Researchers Discover a bug in WiFi Encryption

Nearly everyone with a laptop, "pad" or smartphone regularly uses public and private Wi-Fi access points. Many have what's called WPA2 Security on them. We all dutifully setup a relatively complex password to get on these WiFi systems. Once done, our machines automatically connect to these networks when we're in range.  Perfect, easy, and secure - well not quite.

Several months ago, a vulnerability in WPA2 was discovered. Most of the big guys (Microsoft, Apple, etc.) quicly patched their operating systems, some even before the WiFi access point manufacturers. If your systems were automatically updated, you were likely fine. The non-technical press recently caught on to what's been going on and the articles started flowing and so did the phone calls and emails to us about the condition of clients WiFi systems. 

This article from the FTC does a good job of reviewing the issue in a non-technical fashion. Be cautious as always about how you access WiFi networks, particularly public ones.

You’ve read recent news stories about a vulnerability discovered in the WPA2 encryption standard. (Some reports refer to it as KRACK – Key Reinstallation Attack.) Should this be of concern to your business? Yes. Does it warrant further action at your company? Absolutely.

If you or anyone at your business uses a smartphone, laptop, or IoT device connected to a Wi-Fi network, the information sent over that network could be at risk. Researchers have found a bug that lets attackers “break” WPA2 – the encryption that protects most wireless networks – leaving data you send exposed.

The bad news is that this isn’t just a problem with a specific device or manufacturer. It’s a problem with the encryption standard nearly all Wi-Fi devices on the market use to scramble communications, prevent eavesdropping, and deter tampering. The upshot is that if anyone at your business uses a device to connect to a wireless network at work, at home, or on the road, this bug means they can’t rely on that connection being secure.

[More]

SSN For Authentication is all Wrong

There is much being written about digital identity these days.  This article, although a bit hard to follow, does a good job of explaining the difference between "identification" and "verification".  All important in our digital age.

Unless you were stranded on a deserted island or participating in a zen digital fast, chances are you’ve heard plenty about the massive Equifax breach and the head-rolling fallout. In the flurry of headlines and advice about credit freezes an important part of the conversation was lost: if we didn’t misuse our social security numbers, losing them wouldn’t be a big deal. Let me explain: Most people, and that mainly includes some pretty high-up identity experts that I’ve met in my travels, don’t understand the difference between identification and verification. In the real world, conflating those two points doesn’t often have dire consequences. In the digital world, it’s a huge mistake that can lead to severe impacts.

Isn’t it all just authentication you may ask? Well, yes, identification and verification are both parts of the authentication whole, but failure to understand the differences is where the mess comes in. However, one reason it’s so hard for many of us to separate identification and verification is that historically we haven’t had to. Think back to how humans authenticated to each other before the ability to travel long distances came into the picture. Our circle of acquaintances was pretty small and we knew each other by sight and sound. Just by looking at your neighbor, Bob, you could authenticate him. If you met a stranger, chances are someone else in the village knew the stranger and could vouch for her.

[More]

The Equifax Hack - Now What?

 

 

Each day, the news regarding the Equifax breach, where upwards of 143 million account records were exposed through a flaw in a web service, keeps getting worse.  On September 20th, we learned that apparently, the initial breach occurred sometime prior to March 2017 when Equifax hired an outside security company to review their systems but then, nearly four months went by before Equifax cyber-security personnel discovered it extent.  And then it was nearly two months later before the general public was told about it. It will likely be months or years till the full details and extent of the breach is fully understood.

There have been many other hacks and breaches over the past several years.  Many, like the Yahoo email address breach were much larger, exposing several times more user information. In the Yahoo hack, over a half billion email accounts and passwords were possibly exposed.  So why is the Equifax breach far more serious?  Because of the amount of personal data that’s stored by Equifax in one set of records. Nearly all important information about individuals including social security numbers, dates of birth, employment information, banking, loans, mortgages, and credit card information is right there. For the “bad-guys”, it’s a treasure trove.

[More]

Dealing with Ransomware

Ransomware can ruin your day. It can be an annoyance or it can wreck you company or organization. The most important piece of advice we give our clients that, in spite of everyone's best efforts, should they be attacked by ransomware is to first: DO NOTHING! Call us. We've been quite successful in helping to recover from ransomware attacks, even for those who are not our clients. However, once non-technical people start trying to fix an attack themselves, things can spiral out of control very quickly. This article from our friends at Norton by Symantec provides basic advice for individual and small systems users. It also contains good general advice for users and systems of all sizes.

Malicious software that uses encryption to hold data for ransom has become wildly successful over the last few years. The purpose of this software is to extort money from the victims with promises of restoring encrypted data. Like other computer viruses, it usually finds its way onto a device by exploiting a security hole in vulnerable software or by tricking somebody into installing it. Ransomware, as it is known, scores high profile victims like hospitals, public schools and police departments. Now it has found its way into home computers.

The nefarious ransomware business model has turned out to be a lucrative industry for criminals. Over the years its ill repute has made law enforcement team up with international agencies to identify and bring down scam operators.

[More]

New Petya Ransomware similar to WannaCry

 

The problems with Ransomware attacks continue. Be extremely cautious of emails from unknown senders or even emails from known sources that appear unusual or have unrecognized links.  Here's an up-to-date summary of what's known about these exploits and how to protect your systems.

A new ransomware attack called Petya, PetyaWrap, or GoldenEye began spreading worldwide on June 27th, and it looks similar to the WannaCry outbreak in May. It targets Microsoft Windows operating systems and so far reports show that all systems from XP to Windows 10 are susceptible.

[More]

More Entries