Tag Archives: network

Top Tricks Cybercriminals Use To Hack Your Computer Network

16 Nov 17
lverbik
, , , , , , , , , , , , ,
No Comments

There’s no denying that cybercrime is on the rise. All it takes is a glance at a few big news stories from the past couple years. Equifax gave up the information of over 100 million people, many of them not even users, to a surgical hacker attack. Last May, over 57,000 infections spread from a single ransomware source across 99 separate countries, with damage reaching everything from hospitals and businesses to vital public utilities like the German railway network. And how many high-profile celebrities have had their phone’s picture feeds hacked and had to deal with the scandal of some maliciously leaked photographs, some of which they’d deleted years before?

But it’s not just massive corporations like Equifax or JPMorgan or actresses like Jennifer Lawrence that are being targeted day in and day out. It’s small businesses, many equipped with far less robust security measures in place. In fact, if you’re an entrepreneur, it’s almost a statistical guarantee that hackers will target your business at some point down the road.

In your company’s battle against cybercrime, it’s essential to stay abreast of the rapidly shifting digital landscape. Only the most up-to-date security technology can even hope to protect you from the ever more sophisticated thieves pounding at your digital door.

However, it’s also important to stay informed. Here are a few of the sneakiest and most common tricks thieves use to snatch your vital data:

Social Engineering Hacking, though it can cost you thousands and thousands of dollars and do just as much damage as its digital counterparts, doesn’t require a single line of code. Instead, they find weaknesses in the “human network” of a business. For example, skilled scammers can call your business’s cell phone provider, posing as the CEO’s spouse, and convince the customer service rep to hand over passwords, Social Security numbers, and sensitive personal information. Many IT departments are susceptible to this same scam.

Often, social engineering is used to gather information that will later be used for a different strategy. Such as …

E-mail Phishing, which hijacks (or fabricates) an e-mail account with trusted authority and sends users an e-mail requesting they click a particular link. Maybe the e-mail looks like it’s from the service department of your company’s time-tracking software, seeking to remedy an error. But when the link is clicked, ransomware or other malware spreads like wildfire through the system, and the user is at the mercy of the hackers. Usually, this is used to extort exorbitant sums of money out of small businesses or individuals. Symantec reports that just last year, over 7,000 businesses of all sizes fell prey to some form of phishing scam, costing them more than $740 million in total.

Brute-Force Password Attacks Or Password Guessing are just what they sound like. Either a hacker uses a software that, after putting in some data about the target (for example, the name of their dog or their anniversary), runs through potential keys ad infinitum. With sufficient information about the target, it’s only a matter of time before the software breaks through. Or, more often than you might think, hackers can simply guess the password. Infiltrators have common passwords that use real words or common structures memorized and can run through hundreds before giving up.

Fault Injection is a different story, usually only used by the most dedicated, sophisticated hackers around the world. Cyberthieves will use a complicated software to scan the source code of their internal software or network, noting every potential weak point in the system. Then, by splicing in strings of code, they can penetrate through and steal data, inject a virus, or employ other digital mischief.

How To Protect Yourself Against These Threats

As they say, forewarned is forearmed, but it’s not enough to keep your eye out for common hacker strategies. As the progress of technology marches on, so do the techniques and softwares used by hackers, resulting in an infinite number of permutations of ways they can penetrate your system.

The only way to be truly secure is by utilizing bleeding-edge security solutions to ensure you stay ahead of the breakneck developments in hacker technology. With constantly updating software dedicated to security, along with some know-how, you can rest a lot easier knowing your data is safe.

The Most Common Ways Hackers Access Your Network

28 Jun 17
lverbik
, , , , , , , , ,
No Comments

You are under attack. Right now, cybercrime rings in China, Russia, and the Ukraine are hacking into small businesses like yours to steal credit cards, client information, and swindle money directly out of your bank account. Some are even being funded by their own government to attack American businesses, and half of all cyberattacks are aimed at small businesses. The National Cyber Security Alliance reports that one in five small businesses have been victims of cybercrime in the last year. It’s critical that you protect yourself from the following 10 vulnerabilities.

1 Poorly trained employees are the biggest risk. It’s common for an employee to infect an entire network by opening and clicking a phishing email designed to look like legitimate correspondence from a trusted source. If they don’t know how to spot infected emails or online scams, employees can easily compromise your entire network.

