Healthcare Data Leak: The Cloud is still Not Secure

Cloud, Cloud Backup, Cloud Storage, Ophtek, Password Security, Security, Security Threats, , , , ,
29
Oct 2019

Is the Cloud Secure?

Cloud computing is seen as the future of IT, but concerns regarding its security remain. A case in point is the Freedom Healthcare Staffing leak.

Compromised data is always associated with various dangers and problems, but these are always magnified when the data at risk is personal. And the employees of Freedom Healthcare Staffing (FHS) now know what this feels like. Around 957,000 private records were found to be readily available to anyone with an internet connection. These records included drug test records, recruitment details and in-house communications among more technical networking details. Not only were these records available, but the opportunity to edit and delete this data was also an option.

As more and more organizations are moving towards cloud computing, it’s important to understand where FHS went wrong. Let’s see what we can find out.

What Happened with FHS?

The unsecured data at FHS was compromised for one reason and one reason only: negligence. The folder, which contained close to a million records, was on a publicly available drive and had no password protection. Therefore any web browser, such as Chrome or Firefox, could access the data without providing any administration credentials. To make matters worse, the technical data that was visible in this folder provided an opportunity for hackers to delve even deeper into the FHS network. After a security researcher from Security Discovery analyzed this compromised database they informed FHS and all records were quickly secured.

 

Why is Cloud Security So Lax?

Cloud storage is a relatively recent development in IT, so it should come as no surprise that there are teething problems with the technology. But this doesn’t mean data should be left unsecured. Unfortunately, many consumers feel as though the responsibility of their data security should lie purely with the cloud provider. This approach, as FHS discovered, can be highly dangerous. You only have to take a look at the attacks taking place on cloud based data to understand why.

Organizations need to adopt a shared responsibility mindset in order to protect their cloud. And this should incorporate the following:

Enhanced knowledge will, with time, allow us to understand the limitations of cloud security, but as FHS discovered it’s important to take a proactive approach immediately.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Windows Hit by New Enabler Malware

Cyber Security, malware, Ophtek, Security, Security Threats, , , ,
20
Aug 2019

Malware is well known for infecting systems and causing major problems from the second it’s executed. But certain strains of malware act as an enabler.

Security researchers have recently discovered one of these enablers and dubbed it SystemBC. It’s important to stress that SystemBC isn’t an immediate attack. However, it’s just as dangerous as your everyday malware. If not more dangerous. And this is why understanding how an enabler works is crucial for the security of your organization.

It’s always important, where PC security is concerned, to be proactive. So, to help you enhance your organization’s defenses, we’re going to run over the principles of the SystemBC malware.

What is the SystemBC Malware?

The simplest definition of SystemBC is that it enables other malware to unleash attacks. But how does it do this? The answer lies within SOCKS5 proxies. The average PC user will be unaware of what SOCKS5 proxies are, but this doesn’t mean they are impossible to understand. SOCKS5 is a method of internet communication that takes place between a client and a server. And it’s most commonly used in authorizing access to servers.

SystemBC takes advantage of these SOCKS5 proxies to overcome security systems and exploit vulnerabilities. The main method of exploitation is to illegally access a server and then install a command and control (C&C) server. With this C&C in place, SystemBC has the ability to cloak traffic and activity from other malware which can then spread outwards through the server.

How is SystemBC Distributed?

SystemBC has, at the time of writing, been discovered in both the Fallout and RIG exploit kits. These kits allow hackers to package together several different exploits in one product. These assorted exploits can work in synchronicity with each other or independently. And this makes them very dangerous. The Fallout and RIG exploit kits tend to focus on vulnerabilities in Flash and Internet Explorer, an approach which is exceptionally common when it comes to hacking.

Protecting Your Organization from SystemBC

The key to protecting your server from the threat of SystemBC is by being vigilant. Software patches remain the number one preventative measure when it comes to combating vulnerabilities. Software developers release these on a fairly regular basis, but also in emergencies when major vulnerabilities are discovered. And they need to be installed immediately. An exposed entry point to your network is a major threat to your security and plugging it is crucial.

