?>

Category: Articles

Six tips for practicing safe social media

Article: The impact of industrial Internet of things on Cybersecurity

safe social media tipsWith Facebook now counting over 1.7 billion monthly users and LinkedIn another 467 million, it was only a matter of time until criminal hackers turned their attention to exploiting social media as an attack vector. The current attack is being waged to introduce ransomware into these environments. Dubbed “Imagegate”, it’s a clever way of sneaking malware into your environment.

It typically runs this way: While on Facebook, a user sees an Instant Message. It appears as if an image with an .svg extension is attached to the image, and the user clicks on it. The user is re-directed to a web site that looks like YouTube and asked to download a piece of software in order to view the video. However, what the user actually downloads is ransomware, or a backdoor or a similar Trojan giving the attacker access to the user’s computer.

The attack is both wickedly elegant and devastating. Here’s how to protect yourself and your data from it:

1. Educate users on the dangers of social media. Corporations should ensure that their employees are receiving at least annual security awareness training, including the latest threats.

2. Take a proactive stance against malware attacks. Are you scanning your network, searching for threats, backdoors and malware? Is your security team keeping up to date on attacks and then examining their network for this kind of activity?

This includes back-ups of your data. These back-ups should occur at least daily and include all sensitive and important data on your network. This allows you the opportunity to recover from a ransomware attack almost immediately. It also provides you with the ability to not pay the ransom, which most law enforcement agencies would advise against. Many times companies have paid the ransom only to find that they still couldn’t recover their data or that once they paid the attackers extorted even more money from them.

3. Consider minimizing access to social media within your corporate network. While this is controversial, it will definitely help protect your data. Some companies set up a network for social media and segment their corporate network from it, creating a DMZ of sorts and protecting sensitive corporate data. It’s not a popular choice but it is practical.

4. Since many variants of ransomware run their executable from AppData/LocalAppData, create rules to disallow this behavior and stop ransomware from starting. Many intrusion prevention software offerings provide this functionality and Windows also allows administrators to create these types of rules. If there is legitimate software that is set to run from the App Data area then it can easily be excluded.

5. Ensure your incident response plan and team are ready to provide remediation and recovery during a ransomware incident. Many companies neglect this aspect of their security program until an incident occurs, leading to massive failure. If you don’t have an incident response plan, write one; if you haven’t tested it, test it and make sure your personnel are prepared. Incident response shouldn’t be the last line of defense, but it often is and as such it should be as strong as possible.

6. Investigate as part of the incident response process. Many companies who experience a ransomware outbreak simply restore from their back-ups with no follow-up. The right course of action is to initiate a full investigation to determine how the ransomware entered the network, what type of ransomware it was and what indicators of compromise are available. That information should then be used to strengthen the overall security posture. Without doing all you can to protect yourself, you are doomed to fail.

How to tell if you’re infected with malware

How to tell if you’re infected with malware

Picture this: you start your computer and wait. And wait. And wait some more. When your desktop finally shows its face, things don’t get any better. Your Internet is sluggish, your programs are taking forever to load, and your cursor is dragging 20 seconds behind your mouse. You might have tried to open too many programs at once. Or…

You might be infected.

Sometimes a malware infection is plain as day. Other times it’s a silent killer. If you want to know whether or not your machine is sick, you first need to understand the symptoms. So let’s take a look at the telltale signs.

Blatant signs of infection

You’ve got ransomware

This one’s the most obvious. Ransomware authors want to make it perfectly clear that you have a malware infection—that’s how they make their money. If you’ve got ransomware, you’ll get a pop-up that tells you your files have been encrypted and there’s a deadline to pay a ransom in order to get them back.

Browser redirects

You click on a link after doing a Google search on “my computer’s acting strange.” Link opens to a different page. You head back to your search results and try a different link. Same thing happens. Over and over you’re redirected to a different site from the one you’re trying to reach. That, my friend, is a malware infection.

Different home page

Say you set your home page to be your favorite sports news site. But for some reason, Yahoo.com keeps coming up. You also notice some new toolbars (rows of selectable icons) below your browser window that you can’t get rid of. You could either have a major case of the forgets, or, more likely, you’ve got an infection.

