We just upgraded our Active IT monitoring technology to help our clients believe even more in the great service we can provide them! This addition allows multiple off-site backups and monitoring, virtual servers that keep your office active and secure if your server should go down, anti-spyware monitoring and protection, security patch management, one click remote access and diagnosis for servers and PC’s, 24×7 system monitoring and much more. This is something that can take the worries and hassle out of IT.
Updating our ability to Secure your Business
February 24th, 2010 by KyleHackers – Who are these people?
February 24th, 2010 by nateComputer hacking. Who are these people? Why do they do this? How do they make money?
Since we focus on securing data for business here at Network People, I’m asked these questions often. I’ve attached a link to a Wall Street Journal article that describes how a hacker in China got his start and learned the trade. It also describes how hacking works and the money he made.
A few hackers from China admit to having 17,000 followers. This was revealed after one of them was put in jail for said occupation. However, the hackers quote to his 17,000 followers after he was released from jail on good behavior was frightening: “Bread will come. Milk will come. Everything can be restarted all over again.”
Did you know that hackers can control literally thousands of computers as zombie-slaves? In China they call them “chickens.”
Did you realize that some cybergangs are similar to multi-level or “pyramid” sales networks?
Local Data Security Breaches
February 22nd, 2010 by kellyEmployee Theft and Bot Net attacks are the most common attacks we are seeing in the Tampa Bay Area. In the last few months Network People has dealt with more security breaches than in the last 14 years. For more information join our Educational Event on Thursday March 25th for a full report.
Security Breach and Policies
February 17th, 2010 by kellyBelow is an overview of a couple articles recently written about a Security Breach that affected thousands people because a lack of policies. A United Kingdom insurance giant Zurich has lost a tape backup in transit to South Africa. Because the lack of efficient policies this has cost the large corporation of Zurich client trust, future revenues, and potential fines.
On October 22 of this year insurance giant Zurich UK announced to the public the loss of data relating to 641,000 customers due to a security breach. During the transit of a data tape to a secure storage unit in South Africa a year prior is when the suspected breach occurred. The tape backup contained details of 51,000 UK customers, Zurich’s entire South African customer base of 550,000 clients, alongside the details of 40,000 customers in Botswana. Some of the data contained names and contact details as well as bank details for client payments. The customers, authorities, and the public were alerted to the breach in an attempt to minimize any future potential identity theft.
Annette Court, the chief executive of general insurance for Europe and Zurich Financial Services, said the loss was “unacceptable” and that the company takes security “very seriously.” In addition she stated, “We are putting a great deal of investment into strengthening our internal processes to ensure that incidents of this nature do not happen again in the future” and admitted that Zurich’s’ security procedures had failed. (Neal, D) After reviewing the articles found on Zurich we are made aware by Ms Court that there were some internal processes that failed. Ms Court did not state whether or not this was a violation or simply a process not followed properly so we cannot conclude whether this was a malicious or an accidental breach of the data.
The Yorkshire Post did quote Ms Court stating, “we have no evidence that our customers’ data has been accessed or compromised in any way.” A 2009 identity theft Study from Javelin Strategy & Research reveals that 71% of fraud happens within a week of stealing a victims’ personal data, therefore we can hold our breath and hope that this was just an accidental breach of data. Although due to the short time elapsed we will not know for a while until an investigation is completed. Some policies that come to mind that should have been implemented and followed to prevent this breach would include encryption of mobile data and procedures for taking inventory when an item arrives and leaves.
If the company utilized Symantec Backup Exec 11d for their tape backups then the best practices guide for this application states the Backup Exec administrator could have placed a 256-bit AES encryption on the data with a passphrase of 16 or more characters. According to Dekart.com with a 16 character passphrase this would take about 1,872,000 years to identify by a brute force attack. So in the event a backup tape was compromised the likelihood of the data becoming exposed is extremely rare.
Trusted Web Sites Infecting Users
February 15th, 2010 by KyleNow even safe websites may be unsafe!
In a story by Robert Lemos of “Technology Review,” researchers at the University of California did a 4 month study. The findings are frightening:
1. More than 6,500 websites hosting malicious code redirected nearly 340,000 visitors to malicious sites.
2. 13.3% of visitors were infected with malicious or unwanted files
Two important factors were found from this study. First, Windows AND Mac computers were infected. Many believe Macs are much safer. Second, over half the machines infected had antivirus software running on the machine.
The researchers found that both business sites and the seedier porn sites were hi-jacked. This is interesting because it used to be that just the seedier sites were the main problem.
So what do you do about this? The number one defense is to regularly patch and update the computer. It’s like we’re all in a race. Those of us trying to use the computer as a tool are racing the hackers who are trying to break in to our tool and make money. Unfortunately, hackers are much better at designing tools to break in than average users are at updating their systems.
Who could be you?
February 12th, 2010 by KyleIdentity Theft Helpful Websites
Identity-Theft is the fastest growing crime in America; 9.9 MILLION victims were reported last year, according to a Federal Trade Commission survey!
10 Ways to Prevent Cybercrime
February 11th, 2010 by kellyNOTHING CAN INSURE YOUR SECURITY.
No matter what you do, no matter how many measures you put in place, it is important to understand that if someone wants to get into your data, if they try hard enough, eventually they can. That being said, there are many simple steps you can take to decrease your risk of cybercrime. Most criminals will access data that is easy to reach instead of data that is difficult to breach.
1. Use Good Password and Update Regularly:
A good rule of thumb is to have 8 characters or more with a combination of letters and numbers. Update every 3 months and do not keep them in writing near your computer.
2. Firewall Protection:
Like a traffic cop… a firewall helps direct only safe traffic into your system. Don’t leave your computer connected without firewall protection. (WARNING: when installing new software beware of new ports that can be opened that bypass the firewall.)
3. Install Anti-Spam and Anti-Virus Protection:
Minimizes your risk of viruses and BOT attacks (WARNING: it is important to keep this updated. Don’t’ ignore messages that asking you to update.)
4. Keep Systems Updated and Protected:
When possible set up automatic updates. These updates keep security measures updated as new malicious code is developed.
5. Never Download a File If:
You are not 100% confident about it’s CONTENT and SOURCE.
If someone sends a file to you that you are not expecting. Email them to confirm that they sent it. (WARNING: This applies to Pop-Ups too!)
6. Beware of Hidden File Extensions:
Executable malicious code can be hidden in file extensions that are not readily viewed. Make sure you can view the entire file name and know any hidden extensions before opening a file.
7. Do Not Share or Publish Your IP Address on Games or Forums:
An IP address can allow a criminal access beyond your firewall.
8. Don’t Store Confidential Personal Information on Your Computer:
This includes social security numbers, bank accounts, credit card numbers on your system unless the data is fully protected.
9. Back Up Your Data!
Make sure to have a clean copy of your data and the ability to fully restore your system should you experience a breach.
10. Turn Off your System When Not in Use:
If you are not connected, your data can’t be hacked or hijacked.