2 We strongly recommend an acceptable use policy that limits the websites employees can access with work devices as well as work material they access with personal devices. We can easily set up permissions that regulate which websites your employees access and what they do with company-owned devices, even granting certain users more freedom than others. You also need to detail what an employee can or cannot do with personal devices when taking work home.

3 Weak passwords are bad news; passcodes should be at least eight characters long with both lower and uppercase letters and include symbols and at least one number. On a company cellphone, requiring a passcode makes stolen devices harder to compromise. Again, this can be enforced by your network administrator so employees don’t get lazy and put your organization at risk.

4 If your networks aren’t patched, new vulnerabilities (which are common in programs you already use, such as Microsoft Office) can be exploited by hackers. It’s critical that you patch and update your systems frequently. If you’re under a managed IT plan, this can be automated so you never miss an important update.

5 Are you backed up in multiple places? Aggressive ransomware attacks, where a hacker holds files for ransom until you pay a fee, can be foiled by backing up your data. You won’t have to pay a crook to get them back. A good backup will also protect you against accidental deletion and natural disasters, and it should be automated.

6 One of the fastest ways cybercriminals access networks is by duping employees to download malicious software by embedding it within downloadable files, games, or other innocent-looking apps. This can largely be prevented with a secure firewall and employee training and monitoring.

7 Not all firewalls are created equal. A firewall blocks everything you haven’t specifically allowed to enter or leave your network. But all firewalls need monitoring and maintenance, just like all devices on your network, and a weak one does you little good. This, too, should be done by your IT person or company as part of their regular, routine maintenance.

8 Many hackers exploit your devices when you connect to public Wi-Fi, getting you to connect to their Wi-Fi instead of the legitimate public one. Always check with a store or restaurant employee to verify the name of the Wi-Fi they are providing. And never access financial or medical data or enter your credit card information when surfing public Wi-Fi.

9 It may be one of the oldest tricks in the book, but phishing emails still work. The  goal is to get you to download a virus by clicking a link or getting you to enter your login information on a clone of a legitimate website.

10 In 2009, social engineers posed as Coca-Cola’s CEO, persuading an executive to open an email with software that infiltrated the network. Social engineering is another old-school tactic, but, like phishing, it works well. Hackers pretend to be you, and people often fall for it.

If you are concerned about cybercriminals gaining access to your network, then call us to learn more about implementing a managed security plan for your business. You’ve spent a lifetime working hard to get where you are and have earned every penny and every client. Why risk losing it all? Get the facts and be certain your business, reputation, and data are protected.

4 E-mails You Should NEVER Open

17 May 17
lverbik
, , , , , , , , , , , , , , , , , ,
No Comments

No matter how “bomb-proof” we make your network, you and your employees can still invite a hacker in if you click on a link or open an attachment in an e-mail sent by a cybercriminal. Some spam is obvious (can you say, “Viagra at a discount”?) but others are VERY cleverly designed to sneak past all the filters and trick the recipient into opening the door. Known as a “phishing” e-mail, this still is the #1 way hackers circumvent firewalls, filters and antivirus, so it’s critical that you and your employees know how to spot a threatening e-mail. Here are four types of e-mail ploys you should be on high alert for.

The Authority E-mail. The most common phishing e-mails are ones impersonating your bank, the IRS or some authority figure. The rule of thumb is this: ANY e-mail that comes in where 1) you don’t PERSONALLY know the sender, including e-mails from the IRS, Microsoft or your “bank,” and 2) asks you to “verify” your account should be deleted. Remember, ANY important notification will be sent via old-fashioned snail mail. If it’s important, they can call you.

The “Account Verification” E-mail. Any e-mail that asks you to verify your password, bank information or login credentials, OR to update your account information, should be ignored. No legitimate vendor sends e-mails asking for this; they will simply ask you upon logging in to update or verify your information if that’s necessary.

The Typo E-mail. Another big warning sign is typos. E-mails coming from overseas (which is where most of these attacks come from) are written by people who do not speak or write English well. Therefore, if there are obvious typos or grammar mistakes, delete it.

