cyber attacks Archives - Page 2 of 2

5 Signs That You Need to Upgrade Your IT Infrastructure

cyber attacks, IT Infrrastructure, Legacy Software, Old PCs, Ophtek, Storage Space, System SpeedsCyber Attacks, IT Infrastructure, legacy software, old PCs, Ophtek, storage space, system speedOphtek, LLC

Sep 2021

The business world is constantly evolving and it’s crucial that your IT infrastructure supports this. However, it’s important that you know when to upgrade.

A good IT infrastructure is the backbone of any successful organization in modern business. But, much like the way in which the business landscape quickly changes, the technology behind these infrastructures can soon be superseded. This leaves you at risk of losing out on gains in productivity. Gains that your competitors are sure to take advantage of. IT equipment, however, is expensive and there’s little reason for upgrading for the sake of upgrading. You need to be able to recognize the warning signs that you IT infrastructure needs upgrading.

What are the 5 Signs?

Regularly reviewing the capabilities and condition of your IT infrastructure should be considered a vital business task. Any potential issues need to be addressed, but what should you be looking for? Well, you should start by keeping an eye out for the following:

A Reliance on Legacy Software: The familiarity of legacy software ensures that staff are comfortable using it. But it’s a ‘negative’ positive to focus on. Not only is legacy software prone to cyber-attacks, it’s also likely to be less productive than modern software. Therefore, if you are still using software that has had its support discontinued then it’s time to upgrade. Moving to modern software requires, in the short term, a period of adjustment, but the long-term gains in security and productivity mean it’s more effective.

Slow System Speeds: Nothing is more frustrating in the world of IT than slow system speeds. PC users want to be able to transfer between apps seamlessly and execute tasks quickly. Accordingly, if you find that your IT systems are consistently running slower then this should be treated as a major warning sign. Either the demands of your network can no longer be met or your systems are simply outdated. Whatever the reason, upgrading your IT infrastructure can quickly remedy the fault.

Regular Cyber-Attacks: If you find that your IT systems are regularly being breached by hackers then there’s a good chance it’s down to your IT infrastructure. Often this can be down to a lack of suitable protection. Evaluating your defenses should be a regular task to protect your systems. By regularly monitoring your defenses you should be able to spot vulnerabilities before hackers do.

Lack of Storage Space: The amount of data that businesses process on a daily basis continues to increase at a rapid pace. And this can put a strain on your storage capabilities. An IT system which lacks adequate storage can soon experience problems such as a drop in performance and regular system crashes. Thankfully, storage space is regularly dropping in price. Therefore, once your storage space reaches a certain threshold – such as 80% full – you should look to increase it as quickly as possible.

Working with Old PCs: As we’ve already covered, technology changes quickly. And this means that your workstations can soon become outdated. PCs and laptops may not be low-cost items, but eliminating the faults most often associated with them – lack of speed, poor compatibility and limited features – is undeniably essential.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Out-of-Office Auto-Replies: A Major Threat to Security

Best Practices, cyber attacks, Cyber Security, Data Security, Ophtek, out-of-office, Safety, Security, spam emailemail, Ophtek, out-of-office, security, vulnerabilityOphtek, LLC

Sep 2019

If you’ve worked away from the office then it’s likely you’ve set an out-of-office auto-reply on your emails. However, this could be very dangerous.

The problem with most out-of-office auto-replies is that they’re usually teeming with sensitive data. And this is data that anyone can harvest simply by sending you an email. There’s no filter on who receives the auto-reply. It’s sent to everyone. And this opens you up to a whole world of danger.

Let’s take a closer look at what these dangers are and how you can avoid them.

The Dangers of Auto-Reply Emails

The type of out-of-office auto-reply email you’re likely to have sent in the past looks like this:

I will be out of the office during the week of October 21 – 27 at the Networking Conference in Houston, Texas. During this time please contact my assistant Ralph Smith on 555-2820 with any service-related issues. If you need to reach me directly then please call me on my cell at 555-1234 and leave a message

Peter Jones – Service Manager – Plant Manufacturing – Jones.Peter@plantmanf.com

This is an informative auto-reply and one that will help anyone that has a genuine interest in working with your business. But it also provides far too much information. It could compromise your safety and also the security of your organization. Social engineering is a criminal’s best friend and, in the above example, you have provided them with several pieces of valuable information:

Availability: It’s not recommended that you reveal where you are and how long you will be there for in an auto-reply. In the example above it advises that Peter will be away from the office and his home for a set amount of time. Criminals, therefore, could plan to rob his home or, even more audaciously, turn up at his office and try to gain access.

Signature: When you’re actively communicating with someone else in business it’s recommended to use a signature block at the end of your emails. This helps to underline who you are in the organization and the various ways you can be contacted. It’s an excellent communication tool, but only when it’s used wisely. You don’t want this information being sent to just anyone, so it’s best to remove this from your out-of-office auto-reply.

Live Email Address: When it comes to email-spam there’s nothing the spammers love more than a confirmation that their spam has landed. And, when you set up an auto-reply, this confirms to any spammer that your email address is live. This information is then logged, automatically by spam bots, and your email address added to further spam lists as a worthy target.

Chain of Command: It’s important to limit the organizational details in your out-of-office auto reply message, so revealing that, for example, Peter’s assistant is Ralph Smith is not a wise move. This not only helps to leak a further individual’s contact details, but it reveals an insight into the chain of command that’s in place. And this could allow a criminal to impersonate Ralph Smith to gain further access to your data.

