The Lowdown on Good Passwords and How They Work

Best Practices, Cyber Security, Ophtek, Password Security, Security, , ,
25
Jun 2019

We all use passwords on a daily basis, but do we know how they work? And how do you go about creating the best and most secure passwords?

Every day, in our home and business lives, we use an assortment of passwords to gain access to systems that are important to us. Entering passwords is such a regular occurrence that it soon becomes automatic. This regularity means that we pay little attention to the process. But we should. Passwords, after all, are what protect our data. And, in an age of huge data breaches, it needs protecting.

This protection can be enhanced with good passwords. For a good password to provide security, however, you need to understand how a password works.

What is a Password?

Passwords have been used since the dawn of time to gain access to secure areas. In ancient times, a visitor to a king’s palace would have gained access in exchange for a password. Fast forward several hundred years and very little has changed. Accessing a king’s palace may not be a major requirement in your life, but passwords are crucial in the digital age. Using a series of numbers, letters and symbols, a password helps you to gain access to computer networks, databases and social media.

How Does a Password Work?

It’s easy to enter passwords all day long, but understanding the process is another matter. What is it that allows a series of characters to grant you access to shielded content? Let’s take a look.

When you set up a password it’s not stored in the same form as it’s typed. Instead it’s stored as a hash. Using advanced cryptography, a hash takes your password and converts it into a number. These hashes tend to be 128 or 256 digits long depending on the encryption method. Either way they’re more complex than a 10-character password. These hashes are then stored in a file as a reference guide to verify the password entered. If the password matches the corresponding hash then access is approved. Otherwise, access is denied.

What Makes a Good Password?

Now you know how a password works you need to make sure you have a good password. The stronger your password is the less chance there is of a hack taking place. To strengthen your passwords make sure you:

  • Keep it Long: A longer password adds complexity. Hackers tend to target passwords through brute force attacks, so a longer password is more time consuming. Aim for around 15 characters as this isn’t too difficult to remember, but it also provides complexity.
  • Avoid Obvious Passwords: Many IT users go for simple passwords such as PASSWORD. And when that expires they add a number on the end. While these passwords are very easy to remember they’re as easy to guess. These types of passwords will be the first ones that hackers try. More often than not they’ll pay off. And that’s why you need to create a unique password.
  • Don’t Use Personal Information: Another common mistake with passwords is to use personal information such as your name or date of birth. This may feel unique, but it’s information that is researchable. Hackers are cunning and it won’t take them more than a few minutes to get this data. So, make sure that nothing contained within your password can be connected to yourself.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

5 Warning Signs that Your Network Has Been Hacked

Cyber Security, Hackers, Hacking, Network, Ophtek, Security Threats, , , ,
11
Jun 2019

A hacked network spells trouble for any organization, so it’s crucial that you understand the warning signs which indicate your network has been hacked.

When it comes to reducing the damage caused by a hacked network then speed is of the essence. Hackers work quickly and even if you only shave a few minutes off the time taken to recognize an attack it can make a huge difference. However, the warning signs that accompany a network breach aren’t necessarily obvious due to the technology at play and the stealth tactics adopted by hackers. Thankfully, these indicators can easily be learned and it doesn’t have to be by going down the tough road of experience.

That’s why we’re going to help you get prepared a for damage limitation strategy by discussing five warning signs that your network has been hacked.

The 5 Signs of a Hacked Network

Vigilance is an essential part of keeping your network secure, but due to the complexities of IT it’s difficult to keep an eye on everything at all times. However, by understanding the following warning signs you’re putting yourself in a much better position to protect your network:

  1. Mouse Cursors Moving On Their Own: With a breached network comes the possibility that remote hackers will take control of your PC. Therefore, it’s possible for them to assume control of a desktop and being interacting with it. The most obvious sign of this is a mouse cursor moving around on its own and clicking on files/folders.
  1. Encrypted Files: Ransomware is a major problem for businesses due to the obstacles it throws up by encrypting files. And that’s why if you’re suddenly unable to open files or they’re displaying an unusual filename extension it’s quite possible you’ve been hacked. Naturally, due to the infectious nature of ransomware, you’ll want to identify this network hack before it spreads further into your organization and locks up even more files.
  1. Reports of Unusual Emails Being Sent: One of the most popular methods for spreading malware is through email. Taking advantage of contact lists in email clients, malware can soon spread itself around the world with relative ease. So, if you receive reports from contacts that your organization has been sending suspicious emails from genuine addresses then it’s time to investigate. 
  1. Increased Network Traffic: The amount of traffic that your network experiences will tend to ebb and flow depending on the time of day, but it should average itself out most days. However, when you’ve been hacked then there’s a good chance that your network traffic will skyrocket as your resources are used to power other hacks such as DDoS attacks. Therefore, keeping a close eye on your network traffic and identifying any unusual activity should be an integral part of your network security. 
  1. Security Software Disabled: Hackers like to make their attacks as easy as possible, so one of their first moves upon gaining access to a network is to disable any security software in place. This allows them to operate freely and reduce the chance of getting caught. If you notice that your anti-malware software, or indeed any application has become disabled, then it needs reporting immediately to identify who has done this and why.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

What are the Basics of PC Exploits?

Best Practices, Company Updates, Cyber Security, Disaster Recovery, Ophtek, PC Security, software exploits, , , ,
02
Apr 2019

 

At the center of all unauthorized access to your computers or servers is a PC exploit. What are these exploits, though, and how do you protect against them?

Without the presence of an exploit, hackers find themselves in a position where gaining access to a victim’s PC is incredibly difficult. However, it suddenly becomes a lot easier if there’s an exploit available that they can take advantage of. It’s probably becoming clear, very quickly, that it’s crucial that you, as a PC user, also know about the existence of these exploits. Unfortunately, the level of knowledge that the average organization has regarding the nature of exploits is disturbingly low. And that’s why so many businesses fall victim to PC exploits.

If, however, your organization can begin to understand even the basics of PC exploits, then you stand to make your IT operations considerably more secure.

What is an Exploit?

The simplest way of looking at an exploit is by describing it as a hole in a security gate. Once hackers become aware of this hole then they can easily bypass your security by climbing through the hole impeded. If we’re talking slightly more technically, then this hole isn’t necessarily a hole but some form of weakness in your PC. These weaknesses can be found in operating systems, software code and any applications installed on your network. And the impact that exploits can have on these components can be devastating.

What Does an Exploit Do?

An exploit can work in a number of different ways; most commonly, a PC exploit is used to infect huge numbers of PCs. It only takes one PC to be infected to help kick-start a process whereby this infection spreads across networks within an organization and, eventually, across the world. This allows hackers to execute the following tasks:

  • Malicious software can be downloaded to PCs without the user’s knowledge
  • Vast amounts of sensitive data can easily be recorded and transmitted to remote locations
  • Ransomware can be used to encrypt data and extort payment in return for the un-encrypted data

How Do You Protect Yourself Against Exploits?

Exploits, of course, are the result of vulnerabilities that are already present on your PCs. Therefore, exploits are down to failures by developers and manufacturers in the design and testing phases of their products. As a result, once an exploit has been identified, any decent developer should work on remedying this exploit by producing a security patch. This patch can be installed on any vulnerable PC to effectively seal the hole in your security gate and keep any hackers out.

Final Thoughts

Exploits can cause major disruption to your organization very quickly due to the ease of access that they gift to hackers. Protecting your organization from these exploits, therefore, is vital to keep your PCs online and productive. Time and knowledge are important commodities when it comes to protecting against exploits, so make sure you remain up to date with not just the latest software patches, but also any breaking news on emerging exploits.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

What is the Difference Between Malware, Ransomware and a Virus?

Cyber Attack, Cyber Security, email security, Hackers, Hacking, malicious code, Ophtek, Ransomware, Security, Security Threats, , , , ,
26
Mar 2019

The terminology used to describe various hacks and security threats usually includes the terms malware, ransomware and virus, but what exactly are these?

It can get a little confusing when discussing the various security concerns that are floating around and this confusion can lead to a lapse in security. After all, if you’re reading about malware, but don’t know exactly what it is you’re reading about, then you’re going to be unable to act against it. And that’s why we’re going to take the time today to explore each particular category in a little more detail.

What is Malware?

