Blog

Archive for Security

Tip of the Week: 4 Signs You’re in an APT Hacker’s Crosshairs

b2ap3_thumbnail_apt_hackers_are_dangerous_400.jpgHackers come in all shapes and sizes, with varied levels of skills to boot. The generic garden-variety hacker will probably only try to hack your email and send spam, or steal your personal information. However, there are much worse threats out there, like APT hackers. This week, we’ll cover how you can spot these wolves in sheep’s clothing.

An Advanced Persistent Threat (APT) hacker has no interest in your email password or personal information. Instead, they have their sights set a little higher: your business, and everything it’s built on. APT hackers will try to make off with any valuable or confidential information they can find, then sell it to the highest bidder; or, they hijack enough information to steal your business’s identity, making fraudulent purchases of incriminating or expensive merchandise. Whatever their reasons, they want to ruin your business, and without proper precautions, your company can collapse in the event of one of these attacks.

An APT hacker is a serious threat that must be dealt with. Unlike the lone wolf hacker, APT hackers tend to work in packs, taking advantage of their numbers to prey on whoever is most vulnerable. Even the most powerful of networks can be overwhelmed by numbers. Just like the typical worker, these APT hackers are even known to work regular hours in an office, not unlike yourself.

The signs of an APT hacking attack are far more diverse than if a single hacker tries to break into your network. Though the signs might be stronger or more noticable, an APT hacker uses the same techniques as the lone wolf hacker, including phishing emails, or malicious websites which download malware or spyware onto your PC. Here are four signs from InfoWorld that can sound the alarm for an APT attack:

  • More late-night logins: A covert operation like an APT hack is likely being done from the shadows, when nobody will notice what is going on. Take note of when your logins are occurring, especially if they are during the wee hours of the night by high-level users.
  • Finding backdoor Trojans: Ordinary hackers will only want to access your account once, but APT hackers will want to get back in and steal more of your data. Trojans are a reliable back door if they need to return to the network, even if the login credentials have been changed.
  • Unexpected information flows: Large, unexpected flows of data from internal origin points can be problematic, especially if they come from somewhere else entirely (i.e. a different country).
  • Discovering unexpected data bundles: If an ATP hacker wants your data, they may gather it in one location before moving it outside of your network. This makes large data packets easier to transfer. Look for information gathering where you know it shouldn’t be.

Think of APT hackers as the white-collar workers to the blue-collar ordinary hackers. These people are professional hackers who want nothing more than to take your business out. You need a powerful solution to keep them at bay. Total Networks can equip your business with an enterprise-level security solution called a Unified Threat Management (UTM) device. The UTM is designed to keep threats out of your network so your business can live to see another day.

Total Networks also offers remote monitoring and maintenance solutions for your business. These proactive managed IT services are designed to detect suspicious activity before it causes major problems. We can fix any issues remotely and efficiently. For more information about how to protect your business, contact Total Networks at (602)412-5025.

Continue Reading →

Posted in: Security

Leave a Comment (0) →

Getting a Computer Virus is Like Catching the Flu

b2ap3_thumbnail_under_the_weather_virus_400.jpgGrab your tissues, it’s flu season! Just like biological viruses such as the flu can cripple an entire office, digital viruses can cause a lot of trouble for businesses too. Both downtime-causing virus scenarios can be prevented if proper safety measures are followed, like sanitation and cybersecurity.

The point of cybersecurity is to keep the viruses (and other threats) out of your network. One would think that keeping viruses out of your network wouldn’t be too difficult. If you have a reliable firewall solution, then, for the most part, it’s simply a matter of not clicking on malicious links or downloading files attached to phishing emails. However, in the same way that the flu virus spreads because one person does something stupid, like fail to wash their hands or sneeze all over the place, all it takes is one employee on your network to be dumb and download a computer virus for it to spread and infect every company workstation.

While a computer virus won’t leave you gripping your porcelain throne in the middle of the night, it can certainly prove to be unhealthy for your business. Malware can do several different things, all sickening in their own ways: destroying network files, stealing sensitive information, or even holding your data ransom. Whatever hackers try to do with your systems, you can bet it’s a big, warm chunky mess that you won’t want to clean up.

