Don’t get held to ransom – keep your data safe and secure #igaware #utm

There are many threats to your business and personal data, and the first step to keeping important data safe and secure is to be aware of what the threats are and what steps you can take to protect your data. This blog article considers the main threats and how to protect against them.

Malware: This term is applied to software programs that have been designed to damage or do other unwanted actions on a computer system.There are different types of malware:

  • Viruses
    A computer virus is a type of malware that propagates by inserting a copy of itself into and becoming part of another program. It spreads from one computer to another, leaving infections as it travels. Viruses can range in severity from causing mildly annoying effects to damaging data or software.
  • Worms
    Computer worms are similar to viruses in that they replicate functional copies of themselves and can cause the same type of damage. In contrast to viruses, which require the spreading of an infected host file, worms are standalone software and do not require a host program or human help to propagate. To spread, worms either exploit a vulnerability on the target system or use some kind of social engineering to trick users into executing them. A worm enters a computer through a vulnerability in the system and takes advantage of file-transport or information-transport features on the system, allowing it to travel unaided.
  • Trojan Horses
    A Trojan is another type of malware named after the wooden horse the Greeks used to infiltrate Troy. It is a harmful piece of software that looks legitimate. Users are typically tricked into loading and executing it on their systems. After it is activated, it can achieve any number of attacks on the host, from irritating the user (popping up windows or changing desktops) to damaging the host (deleting files, stealing data, or activating and spreading other malware, such as viruses). Trojans are also known to create back doors to give malicious users access to the system. Unlike viruses and worms, Trojans do not reproduce by infecting other files nor do they self-replicate. Trojans must spread through user interaction such as opening an e-mail attachment or downloading and running a file from the Internet.
  • Spyware
    Spyware can gather data from a user’s system without the user knowing it. This can include anything from the Web pages a user visits to personal information, such as credit card numbers.
  • Ransomware
    Ransomware is an advanced type of malware that encrypts your data files until you pay a ransom fee.  This fee can be a few hundred pounds to several thousand.

How to protect against malware

  • Update your software
    Malware generally exploits weaknesses in the code of your computer’s operating system or that of programs running on your computer so it is VERY important that you ensure you have the latest software updates installed on all the computers used to access your data. This may of course include personal computers used by staff from home which is why staff should be made aware of their responsibilities in keeping your data safe.
  • Install a UTM (Universal Threat Management) on your network and Anti-Malware on your computers
    There are many holes and vulnerabilities in software that remain unplugged, so preventing them reaching computers and devices on your network using a UTM is VERY important.  A UTM is a ‘supercharged’ firewall that not only protects against unauthorised access to your network from the Internet, but also filters out malware from emails and prevents malware being downloaded from the Internet.A UTM will also allow you to prevent staff from downloading executable files and installing them. Executable files can do literally anything on a computer, so having control on what people download and install is VERY important.

Phishing Emails
Phishing emails encourage you to visit the bogus websites. They usually come with an important-sounding excuse for you to act on the email, such as telling you your bank details have been compromised, or claim they’re from a business or agency and you’re entitled to a refund, rebate, reward or discount.

The email tells you to follow a link to enter crucial information such as login details, personal information, bank account details or anything else that can be used to defraud you.

Alternatively, the phishing email may try to encourage you to download an attachment. The email claims it’s something useful, such as a coupon to be used for a discount, a form to fill in to claim a tax rebate, or a piece of software to add security to your phone or computer. In reality, it’s a virus that infects your phone or computer with malware, which is designed to steal any personal or banking details you’ve saved or hold your device to ransom to get you to pay a fee.

Scams

  • USB Scam
    This is a simple and effective scam whereby a USB drive is dropped in an office car park and when someone finds it they connect it to their computer to see what’s on it. kaboom – they infect their company network. It’s a good idea to disable USB ports on PCs.
  • IT Support
    Someone phones you saying they are from IT support and they need to make an update to your computer. They ask for your Teamviewer user name and password and then access your data and email, maybe emptying the company bank account while they’re on. Staff should never be told what teamviewer credentials are and certainly shouldn’t give them to anyone who phones up.

Password Hacks
One of the easiest ways to have your systems compromised is to use a weak password. A typical weak password would be a name with the first letter as a capital followed by a number. These types of passwords can be cracked in seconds (using software).

Hackers have successfully obtained databases of millions of passwords that people have used by hacking corporate servers, be they Sony, Linked-in, Tesco Bank….Dropbox lost 68 million passwords! By using these known passwords, chances are they’ll crack yours unless you have got a VERY strong password.

