Government Websites Compromised in Armenia

anti malware, Cyber Attack, Cyber Security, Hackers, malicious websites, Plugins, Security Threats, , , ,
07
Apr 2020

You would like to think that governments know a thing or two about cyber security. But a recent hack in Armenia has proved otherwise.

European security experts ESET have confirmed that numerous websites belonging to the Armenian government have been targeted and compromised by hackers.   The compromised websites have been infected with malware and pose a nasty security risk to visitors. It’s suspected that the hackers behind this attack are Turla, a Russian hacking group.

We’ve discussed malicious websites before, but this latest attack is a little different. Therefore, it’s crucial that you understand the unique methods behind the infection.

What’s the Story?

The suspected hackers have targeted several websites that come under the control of the Armenian government, but the same fingerprints have also been found on a few non-government websites. Regardless of which website is infected, the methods employed are the same. However, where this attack differs from normal is its selective nature. Rather than attacking every visitor that accesses the infected websites, the malware only targets high-ranking visitors. So, for example, a civilian visitor is likely to remain uninfected, but a government official will not be so lucky.

It’s intriguing that the malware is only interested in high-ranking officials and indicates that there could be a political angle to the attack. Speculation aside, what is known for certain is how the attack unfolds. Once a visitor has been established as ‘high-value’ a command-and-control server generates a malicious JavaScript code. This code is used to deliver a popup window prompting the user to download a Flash update. But while this does, in fact, install a genuine version of Flash, it also contains PyFlash. And this backdoor application allows hackers to gain full access to the infected PC.

How Do You Protect Yourself?

Naturally, the security risk of compromised government PCs is considered high. And, while it is unlikely to affect smaller organizations at present, the selective nature of the attack is troubling. Therefore, it’s important that you safeguard your business against similar attacks. This can be achieved by following these best practices:

  • Use Website Filters: One of the best ways to protect your organization from infected websites is by integrating website filters into your IT setup. These filters are backed up by huge databases, which are regularly updated, and will prevent your users from accessing websites considered a security risk. 
  • Prevent Software Installation: The majority of applications that your employees will want to install are likely to be genuine and safe. But, as with fake Flash updates, this is not always the case. And this is why it makes sense to enforce a complete blanket ban on unauthorized installs. Accordingly, any install requests should be submitted to an IT professional who can evaluate the risk of each proposition.
  • Block Popup Adverts: It’s rare that any PC user welcomes the appearance of a popup advert. And, with the risk of malicious popups so prevalent, it’s the last thing that an IT professional wants to see as well. Therefore, it makes sense to minimize this risk by installing a popup blocker. Not only will this reduce the risk of malware being installed, but it will also provide your PC users with an enhanced experience.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

5 Ways to Improve Your IT Efficiency

communication, IT Efficiency, Office IT, Ophtek, , , , ,
17
Mar 2020

Using the power of IT is one of the surest ways to enhance your productivity. But there’s a good chance that there’s still room for improvement.

It’s likely that IT already has a major presence in your organization. You may even feel as though you’re already operating at a high level. And, no doubt, you are. But technology advances at a rapid pace. And it’s plentiful. Therefore, it’s very easy to miss a new product or a new tip. However, it’s these missed opportunities which could give you a competitive edge. And that’s what every business strives for.

How to Improve Your IT Efficiency

It’s important to have a strategy in every aspect of your organization. And IT is no different. In fact, the demands of modern business make it a priority. So, to help you maximize your IT operations, we’re going to share 5 ways to improve your IT efficiency:

  1. Employee Training: As we’ve already touched upon, technology advances quickly. And it’s this progressive nature which can leave employees trailing behind. As a result, your productivity can take a major knock. But it doesn’t have to be like this. Your employees are your most valuable asset, so you need to respect this. And the best way to achieve this is with regular IT training. Work with them to identify any relevant gaps in knowledge and then arrange group training. 
  1. Improve Communication: Time is money in the world of business, so it’s critical that you make savings where possible. And IT is the master of time-saving solutions, particularly when it comes to communication. One of the simplest ways to improve IT efficiency is by adopting an internal communication platform. These platforms, which include Skype and Google Hangouts, allow employees to chat, share documents and collaborate. And all without leaving their desks. 
  1. Enhance Your Security: It’s always important to value security in the world of IT, but not enough organizations take it seriously. And this puts them at risk of significant threats such as ransomware and data breaches. This is why it’s crucial that you enhance your security. Simple steps such as increasing the strength of passwords and securing your hardware can improve your security no end. 
  1. Embrace Remote Working: The rise of remote working has been swift and has redefined the workplace. Employees who are not based in the office, such as salesman, can now connect with your IT systems from anywhere in the world. It’s one of the simplest ways to maximize your IT productivity. All your workers need is an internet connection. So, make sure that you establish a remote working policy which fits in with your existing IT systems.
  1. Keep Up to Date: Not every development in the world of IT will be of interest to your organization. But it’s important that you keep up to date with the many changes taking place. It’s possible that even a slight development in a specific area, such as data storage, could make a difference to your IT operations. Thankfully, it’s not difficult to achieve this. Just make sure that you bookmark several IT news sites and regularly check the headlines.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

SMS Authentication Isn’t as Secure as You Thought

Ophtek, Security Threats, SMS Authentication, Two Factor Authentication, , ,
10
Mar 2020

SMS is one of the most popular ways to confirm two-factor authorization. Accordingly, it’s been adopted by countless organizations. But is it secure?

Two-factor authorization is one of the simplest ways to maximize security. Instead of, for example, simply entering a username and password, two-factor authorization requires a little more. So, once the correct login details have been processed, a further level of confirmation is requested. One of the most popular ways to achieve this is through SMS. Users are sent a unique code which must then be entered into the system they wish to access. It’s one of the surest ways to confirm a genuine login.

However, the discovery of a vulnerability in SIM security has left security experts questioning the safety of SMS authentication.

The Problems with SIM Cards

The ease and simplicity of SMS authentication has made it a popular choice with IT experts and PC users. But a study by Princeton University has shone new light on the dangers of SMS authentication. It’s all down to a form of hacking known as a SIM-swap attack. A strain of social engineering, SIM-swap attacks involve deceiving phone carriers into swapping existing phone numbers over to new SIM cards.

With a new SIM card in their possession, the perpetrator is in the perfect position to hijack accounts and sail through two-factor authorization with ease. One of the most worrying aspects of the study was that some major phone carriers were involved. AT&T, Verizon, US Mobile, Tracfone and T-Mobile all failed to prevent SIM-swap attacks taking place. But how did this happen?

After a year-long study, the Princeton researchers were able to determine that deceiving a call center operator was relatively simple. To activate the SIM-swap process, all the researchers had to do was pass a single security challenge. Perversely, to reach this stage, the researchers had to deliberately submit an incorrect PIN. Once asked to confirm personal information, the researchers would plead ignorance to these requests. The next step, by the phone carriers, would be to request details about the last two calls made by that number.

You may think that his information is difficult to obtain, but it’s a lot easier than you would imagine. Social engineering can be used to trick victims into making phone calls quite easily, particularly when financial matters are mentioned. And it was with this information that the researchers were able to initiate the SIM-swap process.

How Can You Secure Two-Factor Authorization?

The results of the Princeton study are worrying and highlight a lack of security on the part of phone carriers. T-Mobile has since confirmed that they have eliminated call logs from their authorization process. But the fact remains that SIM cards have been highlighted as a weak link. And it’s recommended that your organization drops SMS authorization. The preferred method of two-factor authorization is with an authentication app. These apps generate unique two-factor codes on a phone, but remain inaccessible by the SIM card.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

How to Keep Your Remote Workers Secure

Network, Ophtek, remote workers, Security, Security Threats, , , ,
25
Feb 2020

Advances in technology have created an environment where clocking in at the office is no longer required. But remote working is not without security risks.

Remote working is on the rise with many organizations offering this option to their employees. The benefits of remote working are numerous and apply to both employers and employees. But, away from the relative security of the office, remote working poses a number of security risks. Therefore, it’s crucial that your business finds a healthy balance. You need to develop a remote working environment which not only provides flexibility, but is also secure.

Achieving this combination is relatively easy. You just need to know how. And, thankfully, we’re going to show you how.

