Info Advantage Blog

You’ve heard it said that it’s a best security practice to routinely change your passwords. The idea here is that, if a password were stolen, then it would lose its value when the user goes to change it. While this sounds like solid logic, new research shows that it may actually be better NOT to change your passwords.

This may be a hard pill to swallow for IT administrators who have always required users to change their passwords every few months or so. However, seeing as this practice could make accounts less secure, it’s worth considering.

The idea behind this theory is that, whenever a user goes to change their password, they’re often rushed or annoyed and end up creating a new password that’s less secure. The Washington Post puts it like this: “Forcing people to keep changing their passwords can result in workers coming up with, well, bad passwords.”

Think about it, how often have you changed your password, only to change it from a complex password to one that’s easier to remember? Or, have you ever kept the same password and just added a number at the end of your new password? This covert move will do little to deter a hacker. Carnegie Mellon University researched this topic and found that users who felt annoyed by having to change their password created new passwords that were 46 percent less secure.

Plus, let’s consider the hypothetical situation of a hacker actually stealing your password. Truth be told, once they’ve gotten a hold of your login credentials, they’ll try to exploit the password as soon as they can. If they’re successful, they’ll pose as you and change the account’s password, thus locking you out of it. In an all-too-common situation like this, the fact that you’re scheduled to change your password at the end of the month won’t change anything.

Additionally, ZDNet points out yet another way that regularly changing passwords can make matters worse: “Regularly changed passwords are more likely to be written down or forgotten.” Basically, having a password written down on a scrap piece of paper is a bad security move because it adds another way for the credentials to be lost or stolen.

Whether you do or don’t ask employees to change their passwords is your prerogative. However, moving forward it would be in everybody’s best interest to focus on additional ways to secure your network, instead of relying solely on passwords. This can be done by implementing multi-factor authentication, which can include SMS messaging, phone calls, emails, and even biometrics with passwords. With additional security measures like these in place, it won’t matter much if a hacker stole your password because they would need additional forms of identification to make it work.

To maximize your company’s network security efforts, contact Info Advantage at (585) 254-8710.

Email is (and has been) a prime method of communication for businesses of all sizes. With email comes a whole slew of issues that are essentially synonymous with the technology; spam, information overload, phishing, and information privacy. Even Rochester small businesses that only do business locally are at risk of these issues. Personal email accounts are equally at risk. Employing proper precautions and practices whenever communicating via email is very important to prevent the risk of security compromises, monetary loss, and even legality issues.

Spam Inundation

If you've been using email for a while either professionally or personally you have almost certainly gotten email from people you don't know. Most of these emails are blatantly unwanted while others can look 'almost' legit, as if a real person is trying to contact you. Often (and unfortunately) spammers can get your email address when you put it online or use it to register for accounts on sites on the internet. The good news is standard spam protection is getting better these days, and more advanced spam protection is cost effective for businesses that need the extra layer of protection. Spam can cause a lot of harm for a business network if it isn't kept under control - spam can bog down email servers and eat up network bandwidth and plus it drastically slows down employee productivity because they need to sift through it all just to find their real email. If you and your staff are getting more than a few spam emails a day, contact us at (585) 254-8710 and ask about our anti-spam solutions.

Don't Open Attachments from Unsolicited Emails

This has been a golden rule for general email usage for a very long time. If you received an email from a stranger and there is an attachment, don't touch it. If you receive an email from a contact and there is an attachment, but anything is suspicious, don't touch it. This goes the same for links - if the email was unexpected and just seems fishy, it is possible your contact's email may have been compromised. Use your judgment on this, but remember it isn't your contact trying to trick you, they are merely the victim of a similar hoax from one of their contacts. If you have any doubt, simply reply or pick up the phone and ask them about it before continuing.

Keep your Computer Safe

Be sure to keep antivirus definitions up to date, and run scans regularly. Running adware and spyware removal software at regular intervals is important too. Be sure your Windows Updates are up to date as well. For businesses, you'll want to invest in network protection to keep external threats from leaking in. Even for small Rochester businesses, security and threat management is important to keep operations running smoothly and to prevent expensive downtime and data theft.

Don't Rely on Email for Storage

Everyone has done this at least once; you are working on a report or document on one computer and you email it to yourself in order to pull it up on another computer. That's fine as long as you mind your inbox capacity, but you shouldn't rely on email for storing files, not even as a reliable backup. Imagine having to painstakingly pick through all of your email to restore your most important files. It doesn't sound like a good idea now, does it? On top of that, email isn't any less prone to data corruption or loss than any typical storage solution, and unless the server hosting your email is backed up with a reliable solution, it could be here today and gone the next.

Encrypt Sensitive Data

If you send sensitive data to other recipients, you will want to consider email encryption. Some industries require this. Email encryption simply scrambles the message while it is being sent, and depending on what type of encryption, will descramble itself or allow your recipient to log in to a secure location to view the data. Although email encryption services vary, most of them are very cost effected especially when put beside the risks of sensitive data getting leaked and stolen. Give us a call at (585) 254-8710 to learn more about email encryption and what solution is right for your business needs.

