The ransomware attack against Kaseya’s VSA servers for approximately 1,500 organizations was yet another major challenge for businesses to overcome, and while most of the affected companies did not give in to the hackers’ demands, others felt forced to pay the ransom. The problem, however, is that some of those who did pay the ransom are now having trouble decrypting their data, and with REvil MIA, they do not have the support needed to decrypt their data.
How is a Pen Test Carried Out? A pen test is carried out more or less exactly like any cyberattack would be. Using the same tools as the cybercriminals do, a sanctioned professional is set loose on a computing system to try and crack it as a cybercriminal would. Like any cybercriminal, the pen tester follows a basic process: Scoping – The professional and their client come to an agreement regarding the evaluation, and a non-disclosure agreement is signed. Information Gathering – The professional starts to collect any data they can on the company and its technology to help identify vulnerabilities. A shocking amount of this data is publicly available. Probing – The professional first approaches the network they are targeting, sending probes to collect any information they can. This information helps them decide which attacks are most likely to take root. Attack – Once their strategy is compiled, the professional attempts to actively penetrate the targeted system. Of course, their data collection activities continue throughout the process. This does not inherently mean that all identified vulnerabilities will be targeted. Camping – If the professional successfully gets into the system, their job is to then remain there for some time. They’ll install software that allows them to get back in when needed, even if a network administrator makes changes or reboots the system. Clean-Up – Once the professional has the data they need for their report, they remove the software they installed and effectively undo everything they did, leaving the system as it was when they first attacked. At this point, the professional submits their report to the client, prioritizing all identified vulnerabilities by severity. This report should serve as the blueprint for the security improvements that should be implemented. Oftentimes, the professional will attempt another breach after the improvements have been put in place. Why is Pen Testing Important? Hopefully, this much is obvious at this point. Without an objective pen test, your only way to evaluate your security’s practical effectiveness is through a legitimate threat. That certainly wouldn’t be the time to discover that your network is vulnerable, would it? No, it’s better to have these threats identified in a controlled environment. SRS Networks is here to help you shore up any vulnerabilities that may be identified. Give us a call at (831) 758-3636 to learn more about what it takes to secure your business without sacrificing productivity.
1. Security Let’s consider the amount and kind of data that your business accesses, compared to what is assembled on your home network. While your own data is obviously important, the data you have on everyone else is what can get you into serious legal trouble for your business. Therefore, you need to ensure that your router has been configured to be as secure as possible. For instance, you should have a firewall in place to protect your incoming traffic. Any connection that is made to the Internet through your Wi-Fi router could potentially let in a threat, so you need to make sure that you’re mitigating these risks with an enterprise-level firewall. Furthermore, you should make sure that your Wi-Fi router is built with the hardware that a commercial-level router will use. 2. Size The size of your network should be considered as you determine the router that you should be using. In addition to your workstations, you have a sizable number of devices connected to your Internet, including your laptops, tablets, point-of-sale systems, connected printers, and mobile devices. Balancing your network between devices that need to be hardwired and those that can serve you just as well when connected over Wi-Fi should be a priority. 3. Support Levels Depending on how your business is set up, whether you have multiple locations or just one, you may need to have a different kind of router. An edge router is great for sending information from one network to another, while a branch router is suited for an internal network. Of course, the devices that your operations need will be impacted by a variety of circumstances. If your business takes up a large area, or shares space with multiple businesses or residential spaces, or if you will need to support guest users on a regular basis, your required support levels will vary. For more assistance with your Wi-Fi and your other business networking needs, turn to SRS Networks today. Our professionals and their expertise are only a call to (831) 758-3636 away.
