As if the internet weren’t already a scary enough place, with cybercriminals lurking everywhere and unleashing malware at the rate of hundreds of thousands a day, the holiday season can be the stuff of nightmares. Cybercriminals really ramp up their wicked game on CyberMonday and during the holiday season – knowing full well more people are shopping online.
Their goal – the dupe you into giving them what they love most – your personal information. With it, they can scam you a thousand ways to Tuesday. But there are ways to protect yourself – and most involve simply being aware of their schemes and tactics.
Watch for emailed coupons that claim to come from a legitimate retailer. You’ll most likely see it in your email as a notification from someone you’ve done business with before, but in this case, the sender might be waving a $100 coupon in front of you. When you click to redeem it, you’ve just opened yourself up to malware that can give cybercrimnals access to your private information.
Keep your eyes open for fakers. Many fraudsters will play with the spelling of popular sites, such as Amazon or Walmart by adding a letter, word or phrase, such as Amaazon.com or Walmart-outlet.ct. And, with URL shorteners being so prevalent, it’s easy to fall prey to a fake site that doesn’t have the typical “.com” extension. Again, visiting such a site can be dangerous.
Be Reasonable. Be Wise. Would Target reeeeally be sending you a $100 gift card for no reason? Redeeming such offers will require you to go to a site where you’ll be asked to enter your email address and password. Legitimate sites will never ask you for that info, or your SS #, bank account info, etc.
A new cyber threat emerged recently, and it puts any person using a wireless network, even one with a secure password, at risk of being hacked.
The bug, called KRACK (Key Reinstallation Attack), is essentially a fundamental flaw in the WPA2 (Wi-Fi Protected Access 2) encryption that is used on all modern Wi-Fi routers. This security protocol, an upgrade from WEP, is used to secure communication between all the players in a network – routers, mobile devices, the Internet of Things. The issue in question with this threat is a flaw in the four-way handshake that permits devices using a pre-shared password to join a wi-fi network.
It gives anyone with malicious intent, and the physical proximity to the network, the ability to hack into a device that’s logged in to the system. They can then exploit that flaw to decrypt traffic like credit card information, hijack connections and passwords, and eavesdrop on communications sent from that WPA2-enabled device.
Vendors have been in the know about this for a while, and most have rushed into action to prepare patches and prevent masse exploitation of the bug. So far, so good.
But this newest vulnerability – one that could potentially affect millions of casual users at the local coffeeshop or restaurant – simply points out the fact that cyberthreats will never be eradicated. As soon as one issue is resolved, cybercriminals will be searching for the next flaw, bug or vulnerability to attack.
So how can we stay protected? Staying on top of security measures is imperative:
You may have noticed that cryptocurrencies like Bitcoin have taken off this year. Their market capitalization went from about $18B in January 2017 to more than $110B in June. The foundation of such digital currency is built on a technology called ‘blockchain.’ This is the foundation that enables users of the digital assets to trust that the asset actually exists. In other words, it establishes trust in an otherwise most untrustworthy environment, such as the internet. How does it do that? Blockchain can also be described as ‘distributed ledger.’ The ledger of transactions in a blockchain is public; anyone can see them. You can’t see details (such as people’s names), but the transaction itself is public. For Bitcoin this basically means that amount ‘X’ was transferred from ‘wallet A’ to ‘wallet B.’
Blockchain technology establishes trust by having computers equipped with lots of processing power (aka miners), to validate that information in the chain has not been tampered with. The motto is ‘easy to validate, hard to break.’ As transactions are recorded, they are written into blocks of data that are pre-determined sizes. Once the block is filled, it is encrypted so the contents of the block can’t be read or modified. A hash is then generated from the encrypted block and written into the header of the next block. This is the part that creates the ‘chain’ in blockchain. Now that the hash is written into the header of the next block, if anything is changed, the hash won’t match – effectively breaking the chain and making it blatantly obvious that data has been tampered with.