You’ve heard it said that it’s a best security practice to routinely change your passwords. The idea here is that, if a password were stolen, then it would lose its value when the user goes to change it. While this sounds like solid logic, new research shows that it may actually be better NOT to change your passwords.

This may be a hard pill to swallow for IT administrators who have always required users to change their passwords every few months or so. However, seeing as this practice could make accounts less secure, it’s worth considering.

The idea behind this theory is that, whenever a user goes to change their password, they’re often rushed or annoyed and end up creating a new password that’s less secure. The Washington Post puts it like this: “Forcing people to keep changing their passwords can result in workers coming up with, well, bad passwords.”

Think about it, how often have you changed your password, only to change it from a complex password to one that’s easier to remember? Or, have you ever kept the same password and just added a number at the end of your new password? This covert move will do little to deter a hacker. Carnegie Mellon University researched this topic and found that users who felt annoyed by having to change their password created new passwords that were 46 percent less secure.

Plus, let’s consider the hypothetical situation of a hacker actually stealing your password. Truth be told, once they’ve gotten a hold of your login credentials, they’ll try to exploit the password as soon as they can. If they’re successful, they’ll pose as you and change the account’s password, thus locking you out of it. In an all-too-common situation like this, the fact that you’re scheduled to change your password at the end of the month won’t change anything.

Additionally, ZDNet points out yet another way that regularly changing passwords can make matters worse: “Regularly changed passwords are more likely to be written down or forgotten.” Basically, having a password written down on a scrap piece of paper is a bad security move because it adds another way for the credentials to be lost or stolen.

Whether you do or don’t ask employees to change their passwords is your prerogative. However, moving forward it would be in everybody’s best interest to focus on additional ways to secure your network, instead of relying solely on passwords. This can be done by implementing multi-factor authentication, which can include SMS messaging, phone calls, emails, and even biometrics with passwords. With additional security measures like these in place, it won’t matter much if a hacker stole your password because they would need additional forms of identification to make it work.

To maximize your company’s network security efforts, contact Info Advantage at (585) 254-8710.

Details for a security vulnerability thought to affect almost every Intel processor made in the last decade have recently been released, and the outlook is not good. While there are updates on the way to fix the flaws, experts believe that a patch may slow down computers by up to 30%.

According to The Register, where the information was first publically released, the Intel vulnerability allows hackers to access areas of the computer that shouldn’t be reachable. The flaws, known as Meltdown and Spectre, directly affects the kernel memory of the Intel chip.

Meltdown breaks the isolation between applications and the OS, allowing hackers to access the memory of programs and the OS itself. Spectre breaks the isolation between different applications down, allowing a hacker to trick error-free programs to leaking information.

These flaws allow apps to detect and read the operating system codes, look into other app’s memory banks, or even leak personal information such as passwords, login information, files, and more.

The patch will make the affected kernel completely invisible, but this comes at a price. According to The Register, making the kernel invisible would add a new process that will increase its overhead, slowing down the computer.

Since the problem is with the hardware itself, nothing short of an OS-level fix will be required for the affected operation systems, including Windows, Linus, and Mac. So far Windows has released an emergency patch for Windows 10, with patches for Windows 7 and Windows 8 to come next week. However, there seem to be some issues caused by some anti-virus softwares that can result in bluescreen errors.

Apple says they have also addressed the majority of their flaws with their last OS update, and they are currently testing new tweaks for their next update. Linux developers have also created a set of patches.

In addition to operating systems, many cloud services companies will need to release updates in order to keep themselves protected against the vulnerability. Microsoft Azure, Amazon AWS, and Google Cloud Platform have all reported that they are working on implementing new updates to bulk up security against Meltdown and Spectre. However, they have all stated that the impact of proposed update and have found that they have very little affect on performance in their benchmark tests.

If you want to know more about how these vulnerabilities may affect you and your business, call us at (585) 254-8710 to learn more about how you can strengthen your technology security.

The public internet is vast, with over one billion websites already established, and more and more created every day. While being connected to the internet has its undeniable benefits, there is also a constant threat that puts our sensitive information at risk: hackers. These cyber criminals will do anything they can to try and steal your personal information, and once they have it, it can be difficult to recover. Luckily, there are a few simple methods every internet user can utilize to keep themselves safe from a hack attack.

Enable Two-Factor Authentication Where Available

Many popular sites such as Facebook, Twitter, and Ebay are now embracing an extra layer of login security with their two-factor authentication methods. This process is activated when you try to login to your account using a device that isn’t recognized by the site. In order to confirm your identity, the user will get sent an authentication code through a verified contact point such as email or text message. This ensures that no un-recognized source can access your information unless they also had access to your second form of contact.

Secure a Site Using HTTPs

These days we don’t often type out the full website address we are looking for, as most browsers will automatically fill in the correct address or send you to a search engine to point you in the right direction. However, there is a hidden benefit to typing out an address, and it can be as easy as adding a single letter. When adding a ‘s’ to the end of http (hypertext transfer protocol,) the browser will encrypt any and all information sent between the server and the user. While many modern browsers add the ‘s’ to a site’s address on their own, you can ensure that you’ll always have a secure connection by downloading apps or programs that will automatically make the switch for you.