One of the major problems facing organizations, in terms of IT security, is the use of legacy systems. These are systems which no longer receive support from their developers. If a vulnerability is discovered in such a system then it will remain there. It will not be resolved. Therefore, it’s vital that your organization regularly assesses the suitability of your PC systems for engaging with the internet. If a particular part of your network is no longer supported then it’s time to replace it. Otherwise you could soon find malware such as SystemBC making its home on your server.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

What are Malicious Websites?

Adobe Flash, anti malware, Company Updates, Hackers, malicious code, malware, Ophtek, PC Security, Security, , , ,
06
Aug 2019

 

We visit websites on a daily basis, but how do we know how safe they are? No matter how genuine they look there’s every risk they’re a malicious website.

It’s estimated that up to 18.5 million websites are infected with malicious content. That’s around 1% of the total number of websites online. It may not sound a huge percentage, but it’s a percentage that could cause your business significant trouble.  And it’s a problem that most organizations aren’t entirely clear on. Malicious emails, for example, are well known due to the scare stories that flood our newsfeeds. But we’re less informed about malicious websites. And that’s what makes them dangerous.

However, if you’re able to understand the basics of a malicious website then you’re going to be in a much better position to avoid falling victim. So, what are malicious websites?

What is a Malicious Website?

A malicious website is like any other website on the internet: you connect to it with a browser. But if you dig a little deeper you’ll soon realize why it’s unlikely to become one of your favorite websites. The main objective of a malicious website is to install malware on to your PC. And, in most cases, it won’t even ask permission. The moment that you land on a malicious website is the moment that the malware starts downloading.

But why is a malicious website so misleading? Well, hackers are incredibly clever and they’re even more deceptive. That’s why they design malicious websites to look as genuine as possible. We, as humans, make quick decisions based on first impressions and, in this busy digital age, this is never truer than when online. Malicious websites take full advantage of this. And the false layer of trust that this engenders can soon lead to us clicking on links that we really shouldn’t.

How Do You Protect Yourself from Malicious Websites?

No one wants to fall victim to a malicious website. But, without a prior knowledge of how to protect yourself, this is difficult. Thankfully we’re here to make things easier. That’s why we’ve put together this amazing set of safety tips:

  • Always keep your software updated and install the latest patches as soon as possible. Malicious websites are often used to distribute malware that targets software vulnerabilities. With this updated protection in place you can minimize one of the main threats of malicious websites.
  • It’s vital that you never install any software you’re unfamiliar with. Malicious websites are sometimes courteous enough to ask permission before installing their malicious content. And it’s easy to click the Yes button just to clear the screen of yet another pop-up window. But it can spell disaster for your PC. Therefore, always read pop-up windows carefully and, if you don’t trust it, leave that website immediately.
  • If you’re sent a link to a website that’s unfamiliar then you shouldn’t click it. But you should do some research first. The best way to verify a mystery link is to type that link into the search box of a search engine. The results should soon highlight whether that web address is trustworthy or dangerous.
  • Install internet security software that can identify malicious websites before they’re loaded up. Knowledge of malicious websites can spread quickly and this has led to massive databases being created to help alert users to those that contain a threat.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

How to Keep Your Business Servers Safe from Hackers

Backup and Recovery, Hacking, Security, Servers, Windows Server, , ,
21
May 2018

The computer servers that support your business are the backbone that keeps your organization productive, but how do you keep your business servers safe?

Every week seems to bring a new security threat and you can rest assured that the number and ferocity of these attacks isn’t going to subside anytime soon. Your business servers, of course, contain untold amounts of sensitive data that could be used to harm not only your business, but also your customers. Therefore, keeping on top of your servers’ security is paramount in protecting your data from the all too real threat of hackers.

To help you stabilize and improve the security of your business servers, we’ve put together a plan of recommendations to help you meet your security objectives.

Run an Antivirus. Regularly.

Viruses can spread from file to file very quickly and, before you know it, your entire server can become compromised. However, a piece of antivirus software can prevent the majority of existing viruses taking hold of your servers. Quarantining infected or suspicious files allows you to analyze anything that is flagged as potentially dangerous, so installing antivirus software really is a prerequisite of good security practices. And, to really maximize its effectiveness, run it regularly as an infection could occur at any point during in the day.

