July 11th, 2014
Gmail is one of the most popular email clients around and iOS devices are likewise incredibly prevalent. It stands to reason, then, that millions of individuals access their Gmail accounts on their iPhone or iPad. As Jeremy Kirk reports for Computer World, doing so leaves users vulnerable to data theft.
At issue is a lack of a vital security technology that would keep attackers from spoofing security certificates and gaining access to the encrypted communications being sent through Gmail. Any website or application that has users sending potentially valuable personal information uses digital certificates to encrypt that data. Attackers have been able to fake these certificates, however, and decrypt the data.
Google would be able to put a stop to these man-in-the-middle style of attacks by implementing a technology called certificate “pinning”. This involves hard coding legitimate certificate details into an application. While Google has known about this vulnerability since late February, they’ve yet to implement pinning.
Making this more odd is that this vulnerability only affects iOS users because Gmail for Android uses certificate pinning. This is being referred to as “an oversight by Google”.
For the time being, using Gmail on your iPhone is unsafe. There’s always a possibility of your messages being intercepted by a third party.
At Geek Rescue, we offer a number of email solutions for home and business, as well as support for mobile devices, including iPhones and Androids. If you’re having issues with technology, call us at 918-369-435.
July 2nd, 2014
In the fall of 2013, hackers infiltrated Target’s point-of-sale system and were able to steal credit card information from thousands of customers. That large scale attack prompted a re-evaluation of security by most companies to attempt to better protect customer data at its most vulnerable points. As Jaikumar Vijayan reports for Computer World, however, more businesses were recently victimized by a similar POS attack that compromised customers’ credit card information.
Information Systems and Supplies (ISS) provides POS systems to restaurants in the northwest. Recently, they informed customers that those systems may have been compromised, which may have led to the theft of customer’s credit card information.
The breach in security stems from attackers gaining access to ISS’s admin account, which allowed them to log-in remotely to ISS customer servers and PCs. Through remote access, data stealing malware was planted on the POS systems, which is capable of stealing the numbers of any credit card used between since the end of February.
It’s unclear exactly how hackers first gained access to the ISS admin account, but it’s believed to be fallout from a phishing scam.
One password was used to log-in to each POS system managed by ISS before this attack. Since learning of the breach, ISS has instituted unique passwords for each customer system.
This attack holds lessons for both individual users and businesses. This is an example of why reusing passwords, or using a single password to access an entire network, is dangerous. If one password is all that stands between an attacker and all of your most important data, you’re likely to suffer a catastrophic attack. It’s important to implement multiple passwords, two-factor authentication and other security measures.
Last year, nearly two-thirds of successful data breaches were caused by security vulnerabilities introduced by third party applications. Many businesses assume that third party software is secured and maintained by the vendor who supplies it, but that’s not always the case. Unfortunately, this mistrust leads to attacks that are able to use third party software to infiltrate an entire network.
At Geek Rescue, we offer support and service to both individuals and businesses. For help recovering from an attack or improving security to prevent one, call us at 918-369-4335.
May 16th, 2014
We’ve discussed before how data breaches lead to a loss in revenue for businesses. That’s not the only issues that stem from an exploit in a security vulnerability, however. At Dark Reading, Tim Wilson reports on a recent survey conducted by the Ponemon Institute that reveals how consumers react to a company’s data being compromised.
When it comes to a brand’s reputation, which influences how likely a consumer is to do business with that brand, there are three leading factors that have the greatest negative impact. Those factors are poor customer service, environmental disasters, like oil spills, and data breaches. That these are the most influential may not be that surprising until you realize what they beat out. Other factors that finished lower in the survey were publicized lawsuits, government fines and labor or union disputes.
It’s not surprising why consumers feel so strongly about avoiding businesses who have experienced a data breach. About a quarter of typical consumers are extremely concerned about being the victim of identity theft. That jumps to about half of consumers who are customers of a company who has experienced a data breach and many of those believe their identity and personal information will be at risk for years to come, or even for the rest of their lives. For these individuals, it’s better to sever ties with a company they’ve done business with for years than to risk their information falling into the wrong hands.
