Understanding HTTPS

By EDITOR 

Are you an avid online shopper? Have you noticed if each payment page has HTTPS in its URL lead-up? If you’re not absolutely sure, you might be a prime target for identity theft. Here’s why you should make sure that the websites you browse for shopping have a little padlock icon on them in the URL bar.

HTTPS Encryption

When you visit a website that doesn’t use HTTPS, which is common with older websites that have been left on its domain with minimal intervention, everything you type or click on that website is sent across the network in plain text. So, if your bank’s website doesn’t use the latest protocols, your login information can be decrypted by anyone with even the most basic tools.

HTTPS Certificates

The other thing outdated web browsing lacks is publisher certificates. When you enter a web address into your browser, your computer uses an online directory to translate that text into numerical addresses then saves that information on your computer so it doesn’t need to check the online directory every time you visit a known website.

The problem is that if your computer is hacked, it could be tricked into directing www.google.com to the address 8.8.8.255, for example, even if that’s a malicious website. Oftentimes, this strategy is implemented to send users to sites that look exactly like what they expected, but are actually false-front sites designed to trick you into providing your credentials.

HTTPS creates a new ecosystem of certificates that are issued by the online directories mentioned earlier. These certificates make it impossible for you to be redirected to a fraudulent website.

What this means for daily browsing

Most people hop from site to site too quickly to check each one for padlocks and certificates. Unfortunately, HTTPS is way too important to ignore. Here are a few things to consider when browsing:

If your browser marks a website as “unsafe”, it is always best to err on the side of caution; do not click “proceed anyway” unless you are absolutely certain nothing private will be transmitted.
There are web browser extensions that create encrypted connections to unencrypted websites (HTTPS Everywhere is a reliable Firefox, Chrome, and Opera extension that encrypts your communications with websites).
HTTPS certificates don’t mean anything if you don’t recognize the company’s name. For example, goog1e.com (with the “l” replaced with a one) could have a certificate, but that doesn’t mean it’s a trustworthy site. Many unscrupulous cybercriminals utilize similar spellings of legitimate websites to fool people into thinking that they are in a secure site. Always be vigilant.
Avoid sites that don’t use the HTTPS protocol — it can be as simple as that.

When you’re ready for IT support that handles the finer points of cybersecurity like safe web browsing, give Lanlogic a call.

Posted in Uncategorized | Leave a comment

Why you need managed services in healthcare

By EDITOR 

Cybercriminals are increasingly targeting the healthcare industry for its perceived vulnerability. Nowadays, more and more hospitals are realizing that overall patient care not only involves medical attention, but also entails securing patient data. For many healthcare organizations, it’s crucial to work with the right managed services provider (MSP) to ensure transactions are seamless and patient data is constantly protected.

They guarantee response times

When it comes to providing healthcare services, talking about fast response times is not the only thing that matters. You should always make sure that your provider guarantees response times, and that you’re able to contact them 24/7. Consider this: in a scenario where something breaks or you come across technical issues in the dead of the night, your best bet would be to contact your MSP, not to try fixing things on your own. Therefore, you need a provider who is able to give assistance whenever you need it most.

They support a business continuity plan

You risk putting your organization in jeopardy if your MSP can’t assist in your recovery from major outages or natural disasters. A business continuity plan is absolutely necessary in your healthcare organization — you simply can’t afford to lose all your valuable medical data in the event of a disaster. You need all the help you can get from your IT provider to maintain redundant systems, as well as help manage automatic failovers.

They provide proactive security

In the world of healthcare data security, aligning your practice with HIPAA compliance mandates is essential. Failing to meet regulations may result in huge fines, serious penalties, and even the withdrawal of your license to operate. The ideal MSP should offer core security services that include identity-based security and encryption, authorized privileges and access control, and data accountability and integrity.

They offer staffing services

Healthcare staffing shouldn’t be a hassle, but thanks to the changing dynamics of healthcare IT, that’s exactly what it can become. You need an MSP that assumes full responsibility for your clinical labor while providing you with a single point of contact for all your staffing operations, including account management, customer support, order placement, and more.

Choosing the right MSP can be tedious, but when you do make the switch, they can streamline your operations, reduce operational costs, and enhance workforce transparency.

