14 Jun

Ransomware Adopting Self-Replication

Although some may have hoped that the threat of ransomware was on the decline, the reality is that it’s quite the opposite. Until now, attacks seemed to be targeted directly at its victims, but Microsoft warns that may no longer be true. With their discovery of self-propagating ransomware it’s vital to fully understand the possible risk of infection.

 

Ransomware, the malware that locks up infected systems and demands payment to return access to users, has been steadily increasing its infection rate over the course of this year. Enigma Software reported that, “After staying steady for the last six months of 2015, ransomware detection has begun to climb; February saw a 19 percent increase over January, while March had almost a 10 percent increase over February. Then, in April, infections more than doubled.”

 

And as if that wasn’t frightening enough, Microsoft announced last week that a recently detected ransomware software was found copying itself onto USB and network drives. The ransomware, titled ZCryptor, disguises itself as either an Adobe Flash installer or a Microsoft Office file to trick users into opening it.

 

Once opened, it displays a prompt that says “There is no disk in the drive. Please insert a disk into drive D:”. If you see this after opening a suspicious file, it is most likely ZCryptor trying to distract you while it works in the background to add a registry key that buries itself deep in your system and begins to encrypt your files.

 

Although previous ransomware iterations like Alpha Ransomware had the ability to find and encrypt files on shared network drives, security experts believe this is the first time a ransomware variant has included self-replication via removable drives into its framework.

 

When it was first detected in May, Microsoft found ZCryptor singling out 88 different file types for encryption. However, later on a security expert analyzed the ransomware and found 121 targeted file types — inferring that creators of the malware were continuing to develop its source code.

 

It’s commonplace for ransomware to demand payment to be made in Bitcoins as they’re an almost totally untraceable online currency. ZCryptor is no different, demanding 1.2 Bitcoins (500 USD) unless payment is more than four days after infection — then it increases to five Bitcoins (2,700 USD).

 

Compared to other more complex security threats, ransomware is still relatively easy to avoid. Always verify the source of email attachments and website downloads before opening files, disable macros in Microsoft Office programs, maintain regular backups and update your security software.

 

Still concerned about security at your SMB? It doesn’t have to be as difficult and draining as you may think. Contact us today for advice on keeping your network protected around the clock. Reach us at 1-866-BIT-WISE or sales@eitnetworks.net

Share this
11 Mar

How to Securely Transition to Office 365

It’s easy to see why Office 365 is an attractive solution for small and medium-sized businesses already familiar with the Office interface. More and more companies are making the move to the cloud, but many have yet to complete their transition and still rely at least in part on on-site SharePoint systems. When you’re ready to migrate, the move from SharePoint to Office 365 presents numerous security challenges to prepare for – not least because breaches are far more likely to be caused by localized issues than insufficient protection on Microsoft’s part. Here’s what you need to do to ensure you’ve got security covered when you make the leap to migrating from SharePoint to Office 365.

 

Identify your company’s sensitive data…

 

It’s so easy to create sites within SharePoint that businesses often have far more than they realize, covering just about every aspect of their operations. And it’s natural, of course, for at least some of the files housed within those sites to contain sensitive commercial or personal data. The key is ensuring that sensitive information is adequately identified and protected. Do this by conducting a security audit before you undertake your migration.

Your audit should identify the types of data stored in the various parts of your SharePoint network, including which specific information needs extra safeguarding. Be sure to consider everything from trade secrets and contract details to the personal information of your clients.

 

…and then restrict access to it

 

Once you’ve worked out where your most precious data lies, you can check who currently has access to it and whether their access is appropriate. After all, it’s not necessary for everyone to be able to get at all the data your company owns; it’s far better to operate on a need-to-know basis, with a reasonable level of flexibility.

Ensure that each of your employees has access only to the data that’s necessary for them to perform their duties. When you make the switch to Office 365, you’ll find that it allows you to conveniently set these different levels of permissions, including for external partners with whom you collaborate.

 

Trust nobody and suspect everybody

 

We say that lightheartedly, of course – it would be counterproductive to become so security-paranoid as to suspect everyone is attempting foul play with your company’s data. Nonetheless, it’s wise to consider everyone in your organization when it comes to auditing data access permissions – and that includes system administrators who might be assumed to have master access to every element of your network infrastructure.

