Security of data and networks, an issue that companies are taking seriously. They’re going to great lengths to protect themselves from external threats and are, for the most part, safe from them. And yet, there are still stories about how businesses are being infected by malware. If they’re safe to the external environment, where’s the threat coming from?

In recent years the majority of security threats and compromises have come from within the company. A common threat to companies is the logic bomb - malware that targets IT systems and deletes data. As a logic bomb is introduced from within the network, the blame often lies with a disgruntled employee with full access to internal systems.

Insider threats Giving employees full access to the network when they don’t need it is a common mistake often made by companies. There’s little need for an employee who does graphic design to have access to weekly sales records. This practice could set your company up for a considerable security problem in the future.

Dawn Cappelli, an insider-threat expert at the Carnegie Mellon Software Engineering Institute stressed, "These types of insider attacks happen to businesses of all sizes, from small companies to very large corporations." This is an important issue businesses should be aware of if they want to remain secure.

Take Precautions Security threats can be a particularly harsh nightmare for small businesses, as many don’t have an IT department or staff with the technical expertise needed to maintain a secure network. If you’re one of these organizations, it’s a good idea to hire an outside consultant to help you with your network security. With consultants, it’s important that you maintain close contact with them to ensure any issues that crop up are dealt with expeditiously.

If you don’t work with an external company there are a few things you should do when you have an employee leave the company. First, their accounts should be deleted immediately and their access privileges should also be revoked. Second, if you have accounts with shared passwords, you should change them to ensure an ex-employee can’t gain access to the system.

If you’d like to learn more about internal security, and measures you can take to ensure you are safe, we are ready to help you. Please contact us.

If you mention “OS X” and “virus” in the same sentence, you’ll get some weird looks from Mac users. Traditionally viruses and trojans on OS X were near non-existent, but there’s a Mac specific trojan, codenamed Flashback, that has affected more than 600,000 computers. This is big news as it shows that machines running OS X may not be as secure as first thought.

Many Mac owners are unsure of what exactly the Flashback trojan is, what it does and how to ensure they’re not infected. We’re here to help clarify the situation.

What is a Trojan and What Does Flashback Do? In general terms, a trojan is a piece of malicious software that infects a computer and gives control of part, or the whole computer to hackers. The Flashback trojan takes advantage of an OS X Java vulnerability and infects computers by tricking them into downloading a fake Java update.

When the program is installed, Flashback will download and install the main trojan code without the need for permission from the administrator. From there it proceeds to hijack your browser, redirect search queries to websites developed by hackers, and then take advantage of pay-per-click advertising.

Why Should I be Worried? While this version hijacks your browser, there are far more sinister things it could do. As this trojan acts as a downloader, there’s nothing stopping the developers from updating the malware to steal passwords, banking information and other confidential information.

How do I Ensure My Mac is Clean? Apple has released an update for machines running OS X 10.6 and later. The first step you should take is to update your computer to patch the vulnerability. To update your Mac:

1. Press the Apple logo, located in the top right hand of your screen.
2. Select Software Update...
3. Press Install and Restart.

While the patch will prevent Flashback from working, it won’t delete the program if you’ve been infected. The Internet security company F-Secure has developed a script that scans your computer and removes Flashback if found. Once you have downloaded the script, open and run it. The script will search your computer and place the infected files in an encrypted ZIP folder labeled Flashback_quarantine.zip.

Flashback has infected a higher number of Macs than any other trojan to date and goes to show that Macs also have security flaws. This also serves as a reminder that you should have a virus scanner and security program running on your Mac. If you have any questions regarding the security of your Mac or other devices, please don’t hesitate to contact us. We are here to help keep your machines secure.

In the past five years, there has been a significant rise in the sharing of files and information between computer users. Many businesses have also taken to sharing files using cloud services and peer-to-peer (P2P) networks, allowing users to share files with each other over the Internet. This brings about a number of issues, both with file recoverability and overall security.

With the seizure of a number of cloud storage and sharing websites, including Megaupload, and the seemingly omnipresent malware in P2P files and the shaky security in relation to P2P networks, businesses have had their hands full staying secure. Do you know what your options are when it comes to data security?

Cloud Services Knowhow The recent seizure of Megaupload’s files and servers by the US Government caught many people and businesses unprepared. While Megaupload’s main purpose was file sharing, it was found that a large number of organizations were using their services to store files. If you had files stored on Megaupload, the chances of getting the files back are non-existent.