This report contains a clear message for businesses. A loss of customers is inevitable should you suffer an attack that results in the theft or exposure of important data. That’s why it’s important to invest in security now before a successful, and costly, attack occurs. The reality is that many small to medium businesses fail to ever recover from a severe attack. A lacking security infrastructure could actually lead to the loss of a business.
For help improving the security at your company, call Geek Rescue at 918-369-4335.
May 15th, 2014
The hard truth is that it’s extremely difficult to effectively secure a business from cyber attacks, malware and data breaches. It’s also vital to managing a successful business, however. At Dark Reading, Mark Goldstein and Arun Sood published a list of common security myths that hinder both the understanding and the effectiveness of a company’s security infrastructure.
What is adequate in the context of data security? The truth is that no system is 100-percent effective. Successful attacks are unavoidable because it’s impossible to secure every endpoint while simultaneously dealing with thousands of new pieces of malware each day. The key is to minimize the risk and the damage and have a plan in place to recover and mitigate attacks.
Many business owners believe that server and security management is as simple as getting everything online, then dealing with problems as they arise. That’s one way, but that introduces a number of potential problems. First, by not being proactive and looking ahead for issues that could happen in the future, you’re actually likely to have more problems and more downtime. Similarly, while static systems cost less and require fewer man hours, they also create an unchanging target for attackers.
- All Threats Demand Action
Common sense suggests that any time there’s an intrusion or a vulnerability, your IT team needs to take action. In reality, however, reacting the same to every threat only means that you’re unable to react sufficiently to the most dire of threats. IT professionals understand that there are minor attacks that can’t do any real damage. It’s unwise for these threats to trigger the same alarms as large scale attacks because it increases the chances that one of these serious threats gets missed or overlooked.
- Patch All Vulnerabilities
In the same vein, don’t expect to be able to patch and close all security vulnerabilities that exist on your network. New vulnerabilities are added every day, or even every hour. With tens of thousands of vulnerabilities, it’s impossible and a waste of time to try to secure each of them. Instead, good IT professionals know how to spot the most dangerous vulnerabilities and patch them immediately. This is a more efficient use of time and keeps the most dangerous threats out while protecting your most valuable assets.
If you need to improve the security at your business, call Geek Rescue for help at 918-369-4335.
May 2nd, 2014
Many small businesses view data security as nonessential because they don’t see themselves as ever becoming the target of an attack. Unfortunately, this often makes them a target because of the relative ease attackers have in breaching their network. Even those that do find it necessary to put security measures in place might not see the whole picture of why it’s important. As Brian Prince of Security Week reports, data security isn’t only important for protecting a company’s data. It’s also important for customer retention.
A recent survey conducted by Javelin Strategy and Research found that about a third of consumers will abandon a company that’s suffered a breach that’s resulted in the loss or exposure of customer data. For healthcare providers, 30-percent of patients will abandon after a breach and a quarter of consumers will change their bank and credit card providers in the wake of a data breach.
As experts note, particularly telling about how important security is to consumers is their willingness to change healthcare providers given the usual hassle involved with that process.
What each of these statistics reveal is how cyber attacks cost businesses money. Not only do they often result in significant downtime that prevents you from offering services to customers, but they also cost you customers and sales.
Perhaps the best example of an attack resulting in lost profits is the recent, massive Target breach. As many as millions of customers had credit card information stolen, which resulted in an estimated $61-million being lost by Target in relation to the attack.
This is dangerous because an unrelated study found that four out of five company leaders don’t equate the loss of confidential data with the loss of revenue. This often leads to a relaxed attitude toward security that significantly increases the risks of a successful attack occurring.
Risk assessments, data management programs and other tools are needed to protect even small businesses from exposing their customer’s data, or their own, during an attack.
For help improving your company’s security, call Geek Rescue at 918-369-4335.
March 27th, 2014
In a previous post, false positives were listed as a factor in ranking the best available security tools. Even for an individual user, false positives can hinder the effectiveness of your security infrastructure but they become significantly more costly when applied to an entire company’s network. Ken Westin of The State of Security explains how false positives and an over-emphasis of security contributes to an insecure environment.
