Tag Archives: Network Security

Ransomware isn’t exactly a new threat, and it continues to grow over recent years as a means for cyber criminals to extort individuals or businesses by way of locking down their devices and – you guessed it – essentially demanding a ransom for it to be unlocked. With reports of ransomware being more widespread as far back as 2015, you’d think by now it would have been dealt with more efficiently, however, according to research ransomware generated an estimated $1 billion in 2016 alone.  It also has a low cost structure (so, very profitable) and the victim directly sends the perpetrator money.

What is Ransomware?

Ransomware, in a nutshell, is a form of malware that essentially locks down access to your computer data. This is usually done by way of encrypting as much personal information on your PC as it can find, or by just locking your screen entirely. The malicious software will then demand a payment from you (a ransom) before your data will be unlocked again – simply put, it is holding your computer, files and data hostage until you pay a fee. Most commonly, ransomware infects your PC when you click a link in an infected e-mail.

A survey of companies who were infected by ransomware includes cautionary facts for those who might be thinking that paying the ransom and moving on is the fastest and simplest solution.  Most of the companies who paid, paid in excess of $1,000 (per computer) in order to recover their data. But, not surprisingly, only 55% of the companies who paid actually received the decryption keys and re-gained access to their devices. The cheapest and safest ways out of a ransomware attack are: try hard to avoid the social engineering tricks (do your due diligence to avoid an infection happening) and keep backups of your important files and data. Paying the ransom simply isn’t a wise option.

How Does Ransomware Spread?

The most common method of spreading ransomware is using a tactic known as “social engineering”. Generally speaking this is a way of tricking you into infecting your own device. Most commonly this is achieved via an e-mail, but could also be a malicious ad or popup on the web or a web page itself. It usually consists of an enticement to click or download an attachment, document, picture or video. Microsoft Office files, PDFs and multimedia files can all be the carriers for the ransomware program.

How Do I Know If I’ve Been Infected?

It’s quite difficult to not notice that you’ve been infected by ransomware due to the nature of the infection itself. Usually your entire screen will be taken over by something like the below images:

It’s very common for these types of screens to claim to be part of the government or law enforcement. This is social engineering in an effort to create fear of government reprisal for failure to cooperate.

How to Not Get Infected by Ransomware

For businesses, there are many different variables in play that can make it difficult to be completely secure against ransomware attacks. We highly suggest you utilise Managed IT Services to ensure your systems are kept up to date and you have the very best malware and virus protection on your devices at all times.

For individuals and home computers, the below guidelines can be very helpful:

• Don’t click links or open attachments in an e-mail, unless you know who sent it. Even then, consider contacting the person to see if they really did send it.
• Be suspicious of directives to “click this patch” for Adobe, Flash and some other common tools – there is a high chance this is malware. If you want an Adobe patch, go to the adobe site and get it yourself.
• Be alert for news that there are new methods of infection. For example, malvertising may become a popular method of infection.

Is your computer and Network Security up to scratch? Regardless of whether the device has been locked, a recent vulnerability in Windows 10 has given hijackers an easy route to taking over – simply by using the digital assistant, Cortana, to execute commands. If you’re running Windows 10, you may want your IT Support personnel to tighten up the security on your systems.

Security software giant McAfee provided an in-depth analysis of the new vulnerability, which states that the “Hey, Cortana!” voice command (a default feature enabled in Windows 10) could be triggered even when the device was in a locked state, giving potential attackers a route to being able to see files, information and potentially allow arbitrary code execution.

Due to the vulnerability, it is possible to launch a Windows contextual menu by typing when Cortana starts to listen to a query on a device that is locked.

“All the results presented by Cortana come from indexed files and applications, and that for some applications the content of the file is also indexed. Now we can simply hover over any of the relevant matches. If the match is driven by filename matching, then you will be presented with the full path of the file. If the match is driven by the file content matching, then you may be presented with the content of the file itself,” McAfee explains.

Once hackers have gained access to contents and files, they can potentially continue the hijack and gain code execution rights – all from the Windows lock screen. This type of vulnerability will allow malicious individuals to run scripts (via things like PowerShell or Command Prompt) and commands without the need for parameters and without needing to have the device unlocked. It can even be possible, for example, for the hacker to remove software from the system.

You can test your system for the vulnerability simply by following the instructions as outlined by McAfee – if you can successfully follow these steps then we strongly advise you patch your system.