Keep Browsers and Devices Updated

Typically, updates are direct responses to issues or vulnerabilities that have been discovered on your program or device. Therefore, it is critically important that you always run trusted updates as quickly as possible. Outdated versions of browsers or mobile operating systems are often an easy entry-point for hackers, allowing them to exploit the known security holes. If you’re not sure whether or not you’re completely updated, many browsers and operating systems have a service that will automatically update as soon as new versions are released.

Worried about the safety of your sensitive data being sent over the public internet? Contact Info Advantage today at (585) 254-8710 to speak to a security professional about how you can strengthen your network security!

The WannaCry ransomware attack was created by hacking amatures who copied from a famous hacker group known as the shadow brokers. While WannaCry is no longer a threat with the latest security update, a recent announcment shows that the hacker group is going to continue to release dangerous security exploits for anyone to use, at the right price.

Who are the ShadowBrokers?

There are a few theories about who makes up the membership of the ShadowBrokers group. These theories range from official National Security Agency employees to Russian spies. However, all these theories are based on unreliable information, so not much is actually known about the group. The only thing known for certain is that the ShadowBrokers use social media to sell cybersecurity secrets to amatures.

What do they sell?

The ShadowBrokers’ first started to auction off security secrets in August of 2016. They promised the highest bidder would receive cycbersecurity vulnerabilities that work just as well as government cyber weapons. Over the next year, the ShadowBrokers used a variety of different means to sell their secrets: auctions, crowdfunding, and direct sales. In April of 2017, their fifth release of information went public, which included the ETERNALBLUE Windows vulnerability that allowed WannaCry to infect over 300,000 computers in a single day.

The Latest Release

The ShadowBrokers have recently announced a subscription service that would include access to bi-monthly security exploit releases in early September 2017. The first package they sold included an NSA exploit titled UNITEDRAKE, which allows hackers to remotely monitor or control a computer running any Microsoft OS between Windows XP and Windows 8.The exploit can also discreetly record audio from your microphone, video from your webcam and anything that is typed on the keyboard. It can also remotely remove itself from the target computer, leaving no signs of a breach.

How to protect yourself from ShadowBrokers releases

Luckily, all the security exploits that the ShadowBrokers have released targeted older, outdated versions of software.The best way to protect your computers is make sure your operating system is properly upgraded and patched. Advanced network monitoring can detect suspicious activity, but that requires a significant amount of time and IT knowledge, making it difficult for small- to medium-sized businesses who usually don’t have the resources to handle around-the-clock maintenance. This is where Info Advantage can help.

If you are worried about the ShadowBrokers releases, or have any other cyber security concerns, contact Info Advantage today at (585) 254-8710 today to learn more about how we can help keep your network safe.

How safe is your company’s data? According to a new survey released by tech giant Dell, there’s a large chance that it’s not very secure at all. The statistics revealed by the survey are dismaying, with the survey’s key finding was that 35 percent of employees report that it’s common practice to take proprietary company information when leaving their firm.

As bad as that is, the rest of the statistics in Dell’s survey were even worse. About 36 percent of employees regularly open emails from unknown, untrusted sources, making them extremely susceptible to threats such as phishing attacks.

Forty-five percent of employees admit to engaging in behaviors they know to be unsafe from a cybersecurity standpoint, including; using personal email accounts for work, misplacing company-issued devices and connecting to public WiFi to access confidential or proprietary information.

In addition, 72 percent of employees reported being willing to share proprietary, sensitive or confidential information under certain circumstances.

All of this paints a stark picture of a problem with no easy solution. The old saying is true; your employees are your greatest asset, and also your company’s biggest threat.

It’s easy, for example, to say that better employee education is the answer. While the exact scope and scale of the problem may not have been known before, it’s certainly no secret that phishing attacks aimed at rank and file employees have been a longstanding problem. To this point, few companies have bothered to attempt to better educate their employees.

Worse, the few that have haven’t seen much of an improvement.

In a similar vein, it would be easy to make the blanket statement that having a robust data policy in place would go a long way toward alleviating the problem. However, talking about it and actually developing and implementing such a policy has, at least to this point, proven to be a daunting undertaking.

Since the 1950s, the term 'hacker' has been vaguely defined as someone who explores the limits of technology by testing them in as many different ways they can. But by the 1980s, the term ‘hacker’ became associated with users who were caught breaking into government and other private computer systems, leaving the word with a negative reputation. Today, several pioneering ‘hackers’ run multimillion-dollar cyber security consulting businesses aimed to help protect the average technology user from attacks. So what should you call someone who uses their knowledge for good?

“White hat” hackers

Also known as ‘ethical hackers’, or ‘network security specialists’, these hackers are the heroes of the hacker name. Whether it’s selling what they find to hardware and software vendors in “bug bounty” programs, or working as full-time technicians, white hat hackers are just interested in testing technology and protecting users. Linus Torvalds is a great example of a white hat hacker. After years of experimenting with the operating system on his computer, he finally released Linux, a secure open-source operating system.

