Networks: Software-defined vs virtualized

By EDITOR

If knowing is half the battle, virtualization is one for the ages. With more than a decade of history, it’s a tough topic that business owners would be hard-pressed to ignore. Over the years, the terminology has changed and capabilities have gotten even more confusing. If you’ve ever heard anyone use software-defined networking and network virtualization interchangeably, it’s time we set the record straight.

Software-defined networking (SDN)

Managing storage, infrastructures, and networks with high-level software is something IT technicians have been doing for a long time. It’s a subset of virtualization and it is one of the oldest strategies for optimizing and securing your IT hardware.

Despite its popularity, SDN does have one major drawback — it needs hardware to do its job. SDN allows you to control network switches, routers, and other peripherals from a centralized software platform, but you can’t create virtual segments of your network without the hardware that would normally be required outside of an SDN environment.

Network virtualization

Evolving beyond SDN was inevitable. Whenever a technology can’t do it all, you can bet someone is working hard to fix that. Network virtualization uses advanced software solutions to allow administrators to manage physical hardware and to create virtual replicas of hardware that are indistinguishable to servers and workstations.

Network virtualization simplifies the field of network design. You can reduce spending on expensive hardware, reconfigure network segments on the fly, and connect physically separate networks as if they were in the same room.

A virtualized network may sound like an exciting technology that doesn’t have much use at small- or medium-sized business, but that’s exactly the beauty of hiring a managed services provider! We provide enterprise technology and advice as part of your monthly service fee. Call today to find out more.

Posted in Uncategorized | Leave a comment

Cloudbleed: Your data could be at risk

By EDITOR

A small error in Cloudflare’s code has spilled millions of login credentials, personal information, and cookies all over the internet. The bug, known as Cloudbleed, was discovered by the internet security company last month, and since then, they have worked to mitigate the security risks. So far, it appears that hackers have yet to exploit this vulnerability, and that’s why internet users have to remain vigilant. Find out what Cloudbleed can do and how you can stay safe.

What is Cloudbleed?
Although it’s technically similar to Heartbleed, a bug that compromised millions of websites and accounts, Cloudbleed is less severe. Google security researcher Tavis Ormandy discovered that several Cloudflare-hosted websites, including Fitbit, Uber, and OkCupid, were inadvertently leaking customer information and saving them within the source code.

For example, when a person visits a bugged Uber page, the website code could contain data and login credentials from another user who recently visited the page. The data may be hidden between several lines of code, but a skilled hacker can easily find it.

Exploiting it, however, is more difficult. The Cloudbleed bug collects random bits of data, which may or may not contain any sensitive information, making it a less attractive point of attack for cybercriminals. Over time, a cybercriminal may be able to compile enough information to exploit, but it doesn’t seem to be a viable option for targeted attacks.

The response
According to Cloudflare, Cloudbleed was triggered 1,240,00 times and found in 6,400 websites between September 22 and February 18. After the bug was discovered, the internet security company quickly alerted affected websites, fixed the code, removed cached pages from search engines, and monitored client websites for any strange website activity.

Cloudflare-hosted websites also checked what data was leaked and reassured customers that there was minimal impact to their private information.

What can you do?
While Cloudflare and other companies are telling everyone that the possibility of Cloudbleed attacks and password leaks is low, you should still ensure your account is safe.

Start by setting stronger passwords with a combination of letters, numbers, and symbols. Make sure to set unique passwords for every online service, especially for any of your accounts that use Cloudflare. Whenever possible, use two-factor verification to keep your account secure even if someone gets a hold of your password.

And, last but not least, contact us for any cybersecurity, cloud, and website issues. We aim to make your internet and cloud experience as safe as possible.

Posted in Uncategorized | Leave a comment

Firewalls: hardware vs. software

By EDITOR

Most people have a vague idea of what a network firewall does. But some business owners are easily fooled by promises of quick and easy solutions that can be installed and managed right from your desktop. In the software vs. hardware debate, there’s a clear winner when it comes to your security. Let’s take a look at what the differences are and why they matter.

Software firewalls

Calling a piece of software a “firewall” is a bit of an exaggeration. Installing it on a local hard drive is more like locks on a door than impenetrable walls. When data is scanned for threats by a software firewall, the information it contains has already been passed through your router, network switch, and finally your local hard drive.

