June 2021 - Ophtek

Google Workspace Business and How it Helps Businesses

automation, cloud computing, collaboration, Google, google workspace business, Securityautomation, cloud computing, collaboration, google, google workspace businessOphtek, LLC

Jun 2021

Any tool that can help businesses improve processes and enhance productivity is invaluable. And one such tool is Google Workspace Business.

An intriguing and powerful collection of business IT tools, Google Workspace Business has the potential to revolutionize the way your organization works. It’s a platform which embraces the benefits of cloud computing and allows you to take collaboration to a new level. The basic (and free) version of Google Workspace is certainly useful, but the enterprise Business version is packed full of additional features. And, in the current landscape of remote working, it’s an essential tool for businesses.

But what exactly can Google Workspace Business offer your business?

The Lowdown on Google Workspace Business

Introducing a new collaborative tool into any business needs to be managed carefully. But, with Google Workspace Business, you can be rest assured that the following benefits are worth it:

Collaboration: Google Workspace understands the difficulties of remote workers needing to collaborate with office-based workers; it solves this with a wide range of powerful collaborative tools. Documents can be edited and shared in real time. Video calls can be arranged through Google Meet and instant messaging is available in either group or individual chats.

Use Business Branded Email: One of the major benefits of Google Workspace Business is that it allows you to use an in-built email system – similar in design to Gmail – with your company domain name attached. Organizations, therefore, can harness the power of enterprise-level email services, but free themselves from the duties of maintaining an email server.

Unlimited Storage in Google Drive: Each employee who has an account registered with Google Workspace business will also be allocated a Google Drive account. And, in Google Workspace Business, an unlimited amount of space in Google Drive is on offer. Individuals can securely store all the files they ever need in the cloud and separate Teams accounts can also be set up.

Compatibility Across Devices: Whether you are using a laptop, mobile device or desktop, Google Workspace Business will work seamlessly across these different devices. A mobile device user can, for example, share and edit a spreadsheet with a remote colleague working on a desktop PC. The environment this creates is consistent for all users and ensures that productivity is optimized for all employees.

Powerful Automation: Using advanced AI, Google Workspace Business can automate simple tasks such as arranging appointments and scheduling meetings. Make Remote Working Easier with these PC TipsNaturally, this saves time for your business and allows it to be invested elsewhere. Additional features allow you to take advantage of autocomplete in Gmail to complete sentences while Google Sheets can carry out in-depth data analysis.

Enhanced Security: One of Google Workspace Business’ most crucial tools is Endpoint Management. This security suite grants you the power to manage multiple security settings, erase data from stolen devices, limit user access and many more powerful features. It’s an important feature in the world of remote working and guarantees you peace of mind that your digital workplace is secure.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Database of 26 Million Stolen Passwords Discovered

Cyber Security, Data Security, Ophtek, Password Security, Two Factor Authentication, UpdatesCyber Security, Data Security, Ophtek, password security, two factor authenticationOphtek, LLC

Jun 2021

Passwords are one of the most common security measures, but they’re still considered a risk. And 26 million stolen passwords have just been found.

We all use passwords on a regular basis throughout our working day. Logging on to remote servers and online platforms all require a set of login credentials. And, on the whole, they provide an adequate level of security. But security which is considered only adequate will always remain a tempting prospect to hackers. Login credentials will typically consist of only two pieces of information: username and password. Naturally, with only two data values required – which can be entered from any keyboard – login credentials represent some major security concerns.

That’s why the discovery of this database, containing 26 million sources of information, is considered a major alert.

What’s in the Database?

Coming in at a huge 1.2TB, the database – which was discovered by NordLocker – contains the following:

26 million login credentials
2 billion browser cookies
1.1 million email addresses
6.6 million various files including Word, PDF and image files

These numbers are, of course, huge. And it’s a safe bet that some serious data has been compromised along the way. It has also been revealed that the malware made a point of creating an image file by taking a screenshot via active webcams on infected devices. This, again, is troubling as it underlines the danger contained within the malware for compromising personal data.

The actual malware behind these data harvests is currently unknown. It is believed, however, that its method of attack is fairly standard. Upon infection, the malware will connect to a remote server where it can transmit any stolen data. The compromised data, as NordLocker found, was being hosted on a cloud-based hosting service and has now been taken down. But it’s likely that this database has already been traded and is out in the digital wild.

How Do You Protect Yourself?

