Discover how mastering email communication can boost business efficiency, avoid common pitfalls, and ensure secure, respectful online interactions.
Turkey Revenge
The turkeys are pissed this Thanksgiving they are seeking revenge.
Germs Infest 60% of Americas Phones
60% of Americans sleep with their phones, harboring germs. Cleaning regularly with UV sanitizer or alcohol wipes can help keep your phone and bed germ-free.
Smartphone Sanitizing: A Practical Guide
Securely erase personal data from your old smartphone before recycling. Protect your identity from hackers—easy steps to follow.
Why Soft Skills Matter in Today’s Job Market
Boost your career with essential soft skills like communication, teamwork, and emotional intelligence. Learn why they’re crucial for workplace success.
You Can Stop Cyber Attacks
Seems like every week another major cyber attack is reported. Cyber attacks expose the personal details of millions of users worldwide. Companies are spending over $70 billion to fight off cyber attacks. But even with the best systems in place, hackers can still easily breach the company’s defenses if staff aren’t also being security conscious.
T
he Business Insider spoke with Christopher Young, general manager of Intel‘s (INTC) Security Group (aka McAfee) about cybersecurity. He told BI that employees can prevent data theft. The Intel GM says there are two things that every employee should be doing to help keep their company safe from cybercriminals.
“Think before you click. That is the number one thing that every average employee in an organization can do,” Intel’s Young said. He cites a recent Intel survey of security professionals (PDF), which found that humans are still the weakest link when it comes to an organization’s security. According to the report, successful attacks against companies most often stem from three things:
User errors caused by lack of awareness,- Unofficial use of online services, and
- Using social media sites at work.
Basically, employees are clicking links they shouldn’t be, which can give attackers a way in. One way attackers get in is through the inbox. Mr. Young told BI
Emails are the number one way that attackers are getting in … They [cyber criminals] are crafting emails and attaching malicious files to those emails and their entry points into these organizations is often through tricking the average user or click on an email attachment and launch a malicious file.
I recently wrote how attackers have honed their spear-phishing skills, making dangerous emails less obvious. BI says employees need to be vigilant and ask questions about all the email they receive that raises even the slightest suspicion. Intel’s Young warns staff to question every email.
You should ask why am I getting the email? Why is there a file attached to it? Why am I being asked to click on it? And you should ask all of this before clicking.
The second big thing which Business Insider recommends that employees should do to help keep their company safe is to report any suspicious emails or attachments. And if someone does click on a link or download a file that raises eyebrows, report it as soon as possible so that the company’s security team can investigate quickly. Mr. Young explains that an early alert can help contain an attack. “So if the average employee smells something they should report it.”
rb-
The IT industry needs to develop a mascot like Smokey the Bear who reminds everybody that “Only You Can Prevent Forest Fires.”
Maybe we could put Clippy back to work to pop a little reminder every time you click on an email to open it.
Related articles
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
Category: Uncategorized |
Tags: 2015, Big data, Clippy, INTC, Intel, Malware, McAfee, Phishing, PII, Security, Smokey the Bear, Social media, spear-phishing
Spear Phishing
As long as there have been people, there have been scammers of some kind. Today, cybercriminals use the same technology email, instant messaging, chats, that helps everyone else in their daily lives. The only difference is that they use it for wrongdoing. The results of a recent JPMorgan Chase company hack prove it. The banking giant fell victim to a spear phishing attack.
The outcome of the JPMorgan Chase & Co., hack says that over 76 million user accounts were compromised. It is also very likely that other banks were breached by the same attackers. The breach of JPMorgan Chase should serve as a reminder that even large, sophisticated businesses can be breached by today’s phishing expeditions.
Attackers were able to penetrate JPMorgan Chase’s defenses and roam their networks undetected for months most likely due to one worker who fell victim to a spear phishing attack. Corporate security and hackers are engaged in an asymmetric fight right now. The good guys have to protect the entire enterprise while the bad guys only need a single point of failure to gain access, just one user to fall victim to a spear phishing attack and they are in.
The bad guys have the advantage
Anyone can claim to be a Nigerian prince from behind their computer screen and bilk unsuspecting targets for their financial information over email. All it takes is a valid email account – personal or otherwise. With the hacker’s advantage in mind, here are some tips to help avoid spear phishing attacks and prevent the attacker’s access to your firm.
Spear Phishing
Today’s phishing attacks are not the crude, typo-filled emails from Nigeria of yesteryear. Spear-phishers carefully research their targets. They will know your manager’s name, the names of your co-workers, and perhaps the projects you’re assigned to. This knowledge and detail make spear-phishing very effective.
No matter what the nature of an email account is, it is susceptible to all the dangers of the Internet. This is bad news for businesses that use email, and a lot of organizations out there fit that bill to a T. The more that a company uses email, the greater the chance that they will experience a data breach of some kind.