Do Macs Get Viruses? In short, the answer is yes, absolutely. Apple computers can get infected with malware like viruses and ransomware. Macs can also suffer from other typical PC problems, such as hardware failure, data loss, slowing down over time, crashes, and more. So where did this misinformation come from? Why do so many casual users tend to think that Macs don’t suffer from the same issues as the Windows PC? Once place to start is Apple’s own (brilliant) advertising. You have to admit, Apple has had some very memorable advertisements over the years. In fact, one of my favorite ad campaigns may be one of the reasons that so many people think that Macs are immune to viruses. Check out the Mac. Vs PC commercial here. These ads are cute and charming and feel honest enough to be true. To Apple’s credit, no lies are being told in the ad. Swarms of new viruses are created for Windows PCs every year, and many of these viruses can’t infect Mac computers. Macs still get viruses, but there are definitely more variants out there for PC. Why is this? PCs Vastly Outnumber Macs In 2018, it was estimated that for every 10 active PCs on the Internet, there was only one Mac. If roughly 90% of the world runs on Microsoft Windows, it makes much more sense for hackers to develop viruses that would affect this broader target. Most businesses use PCs. Most schools and universities use PCs. In fact, most industries tend to use PCs. Most home computing is done on PC as well. That isn’t to say that there is anything wrong with a Mac. Apple makes incredibly solid laptops, and extremely capable desktops. The problem lies with third-party developers. For many businesses, certain core applications don’t have Mac versions. On top of that, when compared to the PC market, Apple doesn’t have a low-end tier for hardware. Your billing department doesn’t need the same computer that your video editor would use, and there isn’t a reason to spend that kind of money on a high-end Mac when a mid-range PC will handle the workload just fine. There really isn’t anything that you can do on a $2000 MacBook that you can’t do on a $2000 Windows laptop – at that point it’s just about preference and what works for your business. On the flipside, there are some limitations to what you can do on that Mac; when it comes to easily connecting and using a business network that’s designed for PCs, and when it comes to the software mentioned above. So, Mac Owners Do Need to Worry About Viruses? Yes sir. Although historically, there haven’t been as many viruses targeting Macs over the years, and it’s always felt like Macs might have a slightly lower risk, that has been changing. According to a recent report by Malwarebytes, the amount of malware on Macs is actually outpacing PCs for the first time ever. It sounds like hackers are relying on the complacency of Mac users. Malwarebytes goes on to report that there was a 400 percent increase in threats on Mac devices between 2018 and 2019. Mac users need to worry about the same threats, and practice the same security hygiene as any other computer user. Whether you […]
When it comes to the permissions that a business’ assorted users need to use inavigate ts network, most businesses turn to Microsoft Active Directory to help manage them. Simply put, Active Directory allows you to review and distribute access to the assorted resources found on your network and other user capabilities. However, whether you use Active Directory or another solution, the following practices and policies apply: Keep Permissions in Check One of the most crucial parts of your data security is the process of restricting access to your data (and your business as a whole) to only those who need it. For most businesses, there is no reason for anyone–especially a non-employee–to enter the premises in the middle of the night. Furthermore, different employees shouldnt have the same access as each other, simply because they have different access needs. Will one of your newly-hired employees need the same access as you do? Almost certainly not, so there is no reason to allow such a thing to ever take place. Make sure your network permissions are reviewed and corrected periodically. Establish Role-Based Permissions On the subject of restricting permissions, a utilitarian policy is generally best to follow. Will one of your users need access to a given resource in order to successfully do their job? If not, don’t give them that access. By assigning these permissions based on work roles, you can granularly give your team members the access they need, without unnecessarily exposing your data to individual employees who may not need a certain asset. Optimize and Supplement Password Policies A strong password policy is an absolute must when it comes to your data security. Not only do these passwords need to be strong, they should need to be updated frequently. This will help prevent users from sharing their passwords, or reusing old ones. Because there are so many passwords that everyone is expected to remember nowadays, the strength of these passwords has suffered. Combining this with the fact that cybercriminals now have stronger tools than ever to crack passwords, the username/password combination is often no longer sufficiently secure. To remedy this, implement two-factor authentication, which makes a cybercriminal’s job that much harder. Need help with these steps, or any other part of your business’ technology? We can help! Give SRS Networks a call at (831) 758-3636 to speak to one of our IT professionals!
How are Cybercriminals Using Coronavirus? “You can sit in a room and create anything you want on a laptop. That’s why the real con men are gone.”– Frank Abagnale Reformed con man and FBI consultant Frank Abagnale is right, as the cybercrimes shaped around the coronavirus have proven. Due to the deep anxiety and trepidation that the media coverage of COVID-19 has encouraged, cybercriminals have been handed an opportunity to take advantage of the panicked populace through phishing attempts… an opportunity they have embraced since the end of January. These themed attacks have been directed toward a variety of targets. For example: Healthcare providers have been targeted by phishing attacks that deliver keylogging malware, meant to look like emails from local hospitals or the World Health Organization. “Informational” emails referencing coronavirus have enabled hackers to introduce ransomware to the populace. Members of the supply chain have seen coronavirus emails that install information-extracting malware through malicious Microsoft Word documents. Of course, this kind of activity has been going on for far longer than the Internet has been around… it’s just