Luckily, Microsoft has already released a patch (as part of this month’s Patch Tuesday rollout) to address this vulnerability, but for systems that haven’t yet received this update, we strongly advise you get the latest patch or simply switch off Cortana until you have updated.

As part of our Managed IT Services, you can have peace of mind that your operating systems are always up-to-date with the very latest security patches and rollouts.

In 2016 alone online sales totalled in the region of over 150 billion euros, and more and more businesses are processing sales through online platforms so, as you can imagine, this figure is set to increase each year.

But as the e-commerce population rises, and with it the level of spending online, so does the temptation for cyber criminals. If your business trades online, it’s vital to have the correct security in place to ensure your e-commerce website isn’t vulnerable to malicious attacks.

Here are three of the biggest and most common threats to ecommerce platforms:

Using 3^rd Party Web Components

It’s very common practice, if you don’t have a fully custom-built website, to be using third party web components for certain functions on your e-commerce platform. This is often the case with the shopping cart or checkout page. Whilst for the most part there are many trustworthy and reputable vendors for these types of components, they are still a target for cyber criminals. Hackers are known to seek out outdated editions of vulnerable software like this, because often the security weaknesses are publicised.

DDoS Attacks

Distributed Denial of Service (DDoS) attacks have been around for quite some time, but their popularity among cyber criminals continues to grow. They essentially cause a website to crash by way of directing mass, simulated and simultaneous traffic toward it. They can be very difficult to prevent or deflect. Even if your own website does not become a DDoS target, another website that your business relies on could be hit. Any kind of downtime as a result of a DDoS attack could cost your business dearly.

Open Source Codes

Open source software and platforms are fantastic for businesses on a budget. However, due to their public and free nature, they are often lacking in security protocols, and these vulnerabilities are often shared on forums and other online communities. The code is completely open for anyone to see and manipulate, and this leads to obvious opportunity for security to be compromised.

Keeping Your E-Commerce Website Safe

It’s important that your security is pro-active, evolving and has disaster recovery procedures in place. At Spectrum Networks Solutions, we take security seriously and have all of the necessary experience, equipment and knowledge to make your IT systems and online activities as safe and secure as they can be. We have excellent Managed IT services available for businesses small and large, with flexible and scalable packages to suit your requirements and your current IT infrastructure. Get in touch with us today and let us take the worry of having an insecure e-commerce website off your shoulders- for good.

It’s quite likely that you have, or have used or have been recommended to use a firewall as part of your IT Network Security. But often times they are simply tacked on to your overall package without you truly knowing why you require one and what it actually does to protect your computer.

To put it in simple terms, a firewall is a software program or a piece of a hardware that helps to screen out any malicious activity against your computer or network, such as hackers, viruses and worms that try to reach your computer over the Internet or via malicious software, files and programs.

A firewall can come in different forms, and the most common you have probably encountered before, and that is a software Firewall. This is typically a program that is installed directly onto a computer or laptop and actively scans your files and connection or any malicious activity. Some of the big brand names you may have heard of before include Watchguard, McAfee and Symantec. These are most common on personal devices for use at home and on the move, and with the right configuration and management they can be very powerful and accurate. Windows XP service pack 2, Windows Vista, Windows 7, Windows 8, Windows 10 all have an inbuilt software firewall.

A hardware firewall is a device that is placed in between your network and the untrusted internet. If more than one computer is connected to a network, then it is necessary to protect your network from the untrusted internet via a hardware firewall. This is most typically found in a business environment, where many computers connect to a physical server for network management. A hardware firewall is a powerful piece of kit for an extra layer of security, but it is also necessary to protect each computer with a software firewall so that if one computer gets infected with viruses the other computer will remain largely protected from the same malicious attach.

The basic purpose of firewalls is to regulate the flow of traffic in between computer networks of different trust levels. For example, the internet (which is considered as a zone of no trust) and your home network (which is a zone of high trust). All incoming messages are passed through the firewall. The firewall then checks whether these messages satisfy the security criteria. If they satisfy, they are passed through the firewall, otherwise they are blocked. A similar thing happens with the outgoing messages. If you turn your firewall off, then all the messages will pass through firewall freely .As a result, your computer is vulnerable and hackers with the right knowledge can potentially hack your computer and obtain your sensitive data or infect it with malicious software and files.