If you want to learn how great technology and support can benefit your healthcare practice, get in touch with Lanlogic today. We provide the perfect set of healthcare IT solutions and outstanding support to drive your organization forward.

Posted in Uncategorized | Leave a comment

A closer look at fileless malware

By EDITOR 

To avoid detection by antimalware programs, cybercriminals are increasingly abusing legitimate software tools and legitimate programs in systems to steal data or ruin its integrity. They use fileless malware to infiltrate trusted applications and issue executables that blend in with normal network traffic or IT/system administration tasks while leaving fewer footprints. Ultimately, your business could be at risk. Let’s see why.

What is fileless malware?

Fileless malware is stored in random access memory (RAM) instead of on the hard drive. In a typical fileless infection, payloads can be injected into the memory of existing software or applications by running scripts within whitelisted or authenticated applications such as PowerShell, which is designed to automate system administration tasks such as view all USB devices, drives, and services installed in the system, schedule a series of demands, or terminate processes (i.e., Task Manager).

Because there are no files to trace, fileless malware escapes detection from most antimalware programs, especially those that use databases of precedents. Furthermore, most automated sensors cannot recognize illicit scripts, and cybersecurity analysts who are trained to identify them usually have a difficult time establishing where to start looking. Fileless malware isn’t as visible compared to traditional malware. They employ a variety of techniques to stay persistent, and can adversely affect the integrity of a business’s process and the infrastructures that run them.

Fileless malware by the numbers

Cybersecurity firm Kaspersky Lab first discovered a type of fileless malware on its very own network a couple of years ago. The final verdict was that it originated from the Stuxnet strain of state-sponsored cyber warfare. The high level of sophistication and government funding meant fileless malware was virtually nonexistent until the beginning of 2017.

In November 2016, attacks using fileless malware saw an uptick of 13% according to a report. In the same quarter, attacks surged 33% compared to the first quarter. During the first quarter of 2017, more PowerShell-related attacks were reported on more than 12,000 unique machines.

Kaspersky Lab uncovered over 140 infections across 40 different countries. Almost every instance of the fileless malware was found in financial institutions and worked towards obtaining login credentials. In the worst cases, infections had already gleaned enough information to allow cyberattackers to withdraw undisclosed sums of cash from ATMs.

In 2018, cybersecurity firm Trend Micro detected a rising trend of fileless threats throughout the first half of the year.

Is your business at risk?

It is unlikely your business would have been targeted in the earliest stages of this particular strain of malware, but it’s better to be safe than sorry. Businesses should practice defense in depth, where multilayered safeguards are implemented to reduce exposure and mitigate damage. But apart from cultivating a security-aware workforce, what actionable countermeasures can organizations do?

While your business might not be in immediate danger, you should employ solutions that analyze trends in behavior. It is also wise to invest in a managed service provider that offers 24/7 network monitoring, proper patches, and software updates. Call Lanlogic today to get started.

Posted in Uncategorized | Leave a comment

Easy fixes to your Wi-Fi issues

From answering emails and using online productivity suites to browsing Facebook and streaming YouTube videos, a fast and reliable internet connection is a must. But what do you do when there are connectivity and speed issues? Here are some solutions to five of the most common Wi-Fi worries.

Range constraints

Wi-Fi works via radio waves that are broadcast from a central hub, usually a piece of hardware known as a router. To avoid a weak signal in your office, make sure:

  • Your router is placed in a centralized location and not tucked away in the corner.
  • Your Wi-Fi antennae are either in a fully horizontal or vertical position for optimal signal distribution.

Note that Wi-Fi range constraints can also occur from interference, so if your office is situated in a highly populated area, try changing your router’s channel.

Slow speeds

Despite a high-speed or fiber optic internet connection, slow load times can still occur for a number of reasons. To optimize speeds, try the following:

  • Make sure your router is located in the same room as the devices connecting to it.
  • Install more routers to better accommodate a high number of connected devices.
  • Close bandwidth-intensive applications such as Skype, Dropbox, YouTube, and Facebook.
  • Disable your router’s power-saving mode.
  • Create a new router channel to avoid network bottlenecks.

