Healthcare Data Leak: The Cloud is still Not Secure

Cloud, Cloud Backup, Cloud Storage, Ophtek, Password Security, Security, Security Threats, , , , ,
29
Oct 2019

Is the Cloud Secure?

Cloud computing is seen as the future of IT, but concerns regarding its security remain. A case in point is the Freedom Healthcare Staffing leak.

Compromised data is always associated with various dangers and problems, but these are always magnified when the data at risk is personal. And the employees of Freedom Healthcare Staffing (FHS) now know what this feels like. Around 957,000 private records were found to be readily available to anyone with an internet connection. These records included drug test records, recruitment details and in-house communications among more technical networking details. Not only were these records available, but the opportunity to edit and delete this data was also an option.

As more and more organizations are moving towards cloud computing, it’s important to understand where FHS went wrong. Let’s see what we can find out.

What Happened with FHS?

The unsecured data at FHS was compromised for one reason and one reason only: negligence. The folder, which contained close to a million records, was on a publicly available drive and had no password protection. Therefore any web browser, such as Chrome or Firefox, could access the data without providing any administration credentials. To make matters worse, the technical data that was visible in this folder provided an opportunity for hackers to delve even deeper into the FHS network. After a security researcher from Security Discovery analyzed this compromised database they informed FHS and all records were quickly secured.

 

Why is Cloud Security So Lax?

Cloud storage is a relatively recent development in IT, so it should come as no surprise that there are teething problems with the technology. But this doesn’t mean data should be left unsecured. Unfortunately, many consumers feel as though the responsibility of their data security should lie purely with the cloud provider. This approach, as FHS discovered, can be highly dangerous. You only have to take a look at the attacks taking place on cloud based data to understand why.

Organizations need to adopt a shared responsibility mindset in order to protect their cloud. And this should incorporate the following:

Enhanced knowledge will, with time, allow us to understand the limitations of cloud security, but as FHS discovered it’s important to take a proactive approach immediately.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

New Domen Malware is Highly Advanced and Dangerous

Domen, malware, Ophtek, pop ups, Security, Security Threats, , , ,
24
Sep 2019

There’s only one thing worse than malware: clever malware. If it’s clever then it will to be difficult to detect and remove. And Domen is exactly that.

You probably haven’t heard of Domen before, but that’s because it’s a brand new toolkit. And it’s a toolkit which is fiendishly clever. What a hacker classes as ‘good’ malware is one that is deceptive and skilled in the art of subterfuge. If it can adapt to different scenarios and conditions that it’s even better. And, again, Domen ticks these boxes.

It certainly doesn’t sound appealing, does it? And I’ll bet my bottom dollar that you don’t want your organization to fall victim to it. Well, to help you avoid the perils of Domen, let’s hold it up to the light and see what we can make of it.

What is Domen?

Social engineering is a key part of the modern hacker’s arsenal, so it’s no surprise to see Domen clutching it so closely to its digital chest. A toolkit, of course, is much more than one single application. As the name suggests, it’s packed full of different applications that can work individually or side by side to maximize its impact. Domen is most likely to be found housed within the code of a compromised website – sites based upon WordPress are particularly affected – where it lurks discreetly and quietly.

However, Domen will not lurk discreetly for long. Nonetheless, when it does make an appearance it takes a keen eye to spot that anything is amiss. The infected website will generate a pop-up window that contains a link to a malicious download. This download will initiate a PowerShell attack that leaves your PC at the mercy of hackers who will gain full control of it. Dangerous pop-up windows are nothing new, but Domen differs in that it’s adaptive to the PC it’s attacking.

Domen has been designed so that it identifies the operating system, the user’s location and their browser. It’s at this point that the social engineering aspect comes into play. Domen uses this unique data to tailor a specific pop-up window that urges the user to download a necessary update. So, for example, if you’re using a Chrome browser then a pop-up will appear for a Chrome update.  And, if you’re based in France, for example, the content will be written in French.