Update Your Server Software

Many pieces of malware work by exploiting security vulnerabilities in software such as Petya and NotPetya, but these vulnerabilities could be easily avoided by patching. Installing patches, though, can feel like a tiresome task, particularly when your organization needs to stay productive. To put things into perspective you need to weigh up the minimal downtime of installing updates against the havoc caused by an infected server. The answer’s pretty obvious, right? Install those patches and install them immediately.

Educate Your Staff on Security Threats

Your staff are the first line of defense against any cyber-attacks on your organization, so it’s crucial that they’re trained in what to look for and what to do in the case of an attack. Naturally, they’re not going to be partitioning infected servers or installing critical updates, but they can do the very basics. And this can be as simple as good password practices or understanding how to identify a phishing email.

Backup Your Data

Ransomware has become a major issue for businesses in the last couple of years and, in many cases, paying the ransom doesn’t even guarantee the release of your files. And this is why it’s vital that your organization embraces backups to help safeguard your data in the event of a ransomware attack. Backups have been a cornerstone of IT security since the dawn of the digital age and their importance should never be underestimated.

Keep Web Browsing Separate

The internet is a portal to untold amounts of information, but it’s also a gateway to untold security threats. And this is the last thing you want your business server exposed to. Providing internet access through a separate server (to your main server), therefore, allows you to minimize the risk to your most important data.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Hacking the Internet of Things For a Few Dollars

Company Updates, Cyber Attack, Hacking, Internet of things, IOT, Security, Security Threats, , , , ,
06
Mar 2018

The Internet of Things (IoT) has many security concerns, but perhaps one of the most pressing worries is that IoT devices can be easily hacked for just a few dollars.

A group of elite hackers have recently demonstrated the ease with which a hardware hack can be unleashed to take control of IoT devices. All they require to carry out the hack is an SD card reader, the ability to solder and a length of wire – all in all, this should come to around $10. And once they’ve taken control of the device they can not only exploit any data on there, but also use it as a stepping stone to get further into the network it’s on.

With the number of IoT devices expected to hit the 20 billion mark by 2020, the risk of attacks on these devices is only going to get greater and greater. And, for a business, where nearly every employee will have access to an IoT device, perhaps it’s time to get acquainted with this low cost and easy to deploy attack.

Hacking on a Budget

The hack in question is a flash memory attack and, as such, targets IoT devices which have a flash memory – in particular a form of memory known as eMMC flash. It’s likely that you’ve never heard of eMMC flash, but it’s built into a wide range of devices such as smart TVs, cell phones, tablets and even refrigerators. Just think about how many of those devices are in your organization and connected to your network – that’s right, it’s pretty scary. What, though, is this $10 hack?

Well, the hackers – who go under the group name of exploitee.rs – have revealed that they can gain read/write access to devices by taking a flash memory card and soldering wires to five specific places:

  1. Data line
  2. Clock line
  3. Command line
  4. Power line
  5. Ground

This access allows the hackers to start stealing data and to issue commands to the device before taking complete control of it. Once the flash memory card in question is put into an SD card reader, it can then be connected to a PC to glean complete copies of that device’s data inventory. And it’s at this point that the hackers are able to identify zero-day vulnerabilities in the device, vulnerabilities which can be applied to that specific device and any other unit of the same product.

With this information to hand, the hackers are then empowered to launch remote attacks against said device and, potentially, use these infiltrated devices to gain access to the networks they’re connected to. And all of this is possible because hardware manufacturers fail to secure flash memory on their devices, they’re only concerned with creating a front line defense with nothing behind it.

Managing IoT Security Concerns

Hardware manufacturers are slightly off the pace as demonstrated by this budget hack, so for the consumer it’s particularly troubling. As ever, the best advice is to install patches and firmware upgrades as soon as possible. However, when a hardware vulnerability is found it means that it has the potential to leave huge numbers of the same devices – if not all of them – at the risk of being hacked. Therefore, identifying the form of flash memory present in devices may become a major buying point for consumers.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 2 3 4