Once the whole cycle has finished, software firewalls can prohibit risky activities based on blacklisted IP addresses, known malware definitions, and suspicious application requests.

Although these solutions do have value, they can’t guarantee that malware won’t spread to other systems before each packet of data can be scanned, unless they’re standing guard at your business’s gateway to the internet. And whenever the computer with the firewall is powered off, everything it protects is left unguarded.

Hardware firewalls

Because the drawbacks of a software-based firewall are centered around their inefficient network position, a hardware solution is the safer option. Hardware firewalls sit directly behind your router, so every single packet of data coming from the internet must pass through your gatekeeper before landing on any of your internal drives.

Most of these solutions include far more sophisticated controls than just web filtering and basic data scanning. Like most developments in the IT industry, newer hardware firewalls focus on “intelligent” functions that analyze huge datasets to recognize malware and cyberattacks based on irregular activities instead of relying solely on cataloged viruses and attack vectors.

Another benefit of hardware firewalls is that they’re always on. There’s no need to worry about whether the workstation hosting your solution will crash because these devices are built for 24/7 protection. The only downside to this type of solution is the level of monitoring and maintenance it requires. Hardware firewalls are extremely complex and managing them is no easy task.

“Cloud” firewalls

The most recent, and undoubtedly best, solution to network perimeter security are “cloud” firewalls. These are on-site pieces of hardware with software interfaces that can be managed remotely by certified security professionals.

This service model means that experts will monitor your network performance and security for anomalies while your team goes about its business as usual. No need for onsite tweaks and updates — all of it can be done remotely.

You may hear a lot of experts telling you that the age of on-site hardware has passed and everything can be done in the cloud. Remote administration may be the next wave in network services, but the need for hardware will never go away. If you need someone to manage your physical devices, contact us today.

Posted in Uncategorized | Leave a comment

Mobile malware on Android apps

By EDITOR

Smartphones are basically palm-sized computers. As such, they deserve the same protection as desktops and laptops. While there is no need to install bulky security software to protect against cyber threats, there are steps users can take to prevent cybercriminals from penetrating these small computers.

Mobile malware MO

Malware and other threats pose risks that are as harmful as those that infect desktops and laptops. Some of the threats include messing up your phone bill, ruining your mobile phone’s data, remotely locking and unlocking devices, intercepting messages, prompting fraudulent log-in commands, and sending fake notifications, among others.

Most malware comes from applications downloaded from third-party app stores. Once a phone is compromised, the hacker will have access to passwords, user accounts, and other sensitive personal data. Since some Android devices are linked, there is also more than a passing chance that bugs on one device find their way to linked devices.

Who is responsible?

The burden doesn’t fall solely on smartphone users; app stores such as Google Play Store are responsible, too. Some of the infected banking and weather forecast apps that were widely reported were downloaded from the Google Play Store. Aside from taking swift action against the apps, infected companies were urged to provide as much information and updates as possible regarding the malicious applications so they could be removed from the store to protect users.

Of course, Android users are responsible for their own safety, and there are several measures they can take to avoid becoming victims.

How to avoid being victimized by malware

Yes, the Google Play Store isn’t 100% secure, but downloading from the Google store and other more established app stores — and not from little-known and less secure third-party stores — reduces the probability of downloading malicious apps. In case an infected app makes its way to the store and gets thousands of downloads, Google is usually quick to remove the threatening app from their environment and block other malicious entities.

It also pays to read the user reviews. Despite app stores’ best efforts, the proliferation of apps in today’s marketplace makes it nearly impossible to prevent mobile malware from getting through to the store and, afterwards, users’ device.

If an app poses significant risks, someone is bound to post a review or a warning. Regularly updating your mobile device’s software also helps prevent attacks, as the latest software version often comes with stronger security patches or quick fixes.

Malware doesn’t discriminate. Regardless of your computing or communication device of choice, it will find a way to infect and destroy. Ascertain your business devices’ safety by consulting our security experts today.

Posted in Uncategorized | Leave a comment

Microsoft Teams is updated and ready

By EDITOR

Prior to the release of Microsoft’s version of Slack — a popular cloud-based team collaboration tool –, Microsoft Teams received a major update that might have given it the competitive edge. Enhanced communications aren’t the only way productivity will be driven; take your business to greater heights with these new features.