It needs to be pointed out that many cloud services don’t guarantee that files stored on the service will be recoverable in the event of a crash, or disruption in service, e.g., a government seizing servers. If you read the user agreements of a number of major cloud services, they all have clauses stating that if data stored on their service is lost for any reason, it’s gone forever, and the hosts can’t be held liable for losses.

Risks of P2P With high speed Internet widely available at low prices, P2P file sharing has become incredibly popular, it’s almost uncommon to find someone who has never used a P2P service. If you or your employees use P2P at your office, there are a number of potential security threats you should be aware of:

• The unknown share: If you put a file in a folder that is shared on a P2P network, it’ll be shared with all other people connected to that folder and almost anyone can access it. This is normally done by mistake, i.e., not looking where the file will be saved when you save it. There’s also malware out there that will move files into a shared folder which the developer of the malware can find and upload with ease and without the user knowing it is happening.
• Open network: Typically P2P works on open networks: users give and share. What this means is that when using P2P on a poorly configured network, the whole network could be unsecure, allowing for access to other computers connected to the network.
• Untracked data: If you share a document with another person, and they then share it with others, there is potentially, an unlimited amount of people that can get the data. If you want to take it back, it can be impossible to do so, even if the original document is deleted.
• Storage hijacking: There’s news of malware that has been developed with the purpose of downloading illegal material onto your hard drive. This could pose a problem if the data is found, as you will be liable.

What Should I do? With regards to cloud services, as with anything that comes with a contract, the first thing you should do is gain an understanding of it by utilizing reading material such as blogs, news articles and Wikis. It’s a pain in the neck, but it’ll help you understand the boundaries of the program and your responsibilities. Remember that if you go to court to get files back from a company, and it becomes known that you didn’t read the agreement, you’ll probably end up losing that case.

Second, it’s not recommended to keep single copies of data on one cloud service. Chances are high that in your business, you store your data and backups in a place separate from the computer. This makes sense with the cloud as well - keep your data with a number of different cloud services. If it’s important enough, have physical backups of what you put in the cloud.

For P2P networks there are also a number of steps you can take to protect the data on your network:

• The most obvious one is to ban employees from using any file sharing services outside of your network.
• If you do allow file sharing, it’s a good idea to establish and strictly enforce a protocol for this. You should also set which users are allowed to share files, and what files are appropriate to share. Be sure that all staff are aware of your policy and the measures that will be taken in the event of any deviations.
• Develop a system to classify documents by whether or not they can be shared, and who they can be shared with.
• If you work in an office where you need to share files, but don’t want to use a P2P network or the cloud, and are unsure of other solutions out there, don’t worry. There are companies that specialize in document sharing solutions that should be able to provide you with assistance.

The most important thing is that whatever the situation is, you take action to try to solve the problem while frequently revisiting the actions to ensure that they are working. If you’d like to learn more about document sharing over the cloud, or via P2P networks, give us a buzz. We’re more than happy to help.

Ever since the computer became a household item, malicious software has been developed, aimed at causing havoc, or worse, stealing information. Businesses and governments have spent untold amounts of money to ensure safety from all sorts of cybercrime, but it is still a rising trend.

A quick Google search for “cybercrime trends” yields over 78 million results, the majority of which are likely to affect large enterprises or governments. While it is beneficial for all businesses to be aware of the major trends, there are a number of threats that will affect small businesses more than others. Here are some current cybercrime trends that SMEs should be aware of.

Mobile Malware Smartphones are becoming ever more popular, and with this popularity has come an exploding number of apps. Malware developers have been picking up on this during the past few years and there have been an expanding number of apps dedicated to attacking your phone or mobile platform. The most common type of malware on mobile devices is spyware, followed by SMS Trojans. SMS Trojans run in the background of some applications, and make international calls or text messages from the developers’ services causing huge phone bills. The final form of malware targets online payment apps on the phone.

One of the main reasons this form of malware has become so popular is due to the openness of some markets, such as the Android Market. The owners of the app markets are working to track down and get rid of the guilty apps on their marketplaces, but you still need to remain vigilant. while installing apps. Look at the developer of the app - how many times has it been downloaded? Maybe double check the app’s integrity online before installing and double check the app on the internet.