Protecting Your Organization from Domen

It’s important that you practice vigilance when working with PCs as malware is so prevalent in the digital age. Evidence of malware such as Domen being present can include:

  • Your default browser homepage changing to something new without your authorization
  • New software installed and loading at startup
  • Evidence of remote access to your PC taking place

Thankfully, the PowerShell attack – initiated by the download of a .hta file – can be thwarted by protecting yourself with any good cyber-security suite. The tools contained with these suites should be able to identify the malicious .hta file and prevent it from executing on your PC. However, this can all be prevented by being vigilant and ignoring any suspicious pop-ups.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Windows Hit by New Enabler Malware

Cyber Security, malware, Ophtek, Security, Security Threats, , , ,
20
Aug 2019

Malware is well known for infecting systems and causing major problems from the second it’s executed. But certain strains of malware act as an enabler.

Security researchers have recently discovered one of these enablers and dubbed it SystemBC. It’s important to stress that SystemBC isn’t an immediate attack. However, it’s just as dangerous as your everyday malware. If not more dangerous. And this is why understanding how an enabler works is crucial for the security of your organization.

It’s always important, where PC security is concerned, to be proactive. So, to help you enhance your organization’s defenses, we’re going to run over the principles of the SystemBC malware.

What is the SystemBC Malware?

The simplest definition of SystemBC is that it enables other malware to unleash attacks. But how does it do this? The answer lies within SOCKS5 proxies. The average PC user will be unaware of what SOCKS5 proxies are, but this doesn’t mean they are impossible to understand. SOCKS5 is a method of internet communication that takes place between a client and a server. And it’s most commonly used in authorizing access to servers.

SystemBC takes advantage of these SOCKS5 proxies to overcome security systems and exploit vulnerabilities. The main method of exploitation is to illegally access a server and then install a command and control (C&C) server. With this C&C in place, SystemBC has the ability to cloak traffic and activity from other malware which can then spread outwards through the server.

How is SystemBC Distributed?

SystemBC has, at the time of writing, been discovered in both the Fallout and RIG exploit kits. These kits allow hackers to package together several different exploits in one product. These assorted exploits can work in synchronicity with each other or independently. And this makes them very dangerous. The Fallout and RIG exploit kits tend to focus on vulnerabilities in Flash and Internet Explorer, an approach which is exceptionally common when it comes to hacking.

Protecting Your Organization from SystemBC

The key to protecting your server from the threat of SystemBC is by being vigilant. Software patches remain the number one preventative measure when it comes to combating vulnerabilities. Software developers release these on a fairly regular basis, but also in emergencies when major vulnerabilities are discovered. And they need to be installed immediately. An exposed entry point to your network is a major threat to your security and plugging it is crucial.

One of the major problems facing organizations, in terms of IT security, is the use of legacy systems. These are systems which no longer receive support from their developers. If a vulnerability is discovered in such a system then it will remain there. It will not be resolved. Therefore, it’s vital that your organization regularly assesses the suitability of your PC systems for engaging with the internet. If a particular part of your network is no longer supported then it’s time to replace it. Otherwise you could soon find malware such as SystemBC making its home on your server.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

6 Reasons Why You Should Invest in Cyber Security

Cyber Attack, Cyber Security, Hackers, Hacking, malware, Ophtek, Password Security, PC Security, Secure Website, Security, Security Threats, , , ,
23
Jul 2019

Cyber-attacks are on the rise, so protecting your business has never been more important. But what exactly are the benefits of cyber security?