Smarter meetings
The latest addition to Microsoft Teams is Scheduling Assistant, responsible for finding the ideal time to schedule a meeting. It takes into consideration the schedules of all members, and suggests the best possible time for all attendees. Needless to say, whereas Teams allowed users to schedule only intra-team meetings, Microsoft now supports one-on-one meetings. If you want to steer clear of Skype, read on.

Bots, bots, and more bots
With the latest update, bots are now capable of tapping into conversations happening in a team as opposed to a separate chat. To activate team bots, simply type “@” and begin interacting with the bot from there. Microsoft is also working on adding a Bots tab to Teams. This allows you to keep track of all the bots that have been added to a certain team while allowing you to discover new tabs as well. Other bot-related improvements include:

  • New bot gallery – the gallery displays a complete list of all the available bots on Microsoft Teams. Alongside the gallery is where you can add bots to one of your teams.
  • Discover bots via search – simply click on the search bar at the top and select “Discover bots”. From there click on a bot to start chatting, or click “Add” to add it to a team.
  • Add a bot with an @mention – to add a bot to a channel, simply type “@” in your compose box, then select “Add a bot”

Public teams
With public teams, anyone from your organization can join the team, unlike the private teams which are open only to specific members. Public teams will show up when a user is trying to join a new team, and you can also turn your existing private team into a public team (and vice-versa).

When it was launched in November 2016, Teams was a relatively minimal service. But in just four months, it’s become a lot more powerful and stable. Microsoft Teams has been available to Office 365 Business Essentials, Business Premium, and Enterprise E1, E3 and E5 users since March 14th. If you have any questions, don’t hesitate to give us a call!

Posted in Uncategorized | Leave a comment

Some ransomware strains are free to decrypt

By EDITOR

Ransomware is everywhere. Over the last couple years, dozens of unique versions of the malware have sprung up with a singular purpose: Extorting money from your business. Before you even consider paying for the release of your data, the first thing you must always check is whether your ransomware infection already has a free cure.

The state of ransomware in 2017

It’s been almost 30 years since malware was first created that could encrypt locally-stored data and demand money in exchange for its safe return. Known as ransomware, this type of malware has gone through multiple periods of popularity. 2006 and 2013 saw brief spikes in infections, but they’ve never been as bad as they are now.

In 2015, the FBI estimated that ransomware attacks cost victims $24 million, but in the first three months of 2016 it had already racked up more than $209 million. At the beginning of 2017, more than 10% of all malware infections were some version of ransomware.

Zombie ransomware is easy to defeat

Not every type of infection is targeted to individual organizations. Some infections may happen as a result of self-propagating ransomware strains, while others might come from cyber attackers who are hoping targets are so scared that they pay up before doing any research on how dated the strain is.

No matter what the circumstances of your infection are, always check the following lists to see whether free decryption tools have been released to save you a world of hurt:

Prevention

But even when you can get your data back for free, getting hit with malware is no walk in the park. There are essentially three basic approaches to preventing ransomware. First, train your employees about what they should and shouldn’t be opening when browsing the web and checking email.

Second, back up your data as often as possible to quarantined storage. As long as access to your backed-up data is extremely limited and not directly connected to your network, you should be able to restore everything in case of an infection.

Finally, regularly update all your software solutions (operating systems, productivity software, and antivirus). Most big-name vendors are quick to patch vulnerabilities, and you’ll prevent a large portion of infections just by staying up to date.

Whether it’s dealing with an infection or preventing one, the best option is to always seek professional advice from seasoned IT technicians. It’s possible that you could decrypt your data with the tools listed above, but most ransomware strains destroy your data after a set time limit, and you may not be able to beat the clock. If you do, you probably won’t have the expertise to discern where your security was penetrated.

Don’t waste time fighting against a never-ending stream of cyber attacks — hand it over to us and be done with it. Call today to find out more.

Posted in Uncategorized | Leave a comment

What exactly is preventive cyber-security?

2017February15_Security_A

By EDITOR

There has been a movement among technology providers to promise “proactive” cyber security consulting. Small- and medium-sized businesses love the idea of preventing cyber-attacks and data breaches before they happen, and service providers would much rather brainstorm safeguards than troubleshoot time-sensitive downtime events. But it’s not always clear what proactive cyber-security means, so let’s take a minute to go over it.