Keeping Remote Workers Safe

Remote workers are, to a certain degree, a law unto themselves. After all, working from a remote location means that immediate monitoring is next to impossible. So, you need to invest a certain level of trust. But we’re living in an age where cyber-attacks are reaching record highs. And this is why you need to help protect your employees in the following ways:

  • Security Training: Your employees are your main defense against security attacks, so they need the correct training to remain safe. And this applies to remote workers more than any other employee. Regular training on security protocols and updates on contemporary threats need to be put in place. 
  • Use Two-Factor Authentication: One of the surest ways to secure your remote workers is by putting two-factor authentication in place. This is a security procedure by which users have to provide additional information alongside a username and password. This can take the form of a PIN number sent to a mobile device or a secret question. It only takes seconds to pass two-factor authentication, but the enhanced security it provides is priceless. 
  • Monitor Devices Closely: It’s important to keep a regular eye on any company issued devices that are used remotely. For one thing, you need to make sure that your employees are working as they should be. But, when it comes to security, you should make sure you are analyzing their usage e.g. visiting malicious websites and connecting external devices such as USB drives. 
  • Implement a VPN: A virtual private network (VPN) is essential for remote workers. It’s difficult to guarantee that remote connections are fully secure, but a VPN solves this problem. Using multiple layers of encryption, a VPN protects any data being transmitted or received by remote workers. Therefore, data such as financial records and customer details will be secured from any external forces. 
  • Use Strong Passwords: This may sound simple, but a weak password is easier to crack than a complex one. However, this advice is ignored more often than you would think. So, you need to remind your employees of the importance of password security. And you need to prompt them to regularly change their passwords. Thankfully, creating strong and unique passwords is easy once you learn the basics. 

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Coronavirus Malware Spreads Round the World

Ophtek, Phishing, Phishing Email, Security, Security Threats, , ,
18
Feb 2020

The coronavirus is the latest health scare to be spreading across the globe. Hackers, as clever as ever, are using this fear to spread malware.

Hackers are innovative criminals and are constantly on the lookout for exploits. Sometimes these are software vulnerabilities that leave back door opens. But these exploits can also take the form of social engineering. And this is how hackers are taking advantage of the panic caused by the coronavirus.

It’s always important to safeguard your defenses with the best security software, but this isn’t enough. Threats such as social engineering require a concerted effort to be made by individuals. So that’s why we’re going to take a look at the threat posed by the coronavirus malware.

What is the Coronavirus Malware?

The entire planet is preparing and educating themselves for the fight against the coronavirus. Naturally, this means that millions of people are heading online to learn more about the disease. Now, although the internet poses no threat to your physical health, the same cannot be said for your digital security. And this is because cyber criminals are disguising malware as educational documents on the coronavirus.

These documents, which have been detected as docx, pdf and mp4 variants, promise to be helpful. But, rather than containing useful information on the coronavirus, these documents actually contain a wide range of malware threats. So far, Kaspersky, have identified 10 file variants that include various Trojans and worms. However, given the on-going threat of the coronavirus, it’s likely that the number of malware threats will increase.

The most common method to spread this malware is through phishing emails. And, as with all social engineering, the bait is very convincing. The emails claim to be distributed by the Centers for Disease Control and Prevention, but this is a false claim. If you look a little closer you will discover that the domain these are sent from is incorrect. The official domain for the CDC is cdc.gov but these malicious emails actually originate from cdc-gov.org. These emails contain a link which, rather than taking you to an advice page, takes you to a fake web page that aims to steal your credentials.

How to Protect Yourself Against the Coronavirus Malware

Hackers are using a variety of methods to exploit the coronavirus to cause digital chaos. Infected documents threaten the security of your PC systems and phishing emails have the potential to steal personal information. Therefore, you need to protect yourself by following these best practices:

  • Only Open Trusted Files: The only files that you should ever open on a PC are ones that come from a trusted source. If there’s even the smallest doubt over the legitimacy of a file you shouldn’t download it. Always check with an IT professional before going any further. 
  • Always Hover Over Links: Emails, and websites, can easily display a web link which disguises its true destination. A link that, for example, claims it will send you to an official government website can easily send you somewhere else. However, if you hover your mouse cursor over a link, this will prompt a popup which displays exactly where it will take you. 
  • Install Security Software: A sure fire way to avoid the wrath of malicious websites is by working with security software. These applications are regularly updated with details of malicious websites and will put an instant block on visiting them.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 12 13 14 15 16 49