A rogue administrator is the stuff of nightmares, since their elevated position gives them much greater leeway to siphon off valuable data without being noticed – or even to allow others to conduct questionable business and bypass the usual built-in security precautions. Overcoming the danger of an all-too-powerful administrator admittedly becomes easier if you have more than one on staff, but even in smaller businesses you can mediate some of the risk by regularly checking on your administrator’s usage and ensuring that their top-level system permissions remain justifiable.

 

Use machine learning to foresee security breaches

 

Every action performed by your staff within Office 365 is automatically logged, and with relative ease you can pull reports that allow you to analyze these. But the sheer number of events taking place within Office 365 in the course of your business’s normal operations means that even attempting to identify questionable behavior will be akin to the proverbial needle and haystack. That’s not to say it’s unwise to be on the lookout for anomalies in normal usage – the export of unexplainably large volumes of data, for instance, could suggest that a member of your team is leaking intelligence to a competitor, or that they’re about to jump ship and take your trade secrets with them.

Thankfully, it’s possible to leverage the developing power of machine learning to identify potential breaches before they happen – without the need to wade through unmanageable swathes of perfectly normal data. Graph API is incorporated into Office 365, and allows for the integration of machine learning tools into your security environment to achieve just that. The same tools can also help you avoid being caught out by hackers, by identifying system login attempts from locations that are out of the ordinary; you should bolster this protection by religiously removing inactive accounts and those of departing employees.

 

By covering these essential security considerations when it comes to your migration, you’ll be one step closer to ensuring you strike the right balance between the powerful collaborative features of Office 365 and the robust safeguards your business’s integrity demands. To find out more about how we can help your Office 365 migration run smoothly, or what other business benefits you can derive from cloud-powered technologies, just give us a call at 1-866-BIT-WISE or email sales@eitnetworks.net.

Share this
26 Feb

CAUTION: This Malware can Erase Your Android!

The smartphone. It may seem like the last safe haven from online security threats. As it rests snugly in your pocket, you may never even think a virus, trojan or other malware could ever touch it. And even if it did, how much damage could it really cause? Well, for Android users, we’ve got some bad news. There’s a new malware in town that can cause catastrophic damage to your phone and data. In fact, it can wipe out all your personal data completely. Here’s the full scoop on this terrifying malware, and some simple tips to prevent it from infecting your Android.

 

How does it work?

 

Mazar, as the malware is known, spreads exclusively via links in a text message. Once the user clicks on the link, Tor software is downloaded, which hides the source of the malware by allowing anonymous Internet connections. Then with little chance of being noticed, mazar is downloaded onto the phone.

 

What’s the risk?

 

Not only can mazar erase all your personal data, but it can also wreak havoc on your phone in other ways. If your Android is infected, the malware can secretly monitor your device, send text messages, and take control of your settings and keys. Similar to trojan malware, mazar creates a backdoor to your smartphone for cyber criminals to enter. Once the hacker is in, he can control your Android as however he sees fit.

 

How can you protect your Android?

 

If the language setting of your phone is set to Russian, you are safe. So unless you’re looking to take up a second language, the best security measure is to be cautious of all text messages you receive on your phone. Just like your mother taught you not to talk to strangers, you should also avoid clicking on their links. But you should also be wary of texts from friends because, as most of us know, hackers can easily disguise themselves as those close to us.

Lastly, there is one small, practical step that may help prevent mazar from infecting your Android. Simply switch off the security setting that allows apps from unknown sources to be installed on your phone.

 

As an MSP provider, we at EIT Networks know how stressful security issues can be. The worry can cause you to lose focus and be less productive. That’s why we want our customers to know that we’re always there to offer security tips and solutions to keep your data safe. Whether you’re looking for a security solution for your Android or for your business, give us a call at 1-866-BIT-WISE or email sales@eitnetworks.net, and we’d be happy to give you some peace of mind.

Share this
14 Jan

Google and Password-Free Logins

Passwords such as “Password123”, “Mycomputer” and the classic “123456” can pose a very real threat to small and medium sized businesses everywhere. Easy to crack and hack, if your staff are logging in to company accounts with over simplified passwords, they are putting your business at risk. Adding to the danger, phishers also know that people are always the weakest link in a security chain. To address these issues, Google is trialing a new way of logging in, but what is it and how does it work?

 

So what exactly is Google’s master plan for squaring up to malicious phishing attempts and the perils caused by easy-to-crack passwords? The tech giant is currently trialing a new login option for Google account users. This will let anyone who has enabled the option to log in using their smartphone, completely eliminating the point at which you would normally enter a password. The system uses your phone to verify your identity by sending you an alert that gives you the option of whether or not to log in to your account.