When’s the last time you heard a car alarm and reacted like there was a car in the area being broken into? The car alarm is a perfect example of false positives causing a lack of security. They go off constantly, which has made people ignore them in every situation. They’re now just noise.
In the case of security tools, antivirus programs that flag every download as a potential virus or even those that constantly warn you about a new application running with access to the internet turn into noise. If nine out of ten of the alerts you get from your antivirus program are safe to ignore, the one legitimate warning will likely be ignored also.
In a corporate environment, when the different security tools running don’t communicate with each other, they all flag the same perceived threat. Again, this puts IT professionals in a situation where it’s habitual to ignore security alerts, rather than investigating them.
The gut reaction to a breach of security is to add to the number of tools protecting a network. While that may help protect previously uncovered endpoints, it also creates an overlap of the existing tools. Without an infrastructure that works together, you’re just creating more noise and no more protection. In the case of many more complex security resources, staff will spend an exorbitant amount of time debugging and integrating these tools, which significantly decreases the amount of time available to monitor and mitigate threats.
The tactics of attacks evolve quickly and there are more highly targeted attacks victimizing businesses than ever before. Since most security tools work by recognizing known characteristics and patterns of previous attacks, these tools are less effective at spotting and preventing threats to a network. That’s why it’s increasingly important to have a team in place to review data and activity so a breach can be detected early.
Effective network security requires and investment, but it needs to be made intelligently. For help creating a security infrastructure for your business, contact Geek Rescue at 918-369-4335.
January 30th, 2014
Planning is a key step to effective data security for your business. If you know how you’re likely to be attacked, you’ll know how to best protect yourself. At PC World, Tony Bradley published a list of security threats he expects to be common throughout 2014.
The time when you could consider your smartphone immune from the dangers of malware has passed. With a large percentage of the population not only using mobile devices, but using them to access critical data, criminals have begun heavily targeting them with mobile-specific malware. And infection can stem from a number of places. Email, malicious links and text messaging are all popular modes of malware infection, but even connecting to an infected computer via USB has been the root of infection in some attacks.
You’ve likely seen this buzzword in the media and it refers to the growing number 0f items with internet capabilities. Your refrigerator, car, home security system, baby monitor and many other common items can now be online and controlled remotely. While this may present a convenience for you, it also poses a security risk as hackers may also be able to gain control of your things. We’ve already seen a refrigerator used as part of a botnet. Be aware that if an item in your home or business can connect to the internet, it can be hacked.
Patches and security updates for this operating system will be discontinued by Microsoft this April. While Microsoft Security Essentials will receive support until the summer of 2015, this still presents a significant security issue. A large portion of the world’s desktop computers, particularly in offices, are still running XP. Worse is that kiosks and other embedded devices also run off of XP. When Microsoft stops supporting their old operating system, developers will also likely stop releasing updates for their XP applications. This leaves users in a frozen state where known exploits won’t be fixed. Some security experts are forecasting that hackers will wait until support stops and then launch all out attacks on XP systems.
Due to the success of attacks, like those on Target and Nieman Marcus, expect large scale data breaches to continue. Cyber criminals understand how valuable data can be and are willing to launch intelligent attacks to steal it. Staying protected requires planning, putting proper security tools in place and being smart about what you download and who you allow on your network.
For help improving the security at your company or on your home PC, call Geek Rescue at 918-369-4335.
January 21st, 2014
The recent attack on Target that ended with millions of customer’s credit card information being stolen holds multiple lessons for IT departments everywhere. We already reported the facts about the malware used in the attack. At IT Manager Daily, David King has a list of what should be learned from the attack so it less likely to happen again, or at least handled more effectively.
If your body is infected with a virus, the longer you wait the worse it gets. It’s a similar rule of thumb of malware infections and attacks. Not only do you need to secure your network and get rid of the malicious files, but you’ll also need to warn your affected customers and be prepared to handle the influx of calls. This all needs to happen as soon as possible to prevent the situation from getting even worse.
- Secure All Points Of Access
The wrinkle in the attack on Target is that computers weren’t infected with the malware. Instead, the point of sale system was the target. Similarly, recent stories have reported that anything connected to the internet, including refrigerators, can be infected with malware and used by criminals. That makes it vital to secure every device that is connected to the internet and put security tools like firewalls in place to protect your entire network.