The Zip File, PDF Or Invoice Attachment. Unless you specifically KNOW the sender of an e-mail, never, ever open an attachment. That includes PDFs, zip files, music and video files and anything referencing an unpaid invoice or accounting file (many hackers use this to get people in accounting departments to open e-mails). Of course, ANY file can carry a virus, so better to delete it than be sorry.

4 Must-Have, Low-Risk Cloud Solutions

05 Apr 17
lverbik
, , , , , , , , , , , , ,
No Comments

Let’s face it, your business has more competition than ever. And they’ll eat you alive if you fall behind in today’s technology “arms race.”

Maybe your network needs greater security. Or you haven’t yet taken advantage of new cloud-based apps that help your team get more done in less time. Today, the action is in the cloud. And if you don’t know what’s out there, it’s just that much easier for competitors to pull ahead.

To help you stay on top, here’s a quick survey of four ways to put the cloud in your corner, along with examples of each.

Network Security

As devices on your network become more diverse and mobile, monitoring them in real time is absolutely critical to averting cyber-attacks. A good network-security tool probes for weak points and alerts you to potential threats. It can employ both hardware and software technologies. And today’s environment demands a bevy of checkpoints, from access control to WiFi-intrusion monitoring.

But how do you protect against threats that evade your monitoring efforts? Due to the recent spread of “fileless” malware, no antivirus program is 100% “bullet-proof.” However, you should be able to find basic software protection for around $40 per user. Look for features such as e-mail security, data loss prevention, network segmentation and behavioral analytics. And ideally, it scans quickly, takes up little space on your devices and may even be able to recover files encrypted by ransomware.

Collaboration

Giving your team the right cloud collaboration tools can be almost as good as giving them steroids… (Except, of course, it’s legal.) With the wide array of apps available today, the trick is finding the best one – or the best combination – for your company. Top contenders include Asana, Slack, Teamwork, Trello and Google Drive. These and similar apps can improve efficiencies in areas like project and task management, team communications and collaboration, brainstorming, document processing and storage, and more. And with cloud collaboration, you’re no longer restricted to bringing aboard talent from your local area alone.

Contracts & Accounting

Contracts and proposals that get bogged down in logistics can hurt monthly revenues. Is your sales team still asking customers to sign and fax back important documents? If so, they’re losing precious minutes every day. Then there’s the cost of storing and managing physical files. It all adds up. It’s no wonder so many companies now use electronic signature apps, such as DocuSign, Adobe Sign and RPost. They’ll let you manage the signing of important documents entirely online, and will encrypt and store files for you. Some are even court-approved and create a full audit trail.

For small business accounting, industry veteran QuickBooks, now with an online version, and upstart Xero can help you keep the books with relative ease. They both offer a clean, intuitive UI and affordable pricing with a comprehensive set of features. And, of course, being cloud-based, they can be accessed from a variety of locations, adding flexibility to your workforce.

If you’d like to know how well your company is (or isn’t) taking advantage of today’s cloud, contact us.

Network Abuse: Don’t Push Your ‘Luck’

16 Mar 17
lverbik
, , , , , , , , , , , , , , , , , , , , , ,
No Comments

Look around your office. Isn’t it great to see your team hard at work on their computers? Yet if we take a closer look, let’s see what’s really happening…

Joe, your new sales rep, is poring over last weekend’s game stats…

Amy in marketing is looking for a new job, surfing your competitors’ websites, chatting with their HR people…

Wes, over in customer support, just bogged down your entire network by downloading a video file of Metallica in concert…

Guy, your new hire in shipping, is on hotdate.com, viewing questionable photos…

Bob in accounting is browsing stock-investing sites, in search of a hot tip…

Okay, so maybe it’s not that bad at your company. But this type of behavior will happen to some degree if you don’t proactively prevent it. The real problem is, unfiltered content often links to malware and other threats. Ignore it and you risk productivity losses, legal liabilities, extortion, blackmail and fraud. And not only that, the resulting data loss and corruption can cost your company big-time. Cyberthreats stemming from unfiltered content aren’t something you can count on your lucky leprechaun or four-leaf clover to protect you from.

In today’s mobile environment, content filtering has becoming a greater challenge than ever before. Your company may already be doing some filtering at the network level. However, when was the last time you checked the number of mobile devices linked to your network? As your workforce goes mobile, your network is exposed to a rapidly expanding “attack surface.” With BYOD (bring your own device) now the norm, the old rules of content filtering just don’t cut it anymore.