 

During the trial stages, the folks at Google have invited what they are terming “a small group of users” to test out the potential password-free function on their personal Google accounts. The method appears to be easy to use and, if the trial is a success, could offer a far more secure way of accessing an account. By authorizing your phone to let you log in, you are effectively removing the need for a password.

 

To initiate a log in, the testers type in their email address on their PC or Mac. This will be followed up with a notification on their phone asking them whether they wish to log in to their Google account. All they then do is click the “yes” option and the computer will log them in automatically. For anyone concerned about not being able to log in due to their phone having a flat battery, being forgotten at home, or worst case scenario lost, there is no need to worry for the option remains to log in the traditional way by clicking a link saying “Use your password instead” at the bottom of the page.

 

Should the trial go ahead and password-free smartphone authentication becomes the norm, the advantages from a security perspective are clear. As stated above, simple passwords simply don’t protect accounts properly. Should someone – whether a hacker, a dishonest employee with an agenda, a recently fired employee with a grudge, or a competitor – put their mind to it, figuring out poor passwords is really not that hard, especially if they have insider knowledge about the user. Date of birth, favorite football team, an unfortunate obsession with Justin Beiber – these are all things that can be used to crack a password. And let’s not even get started on Password123.

 

The other thing of significant importance is the fact that should password-free log in go ahead, it will stop phishers in their tracks. The phishing ‘business’ is a booming one and those unscrupulous people who contact end users and attempt to extract personal information from them by pretending to be from a trustworthy source could find that their days of stealing passwords are numbered. If the phone becomes the means to log in, the phisher is rendered impotent. There is no password to hand over and of course the phisher doesn’t have access to the phone to click the “yes” button.

 

Google has made a few facts clear to its guinea pigs. The first of which is that the trial works on both the iOS and Android platforms. Users can still log in with their existing password should they desire and Google’s “unusual sign-in” policy remains in place should they detect anything suspicious and need the user to complete an extra step as proof it’s really them.

 

Should password-free, smartphone login be launched it would be a massive step in the right direction towards plugging the security holes that are caused by human error or carelessness. Setting a password such as “123456” might seem kind of dumb, but it’s amazing just how many people do! At the other end of the scale, phishers can be frighteningly convincing and are able to con even the most tech savvy or diligent users out of passwords, credit card details and more.

 

If you’d like to know how we can help you ensure that you are operating in the safest possible security environment, contact us today at 1-866-BIT-WISE or helpdesk@eitnetworks.net.

Share this
16 Oct

Facebook Tips for Security and Ease

While many people go on Facebook to check in with their friends, family, or customers, a lot of people simply don’t have the time or desire to take a closer at how to improve their user experience. And if you’re like most people, you probably know how to use Facebook well enough that you don’t feel like you need to bother learning anymore. But you may be missing out on handy tips and settings that can make your Facebook experience more secure and convenient. Here are five of them.

 

Know if you forget to logout

 

It happens to the best of us. You used a computer other than your own and are unsure if you logged out. So what do you do? No need to worry, Facebook makes it incredibly easy to find out which devices you’re currently logged in on.

Just navigate to Settings, Security and then Where You’re Logged In. From there, you can see all the devices you’re logged into, and logout remotely from any of them.

 

Save interesting articles for later

 

Have you ever noticed an interesting article in your news feed that you’d love to read, but don’t have the time to do so there and then? Have you tried to find that same article later with little luck? Never deal with this annoyance again. Many people are completely unaware that Facebook allows you to conveniently save articles for later reading.

To do this, click on the drop-down arrow in the upper right-hand corner of the article, and then click Save link. When you finally have a free moment to give the article a read, click on the Saved tab located under Favorites in the left-hand sidebar on the news feed page.

 

Export important event dates to your calendars

 

If you’ve ever missed a birthday or an event because you forgot to list them on your main calendar, this Facebook tip may come in handy. You can export all these important dates to your Google or Apple calendar.

To the left of your news feed, click on the Events tab. Navigate to the highlighted box (very bottom of the right-hand side) that reads You can add your events to…, and then click the Learn More link. This will take you to a page that explains how to export your events and birthdays.

 

Set alerts for new logins

 

Paranoid about someone hacking into your account? If so, you can easily set alerts to notify you right away if someone logs into your account from a new device.

Navigate to Settings, Security and then Login Alerts. From here, simply choose how you’d like to be notified of suspicious logins from new devices or browsers: by email, text message, or Facebook notification.