Part of the key for acting quickly is to make a plan for recovery before disaster strikes. This way, every part of your organization knows what their job is and everything will run smoothly. This plan will need to be updated when applications and personnel change and altered for new forms of attacks.
These three tips won’t keep you completely secure from a data-scraping malware attack. Unfortunately, nothing can guarantee the safety of your data. But, when you follow the correct protocol, you’re less likely to become a victim and are able to risk less.
For help improving the security of your company’s data, or for help recovering from an attack, call Geek Rescue at 918-369-4335.
November 11th, 2013
Software companies like Microsoft, Apple and Adobe release patches regularly to fix bugs and close security vulnerabilities. This is a common practice, but as Tyler Reguly of TripWire’s State of Security blog reports, Microsoft often makes a mess of it.
There are a number of factors that contribute to the confusing nature of Microsoft’s patch practices. Patch Tuesday occurs once a month and involves the patching of multiple Microsoft products and fix multiple vulnerabilities at a time. The downside to this bulk patch release is that new vulnerabilities that crop up are left open for weeks while users wait for the next Patch Tuesday to come around. There have been instances in the past when Microsoft has pushed out a patch outside of this schedule and other companies follow a similar patching process, but users are still left in the lurch from time to time.
In addition, patches are far from uniform. Microsoft could release multiple patches to fix a single vulnerability in a single product, or they could release one patch per product for each instance of a vulnerability. Some patches replace older patches, but sometimes multiple patches are needed to replace a single patch.
In an attempt to simplify this process, Microsoft introduced a single service that would automatically update Windows users with any applicable patches for all Microsoft products in use on their device. This actually caused more confusion, however. A user who has enabled automatic updates might think they’re fully patched at all times, but that’s rarely the case. That’s usually because an older version of an application is being used that Microsoft no longer supports or that won’t work with automatic updates.
Unfortunately, users aren’t warned that applications aren’t being updated. Instead, it appears they’re patched and safe from vulnerabilities. In many ways, this makes them more susceptible to breaches than if they knowingly avoided all patches to begin with.
Keeping your devices and networks safe requires an investment. Geek Rescue offers help for improving security for your home or business. Call us at 918-369-4335.
November 8th, 2013
About a month ago, software company Adobe announced that hackers had gained access to passwords and log-in information for millions of accounts. Initially, the number of accounts affected was estimated to be around 38-million. As Jim Finkle reports at NBC News, that number is actually significantly higher.
Password security firm, LastPass, discovered the stolen customer data on a website for cyber criminals. In actuality, 152-million user accounts were compromised.
Adobe, which makes popular software like PhotoShop and Acrobat, downplayed the significance of the data breach. They claim many of the accounts who saw their log-in information stolen were inactive. Either the email or password was out of date, or the account was registered under false information in order to take advantage of one-time free use offers. The out of date log-ins total an estimated 43 million accounts. It’s unknown how many accounts were set up with fictitious information.
Still, Adobe has notified 38-million users that their accounts may have been compromised.
Regardless of whether the log-ins were up to date or not, security experts warn that the data stolen is still valuable to criminals. The data stolen can be used in phishing scams with relevant details included to make them more believable. There’s also the concern of Adobe passwords being used for other accounts. As one expert pointed out, a user may have registered with Adobe years ago and since let the account become dormant. However, they may use the same password for other online accounts, which a hacker could now have access to.
Some have suggested that Adobe didn’t do enough to safeguard customer’s data from an attack. While this is an example of what can happen when the proper security isn’t put in place at the business level, there’s also a wake-up call here for users. Regardless of how strong your password is, it’s still vulnerable. Hackers have a variety of ways of breaking into your accounts, and they don’t all involved brute force efforts to guess passwords. Also, failing to use unique passwords for each account leaves you much more vulnerable to hacking.
If you have a business that needs to improve your security to keep your data and your customer’s data safe from attack, or if you’d like to improve the security on your personal devices, call Geek Rescue at 918-369-4335.