With Spectrum Networks Solutions you can be rest assured that we use the very best hardware and software firewalls to ensure the utmost level of security for your personal and business network and computers at all times.

Even with GDPR tightening the reins on personal data collecting and processing, you still have to ask yourself how much of your personal life is transmitted over the internet almost passively. If you want to take your online privacy to the next level, you should consider using a virtual private network (VPN), which gives you extra control over how you can be identified on the web.

What is a VPN?

In a nutshell, a VPN is used to create a virtual encrypted tunnel between you / your computer and a remote server that is operated by the VPN service of your choosing. This means that all traffic is routed through the tunnel, meaning that your data is quite secure from any potential prying eyes. An added benefit is that your IP address will be that of the VPN server rather than your personal IP, thus giving you an extra level of identity masking.

When you are connecting to the VPN server, your data will reach the server and then exit out to the public internet. If your target website utilises HTTPS, your connection will still be secure; but even if your connection was intercepted, it would be very difficult for anyone to trace the data back to your computer, since it would appear as though the connection is coming directly from the VPN server rather than your computer.

Let’s take a look at some real examples of where a VPN shines. For example, you connect to a public Wi-Fi in a coffee shop, something that is often done without a second thought. But when you think about it, do you even know who might be watching what goes on and what traffic travels on that network? Do you even know if the Wi-Fi connection is legitimate? You could be transmitting all kinds of private and sensitive data without even knowing it.

However, let’s say you connect to that same public Wi-Fi connection via a VPN. You can have peace of mind that no matter what, nobody on the network can intercept your data and snoop around for your personal data. It’s vital to remember that it’s difficult to recognise whether a Wi-Fi connection is how it seems – just because, for example, the connection is called Starbucks-Free-Wi-Fi, doesn’t necessarily mean that it’s not a potential data thief laying a trap.

What a VPN Won’t Do

As powerful as a VPN is, it still has a limit to how it can protect your privacy and identity online. Plenty of web services use cookies to keep track of your internet usage, even after you’ve left the website (Amazon, Facebook, and Google for example). It’s important to note that most VPN services are still profit organisations that are vulnerable to subpoenas and warrants if it ever came down to it. Therefore it’s vital to read the privacy policy for the VPN service you are considering, and to find out where the company itself is headquartered. NordVPN, for example, is based in Panama, and is therefore not subject to any laws that would require it to retain user data.

Choosing The Right VPN Service

At Spectrum Networks Solutions, we have the experience and the contacts to give you the best possible security and peace-of-mind when you are browsing the web. Free VPN services are often too good to be true and you may even want to consider an encrypted router as an alternative. Whichever your choice, we can advise and guide you to what best suits your business, the data you handle and your general online usage.

If you’re not utilising any encryption procedures in your overall network security, can your internet connection be tapped like a telephone line?

In a nutshell (although it’s never that simple); Yes!

If you’re using a wireless network to connect to the internet and browse or perform any other daily tasks, other devices in the vicinity that are using wireless connectivity can technically overhear your packets (byte-sized-message) and if they really wanted to, they can see exactly what you’re doing.

This practice of overhearing a “wireless conversation”, much like overhearing a conversation in real life, is also known as ‘eavesdropping’, and can be quite common for hackers or other people performing malicious activities to utilise.

Your neighbour or a person sitting outside your house or office can eavesdrop on your wireless connection with the right hardware and software. If you’re using a wired connection, someone with the right know-how can even directly wiretap your connection just like a telephone line.

If you want your communication to be private, encryption is the key!

The HTTPS in web browsers, for example, indicates that your communication with the server is encrypted. Technically someone can still eavesdrop, but they can’t understand or interpret the content of the conversation thanks to the data being encrypted.

How does encryption work?

To use a simple example, let’s say you lock some confidential information in a box using a unique symmetric key and send it (the key and the box) to the server. The server opens the box using the key it received along with the box. But anyone tapping this connection also receives the box and the key.

To solve this, we use a special type of box at the server side which can be locked using a public key but opened only using a private key. The server provides you this special box and public key but keeps the private key secret from everyone. You can put your original box and unique symmetric key inside this special box, lock it using the server’s public key and send it to the server. Only the server can open this special box using its private key.

Therefore you’ve safely shared the unique symmetric key, which can be used to unlock and lock the original box. Now your browser and server can exchange data in normal boxes and need not share the unique symmetric key again. In a nutshell this is how encryption works (except there is no box really!).

