Security

How An End User Might Accidentally Undermine Your Security

July 28, 2016

Michael Menor is Vice President of Support Services for Tech Experts.

If you’re like every other small business out there, you know that the more employees you hire, the more technology that you have to procure. However, when you have more end-users, you provide more avenues for threats to slip into your network infrastructure unnoticed.

When all it takes is one simple mistake from a single end-user, how can you minimize the chances of falling victim to an untimely hacking attack? We’ve put together a list of honest mistakes that any end-user can make – and how they can be prevented.

Clicking on malicious links
With so much information on the Internet, it’s easy for an employee to search through countless pages without any regard to the sites and links that they’re clicking on.

You need to emphasize the importance of safe browsing, including double-checking the destination of a link before clicking on it. You can do so by hovering over the link and looking in the bottom-left corner of your browser.

Using weak passwords
Employees frequently use passwords that aren’t strong enough to keep hackers out. Often times, they’ll simply use something of personal significance, like the name of their pet or a specific date.

This isn’t the right way to approach password security. Instead, users should attempt to put together passwords that are private, randomized strings of numbers, letters, and symbols.

Losing unencrypted devices
It’s not unheard of for an employee to use company devices in public places. If they accidentally leave their smartphone on the bus or their tablet on a park bench, there’s always the risk that it can be stolen.

Unless you practice proper encryption protocol, any information available on the device can be accessed by the person who finds it, be it a good Samaritan or a tech-savvy thief.

Implementing unapproved solutions
Some employees simply prefer to use solutions that aren’t provided by the company to get their work done. The problem here is that the employee is moving forward without consulting IT about it and that your data is being used in a solution that you can’t control.

Plus, if the employee is using free or open-source software, these often come bundled with unwanted malware that can put your data in even greater peril.

Personal email use
It’s one thing to check your personal email account while at work, but another entirely to use your personal email account to perform work purposes.

As the recent debacle with Hillary Clinton shows, people don’t take kindly to sensitive information being leaked via an unsecured email server that their organization has no control over.

Add in the fact that personal email accounts are often not as secure as those in a professional productivity suite and you have a recipe for disaster. You need to reinforce that your team should keep their work and personal email separate.

Leaving workstations unattended
Besides the fact that some tech-savvy employees are practical jokers, it’s a security risk to leave a workstation unlocked and unattended for long periods of time.

Imagine if someone from outside of your organization walked into your office and accessed confidential files without authorization; that’s on the employee who got up and left the device unattended.

Encourage your employees to always log off of their workstations, or at least lock them, before stepping away from it. User error is a primary cause for concern among businesses, but it can be mostly avoided by providing your staff with the proper training. For more information on IT best practices, give us a call at (734) 457-5000.

Major Password Breach Uncovered

June 27, 2016

Some people collect antique trinkets while others collect more abstract things like adventures. There’s someone out there, however, collecting passwords to email accounts, and yours just might be part of that collection. To date, it has been estimated that over 273 million email account passwords have been stolen by a person or entity now called “The Collector.” This criminal feat is one of the largest security breaches ever, and the passwords have been amassed from popular email services, including Gmail, Yahoo!, and AOL.

It is unclear exactly why “The Collector” has procured so many email passwords, aside from the fact that the individual is trying to sell them on the dark web. The puzzling part of this, however, is that the asking price is just $1. So, the hacker may only be seeking fame for achieving such a large-scale feat.

The email account credentials may have more value in being used in an email phishing scam, but it’s impossible to know the cybercriminal’s intentions as this point. While potentially having your email hacked doesn’t sound like that big of a threat, there are multiple ways in which this information could be used for harm.

The most notable risk is that the login information may be used to access other accounts; many people use the same username and password for their emails accounts as other ones, such as for online banking. So, there is far more value in this large collection than just the asking price of $1. To protect yourself, security experts advise you change your password immediately.

Protecting Your Business From DDoS Attacks

May 26, 2016

Thomas Fox is president of Tech Experts, southeast Michigan’s leading small business computer support company.

A Distributed Denial of Service (DDoS) attack prohibits access to a computer resource. This kind of assault rarely happens alone but rather occurs in waves once an attacker realizes they have been successful in the first attempt.

Using the same method of attack on a business’ computer system, such cyber-attackers can then overwhelm and suppress Internet facing websites and applications, which can greatly hinder the ability to conduct business as normal.

In order to safeguard against DDoS attacks, small businesses must first recognize they’re potential targets, especially since there has been a recent rise of such assaults on small businesses in the past year.