Open-Source Malware Kits A common thing malware developers do is write code for malware and then sell it to interested buyers. But a rising trend is that developers are writing malware that is open-source—any person can download and change it. The worrying thing is, many developers of already powerful malware have been releasing open-source versions of their software. This means that there will be an increase in the number of malware attacks out there, as devious developers can easily come up with more elaborate hacks.

Banking Trojans Along with the open-source malware kits, there has been an increase in the number of banking trojans—aimed at stealing account information and passwords. While these trojans have been a threat ever since banks first started offering online banking, they have become popular again as people and businesses are starting to move their online banking onto mobile devices, and the trojan software is easily accessible. This makes mobile banking apps an easy target.

With cybercrime on the increase, now is a good time to review your security, ensure its up to date and remind employees of your mobile device policy. If you don’t have a policy in place, or feel that your security is inadequate, give us a call, we are happy to help you. Remember: with good security and knowledge, there is no reason you should fall victim to cyber theft.

Hackers have gotten pretty advanced in the past few years, and one of the most complicated hacks talks to you while it goes about its business. There is a new hack targeting businesses with the aim of stealing banking information. Be on the look out as this is one of the most devious hacks yet.

The hack, a variation of the Man-in-the-browser (MITB) hack, is a form of Trojan horse that mainly infects a Web browser and has the ability to change a Web page, insert orders or transactions covertly. The user will not notice any change to the website. This particular hack infects user’s computers with a Shylock malware program, a new form of malware that focuses on bank accounts and financial transactions.

The user goes to a banking website, attempts to log in and is given an error message stating that security checks are being undertaken. After a few minutes a window pops up telling the user that a representative from the bank will be contacting them to go over their account details. A chat window will open up and the “representative”, who is really the hacker, will ask the user for their account information. While the user and hacker are talking, the hacker will log into the account and proceed to go to town, so to speak.

At this time, it seems like the hack is not widespread, but it is spreading, and it is one of the more sophisticated programs out there. To learn more about this or any other security threat that may have you worried, please contact us.

A clever new scam is being perpetrated by cybercriminals to steal valuable information from their victims. Called phone scamming, a cybercriminal pretends to be someone else over the phone to mislead users into revealing protected information about themselves or their employer. Read on to find out how you can save yourself from being fooled.

Unfortunately, there are people with bad intentions who want to cheat you of time and money. Phone scammers use fear to prey on unsuspecting people to steal information that they can use, by pretending that they can help you with imagined computer problems or offering some helpful-sounding enticement. Your employees are the targets of these scams, as well as your first line of defense.

Here are some tips for preparing your front line to deal with these types of phone support scams.

Never trust unsolicited calls

It may seem like common sense, but when an employee is busy or distracted, it can be easy for a phone scammer to sound convincing and trustworthy. Scammers can be very clever and sound legitimate by claiming that they represent a software company like Microsoft or Google, and they often use publicly available phone directories, so they might know names and other business information when they call. Make sure your employees know that an unsolicited tech support call should never be trusted… ever.

Don't be fooled by claims to "help"

Scammers often offer to help solve a computer problem or sell a software license. Once they have an employee talking, they might try to:

• Trick your employee into installing malicious software that could capture sensitive data, such as online banking user names and passwords.
• Take control of your employee's computer remotely and adjust settings to leave the computer vulnerable.
• Request credit card information so they can bill you for phony services.
• Direct your employee to fraudulent websites that ask for credit card or financial information.

Employees should be on guard to verify, take names, and hang up if there is any question.

Take precautions

If you use an MSP or other outsourced IT services company, make sure that your employees know who they are and the security procedures that they follow. Monitors that IT providers offer can help to improve your security system and avoid malware issues.

Security should be a key part of your IT plan. Let's talk about how we can help you prevent the unthinkable.

Businesses are constantly looking for exploitable holes in their security systems to protect themselves from hackers. But while your focus may currently be on the security of your employees' laptops and smartphones, it appears that the very heart of your corporation could have been left wide open.

Boston based Rapid7 is a security company that specializes in finding holes in computer systems, and earlier this year their chief security officer, HD Moore, found a way to remotely spy on top firms' conference rooms across the nation.

Moore wrote a program that scans the Internet for unsecured videoconferencing systems, and found that by simply calling in, his researchers could not only see and hear inside boardrooms, but they could also move the camera and utilize its zoom. In less than two hours, they had gained access to 5,000 video conference systems.