Bombarded with pop-ups

We’re talking: can’t escape. Close one, another one opens. Or you’re not even online, and you’re getting pop-up messages on your system. Some sites admittedly have terrible ad experiences that feel like something nefarious is going on (but really isn’t). Most of the time, if your screen is loaded with pop-ups, you’re looking at an adware or spyware infection.

Less obvious signs of infection

Computer running slow

Lots of things can contribute to a slow computer. You could be running too many programs at once, you may be running out of hard drive space, or there’s not enough free memory. If none of those are true for you and your computer is still slow, it’s possible you’re infected.

New, unfamiliar icons on desktop

Maybe your nephew Timmy jumped on without your knowledge and downloaded a photo editing program so he could swap his face with his dog’s face and share it on social media. Or perhaps you downloaded a legitimate piece of software and a Potentially Unwanted Program (PUP) hitched a ride. If it’s the latter, your computer could be weighed down by PUPs, which Malwarebytes and many other security companies consider malware.

Constant crashing

There are a couple reasons why your applications or system might crash, including potential incompatibility between programs or software and hardware that needs updating. However, some forms of malware, such as rootkits, dig deep into the Windows kernel and latch on, creating instability.

Web browser freezes or is unresponsive

Slow Internet could be just that—check your wifi signal or your download speeds with your Internet provider to be sure. But if everything checks out and your browser grinds to a halt, it could be a sign of infection.

Lots of bounced email

We’ve all mistakenly typed in the wrong email address and hit “send.” But if you’re getting a suspiciously high number of bounces, or emails that return to your inbox undelivered, something else is going on.

First, your email address could have been hacked and is now being used to spam the crap out of your contacts list. Or malware could be the culprit. How? An infected computer sends out emails using the addresses it found in your computer. If the “To” address doesn’t work, the message bounces back to the “From” address, which is often yours.

Mobile infections

Battery life drains quickly

Oh yes, your cell phone is not immune to malware. If you notice your battery life draining quickly, it could be that you’ve got some hefty programs open, such as games or music streaming services. It could also be that your battery is on its last leg. Unfortunately, the third possibility is mobile malware.

Unusually large bill

This one’s pretty clear-cut. Pay close attention to your cell phone bill. Are you being charged for messages you didn’t send? Is your data plan getting busted? Are you getting texts from your provider saying you owe money for something you didn’t purchase? Mobile malware is to blame.

You can protect against mobile threats using anti-malware software designed specifically for smartphones and tablets. For example, Malwarebytes Anti-Malware Mobile safeguards Android devices from malware, infected applications, and unauthorized surveillance.

Stealth infections

No sign at all

Is your computer running like a smooth criminal? No issues whatsoever? You still might be infected. Many forms of malware, including botnets and others designed to steal your data, are nearly impossible to detect unless you run a scan.

In fact, whether it’s plainly obviously or there’s no real sign of malware, you should be regularly scanning your computer with security programs like Malwarebytes Anti-Malware. If malware is detected, follow these simple steps to clean your computer.

Should you store your data in the cloud?

It’s pretty simple to understand where a file goes when you save it on your PC. It lives on your hard drive, possibly housed in a set of folders you’ve created and organized yourself. That file is only stored on your computer, unless you decide to email it to yourself or save it on an external hard drive or USB.

Now what about the cloud?

At its most basic level, “the cloud” is just fancy-talk for a network of connected servers (a server is simply a computer that provides data or services to other computers). When you save files to the cloud, they can be accessed from a computer connected to that cloud’s network. Now take that idea and multiply it to understand how the cloud works for you. The cloud is not just a few servers, but a network of many servers typically stored in a spaceship-sized warehouse—or several hundred spaceship-sized warehouses. These warehouses are guarded and managed by companies such as Google (Google Docs), Apple (iCloud), or Dropbox.