Are You Making Any Of These Mistakes?

Old content-filtering models presume your network has a safe “firewall.” But now, with BYOD, you need a different way to protect your data. And that’s where endpoint security comes into play. Endpoint filtering keeps devices on your network safe from infection, no matter where they hook into the Internet.

But make ANY of the following mistakes with endpoint security and your network could be a sitting duck:

  1. Missing even ONE endpoint. This applies to tablets and smartphones as well as home-based machines that VPN into your network.
  1. Skimping on security policies, protocols and training. Believing that tech tools alone will keep your network secure is a recipe for breaches. In fact, no technology can keep a network safe if users cut corners.
  1. Leaving endpoint filtering out of your overall security plan. Ad hoc security invites disaster. An improperly designed system exposes holes that hackers love to find.

So, What Exactly Should You Filter?

Forrester Research states that companies whose users access the cloud should:

  • Detect and intercept unusual or fraudulent activities related to data in the cloud.
  • Detect, neutralize and eliminate malware in cloud platforms.
  • Detect and monitor unsanctioned cloud applications and platforms usage.
  • Protect against leaks of confidential information.
  • Encrypt structured and unstructured data in cloud platforms.
  • Investigate suspicious users and incidents.

Between BYOD and ever more complex cyber threats, you simply can’t afford to run around putting out fires. You absolutely MUST proactively defend your network in depth with endpoint content filtering.

The #1 Cure For A Sluggish PC

16 Nov 16
lverbik
, , , , , , , , , , , , , ,
No Comments

If you’re often – or even constantly – frustrated with slow loading times, screen freezes or crashing programs, your network may be in desperate need of an upgrade…or a tune-up. Here’s how to make your network run like new again…

Most computers and networks bog down as they age. Here’s why:

● Spyware, viruses and other stealth programs secretly hiding in your machine. And we mean “secretly.” Today’s sophisticated malware is more elusive than ever. Most users will never know what hit them until it’s too late. The only telltale sign that your system has been infected is that it starts slowing down over time. These nasty bugs attach themselves to all sorts of programs in your network and work in the background, undetected.

● Your machine is overdue for replacement. Hey, it can only last so long. Manufacturers don’t spec PCs to last more than about three to five years. When things start slowing down…or you can’t install the latest software…or plug in some of the newer cables…it’s time to start shopping. But there are ways you can extend your computer’s useful life. Which brings me to #3…

● It’s time for a tune-up. Just like a car, your network needs routine maintenance to run at top speed and performance. To keep it running smoothly, there are over 100 checks and updates that need to be done on a regular basis. These include disk defragmentation, patch management and the removal of unnecessary files and programs, to name just a few.

If your computer network hasn’t had the routine maintenance it needs to run well, contact a Techno Pro today!

Spooked About Your Network’s Security?