Attacks such as this are sadly commonplace in the modern age, but there is a lot that you can do to protect your organization’s data:

Use Two-Factor Authentication: The combination of a username and password may seem strong, but it can be made even stronger by two-factor authentication. This additional layer of security requires the use of a unique piece of data transmitted to a device separate from your IT network.

Install All Updates: The attack in question could easily have been caused by a vulnerability put in place by outdated technology. Both software and hardware require regular updates to patch any issues that may be discovered post-launch. And it’s your responsibility to install these as soon as possible to close any potential back door attacks.

Regularly Monitor Network Activity: If significant amounts of data are being stolen and transmitted to a remote server, this activity will be associated with a rise in outgoing network activity. Therefore, it pays to keep a close eye on any spikes in traffic to minimize the impact of any breach.

For more ways to secure and optimize your business technology, contact your local IT professionals.

How to Reduce Network Downtime in your Business

backup power, IT Network, network outages, Ophtek, Spare network connectionbackup power, IT Network, network outages, Ophtek, spare network connectionOphtek, LLC

Jun 2021

When your IT network goes down it’s usually associated with a sudden drop in productivity. But it doesn’t have to be this way. You can reduce your downtime.

A well-designed IT network should run smoothly and maintain your productivity. No IT network, however, is perfect. And this means that your network is always at risk of running into problems. It’s a scenario that no organization wants to face, but the reality is that it can and will happen. Planning for potential problems, though, is the perfect way to tackle them. If you can prepare for these bumps in the road, then you stand a better chance of avoiding them.

Let’s explore what you can do to maintain your IT network and keep your productivity high.

Maintaining Your IT Network

There are numerous strategies you can employ to safeguard the health of your network connection:

Keep a Spare Network Connection: If your network provider is experiencing technical issues then you have little choice but to wait out their solution. But this is far from convenient for a busy organization. That’s why it pays to maintain a spare connection with a different network provider. Although it may not necessarily be as advanced as your usual network, it will allow you to remain productive.

Install a Backup Power Solution: A sudden power outage is two things in business: unpredictable and disastrous. Losing power in the modern business world means an instant loss in IT capabilities. And this can seriously damage productivity. But by installing an uninterruptable power supply, you can achieve peace of mind that your IT infrastructure will remain online.

Evaluate Your Network Connection: It’s crucial that you don’t take your network connection for granted. A poorly maintained or outdated network can quickly and regularly cause your business numerous headaches. Therefore, at least once a year, take the time to evaluate your network to understand where its weaknesses lie. This could be outdated hardware or even a susceptibility to cyber-crime. Either way, understanding these problems will allow you to fix them before cause trouble.

Don’t Cut Costs: IT technology can be costly, but these costs often underline the quality and reliability of the product. Accordingly, it makes long term sense to invest in an IT network which can call upon quality hardware and internet connections. This type of setup may seem expensive at first, but it will ensure that your network is resilient. And, in turn, this allows you to minimize network downtime and keep your employees productive.

Plan for Network Outages: Ultimately, your organization needs to prepare itself for future network outages. Planning strategies which allow your business to quickly access data and services are vital. Naturally, there will always be some level of chaos when it comes to dealing with network outages, but a good plan gives you a foundation to work from. Ensure that these plans are regularly reviewed and tested at evenings/weekends to guarantee their efficiency.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Disk Wiping Malware Disguises itself as Ransomware

Apostle, Cyber Security, malware, Ophtek, Ransomware, UpdatesApostle, malware, Ophtek, ransomware, securityOphtek, LLC

Jun 2021

Ransomware is a highly destructive form of malware, but it turns out that it can also provide the perfect cover for disk wiping malware.

The pitfalls of becoming a victim of ransomware are well documented. And, as such, the term ransomware is one that strikes fear into the heart of any PC user. But, at the very least, ransomware does give you an option of getting your files back. Naturally, you have to pay a ransom fee for the files to be decrypted, but you can get them back. However, a form of malware called Apostle has now been discovered which pretends to be ransomware when, in fact, it simply wipes your disk drive beyond retrieval.

Data is a crucial commodity in any organization, so it’s important you make it as secure as possible. And one of the perfect ways to do this is by understanding how Apostle works.

How Does Apostle Wipe Disks?

The Apostle malware is believed to originate from Iran and is related to a previous wiper malware called Deadwood. Apostle is not brand new as it has been in the digital wild for some time. But these initial versions of Apostle were flawed and failed to deliver their malicious payload. Since then, the designers of Apostle have tweaked its design to make it more effective. This contemporary version of Apostle presents itself as standard ransomware, but this is merely to throw the victims off guard; its true intent is to destroy data and cause disruption.