“Black hat” hackers

Closer to the definition that most people outside the IT world know, black hat hackers aim to create software and other technology campaigns with the purpose of causing damage. These attacks have a variety of different goals; such as financial harm in the form of ransomware to digital vandalism. Albert Gonzalez is one of the most infamous black hat hackers. In 2005, he organized a group of individuals to compromise poorly secured wireless networks and steal information. He is most known for stealing over 90 million credit and debit card numbers from TJ Maxx over the course of two years.

“Gray hat” hackers

A sort of ‘in-between’ of the other categories, a ‘gray hat’ hacker does the majority of their work on the internet. This anonymity affords them opportunities to try their hand at both white hat and black hat hacking. Today, there are quite a few headlines making the rounds describing Marcus Hutchins as a gray hat hacker. Hutchins became an overnight superstar earlier this year when he poked and prodded the WannaCry ransomware until he found a way to stop it. During the day, Hutchins works for the Kryptos Logic cybersecurity firm, but the US government believes he spent his free time creating the Kronos banking malware. He has recently been arrested and was branded as a ‘gray hat’ hacker.

The world of cyber security is far more complicated than the stylized hacking often seen in Hollywood movies. Internet-based warfare is not as simple as good guys vs. bad guys, and it certainly doesn’t only aim for big money targets. If you need a team of experienced professionals to help you tackle the complexities of modern cyber security, call Info Advantage today at (585) 254 – 8710.

On Friday, May 12, a cyber-attack was launched that affected over 300,000 computers in roughly 150 countries. The attack, a ransomware worm known as WannaCry, affected nearly every major industry; including healthcare, government, and privately-owned businesses.

The attack began in Europe and continued to spread across the globe, reaching targets in China, Japan, and even reaching across seas to the Americas. Once hit with WannaCry, the worm encrypts all the files on an infected device, prompting the user to pay $300 in order to regain access to their files.

Since the attack spread, the hackers are thought to have gained about $80,000 in bitcoins from WannaCry victims. However, that number is not expected to rise much higher, as many technology companies have already implemented measures to block the attack. In fact, Microsoft had already had a vulnerability patch in place in March, months before WannaCry was released.

So how was WannaCry able to affect hundreds of thousands of devices while there were already measures available to block the attack? The answer lies within an affected company’s technology infrastructure. While the patch by Microsoft was originally released in March for Windows XP systems, many businesses completely overlooked the upgrade. This left them wide open for an attack, making them easy targets with well-known vulnerabilities.

However, we cannot be so quick to blame the IT departments of the affected businesses, particularly those with complex technology infrastructures. For example, many health care service providers in the UK were affected due to a reliance on older versions of operating systems. This is due in part to the variety of third-party medical equipment that health care providers rely on to do their jobs. This equipment can often be difficult to upgrade or patch, and can only be replaced if the budget allows for it. In many cases, companies will choose to spend their dollars on other IT necessities.

What can businesses do to protect themselves from WannaCry and other similar cyber-attacks? Security experts state that the best way to combat these attacks is to keep your technology updated and your employees aware of potential threats.

A good way to gauge your company’s vulnerability is to perform a threat and vulnerability tests. These tests will give a company insight into how many employees would fall for an attack by sending out a fake phishing scam. Once the data is collected, a company will have a better idea of what kind of vulnerabilities they have, and how they can train their employees to avoid them.

Experts also suggest that companies keep as up-to-date on their software as possible, and urge them to consistently check for updates or patches. While an update might not seem imperative, hackers are constantly on the lookout for newly discovered vulnerabilities to exploit. By creating a consistent update schedule, companies can be sure that they are protected from future attacks.

Don’t have the time to constantly check for software updates? Not sure if your company is up-to-date with the best possible cyber security plan? Contact our security experts at Info Advantage by calling (585) 254-8710 today to talk about how you can protect your business’ assets.

With the rise of the age of the Internet of Things (IoT), more and more everyday devices are becoming connected to the web as a means to make a more personalized product experiment. Today, we have IoT connected watches, televisions, and even kitchen appliances like refrigerators or coffee makers. As convenient as these devices can be, they can pose a serious threat to a user’s personal information if the security behind the device is lackluster. Such is the case with CloudPet, a IoT connected stuffed animal that lets children and their loved ones communicate with each other through an app, which exposed the personal data of thousands of accounts.

CloudPets are made by Spiral Toys, a company based in California that specializes in toys that connect to the internet. The concept behind the toy is that a child can communicate with their parents or loved ones who are far away. The toy is connected to an app, which allows the connected party to record voice messages to send to the child’s CloudPet. The CloudPet then allows the child to send a voice recording back, which can be played through the app.

On February 28, 2017, security researcher Troy Hunt posted a blog about how the data from CloudPets stuffed animals had been leaked and ransomed, potentially exposing these recordings. Hunt found that several parties had reached out to CloudPets and their parent company Spiral Toys about the breach, yet had received no response. With some help of members on his site, Have I Been Pwned?, Hunt was successfully able to access the user photos and voice recordings. While there were no recordings or photos on the exposed database, the leakage did contain sensitive data that could easily compromise an account.