While the motivation behind such an assault can be difficult to understand, they happen for a wide variety of reasons. Attackers may seek to hold systems hostage in an extortion attempt, or the attack may not be motivated by the prospect of financial gain at all. [Read more…] about Protecting Your Business From DDoS Attacks

Do You Have A Blind Spot In Your Security?

May 26, 2016

Security is only as good as its weakest link — one blind spot and a company can be compromised. It is important that each aspect of a company’s security is understood and up to date.

With the following best security practices, it can be better understood what to be aware of and how to better advance a company’s security.

From remote hackers, to in-person social engineering, and even your own e-mail, there are different methods of attacks and means of defense to maintain a company’s integrity.

Physical Security
The basic defense that predates IT security is physical security. Locked doors, restricted access, and watch patrol are some of the oldest methods to prevent aggressive physical security breaches.

Technology has only made physical security even better with security cameras, alarm systems, RFID badges, and biometric systems that identify a person from their physical being. Having the appropriate physical security is key to preventing and deterring break-ins and stolen items.

Social Engineering
With the right words and story, some people gain access to compromising areas and information that can give a company a real bad time.

Without a physical break-in or even a computer, social engineering works against human psychology, finding the vulnerabilities of staff and workers to trick and deceive their way past security. The best way to defend from this is to have a strong and easily understood security policy that educates staff and workers not give out credentials and access to unauthorized personnel.

Phishing
Billions of emails are sent out every day — promising a vacation, warning people about their bank accounts, or asking for charity — that are entirely design to steal or compromise a person or company. Phishing targets everybody, asking for credit card numbers, asking a person to sign in to their account on a fake site, or taking something in other ways.

Do not open emails or download email attachments with suspicious or unknown origins. If an email looks odd or is too good to be true, call or check a website directly to confirm if an email is legitimate.

Clicking or falling for phishing could end with a stolen identity, stolen money, or a locked PC or network demanding ransom money. Be smart and wise about checking emails.

Hackers
There are people that spend most of their day trying to break security codes, finding software loop holes, and other abstract means to force their way through digital security to gain illegal access to computers.

There are just as many (if not more) people working together to prevent such people from ever gaining access with new security measures and patches. To protect a PC or a company from hackers, always update your security definitions on Windows and antivirus software. Knowing what software to trust and what updates are needed are important ensuring digital security. We at Tech Experts make it our business to keep digital security online and updated at all times, so that no one has to fall victim to the unseen security threat.

Being aware of these different security risk and knowing how to defend from them can give a strong basis in understanding and learning in what needs to be done to keep a company or person secure.

Security is always evolving and changing, but having a modern understanding with security in place can make the difference between a secure environment and a risky work place that could come to a grinding halt when security is breached. Be safe, be smart, and be productive with good security.

Don’t Pay A Ransom To Get Your Data Back

January 15, 2016

Requesting a ransom from victims is an unfortunate trend gaining momentum in the hacking world. This is typically done using ransomware (where hackers encrypt data and request money for the key) and distributed denial of service attacks (where hackers threaten to overwhelm a system with traffic, thus knocking it offline).

In both scenarios, hackers are looking for the victim to pay up…or else. Should they?

The answer should be obvious: absolutely not.

However, when a person’s valuable data becomes encrypted or they receive a legitimate threat to take down their servers, emotions often get in the way and they’ll end up “paying the piper.” Hackers know this, which is why their ransom methods employ fear tactics.

For example, ransomware like CryptoLocker will lock the user out of their computer while the screen displays a countdown to when their data will be deleted.

With DDoS attacks, a hacker may contact the victim mid-attack and promise to cease the attack for a fee. Both of these situations play straight into a person’s irrational fear, causing them to cough up cash.

Before reaching for your credit card to pay a hacker’s demands… stop, take a deep breath, and think objectively about the situation.

What guarantee do you have that these hackers will actually make good on their promise to turn over your data or cease the attack?

This guarantee is only as good as a hacker’s word, which is pretty worthless seeing as they’re, you know, criminals. Therefore, whatever you do, DON’T GIVE MONEY TO A HACKER!

By paying hackers money, you’ll only add fuel to the fire and help fund the spread of their devious acts.

Plus, there are several reported cases where a victim pays the ransom, only to still have their data deleted or the attacks on their site continue.

What’s it to them if they go ahead and follow through with the attack? They have your money, so who cares? It’s a classic case of adding insult to injury.

Need proof? There’s a recent example of this happening to ProtonMail, a Switzerland-based email encryption service.

On November 3rd, ProtonMail was threatened with a DDoS attack by the hacking group Armada Collective.