Malware is very much an all-encompassing term for any form of malicious software, so this can include ransomware and viruses. However, we’re going to cover those two categories in depth later, so for now we’ll look at some other types of malware:

  • Spyware: Installed on a user’s PC without their knowledge, spyware is software that can be used to track user activity and then transmit this to a remote server e.g. keystrokes can be recorded to determine and steal login details.
  • Bots: Capable of bringing entire networks to a halt, bots are a particularly troubling form of malware that can easily harness the power of an infected PC to carry out spam email campaigns or DDoS attacks.
  • Rootkits: Highly conspicuous and deceptive, rootkits allow hackers to take control of infected PCs from a remote location. Usually installed at a root level, hence the name, rootkits provide privileged access to the victim’s PC.

What is a Virus?

Much like the common cold, a computer virus is an infection which can spread quickly and effectively. Exposure to a computer virus usually occurs when the PC encounters an infected website or file. Following this exposure, the virus is downloaded to the PC and executed. And this can generate the following results:

  • The PC startup process can become corrupted and leave users unable to log on to their workstation.
  • Performance levels can suddenly drop as your PCs processing power is handed over to the virus’ tasks.
  • PCs can find themselves spammed by numerous popup adverts which, if they’re particularly virulent, can soon crash the computer or slow it down significantly.

What is Ransomware?

Ransomware has grabbed countless headlines over the last few years and it remains a pressing concern for any business. Most commonly spread through phishing emails, ransomware’s main objective is to extort a ransom in exchange for the release of files it has encrypted.

Once the ransom has been paid then the hackers should, in theory, supply a key to decrypt the files. However, it’s becoming increasingly common for hackers to take the ransom, which is usually demanded in untraceable cryptocurrency, and leave the compromised files encrypted.

Final Thoughts

Whether you find your PCs affected by malware, a virus or ransomware, it’s clear that they spell danger for your organization. It may sound a little clichéd, but when it comes to malicious software then prevention is the best cure. And one of the best ways to prevent your PCs from falling foul of infection is by educating yourself on exactly what you’re up against.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Is Public WiFi Safe to Use?

Cyber Security, Free WiFi, Hackers, Ophtek, PC Security, WiFi, , , , ,
19
Mar 2019

Most public spaces from coffee shops through to shopping malls now contain some form of public WiFi, but are these public networks 100% safe to use?

When your office based employees connect to the internet, they’re making this connection through your own network. And this means that you’re able to monitor all incoming and outgoing activity. Rather that monitoring which websites your employees are visiting, though, the main reason for monitoring these connections is to make sure that nothing malicious is entering your network. Remote workers, however, are likely to take advantage of public WiFi as a considerable amount of their work will be completed away from your work connection.

Due to the unique nature of each and every public WiFi network, it’s crucial that you understand the concerns surrounding these types of connections.

The Dangers of Public WiFi

Public WiFi may appear to be extremely convenient, but there are a number of security issues attached to connecting to public hotspots such as:

  • Lack of Details: When you connect to a public WiFi network there’s no way of knowing exactly what you’re connecting to. This, in itself, is a dangerous move and is one of the main reasons why public WiFi is frowned upon by security experts. 
  • WPA2 Vulnerability: Most public WiFi uses WPA2 encryption to protect data, but the security of WPA2 has been called into question over the last few years due to the discovery of a major vulnerability in its code. 
  • Malware Threat: Due to the lack of security surrounding public WiFi networks, it’s very easy for a hacker to position themselves in between the connection point and, for example, your laptop. This allows the hacker the opportunity to discreetly upload malware to your device and execute its malicious payload.

Should You Use Public WiFi?

Clearly, there are a number of risks involved in using public WiFi and the simplest way to avoid these dangers is by completely avoiding these connections. However, there are certain scenarios where it’s crucial that your remote employee needs to connect to whichever network is available. And in these cases you should follow these best practices:

  • Use a VPN: A virtual private network (VPN) is a service that creates an encrypted connection between your device and the remote server of your VPN. Any hacker who manages to intercept this connection will only be able to view a highly encrypted message which will be absolutely useless to them. 
  • Verify the Connection: One of the simplest ways to evaluate the connection on offer is to double check the legitimacy of the available connections with an employee at the location in question. At the very least they will be able to confirm whether the connection is genuine or fake. 
  • Use Anti-Malware Software: Protecting yourself with anti-malware software should be a given, but when people are using remote devices they fail to appreciate just how vulnerable these are. Even the simplest form of anti-malware software provides an effective defense, so make sure your device is protected.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 5 6 7 8