Connection issues

We understand how frustrating it can be when the Wi-Fi network shows up on your device but still won’t connect. Before you give up, these solutions might help:

  • Determine whether your Wi-Fi connection is the problem or if your internet is down by plugging your laptop directly into the router via an Ethernet cable. If you can’t get a connection, then Wi-Fi isn’t the culprit.
  • Factory reset your router with a paperclip or a pen and hold down that tiny button for about 30 seconds.
  • Try rebooting your device.

Unstable connections

Random hiccups in your Wi-Fi connection are normal from time to time. However, if they become a constant nuisance in your office, try the following quick fixes:

  • Move your router to a different spot or even a different room.
  • Avoid having too many routers in the same location, as that can confuse your device.

Network not found

Router glitches can result in your Wi-Fi network not appearing at all. Two solutions that can resolve this problem are:

  • Disconnecting the router from the power source and waiting at least 30 seconds before reconnecting it.
  • Replacing an old router; if it’s over three years old, you’re probably due for a replacement.

When you experience Wi-Fi issues, these tips will help you avoid serious downtime. But if you’d rather have a dedicated technology provider take care of your hardware needs, give Lanlogic a call and we’ll be happy to help.

Posted in Uncategorized | Leave a comment

Top security threats to financial services

By EDITOR 

Hackers go for the gold. This means that banking information makes for the number one target. These cyberattacks lead to the theft of large sums of money, undermine the economic stability of individuals and organizations, as well as destroy the reputation of banks and other financial institutions. When these incidents occur, the damage can be irreversible and substantial. As such, business owners should learn about the evolving security threats and identify the modus operandi of cybercriminals. Let’s take a closer look.

Extortion
Distributed denial of service (DDoS) attacks, which are typically delivered from massive botnets of zombie computers or internet of things (IoT) devices, have been used to bring down banking networks. This occurs when a targeted server or system is overwhelmed by multiple compromised networks. It’s essentially like a traffic jam clogging up the highway, preventing regular traffic from arriving at its intended destination.

Some cybercriminals are relentless with DDoS attacks and follow them up with cyberextortion, demanding payment in return for release from costly downtime. Banks cannot defend against these attacks alone, so they rapidly share information among themselves through organizations such as FS-ISAC4 and rely upon the ability of their internet service provider to handle and redirect massive quantities of traffic.

Social media attacks
This happens when fraudsters use fake profiles to gather information for social engineering purposes. Thankfully, with new regulations such as the General Data Protection Regulation (GDPR), big companies like Facebook and Twitter have significantly enhanced their security and privacy policy with regards to their data handling practices. The unprecedented reach of social media is something companies cannot afford to ignore because of the possible implications a data breach can have on businesses.

Spear phishing
Spear phishing is an attack where cybercriminals send out targeted emails ostensibly from a known or trusted sender in order to trick the recipient into giving out confidential information. Over the years, hackers have upped their game and cast a bigger net, targeting unwitting employees to wire money. This attack is called business email compromise (BEC), where a fraudster will purport to be a CEO or CFO and request for large money transfers to bogus accounts.

Point-of-sale (PoS) malware
PoS malware targets PoS terminals to steal customer payment (especially credit card) data from retail checkout systems. Cybercriminals use a memory scraper that operates by instantly detecting unencrypted type 2 credit card data, which is then sent to the attacker’s computer to be sold on underground sites.

ATM malware
GreenDispenser is an ATM-specific malware that infects ATMs and allows criminals to extract large sums of money while avoiding detection. Recently, reverse ATM attacks have also emerged. Here, PoS terminals are compromised and money mules reverse transactions after money is withdrawn or sent to another bank account. In October 2015, issuers were mandated to shift to EMV or Chip-and-PIN system to address the weakness of the previous payment system.

Credential theft
Dridex, a well-known credential-stealing software, is a banking Trojan that is generally distributed through phishing emails. It infects computers, steal credentials, and obtain money from victims’ bank accounts.

Other sophisticated threats
Various data breach methods can be combined to extract data on a bigger scale. Targeting multiple geographies and sectors at once, this method normally involves an organized crime syndicate or someone with a highly sophisticated setup. For example, the group Carbanak primarily targeted financial institutions by infiltrating internal networks and installing software that would drain ATMs of cash.

Additionally, with the rise of cryptocurrency, cybercriminals are utilizing cryptojacking, a method that involves the secret use of devices to mine cryptocurrency.