Like many companies would do, they ignored the threat, deeming it to not be credible. Soon afterward, their servers became overloaded to the point where they had to cease operations. After paying the ransom, the hackers continued the attack.

Now, consider your own situation. How much would it cost your company if you lost revenue for a full day of work, and you still had to make payroll?

For a medium-to-large sized company, losing a full day’s work would likely come to much more than a few thousand dollars. In fact, hackers understand how downtime can be so costly, which is why they feel justified asking for such an exorbitant fee.

What are you supposed to do if you were asked to pay a ransom by a hacker? The first thing you’ll want to do is contact the IT professionals at Tech Experts. We’re able to take an assessment of the attack to determine how bad it is and restore your data to a backed up version that’s not infected with malware.

When facing a hack attack, we can present you with all the options you can take – none of which will include paying a hacker money.

Yes, You Can Still Get Infected – Even With Anti-Virus

January 15, 2016

Scott Blake is a Senior Network Engineer with Tech Experts.

With the sudden release of a new variants of malware and ransomware such as CryptoWall, users are wondering why their anti-virus programs are not blocking the ransomware infection from infecting their computer.

As with many other forms of malware, the infection needs to exist before a cure or way to detect the threat can be created. This takes time and during this period of R&D, the malware spreads like wildfire.

While there are several forms and classifications of infections, there are basically only two different methods in which infections are released into your system: User Initiated and Self Extraction.

User Initiated infections are caused by a user clicking on a link within a webpage or email or by opening infected email attachment. Once opened, the malware is released and quickly spreads throughout your system.

Because the user manually clicked on or opened the link/document, most anti-virus programs receive this as an authorized override by the user and either internally whitelists the link/document or skips the scan.

CryptoWall is spread through this method, usually contained within an infected Word, Excel or PDF document. The creators of these programs take advantage of the programming of the document to hide the infection.

With the world becoming a paperless society, we are becoming more and more accepting of receiving and opening attachments sent to us through email. It has practically become second nature to just click and open anything we receive, regardless of any warning.

Self-Extracting infections are exactly what they’re named. These infections require no outside assistance to worm their way through your system, infecting as they go.

The number one method creators of this form use to place their software on your system is through “piggy back” downloads.

Piggy back downloads occur when you authorize the download and install of one program and other programs (related or unrelated to the original program) are automatically downloaded and installed with it. The most common way is by downloading programs promising to speed up your computer.

Infections can also exist on your system and lay dormant for long periods of time, waiting for the computer to reach a certain calendar day or time. These infections are called “time bomb” infections. Just like piggy back infections, they require no outside assistance to infect your system.

They are mostly found buried in the registry of the system or deep within the system folders. Because they are not active on the time of placement, most anti-virus programs will not detect them. Active reporting through toolbars is another means of becoming infected over time.

When a user downloads and installs a toolbar for their browser, they authorize at the time of install that it is okay to install and all of its actions are safe. However, most toolbars are actively scanning, recording, and reporting back to the creator. They also act have conduits for installations of other unwanted programs behind the scene.

If left unchecked, those additional programs can become gateways for hackers to gain access to your system and spread even more infections.

To help stop the spread of malware/ransomware such as CryptoWall and its variants, we need to become more vigilant in our actions when either surfing the Internet or opening email and attachments.

The best rule of thumb to follow for email is: if you don’t know the sender, or you didn’t ask for the attachment, delete it. As for websites, read carefully before you download anything and avoid adding toolbars.

Five Things Small Business Owners Need To Know About Identity Theft

November 24, 2015

We often hear about issues with personal identity theft, and the havoc it can wreak on your credit and reputation. Less discussed, though, is small business identity theft, and how it can affect your company. Here are five things business owners need to know.

Small businesses are liable for their bank accounts
If someone steals money out of your personal account, chances are your bank is going to cover that. But if a small business account gets drained, small business owners are on their own.

Banks typically won’t cover these types of losses. Sometimes, a computer crime endorsement on your business insurance policy is available, and may cover some of your losses. With nearly all banks offering online access to account information, experts recommend you regularly monitor your accounts. [Read more…] about Five Things Small Business Owners Need To Know About Identity Theft

Beware The Fake Microsoft Cold Calls

October 27, 2015

The phone rings and you don’t recognize the number or name on the caller ID. You pick up anyway and the caller tells you that they work for Windows Support or Windows Service Center and they are a Microsoft Certified Technician.

They go on to say they have received log files or have determined that your computer is infected and causing corruption throughout your Windows operating system.

They ask if you’re at your computer now and, if not, to go there. Once there, they walk you through how to open your Event Viewer and show you the Administrative Events under the Custom Views folder.