The hackers behind Apostle are particularly cunning and are also happy to take ransom payments while destroying the data in question. But this is not where the attack ends. There are signs that Apostle is being used in conjunction with a backdoor attack called IPSec Helper. This allows the hackers to download and execute additional malware and move, undetected, within infected networks. Again, the intention here is to cause disruption.

How Do You Stop Your Disk Being Wiped?

The focus of Apostle, so far, has been Israeli targets, but this does not mean it should be considered a low-level threat. The design of this disk wiper malware can easily be engineered into more virulent and dangerous forms. And this could easily strike at the heart of your business’ operations. Therefore, it’s crucial that you maintain the following practices:

Evaluate All Attachments Before Opening: It’s likely that you receive numerous email attachments through the day, but how often do you verify them before opening? Trusted email addresses can, very easily, be taken over or even replicated. And this provides the perfect route for infected files to be opened. So, if in doubt over whether an attachment is safe, always check with an IT professional before opening.

Train Your Staff on Social Engineering Attacks: The dangers of social engineering are very real and represent a simple way for hackers to get a foothold in your network. Understanding this threat and how to protect yourself against it is vital.

Keep Your Software Updated: Another sure-fire way for hackers to gain access to your network is through vulnerabilities caused by outdated software. The best way to counter this threat is by implementing software updates as soon as possible. This minimizes the presence of vulnerabilities and keeps hackers out.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Hackers Use Microsoft Platform to Launch Malware Attacks

data harvest, Hackers, malware, MSBuild, Ophtek, redline stealerdata harvest, hackers, malware, MSBuild, Redline StealerOphtek, LLC

Jun 2021

Hackers are innovative and industrious individuals, a description which is best demonstrated by their recent leverage of MSBuild to deliver malware.

The Microsoft Build Engine (MSBuild) is an open-source platform which allows software developers to test and compile their source codes. Operational since 2003, the platform has proved to be highly popular with developers and, accordingly, supports a large number of users. And it’s this popularity which has made it so attractive to hackers. By targeting these source codes at a development stage, the hackers are able to piggyback their malicious software into genuine software.

While your organization may not be involved in software development, there’s always the risk that you could end up working with software which is pre-loaded with malware. Therefore, we’re going to take a look at this MSBuild hack.

How are Hackers Infecting MSBuild?

Project files housed within MSBuild can be integrated within executable files which allow the hackers to launch their malicious payloads. But, as ever, hackers have been keen to remain stealthy; the infected payload does not run as a file. Instead, the malicious code is loaded into the PCs memory and it is here that the attack is launched. So far, it has been established that at least three forms of malware have been injected into systems via this approach. Redline Stealer, Remcos and QuasarRAT are the most recognisable forms of malware and have the potential to cause great damage.

Redline Stealer is primarily used as a data harvester and, as such, is mostly employed to steal login credentials and sensitive data. Remote access and surveillance, meanwhile, is the heartbeat of Remcos and allows hackers to hijack PCs remotely. Finally, QuasarRAT is another remote access tool and one which grants hackers full control of infected PCs. Naturally, these three malware variants are the last things you want on your system. And, given that they run filelessly and in the memory of a PC, it’s a threat which is difficult to tackle.

Protecting Yourself Against Memory Based Malware

Malware which operates from within the memory of your PC is difficult to tackle, but not impossible. Start by making sure you carry out these best security practices:

Monitor Network Activity: Regardless of whether a malware attack is file-based or fileless, there will be noticeable changes in your network activity. Any unusual spikes in data transfer or transmissions to unusual destinations should be investigated immediately.

Ensure PCs are Updated and Patched: Many fileless attacks take advantage of hardware and software vulnerabilities. Therefore, it’s critical that all updates are implemented as soon as they are available. This strategy ensures that, even if your PCs memory is breached, the chance of this malware taking hold is minimized.

Disable Macros where Possible: Macros are useful pieces of code that can save users time by carrying out automated procedures instantly. But they can also be manipulated by hackers to carry out malicious procedures. And that’s why many IT departments choose to disable these within organizations except where trusted macros have been tested and verified.

Unfortunately, not all antivirus software can detect fileless malware such as that involved with the MSBuild hack. Conventional, file-based malware leaves behind digital footprints which are easy to detect, but this is not the case with fileless variants. In order to fully protect yourself, check with vendors whether their software has the capability to combat fileless malware.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Monthly Archives: June 2021