The creation of defensive measures requires extensive knowledge of the lurking threats, and our team of experts is up to date on the latest security information. If you have any questions, feel free to contact Lanlogic to find out more about TTPs and other weapons in the hacker’s toolbox.

Posted in Uncategorized | Leave a comment

Lessons from a disaster recovery plan audit

By EDITOR 

Why do some companies fail their disaster recovery plan (DPR) audit? Perhaps because they did not get the right information for it. They say experience is the best teacher; thus, nothing beats what you can learn from real-world case studies. See what you can learn from the following case.

Hosting certain types of data and managing a government network legally bind you to maintain DRPs. After an audit of the Michigan Department of Technology and Budget, several failures led to a trove of helpful tips for small- and medium-sized businesses attempting to create a bulletproof disaster recovery plan.

Update and test your plan frequently
What was one of the first and most obvious failures of the department’s DRP? It didn’t include plans to restore an essential piece of their infrastructure — the department’s intranet. Without it, the employees are unable to complete even the most basic of tasks.

The reason for the oversight? The last time the plan was updated was in 2011, leaving out more than six years of IT advancements. If annual revisions sound like too much work, just consider all of the IT upgrades and improvements you’ve made in this year alone. If they’re not accounted for in your plan, you’re destined to fail.

Keep your DRP in an easy-to-find location
It may seem a bit ironic that the best way to store your top-of-the-line business continuity solution is in a binder, but the Michigan Department of Technology and Budget learned the hard way that the alternatives don’t work. Auditors found the DRP stored on the same network it was meant to restore. Which means if something had happened to the network, the plan would be totally inaccessible.

Your company would do well to store electronic copies on more than one network in addition to physical copies around the office and off-site.

Always prepare for a doomsday scenario
The government office made suitable plans for restoring the local area network (LAN), but beyond that, there was no way for employees to get back to work within the 24-hour recovery time objective.

Your organization needs to be prepared for the possibility that there may not be a LAN to go back to. Cloud backups and software are the best way to keep everything up and running when your office is flooded or crushed beneath a pile of rubble.

Your DRP is more than just a pesky legal requirement. It’s the insurance plan that will keep you in business when disaster strikes. Our professionals at Lanlogic know the importance of combining both academic and real-world resources to make your plan airtight when either auditors or blizzards strike. Message us today about bringing that expertise to your business.

Posted in Uncategorized | Leave a comment

Get your network gear ready with UPS

By EDITOR 

Clever business owners utilize an uninterruptible power supply (UPS) during disasters like fires, storms, and other emergency situations. A UPS is usually set up for desktop computers to give users enough time to save their work and progress. Another useful power-saving plan for emergency situations would be to use a UPS for networking gear.

UPS for network equipment

UPS systems provide backup power in case of outages and protection against power surges, which don’t just damage computers but also make you lose unsaved work. Deploying them for Wi-Fi routers and modems allows you to stay connected to the internet during these  typically chaotic instances.

Moreover, it makes sense to not just keep your PCs powered up, but to also have internet access during a disaster. This strategy works relatively well if your staff are predominantly laptop users, as that means you only need to juice up your Wi-Fi gear.

Better than generators

Although generators are indispensable for certain businesses, they also require greater upkeep. Small- and mid-sized businesses may not have enough capacity to maintain them because they typically require a utility crew who can manage high-maintenance equipment.

What’s more, misusing or mishandling generators could result in generator-related fatalities. On the other hand, misusing a UPS unit could result in the loss of a day’s work, but it’s unlikely to lead to anything as extreme.

Why internet access is important during a disaster

UPS-supported modems or routers help you stay online for as much as 90 minutes, which should be enough time to get your bearings before power finally runs out. Internet service providers are usually prepared for catastrophes and would normally have an emergency power source to stay operational. And if you can stay online via Wi-Fi during an emergency, you get the following benefits:

  • Internet speed that’s faster than cellular access
  • No extra telecom costs resulting from overreliance on cellular data
  • All devices stay online using a stable Wi-Fi connection
  • Devices don’t have to rely on cellular data-equipped phones for internet connection

Plug in your network gear now

Businesses that aren’t located in disaster-prone areas probably don’t give much thought to installing UPSs for their computers, let alone their modems. But accidents and emergencies are inevitable. And when they happen, you’ll find that having internet access is one of the most important things you need to ensure business continuity.