The spread of the flu virus in the office is a perfect example of how a virus can cause serious downtime. All it takes is one unsanitary employee to sneeze on a door handle, and then another worker catches it, then another. Before you know it half your staff has called out and the other half are shuffling around the workplace like a bunch of zombies. Translation: a microscopic virus just decimated your operations. In the same way, all it takes is one small and malicious code to breach your company’s firewall, infect your computers, and cause serious downtime. In a worst-case scenario, your business is hit with both virtual and biological viruses.

When it comes to viruses, you need to take preventive measures and keep as far away as possible. As seen by real-world viruses, as soon as they infect one person, they can spread if not controlled properly. Therefore, the best approach to cybersecurity is to keep viruses outside of your network at all times.

One of the best solutions out there to protect your company from digital threats is to integrate a Unified Threat Management device (UTM) into your tech infrastructure. Total Networks can provide your business with this comprehensive security solution, which includes a firewall, antivirus, web content filtering, spam blocking, and more. It’s engineered for the sole purpose of protecting your network from the dangers that lurk in the underworld of the Internet. The firewall protects your network on the outside, while the antivirus and anti-spam technology protects your business on the inside.

It’s also important to emphasize the importance of security best practices with the rest of your team. All it takes is just one mistake to undermine your entire security infrastructure. If you’re not careful, a virus infection could turn into an epidemic. Call in the IT paramedics at Total Networks. We’ll help you integrate powerful security solutions to keep your business infection-free.

Continue Reading →

Posted in: Security

Leave a Comment (0) →

Microsoft Bites Back with Fix to POODLE SSL Vulnerability

b2ap3_thumbnail_poodle_ssl_vulnerable_400.jpgA few weeks ago, a new vulnerability was discovered in the Internet Explorer functionality of SSL 3.0. Due to the encompassing nature of the vulnerability, all operating systems are affected. This makes it a big problem that must be resolved. Thankfully, Microsoft has released a fix to the vulnerability, called Fix It, making it far easier to prevent the vulnerability from becoming an issue.

POODLE itself is generally exploited to obtain information encrypted with SSL technology through Internet traffic, such as credit card numbers or other sensitive information. In simple terms, SSL (Secure Socket Layers) is an encryption protocol used with security certifications. It has largely been replaced by the more-secure TLS (Transport Layer Security) protocol, but many systems will fall back to their SSL certification if TLS were to fail somehow. TLS isn’t affected by this issue. So, in other words, the hacker must be able to force the targeted system to fall back on their SSL certification in order to exploit this vulnerability.

The way that this vulnerability is taken advantage of is through a man-in-the-middle attack. According to the official Microsoft security advisory:

In a man-in-the-middle (MiTM) attack, an attacker could downgrade an encrypted TLS session forcing clients to use SSL 3.0 and then force the browser to execute malicious code. This code sends several requests to a target HTTPS website, where cookies are sent automatically if a previous authenticated session exists. This is a required condition in order to exploit this vulnerability. The attacker could then intercept this HTTPS traffic, and by exploiting a weakness in the CBC block cipher in SSL 3.0, could decrypt portions of the encrypted traffic (e.g. authentication cookies).

Since POODLE is a design flaw in SSL, there isn’t a way to patch the bug; therefore, vendors are forced to get crafty with their responses. They were previously suggesting that disabling the old and decrepit SSL 3.0 protocol on their sites was the best solution, as most servers these days don’t rely on this old protocol anyway. In response to this issue, Google is working to disable SSL 3.0 in all of its products over the next few months, while Mozilla’s Firefox will resolve the issue with the next upgrade in November. This will eventually make the vulnerability obsolete. However, users of Internet Explorer should take a more immediate approach to this danger.