According to the CloudPet’s site, the breach was caused when CloudPet’s user data was temporarily moved to a new database software. In December of 2016, third party developers moved CloudPets data to a temporary database in order to make upgrades to the CloudPet’s app. During the time, the database software that was used had an exploit that hackers would use to hold data for ransom. While CloudPets claims that no voice recordings were accessed, they do admit to the leakage of email addresses, usernames, and encrypted passwords. However, there were no password strength rules before the breach, so a hacker could still easily access thousands of those compromised accounts.

Since the breach was made public on February 22, the CloudPets app required all users to reset their passwords, and created new password security requirements to ensure the new passwords are more secure. They also recommend that users create a unique password for every application or site, and advise them not to use “easily guessable” passwords.

Many hackers rely on their ability to trick users into giving up information or control of their technology. As technology advances, hackers continue to find new and updated ways to gain access to user accounts. One scam in particular, known as homographs, has seen an increase of popularity as of late.

What are they?

Homographs are a phishing strategy that is used to disguise a hyperlink to look like a legitimate, secure website. Scammers are able to use these attacks due to the way that many browsers interpret URLs with characters from another language. An example of this can be found with Russian Cyrillic letters, many of which look similar to English letters. To account for this, browsers utilize basic translation tools so a user can still access a legitimate website using non-English characters by translating the address into a series of English letters and numbers.

How do hackers use homographs?

Hackers are able to take advantage of homographs by using letters from another language that look identical to letters of the English language. They create a URL that looks identical to the legitimate site, but once clicked it will automatically take you to a compromised site where your data can be at risk. This attack works because users won’t be able to see that the URL is not legitimate until it is too late, as once they click the link they will most likely be infected by malware.

How can I protect myself?

While many browsers have created fail-safes to combat this issue, there are still many browsers that are left unprotected. Even those that do use the fail-safes can be easily tricked, so it’s up to the user to prevent the attack. Be conscious of every link you click, and never open up a URL that you cannot verify. This means any URL in an unknown email address, or a pop-up ad that claims to be a legitimate company. The best way to avoid homograph attacks is to always manually type in the web address.

Want to know more about how to prevent cyberattacks? Contact Info Advantage at (585) 857-2644 to talk to our security and technology professionals today.

If you’re an avid online shopper, you know the struggle of having to fill out your information each and every time you want to make a purchase. For many, autofill is a way to save time when shopping online. While this feature is convenient, it can also put your data directly into the hands of cybercriminals if a user isn’t careful.

How They Do It

Hackers are able to use autofill to their advantage by adding hidden fields in a sign-up form. These fake sign-up forms try to trick users into giving up more information than they think they are. The form may seem to only ask for a name or email address, but can secretly also take any other information that has been saved in a browser’s autofill. This could include information such as a billing address, phone number, credit card number, security codes, and other sensitive personal data. While this method of attack isn’t necessarily new, whitehat hackers have had trouble finding effective ways to counter the threat.

Prevent an Autofill Attack

Autofill attacks can happen to nearly any user on any browser that has autofill enabled. However, browsers such as Chrome and Safari are particularly prone to these types of attacks, as autofill comes pre-configured when the browser is first downloaded. To avoid these types of attacks, experts suggest using a browser without autofill, such as Firefox. If you want to stick with Chrome or Safari, you may want to consider disabling the autofill feature. If you enjoy the convenience of autofill, make sure you only utilize the feature on sites that have been marked as secure. Otherwise, it’s advised that you take the time to fill in each field by hand to avoid giving information you don’t want to give.

Worried that your sensitive data might be at risk of leaking? Call Info Advantage at (585) 254-8710 today to talk to a security expert about how you can keep your private data safe.

Congress recently voted to do away with Obama-era regulations that were intended to protect consumer data from being sold to advertisers without the user’s consent. As of April 4^th, President Trump has officially signed the legislation that will dismantle the internet protection that had originally been approved in October 2016.

What Was Voted On?

Congress voted on whether or not to keep a set of Internet privacy rules approved back in October during the end of the Obama administration. The measure, which was passed by a 215-205 vote according to NBC News, blocks the FCC from being able to enforce new privacy rules that had been passed last year by the Obama administration last year before the election. The legislation, which was recently signed by the President, also bans the FCC from issuing any similar online protections in the future.

What Information Can Be Bought?

The original policy would have banned Internet providers from collecting, storing, sharing and selling user information. They would be allowed to collect and sell information such as your web history and app usage, according to The Washington Post. The rules also required Internet providers to use stronger security safeguards to protect customer data against hackers. Now that the policies have been brought down, providers are able to monitor their customer’s online activity and use the data they’ve collected to create highly targeted ads. It also allows them to sell the information to advertisers, financial firms, and other for-profit companies.

How Can I Protect My Data?

As of now, there are no real changes being made to the Internet security policy, so not much is expected to change right away. However, experts suggest a few methods that users can use to keep their data to themselves. First, security experts suggest that you use a virtual private network, or VPN. VPNs will hide your location so they cannot verify your identity, and hides your Internet traffic so that no one will be able to see your browsing history. Security professionals also suggest that users make use of HTTPS sites, which ensure users that their data is secure and will not be shared.

Contact Info Advantage today at (585) 857-2644 to learn more ways you can protect your personal data from being shared or sold.