Understand the threats you’re facing

Before any small- or medium-sized business can work toward preventing cyber-attacks, everyone involved needs to know exactly what they’re fighting against. Whether you’re working with in-house IT staff or an outsourced provider, you should review what types of attack vectors are most common in your industry. Ideally, your team would do this a few times a year.

Reevaluate what it is you’re protecting

Now that you have a list of the biggest threats to your organization, you need to take stock of how each one threatens the various cogs of your network. Map out every device that connects to the internet, what services are currently protecting those devices, and what type of data they have access to (regulated, mission-critical, low-importance, etc.).

Create a baseline of protection

By reviewing current trends in the cyber-security field, alongside an audit of your current technology framework, you can begin to get a clearer picture of how you want to prioritize your preventative measure versus your reactive measures.

Before you can start improving your cyber-security approach, you need to know where the baseline is. Create a handful of real-life scenarios and simulate them on your network. Network penetration testing from trustworthy IT professionals will help pinpoint strengths and weaknesses in your current framework.

Finalize a plan

All these pieces will complete the puzzle of what your new strategies need to be. With an experienced technology consultant onboard for the entire process, you can easily parse the results of your simulation into a multi-pronged approach to becoming more proactive:

  • Security awareness seminars that coach everyone — from receptionists to CEOs — about password management and mobile device usage.
  • “Front-line” defenses like intrusion prevention systems and hardware firewalls that scrutinize everything trying to sneak its way in through the front door or your network.
  • Routine checkups for software updates, licenses, and patches to minimize the chance of leaving a backdoor to your network open.
  • Web-filtering services that blacklist dangerous and inappropriate sites for anyone on your network.
  • Antivirus software that specializes in the threats most common to your industry.

As soon as you focus on preventing downtime events instead of reacting to them, your technology will begin to increase your productivity and efficiency to levels you’ve never dreamed of. Start enhancing your cyber-security by giving us a call for a demonstration.

Posted in Uncategorized | Leave a comment

New Mac malware linked to DNC hacking group

2017Mar2Apple_A

By EDITOR

Fancy Bear, also known as APT28, is the Russian cybercriminal group responsible for hacking the Democratic National Party last year. Since then, the group has developed a host of tools to exploit Linux, Android, and Windows vulnerabilities. Last month, they spread a new strain of malware that specifically targets Apple Macbooks. If you own a Mac or an iOS device, here are some crucial details about the new malware.

According to antivirus provider Bitdefender, the new malware — named Xagent — is a Mac OS backdoor that is usually delivered via spear phishing emails.

To deploy the malware, hackers attach a Trojan software downloader in the email. If users interact with it, the program immediately creates a backdoor and connects to the cybercriminal’s network.

The malware then avoids detection by checking for antivirus software; and if it determines that cybersecurity solutions are offline or unpatched, it will begin to send system information, locally-saved passwords, iPhone backups, and desktop screenshots back to hacker headquarters.

Although security updates for the new malware are still unavailable, there are some things you can do to minimize the possibility of infection.

Approach emails with caution
Since hackers use phishing scams to distribute the Xagent malware, train your staff to be critical of email links or attachments, even if from the CEO or a close friend. And under no circumstances should you interact with any email from an unknown sender.

Keep your OS up-to-date
Always remember to install the latest operating system and application updates to make sure that Mac vulnerabilities are covered immediately.

Don’t save passwords
While it may be easier to save your passwords on your local browser, it gives hackers easy access to your accounts. If you can’t remember all your passwords, consider password management software. And while we’re on the subject, make sure you set unique passwords with a good combination of letters, numbers, and symbols.

Encrypt backups
To add another layer of protection, encrypt your iOS backups. This ensures that unauthorized users won’t be able to read the contents of your iOS data even if they do manage to gain access to your computer.

Cybersecurity is a universal issue, even for Mac users. But adopting these basic security habits will keep any hacker, whether from Russia or the US, at bay. Fortify your defenses by giving us a call today.

Posted in Uncategorized | Leave a comment

WordPress websites under attack

2017February27_WebandCloud_B

By EDITOR

It’s no surprise that millions of websites are on WordPress — it’s easy to manage, operates on an open source framework, and covers most webmasters’ Content Management Solutions (CMS) needs. What’s also no surprise? That it’s prone to attacks. Recently, some 20 attackers defaced thousands of WordPress websites. If you think 20 attackers is frightening, wait ‘til you read more.

