Oh "!*&^" Our Website Just Got Hacked!

About once a month, we get the call - "Something or someone has hacked our website, email, desktop, or server."  The calls rarely come from regular Computing Center clients but it does happen. We are there to help and have a lot of experience in recovering and restoring and getting systems going again. This article from HP descrbes the major steps that are taken to deal with hacks. You can do-it-yourself, but as we tell our clients - we do this work all the time and isn't your time better spend doing what you do?

What do you need to do to get your site back online? Three steps to recovery.

After the initial panic subsides, your mind starts racing and you find yourself asking the question, “What do I (or my IT folks), need to do to get our site back online?” Read on for more...

What are the first few things you do when the alarm goes off on Monday morning? If you're anything like me, your morning ritual includes a bold coffee blend and a quick perusal of social media before settling down at your desk for the day.

[More]

Researchers Discover a bug in WiFi Encryption

Nearly everyone with a laptop, "pad" or smartphone regularly uses public and private Wi-Fi access points. Many have what's called WPA2 Security on them. We all dutifully setup a relatively complex password to get on these WiFi systems. Once done, our machines automatically connect to these networks when we're in range.  Perfect, easy, and secure - well not quite.

Several months ago, a vulnerability in WPA2 was discovered. Most of the big guys (Microsoft, Apple, etc.) quicly patched their operating systems, some even before the WiFi access point manufacturers. If your systems were automatically updated, you were likely fine. The non-technical press recently caught on to what's been going on and the articles started flowing and so did the phone calls and emails to us about the condition of clients WiFi systems. 

This article from the FTC does a good job of reviewing the issue in a non-technical fashion. Be cautious as always about how you access WiFi networks, particularly public ones.

You’ve read recent news stories about a vulnerability discovered in the WPA2 encryption standard. (Some reports refer to it as KRACK – Key Reinstallation Attack.) Should this be of concern to your business? Yes. Does it warrant further action at your company? Absolutely.

If you or anyone at your business uses a smartphone, laptop, or IoT device connected to a Wi-Fi network, the information sent over that network could be at risk. Researchers have found a bug that lets attackers “break” WPA2 – the encryption that protects most wireless networks – leaving data you send exposed.

The bad news is that this isn’t just a problem with a specific device or manufacturer. It’s a problem with the encryption standard nearly all Wi-Fi devices on the market use to scramble communications, prevent eavesdropping, and deter tampering. The upshot is that if anyone at your business uses a device to connect to a wireless network at work, at home, or on the road, this bug means they can’t rely on that connection being secure.

[More]

SSN For Authentication is all Wrong

There is much being written about digital identity these days.  This article, although a bit hard to follow, does a good job of explaining the difference between "identification" and "verification".  All important in our digital age.

Unless you were stranded on a deserted island or participating in a zen digital fast, chances are you’ve heard plenty about the massive Equifax breach and the head-rolling fallout. In the flurry of headlines and advice about credit freezes an important part of the conversation was lost: if we didn’t misuse our social security numbers, losing them wouldn’t be a big deal. Let me explain: Most people, and that mainly includes some pretty high-up identity experts that I’ve met in my travels, don’t understand the difference between identification and verification. In the real world, conflating those two points doesn’t often have dire consequences. In the digital world, it’s a huge mistake that can lead to severe impacts.

Isn’t it all just authentication you may ask? Well, yes, identification and verification are both parts of the authentication whole, but failure to understand the differences is where the mess comes in. However, one reason it’s so hard for many of us to separate identification and verification is that historically we haven’t had to. Think back to how humans authenticated to each other before the ability to travel long distances came into the picture. Our circle of acquaintances was pretty small and we knew each other by sight and sound. Just by looking at your neighbor, Bob, you could authenticate him. If you met a stranger, chances are someone else in the village knew the stranger and could vouch for her.

[More]

The Equifax Hack - Now What?

 

 

Each day, the news regarding the Equifax breach, where upwards of 143 million account records were exposed through a flaw in a web service, keeps getting worse.  On September 20th, we learned that apparently, the initial breach occurred sometime prior to March 2017 when Equifax hired an outside security company to review their systems but then, nearly four months went by before Equifax cyber-security personnel discovered it extent.  And then it was nearly two months later before the general public was told about it. It will likely be months or years till the full details and extent of the breach is fully understood.

There have been many other hacks and breaches over the past several years.  Many, like the Yahoo email address breach were much larger, exposing several times more user information. In the Yahoo hack, over a half billion email accounts and passwords were possibly exposed.  So why is the Equifax breach far more serious?  Because of the amount of personal data that’s stored by Equifax in one set of records. Nearly all important information about individuals including social security numbers, dates of birth, employment information, banking, loans, mortgages, and credit card information is right there. For the “bad-guys”, it’s a treasure trove.

[More]

Dealing with Ransomware

Ransomware can ruin your day. It can be an annoyance or it can wreck you company or organization. The most important piece of advice we give our clients that, in spite of everyone's best efforts, should they be attacked by ransomware is to first: DO NOTHING! Call us. We've been quite successful in helping to recover from ransomware attacks, even for those who are not our clients. However, once non-technical people start trying to fix an attack themselves, things can spiral out of control very quickly. This article from our friends at Norton by Symantec provides basic advice for individual and small systems users. It also contains good general advice for users and systems of all sizes.

Malicious software that uses encryption to hold data for ransom has become wildly successful over the last few years. The purpose of this software is to extort money from the victims with promises of restoring encrypted data. Like other computer viruses, it usually finds its way onto a device by exploiting a security hole in vulnerable software or by tricking somebody into installing it. Ransomware, as it is known, scores high profile victims like hospitals, public schools and police departments. Now it has found its way into home computers.

The nefarious ransomware business model has turned out to be a lucrative industry for criminals. Over the years its ill repute has made law enforcement team up with international agencies to identify and bring down scam operators.

[More]

More Entries