 

Lose the targeted ads

 

You may have noticed that ads of businesses you’ve visited on the web have somehow found their way into your Facebook news feed. This is by no means an accident. Like other websites that use targeted ads, Facebook uses cookies to determine which sites you’ve visited, and then shows you ads from those same sites.

If you’d like to turn ad targeting off, navigate to Settings and then Ads. From here you can change all the settings that determine the types of ads you see in your Facebook news feed. While there’s no way to completely turn off ads altogether, by changing your settings here you can make the ads you see more random and less personal. Essentially, your internet activity will no longer be tracked by Facebook cookies.

 

Interested in more Facebook tips? Want to learn how to leverage the social network to grow your business? Get in touch with our IT experts today at 1-866-BIT-WISE or sales@eitnetworks.net.

Share this
09 Oct

Best Browser Extensions for Security

Protecting your privacy online is crucial in today’s world to avoid data breaches, malware attacks, and other mischief hackers can throw your way. The easiest way to do this is through browser extensions, but the question is which is best? Here, we’ll take a look at the most popular browser extensions that promise to protect your online privacy.

 

AdBlock Plus (Chrome/Firefox/Safari)

 

AdBlock Plus blocks ads, scripts, and popups on your browser. It kills third-party scripts and widgets that send your data to who-knows-where. Be careful you use it properly, the extension can break the sites you read, which is why you have to first figure out what to allow and what to block. AdBlock Plus also stops you from visiting known malware-hosting domains, and it allows power users to play with different subscription lists while basic users can just enable it and walk away. Best of all, it is completely free.

 

Disconnect (Chrome/Firefox/Safari)

 

Disconnect Private Browsing protects you from tracking, malware, and malvertising while offering secure Wi-Fi and bandwidth optimization features. Third party tracking cookies become a thing of the past, and you can enjoy total control over all site scripts and elements from a user-friendly toolbar menu. You’re completely guarded from ads injected by malware or ad networks that are hijacked by embedded malware.

Disconnect also protects you from tracking by social networks like Facebook, Twitter, and Google, which use your browsing experience even when off-site in order to collect data about you. What’s more, you’ll never have to worry about sidejacking, which is where an attacker uses stolen cookies to access your personal data without having to know your password. Available in free version and Premium, the main difference is that Premium adds mobile malware blocking and tracking to its arsenal, too.

 

HTTPS Everywhere (Chrome/Firefox/Opera)

 

One of the must-have tools for your browsing experience, HTTPS Everywhere shunts your connection to SSL whenever possible, and will try to find secure versions of the sites you visit. This protects your browsing experience and online privacy without you really having to do anything. Updates have also just been rolled out to keep you safe on thousands more sites around the web, and this extension is free for download.

 

Tunnelbear (Chrome)

 

This Virtual Private Network (VPN) encrypts all of your internet traffic, secures your browser data, and offers robust protection from prying eyes. Best of all, this won’t cost you a dime. Unfortunately, though, Tunnelbear is only available on Chrome at the moment; Safari and Firefox users will have to wait a little longer for this extension to come their way.

 

Web of Trust (Chrome/Firefox/Safari/IE)

 

Web of Trust (WOT) is a free extension that ranks sites by reputation and shows you whether a specific site has been known to host malware or is loaded with tracking cookies and scripts that could wreak havoc on your system.

 

If you’ve been browsing the web without any protection, or feel like your online privacy is at risk, talk to one of our experts at 1-866-BIT-WISE or sales@eitnetworks.net, and we’ll be happy to help.

Share this
23 Jul

Understanding Malware

Ever been infected by malware or a virus? For most internet users, the answer is probably yes. But what is the difference between all the cyber threats out there? What makes a virus different from a trojan or worm? And how can you protect your critical data and your business from these threats? If you’ve never been able to answer these questions, here’s the explanation you’ve been waiting for.

 

What is Malware?

 

Malware is the short version of the word malicious software, and it is a general term that encompasses many types of online threats including spyware, viruses, worms, trojans, adware, ransomware, and more. Though you likely already know this, the purpose of malware is to specifically infect and harm your computer and potentially steal your information.

How do the different types of malware differ from one another? How can you protect your business from them? Let’s take a look at four of the most common forms of malware below.

 

Virus – like a virus that can infect a person, a computer virus is a contagious piece of code that infects software and then spreads from file to file on a system. When infected software or files are shared between computers, the virus then spreads to the new host.