Final Thoughts

The key to a safer out-of-office auto-reply is to provide minimal specifics when it comes to your excursion. You shouldn’t provide contact details and it’s safer to simply state that you’re unavailable when it comes to your location. By reducing the amount of sensitive data in your auto-reply you should be able to thwart any criminals and any security risks.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Cybersecurity in 2018: A Review

cyber attacks, Cyber Security, Security, Security Threatshacking, malware, phishing, ransomware, securityOphtek, LLC

Jan 2019

2018, just like 2017 before it, was a year packed full of cyber-security threats that our network defenses constantly tried to keep at bay.

However, the sheer number of attacks that were launched throughout 2018 meant that it was inevitable that breaches would take place. Perhaps your organization was one of the lucky ones, perhaps you were just too late to get on board with good security practices and found yourself hacked. Either way, it’s almost certain that you encountered at least one form of hacking during the year. And, hopefully, your organization managed to, at the very least, learn from the situation and improve your defenses.

With 2018 coming to a close, I decided it was a good time to take a look back over the major threats we experienced to see what we could learn and how we can prepare for 2019.

Ransomware

2017 is known by many security insiders as ‘The Year of Ransomware’ as it appeared to be in the headlines constantly. However, in 2018 there was a sharp drop in ransomware activity. By the end of Q2 2018, Malwarebytes reported that ransomware had fallen out of favor with hackers and was now only ranked as the sixth most popular form of malware. It’s suspected that this drop in activity can be put down to a rise in user awareness of ransomware scams and, perhaps most importantly, the fact that organizations rarely paid any ransom fees. The threat of ransomware, of course, still remains albeit much reduced and vigilance remains key to avoid disruption.

Cryptomining

One of the main reasons for ransomware’s fall in popularity during 2018 is down to the increase in popularity of cryptomining malware. Kaspersky revealed that while ransomware infections have dropped by 30%, cryptomining infections rose by 44.5% over the same 12 month period. And this change in fortunes shouldn’t come as a big surprise. All ransomware guarantees is that a ransom demand will be issued, no incoming funds are guaranteed as organizations often refuse to pay due to having backups. With cryptomining, however, once the infection is in place, the hackers can begin to reap small financial benefits fairly soon.

Phishing Emails

Despite the crude appearance and execution of phishing emails, they remain one of the most deceptive threats out there to organizations. Capable of extracting highly sensitive data, phishing emails have continued to enjoy popularity with scammers and hackers. Data from Kaspersky demonstrates that the proportion of spam in email traffic reached 53.49% in September 2018 – up from 47.7% in April 2018. And, through Kaspersky’s defenses alone, just over 137 million attempts to direct users to scam websites were carried out through phishing methods.

Preparing for 2019

There’s never time to rest on your laurels in cyber-security and the data above clearly underlines this fact. While the recent horror stories of ransomware may, to a degree, be muted, this method of hacking has very quickly been replaced with the more discreet techniques of cryptomining. And this is all without mentioning the gargantuan risk posed from phishing emails which remain as popular as ever. Going into 2019, it’s crucial that your organization is aware of the signs, symptoms and ramifications of all the major hacking techniques they may encounter while at work. Only then will you stand your best chance of being protected.

For more ways to secure and optimize your business technology, contact your local IT professionals.

4 Questions You Should Ask Before Clicking an Email Link

Cyber Attack, cyber attacks, email links, malware, Phishing, Ransomware, Security, securityOphtek, LLC

Aug 2018

We receive so many emails in business now that they’re a keen target for hackers. As a result, your organization needs to be more wary than ever with email.

The most common way for a hacker to take advantage of emails is by loading them with malicious links. These can be used to extract personal information, activate ransomware or send users to dangerous websites. And these emails are more than likely hitting your organization every day. Whilst the majority of emails with links embedded in them are genuine, it only takes one rogue email to cause severe problems.

To help you avoid the wrath of hackers, we’ve put together four questions you should ask before clicking an email link.

Do You Recognize the Sender?

Trust is crucial when it comes to dealing with links contained within emails. If you don’t recognize the sender then the link should definitely be treated with caution as it could easily be a malicious link. Emails from work colleagues should be more trustworthy, but it’s always possible that their email account has been hijacked. So, even if you recognize the sender, there are still plenty of questions you need to ask.

Does the Link Look Genuine?

If you received an email advising you to visit the Ophtek website then it would look something like www.ophtek.com or ophtek.com. However, if a hacker is trying to trick you into visiting a malicious website then the link may read slightly different e.g. ophtek.org or ophteksupport.com. If you’re ever unsure about the URL listed in a link then try Googling the URL and see whether it brings up a genuine website.

The other factor to look out for is whether the link written in the email is genuine. While the link could say www.ophtek.com the actual destination contained within the link could be completely different. Thankfully, you can double check this by hovering your cursor over any email link to display a popup window that lists the genuine destination.

Do You Even Need to Click the Link?

A high number of malicious links prey on our worries, so, for example, emails that claim your bank account has been hacked are very common. The email will usually contain a link that promises to start an authentication process to secure your account, but these links are never genuine. More often than not, the email will reference a bank that you don’t even have an account with, so there’s absolutely no need to click any links inside it.

Why is it a Shortened Link?

Shortened links may save space in emails, but there’s no reason why they should be used in business emails. More importantly, shortened links – provided by platforms such as Bit.ly and Goo.gl – are yet another way that hackers can disguise the destination of a link. Shortened links are particularly difficult to judge as, even if you hover your cursor over them, it’s impossible to tell where they will send you. Help is at hand, though, from platforms such as CheckShortURL which can expand shortened links to show their true destination.

For more ways to secure and optimize your business technology, contact your local IT professionals.

« Previous 1 2

Category Archives: cyber attacks

The Dangers of Auto-Reply Emails

Final Thoughts

Ransomware

Cryptomining

Phishing Emails

Preparing for 2019

Do You Recognize the Sender?

Does the Link Look Genuine?

Do You Even Need to Click the Link?

Why is it a Shortened Link?