Information at Risk

If a hacker can access your boardroom through your videoconferencing equipment; your company is left extremely vulnerable. Private conversations, trade secrets and privileged financial information are all up for grabs. By operating the camera using mouse gestures, a hacker could see who is present at your boardroom meetings. Silence will afford anonymity no longer.

Once in, a hacker could also see who's on your speed-dial and connect to any boardroom on your list, negating security measures that your colleagues or customers may have put in place.

Protect Company Information

While time and money have been put into ensuring your videoconferencing equipment's visual and audio clarity, it's time to make security your number one priority. If you are still using unsecured systems set up outside firewalls, it's time to evaluate the system and look at alternatives.

In addition, systems that include a feature that automatically accepts inbound calls so users do not have to press an "accept" button every time someone dials in are adding to your security risk. Anyone can dial in and look around a room, and the only sign of their presence is a tiny light on a console unit.

There are trade-offs with every connection you make from your business to the outside world. Make sure that you are aware of the risks and taking the security steps that are right for your company. Call us if you would like to make your boardroom more secure.

Wireless hotspots can be a boon, but they can also be a danger. Learn ways to properly protect yourself so you can safely use hotspots.

Wireless internet access, or WiFi, is now so common that it can be found virtually anywhere—in airports, shops, restaurants, and other public spaces. The near ubiquity of these wireless "hotspots" can be a great boon for many of us who need Internet access to check on emails for work or updates from friends on our favorite social network.

Unfortunately not a lot of people know about the risks these wireless hotspots potentially pose. Here are 8 ways to ensure you can surf securely from wireless hotspots:

1. Disable your WiFi adapter when not using your wireless device. This ensures that your device does not connect to any wireless hotspot without you knowing it.
2. Connect only to secure hotpots. In many places, open networks implement no password and no encryption, potentially exposing everything you send out from your computer to malicious hackers. Therefore, whenever possible it's best to connect in places where some encryption—either WEP or WPA, is employed. Often your device will show a lock icon to identify secure, password protected and encrypted hotspots vs open and unsecured ones.
3. Use VPN or Virtual Private Networking. VPNs allow you to establish a secure channel of communication to your office network over the public Internet.
4. Use only secure software. The use of software is also something you should be aware of—some browsers , instant messengers, email clients, and online services are more secure than others. So use the more secure ones such as those that implement some sort of encryption or similar methods whenever possible.
5. Disable sharing. If your device or operating systems share resources such as folders, printers, and other items, consider turning them off to lessen the possible entry points into your system which malicious hackers or software can exploit.
6. Use a firewall. For example, most modern desktop computers have a firewall built in which acts as a barrier between your device and malicious software and hackers. These can bar from entry or filter out any attempts to access to your system without your approval.
7. Encrypt files. If you have sensitive files on your computer, consider encrypting them so you can avoid having them fall into the wrong hands if your system does get compromised.
8. Remove sensitive or confidential information from your device before using hotspots. This is the safest way of ensuring that your valuable data isn’t compromised when connecting to hotspots.

Wireless hotspots can be great for anyone traveling on business or for those always on the road. Being proactive regarding the security issues that you might encounter can go a long way in ensuring your safety and privacy when using them. If you or others in your business need to go online using hotspots, we can help you set up your machines for secure access by implementing security software, consulting on software security, and more. Contact us today to find out more.

Malware is a serious threat to any system, especially those that belong to any sort of business. Financial and personal data as well as other important company information can be compromised by a single successful attack. One way to prevent malware from entering your system is through disabling the AutoRun feature for portable drives.

One of the most common entry points of malware and viruses into a system is through USB thumb drives. Besides the fact that these little drives, while versatile, get plugged in to numerous CPUs which increases the risk of them picking up some sort of infection, the AutoRun feature on most (if not all) portable drives enables certain malware to automatically install itself into the system the USB is currently plugged into.

The AutoRun function is not harmful by itself – it was originally designed for more convenient file management and use of portable drives. However, a number of malware and viruses have harnessed this function to enable easier entry into an otherwise secure system.

The most feasible solution, besides running frequent security checks against any portable drive that's plugged into your system, is to disable AutoRun. This will cost you some convenience in the short run, but will gain you much more system security. There are several system utilities that can disable AutoRun for you, or you can do it through the Windows registry.

If you want to know more about disabling AutoRun and making your system more secure from various modes of infiltration or attack, please contact us so we can discuss possible custom solutions that best meet your needs.