The blockchain itself is stored in full on millions of computers around the world. These are the miners responsible for validating the data in the chain and adding new transactions to the blocks. The reason for so many copies of the blockchain is so if someone does manage to crack the encryption of a block and change data, it would immediately be detected by the rest. They would form a ‘consensus’ saying that block of data was tampered with, and overwrite it. The ‘consensus’ part is just as important to the trust as the encryption.
Cryptocurrencies – aka ‘digital assets’ – have been growing in popularity since Bitcoin was created in 2009. Its creation was based on a white paper that described a currency immune to manipulation by using mathematical algorithms as a method of regulation. Since then, thousands of cryptocurrencies have popped up; some survive, others have died. Today we’ll explore what cryptocurrency is, and how you use it.
A cryptocurrency such as Bitcoin is designed to be regulated by mathematical algorithms to both generate units of the currency as well as secure it. This is as opposed to a central bank providing these functions. There are currently about 16.5M bitcoins in circulation and only 21M will ever exist. Bitcoins are generated as transactions are processed, but a logarithmic function cuts production in half every time 210k ‘blocks’ of data are processed. This function combats inflation, since more bitcoin cannot simply be ‘minted,’ as is the case with a fiat currency. All of this happens on a network that is decentralized, thus ensuring that no one entity can make a change to bitcoin. Depending on what a proposed change is, it may require as much as a 95% consensus among individuals that process bitcoin transactions before a change can be implemented. These individual transaction processors – aka ‘miners’ – are scattered around the world. This decentralization makes it impossible to change the way the currency operates in a way that is unfair to any group. To provide security, every miner has a full copy of the entire ledger of previous transactions as they validate new transactions, adding them to the ledger. This layer provides the security necessary to make sure the previous transactions have not been tampered with, that funds are available, and that they can prevent things like double spending. Compare this to a centralized processing agency like Visa/MasterCard, where all transactions are processed by a central authority in order to validate funds and prevent double spends.
To transact in cryptocurrencies, you’ll need a ‘wallet’ in which to store your money. This wallet consists of a unique address or identifier. The most common way to fund your new wallet is by exchanging US dollars for cryptocurrencies through exchanges such as CoinBase. When funds are added to your wallet, the transaction is written to the public ledger aka ‘blockchain’ (more on this in an upcoming blog).
How Data Solutions Are Changing in 2017
Like every year, 2017 is bringing a whirlwind of changes to the software industry. When it comes to listing the biggest 2017 IT data trends, the same categories seem to make an appearance year after year. While it’s true that artificial intelligence and the Internet of Things are still major unknowns within the software industry, advances in these new technologies are being used in surprising ways. Find out what changes this year has in store for IT professionals everywhere.
IoT and Data Security
With one major hack after another, the IT community is slowly wising up to the limitations of the Internet of Things or IoT. Smart objects and household appliances that are connected to the Internet are becoming catnip for hackers all over the world. Data security professionals have been largely focused on securing users’ hard drives, smartphones and computers, effectively overlooking IoT as a pivotal part of cyber security. Companies are starting to rethink their approach to IoT in hopes of avoiding another major breach.
How the World of Data Recovery Is Changing in 2017
As the world of big data continues to explode across the IT/software industry, so does the world of recovery data solutions. Backing up and securing sensitive data has become the name of the game. Some of the world’s largest companies are pouring millions of dollars into making sure that their employees’ and their consumers’ data stays out of the hands of hackers and malicious third parties. Take a look at how companies are securing their data using the latest 2017 IT data trends.
Flexibility Above All
One of the biggest concerns companies have with regard to data security is the cost. New cyber security threats are popping up left and right and the cost to keep up with these trends is costing companies a fortune. That’s why IT professionals and software developers are making their products more flexible. Clients are now able to choose which features or elements of a piece of software they pay for based on the size and scale of their data operations. Start-ups and those that are new to data security benefit by saving money, paying only for the features they need.
What Can IT Professionals Expect from President Trump?