13 Oct 16
lverbik
, , , , , , , , , , , , , ,
No Comments
You should be, unless somebody’s keeping a vigilant eye on it for you…
Not too long ago, in a place not so far away…when ancient hordes attacked your city, a single breach in the wall could mean certain death – or at least the end of life as you know it.
Yet times change…or do they?
Attacks by today’s cybercriminals on your network, while perhaps not physically life-threatening, can inflict severe damage to the life and health of your business.
FACT: The odds of a successful cyber-attack against your business today are one in five. And, at a typical cost of $300,000 or more, a full 60% of smaller businesses that suffer a breach shut their doors for good within six months, according to the National Cyber Security Alliance.
So, who’s “guarding the gate” at your company’s network?
The problem with keeping your network safe today is that these attacks don’t just happen randomly – they are constant and unrelenting. Ever more sophisticated “robot” software is making it easier than ever for attackers to stalk the Internet, probing for vulnerabilities 24/7.
Here are just a few of the ways these vigilantes can penetrate your network’s defenses:
An SQL Injection can destroy your database, steal e-mail addresses, usernames and passwords, gain access to sensitive client management and billing data, deface your web site and defraud your business. It’s also now the most frequent mode of attack.
Open Ports – An open port is basically a channel for Internet data to connect with devices on your network. A firewall normally filters data, but hacker “web-bots” constantly probe for vulnerabilities. When they find an open port, and if they have installed malicious code inside your system, they are then able to control your devices.
In a DDoS attack, a network of computers attacks a single server with a surge of traffic, forcing it to crash. They most often target political organizations and banks; however, small businesses are also at risk. To avoid getting shut down, you need a defense plan in place and around-the-clock monitoring.
Malware and Viruses – Unfortunately, anti-malware and antivirus software programs in reality often fall short of claims, leaving many SMB networks highly vulnerable. The problem is twofold: First, they only detect a breach after the malware or virus has infected your system. Second, detection solutions often lag behind the latest threats by days or even weeks, leaving a big window for them to inflict heavy damage.
Targeted E-mails – Cybercriminals seem to get better each day at creating enticing e-mails that innocent readers will click on without a moment’s thought. If that reader happens to be on your network, you now have yet another hidden attacker to deal with.
“Drive-By Downloads” are a client-side intrusion where a person in your network innocently picks up a nasty bug…
Credit Card Theft – How would you feel if one of your customers’ credit cards got hacked due to a flaw in your security? Now imagine how you would feel if that incident turned into a lawsuit… Yet that is exactly what can happen if your DLP (Data Loss Prevention) system isn’t up to snuff. As you’ve no doubt seen in the news, credit card data theft is now epidemic. To keep customer data safe and maintain PCI compliance, it’s absolutely crucial to make sure your DLP is on duty 100% of the time.
As cybercriminals hone their evil craft, we must now be on guard, as our businesses grow ever more web-dependent. Yet how do you find the time to keep up with it all, much less make sure your network is safe?
Lucky for you, there’s a silver dagger…our Techno Pros can help you find and install the right protection.  Contact us.

 

 

 

Is Cryptovirus back as a worm?

03 Sep 15
lverbik
, , , , , , , , , , , , , , , , , , , , , , , , , , , , , ,
No Comments

19798163_s (2)Just when you think it can’t get any worse, it does—it seems likely there is a new variant to the Cryptolocker virus—that insidious virus known to encrypt all your files and hold them ransom for $300. This new strain may or may not be Crypt, but it was reported recently to have been able to replicate to other workstations and begin encrypting user folders, though many IT peers do not believe that capability exists as yet.

Whether it is possible or not, it’s something to watch out for. The affected business not only was infected across multiple workstations, but also its server by way of mapped drives. The victim in this case saw a web page open at the workstation with a threatening hijack message and links to download the solution that unlocks the user’s data.

Its evil authors no doubt immediately began working on this new poison once researchers from FireEye and Fox-IT were able to reverse-engineer the virus and provide a solution to Cryptolocker’s victims in May of this year. Of course, half a million people had already been affected and 1.3 percent had paid cash to free their files from the criminals—to the tune of $3 million.

Following the forum discussion about this new case reveals that the most likely source of this virus may actually be a flash-based ad on a compromised site that many people in the office could have accessed. It is possible that someone shared a link containing the virus, or perhaps everyone had a program installed already that popped up an embedded ad that was clicked on.

No matter whether the new strain is able to actually replicate to other stations or not, this is a good reminder to take every measure available to safeguard your files. Number one, add this virus’s file names to your file screens: *.aaa and restore_. Two, backup always! Three, get legit anti-virus and monitoring software. Four, patch your workstations. Five, contact the team at Techno Advantage for help selecting the right cloud-based or on-premise backup and storage solutions.

Need more help deciding how to protect your business from a malware attack? Contact a Techno Pro today! And watch this blog for updates on any new malware. We want to keep you informed.

Top 4 Data Backup Devices for Small Business

13 Jan 15
lverbik
, , , , , , , , , , , , , , , , , ,
No Comments

You already know you need good, regular backups of all of your business data, but you may get stuck figuring out the best way to manage them. Fortunately, you don’t need to spend a scary amount of money to buy and set up a reliable backup system.  Let’s look at a selection of reliable and affordable backup devices to use in your small business.

We’ll look at both locally-attached and network-attached backup devices. USB sticks and external USB hard drives are wonderful for making backups on a single computer, and network backup servers simplify data protection for your whole business.