Think of an emergency power supply source like a UPS as an investment that not only protects your systems from data loss but also keeps your Wi-Fi equipment functioning in emergency scenarios. Call Lanlogic today for productivity-saving tips and other hardware hacks for your business.

Posted in Uncategorized | Leave a comment

Phishing through VoIP: How scammers do it

By EDITOR 

Many businesses nowadays are well-armed against email-based phishing scams, which is why scammers have moved over to VoIP (Voice over Internet Protocol) scams. Through “vishing scams,” hackers can pretend to be bank representatives and convince your employees to provide confidential financial details via a seemingly innocuous VoIP call. Take a look at why vishing is on the rise to understand how to keep your business from falling victim.

VoIP makes it easy to create fake numbers

One of the main reasons vishing scams are increasing in frequency is the ease by which cybercriminals can hide their tracks and escape with minimal risk of detection.

Using a fake number, scammers can contact your employees, pretend to be a representative of a bank or government agency, ask for sensitive information — such as salary information, account numbers, and company intellectual property — and get away with it. Scammers can also manipulate local numbers to emulate multinational banks, which they will then use for various VoIP scams.

VoIP is easy to set up and difficult to track

It isn’t very difficult to configure a VoIP system, and this makes fraudulent phone calls or messages an easy thing to accomplish. Scammers only need to know the basics of a VoIP setup.

VoIP hardware such as IP-PBXs, IP phones, and routers are also inexpensive and quite easy to access. Hackers can conveniently connect these equipment to PCs for the purposes of recording phone calls and stealing information from conversations.

Also, fake numbers are difficult to track because they can be ditched at any time. And with advanced voice-changing software widely available nowadays, a vishing scam is much easier to pull off.

Caller ID can be tampered with

In some vishing scams, attackers don’t even have to destroy a number to cover their tracks. Instead, they can trick users into thinking that they’re talking to a legitimate Microsoft technical support staff, a PayPal representative, or a fraud investigator, simply by tampering with the caller ID.

VoIP scamming is cost-efficient

Traditional phones are still used for phishing scams, but they don’t compare to the efficiency VoIP affords, which allows attackers to target victims all over the globe at a fraction of the cost. Cybercriminals resort to VoIP scamming because the price per call is much lower. Vishing scammers are sneaky and resourceful, and they will exhaust all possible means to attack your systems for profit — and that includes your VoIP channels.

Protecting yourself is simple

To protect against VoIP-based scams, set stringent policies on information-sharing and impose strict security processes for all business communications. Informed and aware employees are key to making sure that scammers are held at bay. Protect your company against all types of scams by getting in touch with Lanlogic today.

Posted in Uncategorized | Leave a comment

Why you need a VPN and how to choose one

By EDITOR 

Back in the day, simple antivirus software was all you needed to stay safe from security threats. Nowadays, it takes more than that to protect your online privacy. Whether you’re sending emails or chatting up a friend online, chances are your Wi-Fi connection can be intercepted. This is why you need a virtual private network (VPN). Here’s how to choose one wisely.

What is a VPN?

The best way to describe a VPN is as a secure tunnel between your device and destinations you visit on the internet. Once you’ve established your PC’s connection to a VPN server, your computer acts as if it’s on the same local connection as the VPN making it seem you moved to a different location. As far as websites are concerned, you’re browsing from that server’s geographical location, not your computer’s actual location.

When you surf the web through a VPN, all the data transmitted and received is also encrypted, preventing anyone — from hackers to government agencies — from monitoring your online activities.

Why should you have one?

Of course, security and privacy are major reasons why you would want a VPN. For example, if you’re connected to a public Wi-Fi network — like the ones you typically encounter at local cafes and airports — using a VPN encrypts the information you’re sending or accessing online. This means your credit card details, login credentials, private conversations, or other sensitive documents can’t be intercepted by a third party.

VPNs are also useful for accessing geo-restricted websites. If you’re traveling abroad and certain US websites are blocked in that region, you can connect to a VPN located in the US to access the sites you need.

Which VPN should you choose?

Given the increasing demand for secure online privacy, VPNs are surging in popularity. The following considerations can help you find the right one.

1. Cost
While free VPNs are available, we strongly suggest you avoid them as they could keep logs of your internet activity, and in some cases sell them to data brokers or worse, cybercriminals.