Have you started planning for GDPR? It is coming sooner than you think. Our IT Support services include all the necessary security updates, threat detection and response and encryption procedures so that you don’t have to worry about it!

What is GDPR?

GDPR, the General Data Protection Regulation is an EU regulation that aims to harmonise the data protection regulations and strengthen data protection for all individuals in the European Union.

After four years of preparation and discussion, the GDPR was approved by the European Parliament on April 14th 2016 and will apply from May 25th 2018. GDPR replaces the earlier data protection directive that was implemented in national level in 1995. GDPR, instead will begin to apply to all Member States at the same time. GDPR applies to almost all companies operating in the EU and the regulation applies also to organisations outside the European Union, if they collect or process personal data of EU residents.

What constitutes as personal data?

Personal data is defined as any information related to a natural person or “Data subject” that can be used to identify the person, directly or indirectly. Data breaches which may pose a risk to individuals must be notified to affected individuals without undue delay and to the data protection authorities within 72 hours. In case of a data breach, organisations can be fined up to 4 percent of annual global turnover or 20 million euro, depending on which one is higher. Individuals can find out whether or not their personal data is being processed, where and for what purpose. A copy of the personal data shall be provided free of charge, when asked for. The data subject is also entitled to have his or her personal data erased by the data controller – under certain conditions. What’s more, public authorities as well as organisations that engage in large-scale systemic monitoring or processing of sensitive personal data must appoint a Data Protection Officer.

Getting ready for GDPR

Are you ready to get started in evaluating and implementing measures to ensure GDPR compliance? Leverage our checklist below to get closer to the GDPR finish line today:

Identify the personal data fields that you are collecting from natural EU citizens

• What personal data is collected and/or processed?
• Where is it stored or transmitted?
• For how long?
• What retention policies or processes apply to this data?
• Can this be reduced?
• Is it under your control or that of a contractor?
• Does this data remain in the EU at all times?

Characterize the consent information and processes that exist when collecting this data

• Are data subjects asked in clear language for
• explicit consent to collect and process their data?
• Is consent granted at the time of collection?
• Does the consent communication identify and provide contact information for the controller, processor and Data Protection Officer (DPO) where appropriate?
• Does it describe the purpose of processing, security of processing, and legal basis?
• Does it provide the period for which the data will be stored?

Characterize the consent information and processes that exist when collecting this data

• Does it name the recipients or category of recipients of the data?
• Does it explain the data subjects’ right to access, rectify, request erasure or make portable their data, as well as their right to complain to a supervisory authority?
• Does it state the intent to transfer the data outside of the EU?
• Does it stipulate whether data collection is mandatory or optional, as well as the consequences of not providing said data?
• Is it just as easy to withdraw consent as provide consent?

Characterize the ability to communicate with data subjects.

• How do data subjects access, rectify, have erased, and extract their data for transfer?
• How do data subjects withdraw consent?
• How does the organization contact data subjects to report a breach?

Determine if current record-keeping measures and data processing policies are adequate.

• Is there a record of data subject response to consent?
• Is there a record or log of data processing events involving personal data?
• Are these records secure and allow for queries, searches or reports by authorized personnel?
• Are policies kept current that describe how data processing is performed in compliance with the Regulation?
• If a controller is outside the EU, is there a designated representative within the EU, and is this documented?
• If data processing services are contracted, does the legal agreement include the necessary clauses to ensure proper security and handling of personal data so as to be in compliance
• with GDPR?
• Is there sufficient access control to servers and buildings to prevent unauthorized individuals from accessing personal data?

Determine if data security practices and technology are adequate to meet GDPR requirements.

• Are appropriate technical and organizational measures taken to ensure that data is protected from accidental or unlawful destruction, loss, or alteration and unauthorized or unlawful storage, processing, access or disclosure?
• Does the security policy address the following:
  • How to protect data during storage and transmission
  • How to restore access to data when an incident disrupts availability
  • How to ensure situational awareness of risks and enable preventative, corrective and mitigating action in near real time against vulnerabilities or incidents detected that could pose a risk to data
  • Describe the process for regularly assessing the effectiveness of security policies
• Is there a process for providing breach notifications within 72 hours?
• Is there a record of a Data Protection Impact Assessment (DPIA) assessing whether processing operations are likely to present specific risks?
• Was it completed within the last two years, or immediately when there was a change to specific risks in processing operations?
• Is there a designated DPO?