We all know about the need for firewalls and anti-virus software. They provide us with a layer of defense from the legions of hackers itching to access our data. Those who are new to the world of IT, however, are unlikely to know why they need cyber security. What can it deliver? Well, let’s run through six reasons why you should invest in cyber security:

  1. Protects Your Data: Businesses work with huge amounts of data in the 21st And, whether its employee or customer data, it’s going to be sensitive. This needs to be protected to prevent identity theft or financial damage. A professional approach to cyber security will reduce this threat and protect the integrity of you data. 
  1. Maintains Productivity: While the headlines regarding cyber-attacks always focus on data and costs, they fail to look at the impact on productivity. If, for example, a ransomware attack hits your network then critical files are going to be out of action. This means that your employees will be unable to work. And the impact that this can have on your organization’s productivity can be devastating. 
  1. Financial Damage: Cyber-attacks can hit a company where it hurts: the bank balance. Ransomware demands are, naturally, the most obvious cause of financial distress, but there are others. A drop in productivity can soon lead to a drop in sales which can significantly impact your revenue streams. And there’s also the chance that irreparable damage could be caused to your hardware resulting in the need for new purchases. 
  1. Protects Your Website: One of the cornerstones of a successful marketing strategy in the 21st century is a website. Whether it’s being used to promote your services or sell them it needs to be running 24/7. It’s a crucial communication channel, but it’s also one that’s regularly targeted by hackers. With the correct level of investment in cyber security you can limit the risk of it being compromised. This keeps your website running and ensures that your marketing strategies can run smoothly. 

  1. Keeps Malware Out: Malicious software, better known as malware, is the bane of all security professionals. Capable of causing massive damage to IT infrastructures, malware is a form of hacking which embraces subterfuge and results in untold problems for the victims. It can steal data, it can slow down systems and even set up attacks on other businesses. But if you invest in cyber security then then the chances of malware activating its payload is reduced. 
  1. Provides Customer Confidence: Consumers are wary of data security more than ever in the digital age. Therefore, inspiring trust in your IT systems is essential. If you can demonstrate that you’re working with professionals to protect your customers’ data then you can inspire this trust. Not only will you be able to protect your customer’s data, but you will enhance their loyalty to your brand.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

What are the Best Ways to Secure a PC Workstation?

Ophtek, PC Security, PC Tools, Security, Security Threats, , ,
09
Jul 2019

It’s crucial that PC networks are secure and protected. But this doesn’t mean that individual PCs should be neglected when it comes to security.

There are plenty of threats awaiting your employees’ workstations. And these are often threats that are difficult to monitor and identify. Protecting each individual workstation should be a priority. You can achieve this by providing training to your employees. Educating them in the best practices of workstation security allow you to enhance security. And there are measures that you, as an organization, can also take to protect your workstations.

The Best Ways to Secure a PC Workstation

The damage that can be caused from a single PC can have wide reaching implications for your organization. So, protecting these workstations is essential. Make sure you implement the following:

  • Lock Screens: When employees go to lunch they have a tendency to leave their PC unattended. And this is very dangerous. Anyone passing, be they an employee or a visitor, has the opportunity to access the data on that PC. You don’t have to be a security expert to understand how serious a threat this is. However, the threat can be completely nullified by encouraging your employees to lock their screens. In Windows 10 all you have to do is hit the Windows key and the L-key to password protect your screen. 
  • Disable USB Ports: USB ports are a major security risk to workstations as they allow a multitude of devices to connect to your PC. These can be as innocent as a charging device for your phone, but there’s also the potential for malware to be uploaded to the workstation. There’s a myth that gluing up USB ports is a suitable solution, but the truth is that this approach is amateur at best. Instead your IT team needs to be disabling power to these ports to prevent unauthorized devices being connected. 
  • Encrypt Personal Files: Every employee will have unique and sensitive files on their workstations. Giving these files a high level of security should be a priority. And your employees have the opportunity to strengthen this security. All they need to do is encrypt the folders that contain these files. By right clicking the folder in question you can move through Properties and then click the Advanced button to access Advanced Attributes. In here you can select encryption options and set a unique password. 

Final Thoughts 

It’s important that your organization and employees work together to strengthen workstation security. Training should always be a priority. A good training program will deliver skills that are invaluable in protecting workstations. And, by protecting individual workstations, you are significantly reducing the threat of any data breaches.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 3 4 5 6 7 12