There’s been a lot of commotion coming out of Washington since President Trump took office on January 17th. While the new president has yet to pass a major new piece of legislation through Congress, the Trump administration has been signaling towards some major changes when it comes to development data solutions and the Internet as a whole. Learn more about what changes IT professionals can expect from the Trump administration in the weeks and months ahead.
Reversing “Net Neutrality”
One of the most notable changes coming out of the Trump administration is its attitude towards what’s known as “Net Neutrality.” This Obama-era regulation treats the Internet like a basic utility, which means that service providers are not allowed to favor certain types content. The new chairman of the Federal Communications Commission Ajit Varadaraj Pai believes in doing away with “Net Neutrality” altogether. (Forbes Contributor Dr. Granados) As the FCC prepares to undo much of the Obama administration’s work on securing the freedom of the Internet, expect more IT companies and Internet behemoths to start testing the waters when it comes to providing certain content to users.
Changes for Healthcare IT Professionals
Virtually everyone walking around in the civilized world today holds in their hand a device that cybercriminals can use to make their lives miserable.
It’s not only computers and laptops that users have to be concerned about; mobile devices are equally as vulnerable to attacks, especially since most people now use their smartphones and tablets to access the Internet and their email.
The four biggest cyber security threats faced by device-users:
Known Unpatched vulnerabilities: New viruses and malware are being deployed every day, by the millions in fact, but the good news is that technicians are getting better at discovering and identifying the threats and quickly creating “patches” to nullify those vulnerabilities. The risk to a user increases significantly when users don’t, for any number of reasons, deploy those patches – usually via app and system updates – even when the risk and remedy is known.
Unknown Unpatched vulnerabilities: Of course, many of these millions of threats go unidentified and, therefore, unpatched. These unknown threats are significant and can lead to everything from a loss of data to identity theft to financial catastrophe. Another name for these threats are zero-day vulnerabilities.
When a Security Breach Leads to Business Closure
When a company suffers a data breach, the costs can be exorbitant. But protecting sensitive information is about more than just dollars and cents; it’s about brand loyalty, name recognition, and a company’s reputation. Having a vulnerable security system can be fatal for some companies. Small business owners need to be aware of the real costs of a data breach and learn why it’s so important to protect their business from hackers and other cyber security threats.
IT Manpower and Increasing Overhead
When a data breach happens, the first toll it takes on a business is manpower. Employees will be rushing around in order to identify the cause of the leak, retrieve any lost information, and get the entire system up and running again. The business will probably have to bring on a team of IT specialists to make sure that the business is protected against any vulnerabilities. Simply put, all of those extra expenses add up. According to the National Cyber Security Alliance, the average cost of a data breach is $80,000. Most small businesses simply cannot afford to incur the cost of such an expensive mishap.
Time Away from Your Customers
The cost of a data breach doesn’t end there. All of this confusion and scrambling to get the system back online usually results in time away from customers. If the business cannot function in the days or weeks after a data breach, the business has no choice but to turn their customers away. That usually means a hefty loss in revenue. In some cases, the cost of data breach can far exceed the original $80,000 average. It all depends on how the business operates and what’s at stake for their customers.
A Tarnished Reputation
Despite all of the extra expenses and the time away from customers, the biggest imposition of a data breach is ultimately the affect it has on a company’s reputation. Almost all businesses have their customers’ payment information on file. What is a customer supposed to think when they see their private information in the hands of some malicious third-party? They will almost immediately lose faith in the business that’s supposed to have their back. This could result in a mass exodus of customers, who will take their business to a company that’s seen as more reliable. Even if the business takes steps to improve their overall security, one data breach is one too many. Some companies never fully recover as they watch their reputation get dismantled overnight.
Data breaches are the one thing that small business owners simply cannot afford to overlook. It all starts with a finely tuned security system and a stellar IT department that knows how to keep a company’s information safe and sound. Come to The Network Support Company today for a range of small business security solutions.