The best way to protect yourself from viruses is with a reliable antivirus program that is kept updated. Additionally, you should be wary of any executable files you receive because viruses often come packaged in this form. For example, if you’re sent a video file, be aware that if the name includes an “exe” extension like .mov.exe, you’re almost certainly dealing with a virus.

 

Spyware – just like a spy, a hacker uses spyware to track your internet activities and steal your information without you being aware of it. What kind of information is likely to be stolen by Spyware? Credit card numbers and passwords are two common targets.

And if stealing your information isn’t bad enough, Spyware is also known to cause PC slowdown, especially when there is more than one program running on your system – which is usually the case with a system that’s infected.

A common mistake many people make is they assume their antivirus software automatically protects them from Spyware. This is not always true as some antivirus isn’t designed to catch spyware. If you’re unsure if your antivirus prevents Spyware, get verification from your vendor. And for those that are already suffering from Spyware infestation, two programs that work wonders to clean it out are Malwarebytes and SuperAntiSpyware.

 

Worms – similar to viruses, worms also replicate themselves and spread when they infect a computer. The difference, however, between a worm and a virus is that a worm doesn’t require the help of a human or host program to spread. Instead, they self-replicate and spread across networks without the guidance of a hacker or a file/program to latch onto.

In addition to a reliable antivirus software, to prevent worms from infecting your system you should ensure your firewall is activated and working properly.

 

Trojan – like the trojan horse from ancient greek mythology, this type of malware is disguised as a safe program designed to fool users, so that they unwittingly install it on their own system, and later are sabotaged by it. Generally, the hacker uses a trojan to steal both financial and personal information. It can do this by creating a “backdoor” to your computer that allows the hacker to remotely control it.

Similar to the other malware mentioned above, antivirus software is a dependable way to protect yourself against trojans. For further safety, it’s wise to not open up suspicious attachments, and also ensure that your staff members aren’t downloading any programs or applications illegally at the office – as this is a favorite place hackers like to hide trojans.

 

Curious to learn about other common malware that can cause trouble for business owners? Want to upgrade your existing network security system? Give us a call today at 1-866-BIT-WISE or email us at sales@eitnetworks.net. We’re sure we can help!

Share this
10 Jul

Will Selfies Replace Passwords?

Love them or hate them, selfies are here to stay. And with facial recognition technology becoming both more advanced and more mainstream, selfies have now found their way into the online security world. MasterCard is the most recent global corporation to join in on the trend. Here’s how they’re planning to integrate facial recognition technology into the online payment process.

 

At the beginning of this autumn, MasterCard will acquire the help of 500 customers to test out a new application that enables people to verify their identity and authenticate online transactions with a facial scan. What does this mean? Instead of using a traditional password at the online checkout, MasterCard wants to give you the option to snap a selfie instead. According to the credit card giant, they’ve partnered with every smartphone company in the business to make this mode of identity verification possible.
 

Why is this happening?

 

A quote from Ajay Bhalla, security expert at MasterCard, suggests this is an attempt by the credit card giant to appeal to a younger crowd of digital natives. “The new generation, which is into selfies…I think they’ll find it cool. They’ll embrace it,” Bhalla recently said.

That said, the “cool” appeal to youth is likely not the only reason for this change. The firm is likely attempting to make online purchases both more secure and more convenient.
 

How it works

 

To use this technology, users will have to download a dedicated app, which they can then use to take a photo of themselves at checkout. But how does MasterCard prevent a thief from using a photo of you to fake your verification? Simple – the app requires you to blink to prove that you’re a living, breathing human being.

However, it’s been noted by critics that, in today’s technological world, even a blink can be animated on a static photo. This leaves those of us with security concerns wondering whether MasterCard will make this app more secure before it’s released.

Note as well, though, that MasterCard is not getting rid of traditional passwords completely. Users will still have the option of the more conventional method of verification, as well as the choice of fingerprint scanning to check your identity.
 

Is this where the future of online security is headed?

 

With the release due later this year of a similar Windows 10 security application to identify users using biometrics, it appears that this is where the future of online security is headed. And with ever more applications and online services requiring a password, it is becoming increasingly difficult for the average web user to create one that is both unique and secure for each individual service. So whether it’s facial recognition, a fingerprint scan or some other technology that’s yet to be perfected, it seems as though some sort of more advanced security solution is inevitable.
 

Want more of the latest security news? Looking to implement new security to protect your IT infrastructure from cyber threats? Get in touch wit EIT Networks today at 1-866-BIT-WISE or sales@eitnetworks.net.

Share this

© 2016 EIT Networks, LLC. All rights reserved.