USB Sticks

USB sticks are small in size and price, but mighty in capacity; you can get as much as 128 gigabytes storage capacity on a USB stick. You have a choice of USB 2.0 and USB 3.0 devices, so which one should you buy? USB 3.0 is the current standard, and it is backwards-compatible so it works with computers that have only USB 2.0.

It only costs a little bit more, so you might as well go with 3.0 drives. USB 3.0 promises a transfer rate of 5 Gbits per second, compared to 480 Mbits for USB 2.0.  Not all USB sticks are created equal, and you want to stick with the best brands: SanDisk, Verbatim, Kingston, Lexar, and Corsair are all reliable and sturdy.

USB Hard Drives

When a USB stick isn’t big enough, USB hard drives offer the most storage for the buck. You can get a portable drive with a built-in USB port.  This type of drive offers capacity ranges from 500MB-2TB, has USB 3.0, and usually comes with a nice backup and recovery software.  Many models come with encryption, easy automatic backups, and a cloud backup option.  Pricing ranges from $60 to $120.

Solid-state Drives

A solid-state drive (also known as a solid-state disk or electronic disk, though it contains no actual disk, nor a drive motor to spin a disk) is a data storage device that uses integrated circuit assemblies as memory to store data persistently.  Solid-state drives (SSDs) are expensive in comparison to hard drives, but they’re durable, small, fast, and have low power requirements. SSDs are wonderful for workloads where it’s worth paying more for a speed boost, like for system files and multimedia production.

Network Storage Servers

A network-attached storage (NAS) server is a type of dedicated file storage device that provides local-area network (LAN) users with centralized, consolidated disk storage through a standard Ethernet connection. Each NAS device is connected to the LAN as an independent network device and assigned an IP address.  NAS allows more hard disk storage space to be added to a network that already utilizes servers without shutting them down for maintenance and upgrades.  You can use it exclusively for backups, or for file-sharing and multimedia streaming.  It will set you back $1,295 for 4TB of storage, and up to $1,895 for 16TB.  These extra-rugged drives run cooler, and they’re optimized for network storage.

Now that we’ve explored the different options, you should know that Techno Advantage offers a backup software option.  We have found that the pre-installed software on these types of devices is usually a watered down or freebie version that will not deliver the results you hope for in the event that a recovery is needed.  Need help deciding which devices and software are right for your business?  Contact a Techno Pro today!

Feeling Overwhelmed by Technology?

23 Jun 14
lverbik
, , , , , , , ,
No Comments

If so, well…..you’re not alone.  Many small business owners feel they have very little resources to help them navigate the vast tech landscape, according to a recent study.

The report, from Brother International Corporation and non-profit SCORE was conducted by Wakefield Research and covered 500 small business owners with fewer than 100 employees.  It revealed that 64 percent of small business owners still feel “overwhelmed” when it comes to technology.

Small business owners feel they have no one to turn to for tech guidance.  The majority have no dedicated IT support.  In fact, the study shows that 59 percent of those surveyed said there are “insufficient resources” available in small business communities to help them.

 

The team at Techno Advantage prides itself on being a top quality, outsourced, on-call IT department.  We are constantly looking for ways to serve and educate busy small business owners on IT related matters.

To help you feel less overwhelmed, here are 5 Tech Tidbits for small business:

1.Don’t scrimp on technology

Your business relies on your communication channels not breaking down.  Computer and network glitches can cost you financially.  Hone your business processes to understand the technology you do and don’t need and then get a second opinion.

2. Get in the cloud

Data space can be a huge issue for small businesses.  But you don’t need to purchase expensive kits to get around this.  Many small businesses are opting to outsource data storage or choosing to use a free service.

3. Make sure you’re mobile

Business won’t wait for you to be back in the office.  Smartphone and tablet are rapidly overtaking desktop use in the workplace.  The workforce is more mobile than ever and your business practice needs to reflect this.  Ensure you are contactable and can do your transactions on the run.

4. Security is key to tech success

Have a strong password policy and know what data needs protecting.

5. Get the right support

Don’t outsource your tech to someone you can’t get hold of in the middle of the night.

The team at Techno Advantage wants to be your small business IT resource and partner (yes, even in the middle of the night).  If you’re one of the many small business owners who feels overwhelmed by technology, why wait?

Call and speak to Jay and his team now!