that the Internet makes these attacks much more efficient and effective. How this Complicates Things Unfortunately, the latest application of these attacks have proven effective. Much of this is likely due to the fact that they are leveraging a very visible and nerve-wracking event, which helps to boost the interest of a target. This same tactic is the reason that so many phishing attacks are launched right around tax time, and why fraudulent messages were shared via SMS claiming that the recipients needed to register for the draft… for a fee. Whatever the approach, the tactics have remained the same: scare the recipient enough that they don’t consider that the message may be fraudulent, and give them a perceived “out” if they turn over their information. Adding to the complexity, the situation with COVID-19 is just different enough from other events that cybercriminals typically take advantage of, for it to be uniquely dangerous. For instance, many of the other disasters that a cybercriminal will use to their advantage are over in a relatively short time frame. In comparison, COVID-19 has already spent weeks dominating the headlines, with no way to tell how many more weeks (or months) are yet to come. In addition to this, coronavirus is largely unprecedented, unlike the foundation of many other phishing attacks (such as major sporting events and the like). This means that there is no real resource that is known to be trusted for people to turn to. For weather events, the National Weather Service and FEMA fill that role… no such resource is as commonly trusted for coronavirus. What Can Be Done In most cases, resisting these efforts will require a combination of basic cybersecurity measures and–perhaps more critically–user awareness and education. While your protections will ideally block the majority of phishing attacks and malicious messages, you need to be sure that your employees are aware of how such attacks should be handled: Train effectively – Rather than taking up half of one day on a dull and repetitive training seminar, split your training efforts into shorter pieces, focusing on assorted aspects of the threat at hand. Give your team the knowledge they need to recognize phishing attacks and understand the importance of mitigating […]
One of the major cybersecurity concerns of today is how attacks are now frequently automated, making it intensely difficult for a human being to successfully keep up with threats. As a result, it only makes sense to automate your cybersecurity measures as well. There are a few ways that you can do just that. Crunching the Numbers Regardless of how much data you collect, just collecting it isn’t going to benefit your organization all that much – especially when it concerns your security. It also needs to be processed and analyzed, which is simply too big of a job to be done manually. By compiling data from multiple internal and external sources, a business can better predict how threats will play out, as well as identify those that it hasn’t yet encountered. By utilizing machine learning and automation technologies, this compilation and processing is a much simpler, faster, and more accurate process, bringing your business improved security measures. Furthermore, many businesses face a lack of security-oriented employees. Automation can help make up the difference, reducing the burden on whatever resources they do have to protect their network. How Automation Benefits Cybersecurity There are multiple ways that adopting automation can deliver improvements to your cybersecurity. Data-Supported Inferences By sequencing data collected from within your organization, along with data provided by security vendors and other sources, you can use this data to draw conclusions and make predictions about threats, enabling you to catch them more effectively. Outpacing Attacks with Protections Cybersecurity is effectively an arms race – as new threats are discovered, new preventative measures need to be implemented to keep them from spreading. Of course, by the time a threat is discovered, it has often already moved on to its next step. This means that these steps need to be predicted and protected in order to stop them. Automated defenses are the most effective means to foil an automated attack, as they are more efficient and accurate. Detecting Threats in the Network When a network fails to deter a cyberthreat, it doesn’t immediately become a data breach – and automated protections can effectively analyze data to prevent such an outcome. Since a human being can’t hope to keep up with one of these threats, automation is your best bet at detecting, identifying, and resolving them. SRS Networks is here to help you implement the cybersecurity necessary to protect your business’ resources, including automated measures. To learn more, reach out to us at (831) 758-3636.
To accomplish this, let’s examine the various types of hackers out there, and what it is that drives them to do what they do. Identifying Hackers, Based on Why They Hack “Hacker” is one of those blanket terms that most people take a lot of liberties with. However, like most blanket terms, one of its potential uses is focused upon much more heavily than the others. When you hear the word, what picture pops into your head? If you’re like most people, probably the image that pop culture has encouraged: someone sitting in a dark room, only lit by the glow of their monitors, typing furiously at their keyboards while line after line of data scrolls down their screens. This isn’t all that accurate. The Types of Hacker In actuality, there are many distinct categories of hacker, based on the motivations they have and their approach to accomplishing their goals. Originally, there were just two categories, inspired by the costuming conventions once found in Western movies. The hero typically wore a white Stetson, while the villain’s hat was traditionally black. However, as more complicated motives became apparent, more categories of hacker arose. Primary Varieties of Hacker and Their Motivations White Hat: These hackers are those who, going through the proper established channels, hacks into programs to help improve these programs’ security protocols. Anyone who assists you in running penetration tests or vulnerability assessments fits into this category, as their intention is to help keep your systems safe. Black Hat: These hackers are the ones most people think about – the ones who you are afraid of targeting your business. Motivated by their own personal gain or ill will towards their target, these hackers intend to do some kind of harm by stealing credit card information or by leveraging other methods. Grey Hat: Much like the color grey is the