Your Inbox

spam_protection_400.jpg

Spam. It’s detrimental and all businesses have to deal with it. But many don’t know the first thing about how to identify it, or how to work around it. The truth of the matter is that spam can be dangerous for your organization if it’s not dealt with properly, but dealing with it can also be a major waste of resources. We’ll walk you through what constitutes spam, and how you can identify it from legitimate messages in your inbox.

Defining Spam
At its very core, spam consists of messages that are either insubstantial, wasteful, or dangerous to your organization. Spam generally takes the form of a message that you find in your email inbox, but you can often receive spam through various other media, including social media platform messengers (though these platforms usually have pretty good filters that keep most away from you). Spam can range from being a simple annoyance to a real problem, depending on the nature of the messages received.

How Spam Happens
Spam is a naturally occurring part of having an email account, primarily because spam can happen for a number of reasons that aren’t under your control. Perhaps your email address appeared somewhere online and it has been entered into a database that sends out emails at regular intervals about certain topics. Maybe you signed up for a subscription to a certain newsletter and now you get emails from multiple services that you hadn’t anticipated. Either way, you’re getting messages that you neither need nor want.

Other times, spam takes the form of a message that tries to get you to click on a link or download an attachment. These spam messages are most likely to be malicious in nature, as they are urging immediate action and are trying to get you to download malware on your device.

Keeping Spam Out of Your Inbox
There are two ways you can keep wasteful or dangerous messages out of your inbox: 1) Unsubscribe from email newsletters that you no longer wish to receive, and 2) Implement a spam blocking solution. Most legitimate newsletter emails will have an unsubscribe link at the bottom of the message which you can use to unsubscribe, preventing you from receiving any further messages from the sender. In order to keep the truly dangerous emails from being sent to you, you need an enterprise-level spam blocker. This will keep any messages that resemble spam out of your inbox in the first place, keeping you from having to deal with them at all. It’s the best way to keep spam away from your inbox.

To learn more about our enterprise-level spam blocking filter, reach out to us at PHONENUMBER.