There is really nothing stopping a well-crafted phishing scam from appearing in a corporate inbox and fooling an unwitting employee. Here is a look at three of the email-based scams that could be threatening your business right now:
Vendor identity fraud
According to a report from Virginia TV station WHSV, the Better Business Bureau is warning businesses of a recent scam that targets this daily operation as a way to siphon money from corporate bank accounts. The BBB describes the attack:
As part of your job, you pay invoices for several of your business’s vendors … One day, you receive an urgent email from an executive in your company telling you to change how you pay invoices from a vendor. Instead of sending a check, you now need to wire the money straight to a bank account.
This phishing attack is made possible by malicious hacking. Cybercriminals break into company emails and gain enough information to impersonate one of the organization’s suppliers. Next, they send off the false email that tells some poor admin to wire the payment to the hackers instead of the supplier and leave businesses out hundreds of thousands of dollars depending on the nature of the vendor.
Hackers impersonate branch of FBI
Nobody likes being accused of crimes that they didn’t commit. This is especially true when the FBI is involved. But a new scheme involving the Internet Crime Complaint Center has many people thinking their arrest is imminent if they do not fork over a hefty fine via online transaction – something that is unheard of in real law enforcement agencies and that the FBI has been forced to address. DailyFinance contributor Mitch Lipka wrote:
The emails claim that the victim is the subject of a criminal report and that charges are forthcoming … They are then told that they have one or two days to respond or risk arrest, IC3 said. Those who respond are told they have to send money via prepaid cards if they want to avoid prosecution.
Fooled by “clients”
Lawyers are trained to always read between the lines and examine the fine print in legal documents, but what about in their supposedly secure communications?
This is one concept that has been inadvertently brought up in New Zealand thanks to a scam targeting law firms and their clients. There are plenty of things that can be done over email, but that doesn’t mean that they should be. Client and lawyer communications are one of these tasks. According to The National Business Review, criminals will pose as either a law professional or someone they currently represent, asking the opposite party to make a payment or carry out a transaction. This not only puts funds in danger but also sensitive information. This may land a law firm in serious legal trouble.
Related articles
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
Snoops Offer Security Tips
In one of the more ironic, notice I did not say tragic, turns in the post-Snowden era, the National Security Agency (NSA) has published a report with advice for companies on how to deal with malware attacks. FierceITSecurity says the report (PDF) boils down to “prevent, detect and contain.” To be more specific, the report recommends that IT security pros:
Segregate networks so that an attacker who breaches one section is blocked from accessing more sensitive areas of the network;- Protect and restrict administrative privileges, in particular high-level administrator accounts, so that the attacker cannot get control over the entire network;
- Deploy, configure, and monitor application whitelisting to prevent malware from executing;
- Restrict workstation-to-workstation communication to reduce the attack surface for attackers;
- Deploy strong network boundary defenses such as perimeter and application firewalls, forward proxies, sandboxing and dynamic analysis filters (PDF) to catch the malware before it breaches the network;
Maintain and monitor centralized host and network logging product after ensuring that all devices are logging enabled and their logs are collected to detect malicious activity and contain it as soon as possible;- Implement pass-the-hash mitigation to cut credential theft and reuse;
- Deploy Microsoft (MSFT) Enhanced Mitigation Experience Toolkit (EMET) or other anti-exploitation capability for devices running non-Windows operating systems;
- Employ anti-virus file reputation services (PDF) to catch known malware sooner than normal anti-virus software;
- Implement host intrusion prevent systems to detect and prevent attack behaviors; and
- Update and patch software in a timely manner so known vulnerabilities cannot be exploited.
The author quotes from the report;
Once a malicious actor achieves privileged control of an organization’s network, the actor has the ability to steal or destroy all the data that is on the network … While there may be some tools that can, in limited circumstances, prevent the wholesale destruction of data at that point, the better defense for both industry and government networks is to proactively prevent the actor from gaining that much control over the organization’s network.
rb-
For those who have not been following along, the TLA’s have been attacking and manipulating anti-virus software from Kasperskey.
We also now know suspect that the TLA’s have compromised at least one and probably two hardware vendors. The Business Insider recalls, way back in 2013, as part of the Edward Snowden NSA spying revelations.German publication Spiegel wrote an article alleging that the NSA had done a similar thing — put code on Juniper Networks (JNPR) security products to enable the NSA to spy on users of the equipment.
Over at Fortinet (FTNT) they had their own backdoor management console access issue that appeared in its FortiOS firewalls, FortiSwitch, FortiAnalyzer and FortiCache devices. These devices shipped with a secret hardcoded SSH logins with a secret passphrase.
The article seems like advertising for the TLA’s hacking program.
Related articles
- NSA and GCHQ reverse engineering anti-virus software (kitguru.net)
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow him at LinkedIn, Facebook and Twitter. Email the Bach Seat here.
Category: Uncategorized |
Tags: 2015, Anti-Virus, Backdoor, Edward Snowden, Firewall, Fortinet, FTNT, JNPR, Juniper Networks, Kaspersky Lab, Privacy, Reverse engineering, Security, SSH, TLA
British Petroleum Connects Oil Rigs to Internet
In one of the stupidest moves outside of the U.S. gooberment lately, British Petroleum (BP) has connected 650 of its oil wells to the “Industrial Internet.” The same BP that spilled 4.9 million gallons of oil into the Gulf of Mexico in 2010, now plans to connect 4000 oil rigs around the world to the Internet, via the Internet of Things.