combination of black and white, a grey hat hacker is a blend of black hat and white hats. As such, while grey hat hackers have helped bring quite a bit of evidence to light and share it with the public, the tactics they leverage come from a black hat hacker’s playbook. Red Hat: While grey hat hackers use exposure as a weapon against wrongdoing, red hat hackers go on the offensive. By waiting for other black hat hacks, and intercepting them, a red hat hacker will attack a black hat hacker’s system to stop the attack and potentially take the other hacker out of commission. Green Hat: The greenhorn of the hacking community, a green hat hacker will commonly have no hand in any practical hacking attempts themselves, but is committed to acquiring as much knowledge about these attempts as they can. Blue Hat: Another amateur, blue hat hackers rely on preexisting attacks and techniques to go after their targets. These attacks are typically rudimentary, and are often motivated by some personal offense or argument with the target. But Why? The motivations of a hacker can be as varied as the types of hackers are, and some hackers don’t necessarily have a single motivation driving them. Stealing Information for Profit or Distribution This is perhaps the most well-known of a hacker’s motivations. Once data has been stolen, a hacker can leverage it for profit in various ways – identity theft, blackmail, […]
Cybersecurity is a lot like that, and preventing the one percent of threats that slip past your security is crucial to your business. Let’s talk about it. One Percent of Threats Equals a Hundred Percent of the Damage Very few things in the computing world are infallible. If it is connected to the Internet and hackers really want to get into it, they will find a way. No antivirus can guarantee they will protect you from one hundred percent of all viruses ever. No anti-spam solution can promise you that they will never let a piece of junk mail through. These solutions are designed to reduce the risk. Antivirus can only protect you from known viruses, and only when the definitions are kept up to date in the software. Anti-spam often uses machine learning to analyze a message and determine if it has similarities with millions of other spam messages. This means there is room for a tiny amount to slip through as cybercriminals tweak and adjust their tactics to try to get past the security systems put in place. In other words, you could have the most expensive, most carefully managed and monitored IT security in place, and still be at risk. You could meet and exceed any compliance standard and still be at risk. Granted, it’s a greatly reduced risk than you would have without the security, but that one percent that slips through the cracks could still lead to massive amounts of damage. How Do I Stop the One Percent from Harming My Organization? That’s the big question, right? If you paid for that expensive firewall and that centralized antivirus and you’ve locked down your end points as much as possible, what more can you do? Employee Training Sometimes it just takes awareness to prevent an issue from becoming a bigger problem. Offering training and resources to keep your staff aware of threats can go a long way. There are some pretty simple lessons that are pretty easy to understand regardless of one’s technical level: Don’t open attachments you didn’t expect. Don’t click on the links that seem skeptical or too good to be true. Don’t share passwords, and don’t use the same password on multiple accounts. Don’t plug in random USB devices, especially if you found it. Report anything suspicious to IT. Teaching users how to do some basic tasks like taking screenshots for errors and identifying phishing attacks can also go a very long way. Don’t ‘Set and Forget’ IT Security (or Backups, or New Policies, etc.) A huge factor in almost every preventative IT solution, whether it be your antivirus or your cloud backup, is that the developers behind it are playing an ongoing game of cat and mouse with cybercriminals. New viruses and threats come out all the time, exploits and security holes are discovered that need to be patched, and everything needs to be applied to your hardware/software to keep you and your data safe. That’s why it is crucial to monitor and manage every device and endpoint on your network. Every workstation, router, access point, server, firewall, and security solution needs to be carefully monitored and kept updated. Solutions that become so old that the developer chooses to no longer support them need to be retired and swapped out. If this […]
Let’s Start with the Worst If you are interested in mitigating the risk that unauthorized access to your network can cause, you need to consider the worst-case scenario. The worst thing that can happen to any organization is to have their network breached and have their clients’ and employees’ personal and financial information stolen. This is on par with a fire ripping through your workplace or being caught up in a hurricane or tornado. It’s a slower death; and, with all the tools at your disposal today, it’s largely unforgivable, especially for the small business. Not only would you have to deal with the malware or attack that compromised this information, but you would also have to explain to your clients and employees that their personal, financial, and often medical data has been exposed. There is nothing that can deflate a company quite as fast as a data breach. You lose credibility, lose revenue, and soon, have to scale your business back just to stay alive. Then you are the company who laid off their workforce, further souring your reputation to potential talent. The slippery slope could all be avoided by instituting a comprehensive network security strategy, that includes software protection and training. What Needs to Happen to Avoid Tragedy A comprehensive network security strategy locks away the sensitive information behind stronger security solutions, like an enterprise firewall, making it harder to access if some unwanted entity does find its way onto your network. Additionally, you need to ensure that each member that has access to your company’s network has had threat awareness training. Teaching them about the threats that come from letting unauthorized actors onto your business’ network, can go a long way toward helping you avoid negative situations. We get how tough it can be on a business to invest in their network’s security, but with all the threats out there today, you have no choice. If you would like to talk to one of our knowledgeable technicians about how to implement network security that is right for your organization, call SRS Networks today at (831) 758-3636.