A STRONG password:

  • Has 12 Characters, Minimum: You need to choose a password that’s long enough. There’s no minimum password length everyone agrees on, but you should generally go for passwords that are a minimum of 12 to 14 characters in length. A longer password would be even better.
  • Includes Numbers, Symbols, Capital Letters, and Lower-Case Letters: Use a mix of different types of characters to make the password harder to crack.
  • Isn’t a Dictionary Word or Combination of Dictionary Words: Stay away from obvious dictionary words and combinations of dictionary words. Any word on its own is bad. Any combination of a few words, especially if they’re obvious, is also bad. For example, “house” is a terrible password. “Red house” is also very bad.
  • Doesn’t Rely on Obvious Substitutions: Don’t use common substitutions, either — for example, “H0use” isn’t strong just because you’ve replaced an o with a 0. That’s just obvious.

And if one of your accounts somewhere gets hacked, ensure you change the password wherever it is used elsewhere. Obviously you should use different passwords for all your accounts (I bet you don’t, and so do the hackers).

System Hacks

Remote systems that have been compromised by malware can access your systems through open ports (doors) to get to your computers. You may need some of these ports open, such as port 25 to receive email but others perhaps should not be open. Every port left open is an opportunity for your systems to be penetrated. Ensure you have a good quality firewall, that you have it continuously updated and get it tested on a regular basis.

You should also close outgoing ports that computers on your network can use. If a laptop comes into your office that has been infected with malware, you don’t want it sending out thousands of spam emails through your office broadband connection. If this happens you will likely be blacklisted by email servers around the globe and prevented from sending email for quite sometime. Closing outgoing email ports will prevent this. Firewalls should control not only what comes in, but also what goes out.

What else should I do?

Backup your data
As well as the horrors lurking on the Internet there are some fairly simple risks closer to home such as theft, physical system failure or maybe a fire. Ensure you have your data backed up, ideally to an external hard drive that can be taken off-site.

You may also wish to consider an offsite backup solution providing your data is going somewhere VERY secure. And if your data is in the cloud, make sure you have a local copy of your data just in case you fall out with your cloud provider, or their systems get compromised.

Encrypt your data
If your are working on MOD contracts you may need to ensure your data is held on an encrypted file server, and backups of that data are encrypted.

Use secure software
Microsoft software is the main target for malware and hackers. And what compounds the security vulnerabilities in Microsoft is their approach to security – Security Through Obscurity.

Security Through Obscurity is the idea that by hiding your software code no-one can find holes in it. It’s akin to burying your money under a tree. The only thing that makes it safe is no one knows it’s there. Real security is putting it behind a lock or combination, say in a safe. You can put the safe on the street corner because what makes it secure is that no one can get inside it but you. Open source software such as Linux uses the principle that the code is visible to all making it easier to identify and plug security vulnerabilities faster.

Where possible avoid using Microsoft web browsers and email programs such as Outlook. It may mean you need to learn to use a different email client but security should be your priority.

This is especially pertinent following the actions of the NSA in the USA. The NSA documented vulnerabilities in Microsoft software through which they could access systems for the purposes of surveillance.  Unfortunately the vulnerabilities are now known to the hacking community following the leak of over 8000 documents via Wikileaks (https://wikileaks.org/ciav7p1/). The recent Wannacry Ransomware used exploits leaked from the NSA.

Take care using Out of Office
If you use out of office, just let people know that you are unavailable and give them an alternative contact. Try and avoid telling potential thieves you are on holiday for the next two weeks! Be aware that information in your message could be used to scam third parties….’As you know Bob, Jane is away in Greece for the next couple of weeks and she has asked me to update your computer. Can I have your teamviewer password?’

The rule of thumb is: if you wouldn’t tell a room full of strangers don’t put it in your out-office-reply.

Finally, don’t lose you shirt in the Cloud
Cloud computing is the buzz word that major vendors pushing. Vendors want you to give them your data and email to look after, with the promise of it being cheaper. The problem is that it isn’t reliable or  secure. When things go wrong your data is where exactly, and with whom?

Local computers and servers may crash but when that happens all your confidential information isn’t going to Eastern Europe to be used by criminals. You know the headline “SIXTY EIGHT MILLION user accounts stolen!”

Unless the cloud enables you to do something that you can’t do in your own office, then consider avoiding it.

Almost three quarters (71.4 per cent) of corporate Office 365 users have at least one compromised account each month. These can be very costly https://telecomreseller.com/2017/01/17/son-of-a-beach-an-office-365-account-breach/

This entry was posted in Email Filtering, Internet Security, Uncategorized, UTM, Web Filtering. Bookmark the permalink.

Leave a Reply