To be fair, Microsoft’s Fix It solution is an effective way of disabling SSL 3.0 in Internet Explorer if you don’t know how to navigate your Control Panel. It’s as easy as clicking a button on their official website. Otherwise, you must disable SSL 3.0 and enable TLS 1.0, TLS 1.1, and TLS 1.2 in Internet Explorer. You can do so by following these steps:

poodle in blog 1In the Internet Explorer Tools menu (or your PC’s Control Panel), click Internet Options.

poodle in blog 2In the Internet Options window, click the Advanced tab.

poodle in blog 3Scroll down to the Security section. Notice there are checkboxes next to the available SSL and TLS options. Uncheck Use SSL 3.0, and check the following: TLS 1.0, TLS 1.1, and TLS 1.2. Be sure to check all of the TLS versions. Failing to do so could result in connection errors.

Once you’ve finished, click OK, exit and restart Internet Explorer, and you’re all set. Following this process will cause Internet Explorer to not connect to servers which only support SSL, protecting your systems from connecting to insecure servers and risking exploitation of POODLE.

At Total Networks, we value the security that we provide to our clients. Keep in mind that this fix isn’t a viable replacement for the latest security updates and patches issued every month. You want to be using the latest versions of applications, software, and especially your operating system, to minimize the risks of a security breach.

Total Networks can apply all of these changes for you remotely, lifting the responsibility from your shoulders so you can concentrate on other aspects of your business. Call (602)412-5025 today to see what we can do to safeguard business.

Continue Reading →

Posted in: Security

Leave a Comment (0) →

Ghost Servers – Who Ya Gonna Call?

b2ap3_thumbnail_ghost_server_400.jpgEveryone has heard horror stories about the spirits of the dead lingering in this world. Every culture on this planet has different beliefs about the nature of these spectral beings. Not much is known about these beings, but people still believe without a doubt that they exist. In regards to technology, ghosts do exist, in the form of ghost servers.

With more and more companies migrating their servers to the cloud, they are leaving behind the carcasses of their old servers. They then become “ghost servers,” which are classified as unused or underutilized servers. What’s worse is that these servers continue to run in the background, and if your company isn’t careful, it could waste a lot of money by operating an underutilized server. It’s counterproductive and dangerous to your company.

One such IT horror story occurred in 2006 when someone hacked into the alumni database of Ohio University and could have potentially stolen 137,800 Social Security numbers. Nobody knew this server was still active, and due to this, no security patches were issued to it. This allowed hackers to compromise it and steal this valuable information. Of course, the question must be asked: how did nobody know that this server was still plugged in and active?

Ghost Hunting
The first step toward exorcising your network is to identify these ghost servers. If you recently relocated, or have moved to the cloud, you likely have ghost servers operating somewhere. The best way to locate them is to keep track of what your company is using, and where it is using it. Keep an inventory of all your systems and servers in place, and what they are being used for. If you’ve lost track of what device performs what action on your network, reach out to us to get a network assessment to map your entire network and organize it once and for all.

Of course, all businesses should be doing this in the first place, but sometimes companies run out of funds for an IT staff and they lack the resources to track these specters. Outsourcing your IT needs can help with this problem. Outsourced IT services from Total Networks can cut down on your payroll, and you can use the funds saved to hire marketing or sales staff to make your company more money.

We Mourn For Your Loss
Even when you find the ghost servers, there are specific steps you must take to ensure that they cannot be accessed by anyone. First, you must determine if it is necessary. If it is, you should consider virtualizing it to save time and money. Total Networks can assist you with virtualizing your server, but if you opt to let us host your data, we’ll monitor the system for you and you won’t have to worry about ghosts haunting your servers again.

If you find that the server is completely unneeded, it’s time to say goodbye to it. Let it move on and into the afterlife. Cut the cord (not literally) and separate it from its power supply, wipe the drives clean of any information that hackers could access, and stick it in a coffin for burial. It’s only when the server has been completely disconnected from the network, wiped clean, and removed from its location that it can finally rest in peace.

If you need assistance laying your unused servers to rest, Total Networks can be there to help you lower the casket into its silicone grave. We can host your data for you, and you’ll never be haunted by it again. We’ll also monitor your system and make sure that there is no unnatural presence lurking its shadows. Call (602)412-5025 today and we’ll ensure you don’t get spooked!

Continue Reading →

Posted in: Security

Leave a Comment (0) →
Page 1 of 14 12345...»
Facebook Auto Publish Powered By : XYZScripts.com