As more people gain access to their own smart devices, the environment is changing around the globe. The vast adaptation of the mobile device has allowed individuals to stay connected at any time, and the world is shifting to accommodate the newest wave of technology. For companies, this means the ability to do business anywhere at any time, especially when paired with cloud capabilities. Bring your own device (BYOD) allows businesses to stay connected to their work without having to physically be in the office, making it a popular option for modern businesses. However, with a BYOD policy comes some risk. Here are all the things you should be aware of when considering a BYOD policy.

Data Leaks

One of the major issues that many companies have with BYOD policies is the real possibility of data leaks. With a secured, physical workstation, it’s easy to closely monitor all activity going in and out of your network. However, most handheld devices don’t have anything near the amount of security found at a typical workplace. This means that the device won’t be connected to the company firewall and security programs the second they leave the office. This can leave your data vulnerable if they plan to do work in a public place.

Lost Devices

One of the issues that comes with the convenience of mobile devices is the ability to lose them, a problem that had previously not been an issue with the physical workstations. When a device is lost, there is a chance that it could end up into the hands of someone who will use the data to gain something, such as money through extortion or valuable information. You’ll want to make sure that any device that carries sensitive information can be remotely wiped, and that they all have some fort of PIN or password for protection.

Malicious Software and Hackers

Since mobile devices don’t have as much security as your typical workstation, many lack the proper data encryption to keep all the information secure. This can often result in issues with hackers, who may lurk at public Wi-Fi spots to root out sensitive information. This also leaves the open to viruses, which are a major issue with BYOD policies. If an employee wants to bring their own device, you’ll want to make sure they understand the risk not only for your company, but for their personal lives as well.

Want to implement BYOD but you aren’t sure what security measure you will need to keep your company data away from prying eyes? Contact our Info Advantage today at (585) 254-8710 to learn more about how you can get technology to work for you.

These days you can’t go anywhere on the Internet without hearing about some sort of data breach. With cyber-attacks on the rise, many companies are trying a new approach to data security; proactive security plans. These plans focus on preventing data breaches, rather than reacting to an attack as it happens.

Understand the Threats

Knowledge is one of the most important tools used to fight against data breaches. Before you’re able to work towards creating a system that prevents cyber-attacks, you need to make sure that everyone involved knows what threats they are dealing with. Companies should take the time to review the different attack types that are common in their particular industry, and should have a meeting with whoever handles their IT at least twice a year to make sure they are up-to-date on the newest threats.

Map Out Your Protection

After you create your list of major attack types you want to look out for, you will need to map out your company’s technology environment to see how these attacks could threaten each individual piece. This includes any device that connects to the Internet, what services are currently protecting those devices, and the type of data they have access to. This will give you a better picture of what areas need more attention.

Create a Security Baseline

Once you get a better understanding of the current threats and how they apply to your IT environment, it’s time to create a baseline for your company security. This can be done by creating a variety of different real-life scenarios, and testing them out on your current network. This will help you to discover the strengths and weaknesses of your network.

Once you have your system mapped out, it’s time to implement your security plan. These plans will allow you to focus on preventing things that cause data leaks or downtime, rather than reacting to issues as they come along. This will lead to an increase of productivity and efficiency.

If you’re looking to buff up your security, don’t wait any longer! Call Info Advantage at (585) 254-8710 to speak to a security professional about how you can prevent potential cyber-attacks.  

Does the U.S. Constitution allow the American government to access the electronic devices of its citizens? According to FBI Director James Comey’s statements at Symantec’s Annual Government Symposium, it certainly does.

This situation was birthed from the tussle between Apple and the Federal Bureau of Investigation after Apple refused to grant the FBI the information necessary to unlock an encrypted iPhone linked to a terror case. In the end, the FBI managed to unlock the device without assistance from Apple after threats of lawsuits and other unpleasantries were thrown around.

Reacting to this issue, as well as the trend towards more encryption in mobile devices causing complications during investigations, Comey clarified the bureau's stance on the privacy of the American citizen. Conceding that there is a reasonable expectation of privacy in houses, vehicles, and mobile devices, Comey asserts that there are other considerations to take into account to justify revoking that expectation, going on to say: “With good reason, the people of the United States--through judges and law enforcement--can invade our public spaces."

This statement, however, begs the question: how does a personal device really qualify as a public space? Again, according to Comey, it does in the U.S. “Even our memories are not absolutely private in the United States,” Comey said. “Even our memories are not absolutely private in the United States. Even our communications with our spouses, with our lawyers, with our clergy, with our medical professionals are not absolutely private. A judge in certain circumstances can order all of us to testify about what we saw or remembered or heard. There are really important constraints on that, but the general principle is one we’ve always accepted in the United States, and it’s been at the core of our country. There is no such thing as absolute privacy in America. There is no place outside of judicial authority.”

Comey also made a point of saying that, while the FBI has no business telling American citizens how to live and govern themselves, the tech companies have no business doing so either. This came as a direct response to the open letter many tech company higher-ups signed last April that demanded the US government end the mandates that would require access to encryption keys for the interests of law enforcement and national security.