Maintaining a VPN service is also expensive, which means the free ones will likely plaster ads on your browser to make a quick buck.

Paid VPNs like SurfEasy and StrongVPN often come with more robust features and configurations that keep you secure. Prices differ depending on a VPN’s features and subscription length, and remember that how you pay is also important. Some VPNs offer anonymous payment systems like bitcoin while others allow you to use gift cards to avoid giving out your personal information.

2. Location
The physical location of VPN servers is important if you want to access region-blocked websites. So if you’re planning on accessing a UK-based service, your VPN provider must at least have servers installed in London.

3. Capacity
Read through a VPN provider’s terms of service to determine how much data you’re allowed to use. If possible, find out how many servers a VPN provider has. If they have plenty of servers online, you can rest assured that they have the capacity to support your internet browsing.

4. Device compatibility
Another important factor to consider is whether the VPN can be used across multiple devices. Nowadays, employees work on laptops, tablets, and smartphones, so you’ll want a VPN that’s compatible with all these.

5. IP leaking
Beyond the fundamental nuts and bolts of the VPN protocol, there are other challenges like dealing with leaky tunnels, which means your IP address could be tracked. A great way to evaluate a VPN service is to sign up for their free trial service and visit https://ipleak.net. This will allow you to check whether your real IP address is actually being leaked. If it tracks your physical location, you should opt for a more reliable VPN service.

VPNs are now a vital component of cybersecurity, and if you need help selecting the right one for your business, consult with our security experts today. Lanlogic also offers comprehensive cybersecurity services so no hacker or third party can get their hands on your data.

Posted in Uncategorized | Leave a comment

Beware of apps bundled with Windows 10

By EDITOR 

While you might think that getting free software with your new Windows 10-powered device sounds like a good idea, it’s not. Beyond taking up storage space and diverting processing power, pre-installed software such as trial versions of video games, antivirus programs, and web browser toolbars — collectively called “bloatware” — can make your device vulnerable to cyberattacks. Read on to learn how to be bloatware-free.

In the middle of 2014, Lenovo users noticed something awry with their web browsers: banner ads were breaking webpage layouts and pop-ups made surfing unpleasant. A deep dive into the problem led to the discovery of a pre-installed software called Superfish — adware that jumps in the middle of your internet connection to stuff web pages with ads. Not only was this bloatware irritating, but it also made connections unsecure, leaving users vulnerable to hackers.

Software behemoth Microsoft has developed and deployed its fair share bloatware as well. The Windows 10 operating system, in particular, has plenty of them, such as:

  • 3D Viewer (previously called Mixed Reality Viewer)
  • Calculator
  • Calendar
  • Candy Crush Soda Saga
  • Disney Magic Kingdoms
  • Groove Music
  • Mail
  • Movies & TV
  • Paint 3D
  • Snip & Sketch
  • Sticky Notes
  • Voice Recorder

These programs are called bloatware because users don’t necessarily want them, yet they’re already installed on computers and take up storage space. Some of these even run in the background and slow down computers without users knowing it.

While many of these programs are pleasant add-ons for those who find value in them, many users prefer to start with a leaner operating system due to storage space and processing power concerns. If they want a particular software, they prefer to download it themselves. This gives them greater control over their machines and how they experience their hardware and software.

Like Superfish, other Windows 10 bloatware can also cause critical vulnerabilities. The most ironic example of this was a pre-installed version of Keeper Password Manager. Instead of keeping passwords safe, it allowed malicious people behind any website to steal passwords. While Windows 10 users needed to enable Keeper to store their passwords for them to become vulnerable, it makes you wonder why such a flawed password manager app is there in the first place.

How to rid yourself of bloatware

Removing inclusions you did not ask for is a hassle in and of itself, but thankfully, the process is not too tedious:

  1. Click the Start menu, then the gear icon.
  2. In the Settings window, select Update & Security.
  3. On the left-hand side, click Recovery.
  4. Select Learn how to start fresh with a clean installation of Windows and follow the instructions.

Bloatware not only clutters your laptops and PCs, but it can render your business vulnerable to cybersecurity breaches as well. Save yourself from tons of headaches down the line; learn more about protecting your computers from bloatware. Call our Lanlogic team of IT experts today!

Posted in Uncategorized | Leave a comment