So it’s not just some nebulous concept. It’s physical, tangible, real.

cloud storage

When you save files to the cloud, you can access them on any computer, provided it’s connected to the Internet and you’re signed into your cloud services platform. Take Google Drive. If you use Gmail, you can access Drive anywhere you can access your email. Sign in for one service and find your entire library of documents and photos on another.

Why are people concerned with cloud security?

It’s physically out of your hands. You aren’t saving to a hard drive at your house. You are sending your data to another company, which could be saving your data thousands of miles away, so keeping that information safe is now dependent on them. “Whether data is being sent automatically (think apps that sync to the cloud) or driven by users uploading photos to social media, the end result is that it’s all there somewhere being logged and stored,” says Jérôme Segura, Senior Security Researcher at Malwarebytes.

And that somewhere is a place that’s not in your direct control.

Risks of cloud storage

Cloud security is tight, but it’s not infallible. Cybercriminals can get into those files, whether by guessing security questions or bypassing passwords. That’s what happened in The Great iCloud Hack of 2014, where nude pictures of celebrities were accessed and published online.

But the bigger risk with cloud storage is privacy. Even if data isn’t stolen or published, it can still be viewed. Governments can legally request information stored in the cloud, and it’s up to the cloud services provider to deny access. Tens of thousands of requests for user data are sent to Google, Microsoft, and other businesses each year by government agencies. A large percentage of the time, these companies hand over at least some kind of data, even if it’s not the content in full.

“Some people argue that they have nothing to hide, that they’re not doing anything wrong, and couldn’t care less if their private information is accessed, especially if it helps in the effort to track down terrorists,” says Segura. “While there is no doubt that ready access to data is an invaluable asset for intelligence agencies, it is really important to remember that each individual has a fundamental right to privacy.”

Benefits of cloud storage

On the flip side, the data you save to the cloud is far more secure than it is on your own hard drive. Cloud servers are housed in warehouses offsite and away from most employees, and they are heavily guarded. In addition, the data in those servers is encrypted, which makes hacking it a laborious, if not formidable, task for criminals. Whereas a malware infection on your home computer could expose all of your personal data to cybercrooks, and even leave your files vulnerable to ransomware threats. In fact, we recommend backing up your files to a cloud service as a hedge against ransomware.

Another benefit to storing data on the cloud is cost effectiveness and ease-of-access. You can store tons of data, often for free, using the cloud. Measure that against the number of external hard drives and USBs you’d have to purchase, and the difficulty accessing data once you’ve stored to multiple other devices, and you can see why cloud storage has become a popular option for businesses and consumers alike.

Final verdict

Yes, your data is relatively safe in the cloud—likely much more so than on your own hard drive. In addition, files are easy to access and maintain. However, cloud services ultimately put your data in the hands of other people. If you’re not particularly concerned about privacy, then no big whoop. But if you have sensitive data you’d like keep from prying eyes…probably best to store in a hard drive that remains disconnected from your home computer.

If you’re ready to store data on the cloud, we suggest you use a cloud service with multi-factor authentication and encryption. In addition, follow these best practices to help keep your data on the cloud secure:

  • Use hardcore passwords: Long and randomized passwords should be used for data stored on the cloud. Don’t use the same password twice.
  • Back up files in different cloud accounts: Don’t put all your important data in one place.
  • Practice smart browsing: If you’re accessing the cloud on a public computer, remember to log out and never save password info.

How to fight the DDoS threat

By in IT Security, October 28, 2013, 12:21 PM PST

Regarding DDoS attacks, one security researcher says, “There is no security, there is only time.” Is this perspective the key to better defense and mitigation?

Six Ways to Prevent Becoming a Victim of Identity Theft

Armed with some basic information, a thief can do you a lot of harm. He or she can steal your identity and it could take years for you to get it back. With all the county and public records available on the Internet, it’s easier than you think for someone to pretend they are you. Your  home address is a public record. It’s probably online in your county tax assessor’s records. Your social security number is for sale online. And that’s just the start.

How do you protect yourself? Here’s how: Continue reading Six Ways to Prevent Becoming a Victim of Identity Theft

Free mockups