Naturally, these Silicon Valley leaders don’t agree with Comey, and neither do all of his peers. Nuala O’Connor, who holds the titles of president and CEO of the Center for Democracy & Technology as well as the first Federal Chief Privacy Officer for Homeland Security, had little good to say about the ideas of her respected peer. According to O’Connor, “He could not be more wrong on encryption.”

What are your thoughts on Director Comey’s views? Do you think any government has the inherent right to access a digital device--arguably invading the privacy of the citizen--even if it's ultimately for the greater good? Share your thoughts in the comments, and be sure to keep checking back to Info Advantage’s blog.

A company known as River City Media (RCM) has accidently leaked the email addresses of 1.37 billion users due to the failure of setting up a password protection on their remote backup storage. In addition to email addresses, the database also included thousands of real names, IP addresses, and even physical addresses. In all, some 200GB of data had been exposed for several months, leaving it vulnerable to cyberattacks.

The leak was found by Chris Vickery, a security researcher for MacKeeper. In his blog post published on Monday, March 6, Vickery explains that MacKeeper worked closely with CSOOnline and Spamhaus after the discovery of the files in January. Vikery and his team were able to trace the files back to RCM, a notorious spam operation.

“RCM masquerades as a legitimate marketing firm while, per their own documentation, being responsible for up to a billion daily email sends,” says Vickery.

Vickery believes the company was able to obtain the almost 1.4 billion email addresses through offers such as credit checks, sweepstakes, and education opportunities. There is also evidence that similar spam companies also contributed to the list. While some percentage of the user may have fallen for RCM’s spam offerings, Vickery also suggests that the company used a variety of more advanced techniques to lure users to give up their email address.

“One is called co-registration,” explains Vickery, “That’s when you click on the “Submit” or “I agree” box next to all the small text on a website. Without knowing it, you have potentially agreed your personal details can be shared with affiliates of the site.”

The leak is blamed on a failed remote backup attempt, which left a ‘snapshot’ of the company data from January 2017 exposed to the internet. Anyone who found the data would be able to access internal chatlogs, emails, and the 200GB email collection RCM had acquired. According to Vickery, the failure was due to RCM failing to put a password up on their repository, leaving it poorly secured.

Since the release of the break, Spamhaus has blacklisted the entirety of RCM’s infrastructure. The research team working on the case have also reached out to law enforcement agencies about the data leakage and suspected illegal spamming.

Putting security and proper backup on the back burner can cause serious damage. Don't let your company fall pray to the thousands of threats that lurk just a click away. Contact Info Advantage today at (585)  254-8710 to speak to a technology consultant about your security and backup environment.

SonicWall recently released their 2017 Annual Threat Report, which takes a look into the technology security trends in the upcoming year. In the report, SonicWall carefully observes and analyses the technology threat landscape from the last year and uses it to predict how it will continue to change in the future. Here’s a brief summary of their most important findings for 2017, and what it means for modern business.

Point-Of-Sale Malware Declining

With the integration of chip-based POS systems, hackers are finding it more difficult to steal sensitive information through POS malware attacks. The chip readers allow the transaction to be approved by creating a unique code that cannot be used again, as opposed to the traditional magnetic strip that uses the same code each time it is swiped. Thanks to the integration of the chip-reader, along with stronger legal guidelines, SonicWall observed that the number of new POS malware has decreased by 88 percent since 2015.

Website Encryption on the Rise

As web traffic continues to grow exponentially, users want to ensure that their data is kept safe. Due to this, many websites are opting to use Secure Sockets Layer/Transport Layer Security (SSL/TLS) encryption to protect sensitive user data. SSL/TLS encryption is represented by a lock and HTTPS URL, rather than the standard HTTP URL. This ensures the user that their information is safe, and is only being sent to the intended recipient. SonicWall believes the trend towards SSL/TLS encryption is due in part to the growing trend of cloud applications. They expect the trend to continue into 2017, and believe that SSL/TLS traffic will account for 75 percent of online interactions by the year 2019.

Ransomware Becoming More Popular

Ransomware was by far the most popular security attack in the previous year, with an increase from 3.8 million attacks in 2015 to 638 million in 2016. According to SonicWall’s Global Response Intelligence Defense (GRID), $209 million in ransom had been paid by affected companies by the end of the first quarter. The growth was most likely driven by the increased access of ransomware as the ransomware-as-a-service (RaaS) industry expanded. This allowed individuals to purchase a ransomware pack without requiring the necessary coding skills needed to launch an attack. The most common attack is known as Locky, and is often attached to emails as disguised as a Microsoft Word invoice. As the RaaS industry continues to grow, SonicWall’s GRID suggests that all organizations backup their data continuously to a backup system that isn’t always online, or uses authentication.

Internet of Things Devices Compromised

The recent advances in technology have opened up the world to more and more connections to the Internet from more than just a computer, smartphone or tablet. These days, Internet of Things (IoT) devices can be anything from a camera or smart watch, to a smart car or home security system. Due to the wide-adaptation of IoT devices, many developers have felt the pressure to release their devices as soon as possible, which often means oversight in security. This made it easy for hackers to discover weaknesses in IoT devices, resulting in the launch of largest distributed denial-of-service (DDoS) attacks in history. The attack used thousands of IoT devices with weak passwords to launch an attack on hosting company OVH and DNS service provider Dyn. This resulted in the outages for well-known sites such as Airbnb, Netflix, Reddit, Twitter, and Spotify. To protect your IoT devices, SonicWall suggests that you ensure your devices are protected by next-generation firewalls, which scan for specific IoT malware. They also suggest you separate all IoT devices from the rest of your network, in case it becomes compromised.