WordPress attacks by the numbers

In 4 separate attacks, an estimated 40,000 websites were compromised, defacing 67,000 web pages, which has quickly gone up to 1.5 million. A security release update, WordPress 4.7.2, was immediately launched to mitigate the flaw, but not everyone was able to deploy it on time, thus inflating the number of corrupted web pages.

Although WordPress took measures to ensure that the vulnerability would go unnoticed, hackers found a way to get around the initial fixes and exploited the sites that remained unpatched. Those who haven’t applied WordPress’s latest security release were the ones most harmed by the defacement campaigns, and it soon became highly publicized.

Steps taken

Fixes have been deployed and stronger patches are in the works, but hackers do not just sit around and wait to be taken down. In fact, more attacks are being launched concurrently with security developers’ attempts to strengthen blocking rules.

In preparation for further exploits, WordPress liaised with cybersecurity firms to implement protective measures. Google did their part by announcing via Google Search Console the critical security updates that webmasters must install to protect against the WordPress-specific attacks. Meanwhile, web application vendors and web hosting companies are poised to protect their customers from attacks by installing web filters on their customers’ web servers.

Despite these measures, the attacks are expected to continue and the masterminds behind them will come up with strategies more insidious than merely modifying several web pages. Updating security patches that can effectively alleviate the vulnerabilities’ impact will also take time to develop and launch.

The importance of patches

Some attacks may cause a blip on your business’s networks, while others might cause its demise. From all these attacks, one lesson is worth emphasizing: Applying the most up-to-date patches is critical to your systems’ security and business’s survival.

Unpatched systems are the easiest targets for hackers who are always on the lookout for vulnerabilities to exploit. If your organization lacks the capacity to manually update security patches, consider deploying patch management software. Keeping all your software updated with the latest patches may seem like an insurmountable task, but the price of neglecting it can cost you dearly.

WordPress remains the most widely used CMS and its popularity is not going to wane anytime soon. If your website runs on WordPress and you’re considering security options that will ensure your company is poised to handle breaches, contact us for advice.

Posted in Uncategorized | Leave a comment

Is fileless malware a threat to you?

2017March3Security_A

By EDITOR

There have been some truly horrifying cyber-security headlines popping up over the last month. If you’ve been reading about “fileless” malware attacking banks and other big-name institutions around the world, we’re here to set the record straight: Your business isn’t in direct danger. But even if you’re not, staying abreast of all the details is still worthwhile.

What is this new threat?

To oversimplify the matter, fileless malware is stored somewhere other than a hard drive. For example, with some incredibly talented programming, a piece of malware could be stored in your Random Access Memory (RAM).

RAM is a type of temporary memory used only by applications that are running, which means antivirus software never scans it on account of its temporary nature. This makes fileless malware incredibly hard to detect.

This isn’t the first time it’s been detected

Industry-leading cyber security firm Kaspersky Lab first discovered a type of fileless malware on its very own network almost two years ago. The final verdict was that it originated from the Stuxnet strain of state-sponsored cyber warfare. The high level of sophistication and government funding meant fileless malware was virtually nonexistent until the beginning of 2017.

Where is it now?

Apparently being infected by this strain of malware makes you an expert because Kaspersky Lab was the group that uncovered over 140 infections across 40 different countries. Almost every instance of the fileless malware was found in financial institutions and worked towards obtaining login credentials. In the worst cases, infections had already gleaned enough information to allow cyber attackers to withdraw undisclosed sums of cash from ATMs.

Am I at risk?

It is extremely unlikely your business would have been targeted in the earliest stages of this particular strain of malware. Whoever created this program is after cold hard cash. Not ransoms, not valuable data, and not destruction. Unless your network directly handles the transfer of cash assets, you’re fine.

If you want to be extra careful, employ solutions that analyze trends in behavior. When hackers acquire login information, they usually test it out at odd hours and any intrusion prevention system should be able to recognize the attempt as dubious.

Should I worry about the future?

The answer is a bit of a mixed bag. Cybersecurity requires constant attention and education, but it’s not something you can just jump into. What you should do is hire a managed services provider that promises 24/7 network monitoring and up-to-the-minute patches and software updates — like us. Call today to get started.

Posted in Uncategorized | Leave a comment