An article at FierceBigData says that by connecting its wells to the Internet of Things (IoT), BP engineers will gain real-time access to common machine and operational data sets. The aim is to use the data to make better decisions, improve efficiency, prevent failures and reduce costly downtime.
Kate Johnson, General Electric (GE) Intelligent Platforms Software CEO and GE Chief Commercial Officer who is running the project for British Petroleum said in a statement to the press.
… our strategy is simple: Get Connected. Get Insights. Get Optimized. By connecting BP’s oil wells around the world, we’re giving them access to better insights that can ultimately drive new efficiencies in their oil fields and increase oil production.
Apparently, GE’s software will allow BP to capture, store, contextualize and visualize data in real-time.
The author clarifies that “Industrial Internet” is a term GE dubbed for Internet, there are just more things connecting to it. And many of the same problems will grow as a result, namely security issues and data breaches galore. Here’s hoping BP and GE are careful to build security in from the ground up and not an add-ons afterthought. Hopefully, there were lessons learned from the Internet’s earlier days.
rb-
The latest IoT insecurity is that Chrysler cars with U-Connect can be cyber-tagged from miles away. I have covered IoT insecurity issues for a while here, here, and here. With all of that in mind..…
Like the author says, hopefully, GE gets it right, because BP’s track record is abysmal. IF they don’t get it right, economic terrorists could use flaws in the IoT to cut off oil production from these wells to drive up the cost of oil from other wells in the middle-east. Ecological terrorists could use these same flaws to blow up oil rigs like what happened at Deep Water Horizon in 2010 and contaminate all the Gull of Mexico or the Alaska North Slope or Africa or Saudi Arabia. What would happen if they were able to blow up all 4,000 wells due to weaknesses in the IoT stack?
Related articles
- BP to pay $18.7 billion for 2010 oil spill (cinewsnow.com)
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.
Category: Uncategorized |
Tags: 2015, BP, Deepwater Horizon oil spill, GE, Gulf of Mexico, Industrial Internet, Internet of Things, IOT, Oil well
Apple favors IPv6 as IPv4 Dries Up
The American Registry for Internet Numbers (ARIN) has reported that the IPv4 well is just about dry in North America. On 01 July 2015, ARIN had to refuse a request for a block of IPv4 addresses. The ARIN statement says that there are still a few IPv4 numbers available in smaller block sizes. But for all intents and purposes, there are no more unassigned public IPv4 addresses. As of July 18, 2015, the ARIN IPv4 Deletion page reports only 335 /24 IPv4 address ranges are available. It is time to start looking at IPv6.
The good news, according to FierceEnterpriseCommunications, is the IPv4 drought isn’t yet affecting most of the internal networks of enterprises. But it’s just a matter of time before it starts to have a greater impact on the largest of enterprises. Microsoft (MSFT), for instance, found it was out of IPv4 addresses a few weeks ago. And for the first time in ARIN’s history, they denied a company that requested a large block of IPv4 addresses. Tom Coffeen, chief IPv6 evangelist at Infoblox, in a statement to FierceEnterpriseCommunications explained:
Though the IPv4 well has run dry and threatens service providers, the sky hasn’t yet landed on enterprise networks … Most enterprises still rely on private IPv4 for their internal networks. The small number of public, routable IPv4 addresses required to connect enterprise networks to the Internet is typically provided by the ISP, making IPv4 much more critical for Internet services providers.
One company that is reacting to IPv4 scarcity is Apple (AAPL). Apple’s latest operating systems – iOS 9 for iPhones and iPads and OS X El Capitan for Macs are designed to take advantage of IPv6. The new operating systems select the fastest connection with the lowest latency, whether IPv4 or IPv6, using the Happy Eyeballs algorithm, explained David Schinazi, the CoreOS networking engineer at Apple. Devices use the Happy Eyeballs algorithm to decide which protocol to use, as many applications use a “dual-stack” approach to networking, making available both IPv4 and IPv6 connections.
FierceMobileIT says this worked out to be a 50/50 split between IPv4 and iPv6 in iOS 8 and OS X Yosemite, but for the new OSes, IPv6 will be chosen by the algorithm around 99 percent of the time, according to Apple beta testing. Apple’s Schinazi wrote in a post on the Internet Engineering Task Force mailing list that Apple considers IPv6 mainstream.
IPv6 is now mainstream instead of being an exception, there are less broken IPv6 tunnels, IPv4 carrier-grade NATs [network address translations] are increasing in numbers, and throughput may even be better on average over IPv6
The author reports that testing performed by Apple shows that the new OSes should use IPv6 addresses around 99 percent of the time. Apple operating systems have supported IPv6 by default for Mac users as part of the OS X 10.2 Jaguar release in May 2002.
Mr, Schinazi cautioned that both OSes are in beta so things might change for the final versions. “If this behavior proves successful during the beta period, you should expect more IPv6 traffic from Apple products in the future,” he added.
Related articles
- North America’s IPv4 address supply is running dry (techreport.com)
Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedIn, Facebook, and Twitter. Email the Bach Seat here.