Android Security Increased, But Still Vulnerable

During 2016, Google worked on new operating systems that would directly combat many of the security vulnerabilities found in Android devices. They added additional security features, including a new approach to permission granting, an increase of security patches, and a full-disk encryption of the device. However, these new strides in security have been met with hacker resistance as they find new ways to combat these security measures. This includes screen overlays, ad-fraud malware HummingBad, self-installing apps, and third-party adult-centric apps. SonicWall suggests that any Andriod device on a company network should keep the “install applications from unknown sources” un-check and make sure both “verify applications” options are checked. It is also advised that users enable the “remote wipe” option in the event that the device is compromised.

The best way to combat an attack is to stop it before it becomes a problem. Contact Info Advantage’s security professionals today at (585) 254-8710 to learn more about proactive ways to ensure the safety of your data. 

One of the major arguments for die-hard Apple fans is that their devices are nearly invulnerable to the attacks that work their way into other operating systems, such as malware or viruses. While it is true that Apple has a much lower rate of malware infections, this does not make it impenetrable, and hackers are constantly looking for new ways to extort data. One newly discovered malware, known as Fruitfly, takes advantage of an antiquated code that allows it to run undetected on macOS systems.

What is Fruitfly?

Fruitfly is a newly discovered type of malware recently found by the team at Malwarebytes. While relatively harmless, this malware is able to hide inside of OS X without alerting the user of its presence. The malware communicates with two command-and-control servers, which allows it to perform actions such as typing, webcam and screen capture, and even moving and clicking the mouse. It can also map other devices and try to connect with them.

Where did Fruitfly come from?

There is a bit of mystery surrounding the origins of Fruitfly. According to Malwarebytes, Fruitfly may have been hiding in a OS X for several years, as much of its code indicates that it was adapted from OS X to Yosemite, making it at least three years old. However, there are also lines of code that rely on pre-OS X systems, and some open-source ‘libjpeg’ code, which hasn’t been updated since 1998. So far, most of the discovered instances of Fruitfly have been found on machines at biomedical research institutions.

What can I do to protect my device?

Luckily, it seems that most of the Fruitfly attacks are targeted, making them a minor threat to an everyday user. However, Apple has yet to release a patch against Fruitfly, so users should take caution and keep an eye out for any updates they release in the near future. One of the best ways to ensure that your device stays infection-free is through constant monitoring of your network. Keep an eye out for any irregularities, and don’t let anything go unreported.

Worried that your network is in danger of malware infection? Not sure what to look for when monitoring your network? Contact Info Advantage today at (585) 254-8710 to talk to an IT professional about how to keep your devices safe from harmful attacks.

There are thousands of breaches of information every year, threatening our personal information and sensitive data. On Feb 23^rd, news of a brand-new bug known as Cloudbleed dropped. This bug has affected thousands of sites, potentially leaking out the sensitive information of their users, according to a new report by CNET. Here is a quick guide to understanding exactly what Cloudbleed is, and how it may have affected you and your company.

What is Cloudbleed?

Cloudbleed is the name of the newest major security breach bug from an Internet security company known as Cloudflare. The issue arose when users entered their information onto secured “https” sites, such as a login page. Cloudflare’s service is meant to help securely move the information entered into the “https” sites between the user and the servers. Instead of deleting the information after it was used, the Cloudbleed bug caused Cloudflare’s security service to save potentially sensitive data, such as user credentials, photos, video frames, or even server and security information.

Who is affected by Cloudbleed?

There are currently around 3,400 websites believed to have been affected by the Cloudbleed bug, though the actual number could be much higher. The bug is believed to have started back as September, with the height of the problem occurring between February 13^th to the 18^th. Uber, Fitbit, and OKCupid are the main three that seemed to be directly affected by the bug. According to Cloudflare, the Cloudbleed bug is thought to have leaked information about “one in every 3,3000,000 HTTP requests” made through the service.

What can I Do Now?

As of now, Cloudbleed is no longer an active threat. Cloudflare was able to stop the bug just 44 minutes after it was discovered, and the problem was solved completely in 7 hours. While the impact is minimal and requires no immediate action, there are a few things individual users can do to keep themselves safe from potential data leakage.

It is recommended that you change your password on any account that uses Cloudflare. This includes sites such as OKCupid, Fitbit, and Medium are some of the most popular sites that are known to use Cloudfare’s services. If you are unsure whether or not a site you use was affected, there is now a webpage that tells you whether or not a site is infected. 

It is also recommended that you use a two-step authentication on any site or service that offers it. This will ensure that no one will be able to access your account, even if they are able to get your user credentials.

-

With thousands of security breaches per year, you can’t afford to wait for security. Contact Info Advantage today at (585) 254-8710 to speak to a technology professional about how to keep your data safe.