They are quick to point out all of the red circles labeled “Error” are all Malware infections. They then ask you to look at the number of events listed and they go on to advise this is the total number of infections currently on your computer.

The caller then says they can clean your system of all infections, but they will need to have remote access to the computer.

At this point in the call, most people have been thoroughly convinced by the voice on the other end of the phone that their system is indeed infected and needs to be cleaned. After all, the caller knew where to look for the so-called infections and they do sound like they truly want to help.

The Microsoft “employee” will even tell you that if you don’t let them remove the infections, the “hackers” that placed the malware on your system will have complete access to all of your information.

They warn that your identity is in jeopardy of being stolen. You must give them remote access to your computer. They are your only hope and you must trust them. After all, they say they work for Microsoft.

The fact of the matter is that the caller does not work for Microsoft in any capacity. They don’t work for any of their third party vendors nor any security firm that has been retained by Microsoft.

They are in fact the “hackers” attempting to convince you to give them access to your computer to infect your system and steal your data.

If you allow them remote access, they will start to install malicious programs on your computer. They’ll copy all of your information and, in some cases, encrypt your data.

They will tell you that that the infection is too severe for a “standardized” cleaning and you will need to pay money to have them install removal programs to clean the system.

In mid-2013, NBC News Technology reporter Frank Catalano, reported on receiving one such phone call himself.

After his ordeal with the fake Microsoft, Mr. Catalano contacted the real Microsoft. He received the following reply:

“In 2010, Microsoft began receiving reports of scammers making phone calls or sending emails to people,” replied a spokesperson for Microsoft’s Digital Crimes Unit. They advised that they had referred the cases to the Federal Trade Commission.

One very important thing to remember is that Microsoft (or any of its partners) will never cold call you. They will never ask for remote assistance. They will never ask for usernames and passwords.

If you have fallen victim to such a scam, disconnect your network cable and take your computer to a trusted service center or repair facility and explain in detail what happened as soon as possible.

For questions or advice on what to do about cold call scammers, contact Tech Experts at (734) 457-5000, or by email at info@mytechexperts.com.

Does Your Company Need An Internet Usage Policy?

July 27, 2015

With the growth and expansion of the Internet, it is important to make sure that your business has a policy in place to protect its assets.

Depending on your business, an Internet Usage Policy (IUP) can be long and drawn out or short and to the point.

An IUP will provide your employees with guidelines on what is acceptable use of the Internet and company network. IUPs not only protect the company, but also the employee.

Employees are informed and aware of what is acceptable when it comes to websites and downloading files or programs from the Internet.

When employees know there will be serious consequences for breaking the IUP, such as suspension or termination of employment, companies tend to notice a decrease in security risks due to employee carelessness.

You will need to make sure your IUP covers not only company equipment and your network, but also employee-owned devices such as smart phones and tablets. You may be surprised at the number of employees that feel they do not have to follow the IUP because they are using their own device to surf or download from the Internet.

Make sure you address proper usage of company-owned mobile devices. Your business may have satellite employees or a traveling sales force. Even when they are away, they need to be aware they are still representatives of the business and must follow the business IUP.

After all, it would not go over well if your sales staff was giving a presentation to a prospective client and suddenly, “adult content” ads popped-up on the screen because one of your employees was careless in their web habits.

The downloading of files and programs is a security risk in itself. Private, internal company documents and correspondence downloaded from your company’s network can become public, causing unrepairable damage.

On the same thought, employees downloading from the Internet open your company’s network up to malware attacks and infections.

There are a lot of hackers that prey upon the absent-minded employee downloading a video or song file by hiding a piece of malware within the download. Once the malware makes it into your network, there’s no telling what damage it can cause.

As for non-work related use of the company network and Internet, make sure your employees know there is no expectation of personal privacy when using the company’s network and Internet connection.

Make it well-known that the network and Internet are in place to be used for work purposes only. Improper use of the network can reduce bandwidth throughout the company network.

This includes all mobile devices owned by the company. This way, your employees know that no matter where they are they still must follow the guidelines of the IUP.

Make sure all of your employees sign the IUP and fully understand what it is they are signing. Make sure you answer any and all questions they may have.

This will help clear up any confusion your employees may have. This way, there can be no excuses as to why the IUP was broken.

Whenever you update the IUP, make sure you have all of your employees sign and understand the new additions and/or changes to the IUP. It may seem like overkill, but you’ll be glad you did if you ever run into any violations of your company’s IUP.

For assistance in creating Internet Usage Policies or if you have any questions, call the experts at Tech Experts: (734) 457-5000.

« Previous Page