August 4th, 2014
An initiative in New York City would turn largely abandoned pay phones into WiFi stations to supply residents with free internet access. On the surface, this seems like a great deal, but there are inherent security risks connected to a free WiFi network. At Computer World, Evan Schuman discusses the potential dangers of a city-wide WiFi network and some dangers to be aware of for free WiFi in general.
The first aspect of such a network to be concerned about is who is providing it. Among the vendors that were invited to bid on New York’s proposed project were companies notorious for using and selling their users’ data, including Google. With no limitations in place, the vendor supplying these WiFi stations would be able to track users’ locations, what devices on the network are being used for and potentially even what is being transmitted over the network. All of this available data would likely be used or sold for advertising. But what happens if someone besides the vendor wants to steal this data?
In a city-wide WiFi network, users would never know who else was connected and positioned to steal anything transmitted over that network. For the same reasons that its dangerous to send important emails or make online payments in a coffee shop, it would be inadvisable to use a city-wide WiFi network for anything beyond casual web surfing. Even logging into social media sites could lead to attacks or hacks down the road.
Now think of these issues from a business viewpoint. Many employees are walking around with sensitive data on mobile devices. This company data becomes extremely vulnerable on an unprotected wireless network. This proposed network in New York, which other cities across the US are also considering, would be largely unprotected because it would be free to anyone, regardless of device or service provider.
There are options for security, even when connecting to a vulnerable network. Most notably, VPNs, or Virtual Private Networks can be used to keep other users from accessing your data. For Apple devices, the next operating system, iOS 8, is rumored to include security features to keep users safer on public WiFi. Still, there are plenty of concerns.
For help securing your own wireless network or device, or to recover from an attack, call Geek Rescue at 918-369-4335.
For business solution needs, visit our parent company JD Young.
July 9th, 2014
When it’s time to upgrade to a newer smartphone, what should you do with your old phone? If it’s too old, or no longer functioning, you’ll probably look into recycling it. But, if it’s still in good shape, you can sell it for good money. The problem is that selling your phone might also mean giving someone else access to your data. AT ZDNet, Jack Schofield reports that a recent experiment by security company Avast revealed how vulnerable even deleted data is on smartphones.
Avast bought 20 previously owned Android smartphones off of eBay to find out how much data they could recover from the previous owner. Even though the phones had been wiped and returned to factory settings, the team was able to restore emails, text messages, images, contacts and even a completed loan application rich with valuable personal information.
All of this was possible through the use of available forensic software.
So, is selling your old smartphone really worth it if you’re risking losing control of your personal data? Probably not. There’s also an added worry with more employees using their personal smartphones for business. Their company’s data could be at risk also if they decide to sell their old smartphone for a few extra bucks.
There are plenty of apps available that claim to be able to effectively wipe your phone, but it’s hard to find out which are actually able to do the job. Many experts suggest that the only way to truly erase what’s stored on your phone is to destroy the hard drive completely.
This vulnerability is bad news for those who want to sell their old devices, but it could be good news for those who have accidentally deleted or lost access to important data. In those cases, it’s likely that those files can be restored through the right process.
At Geek Rescue, we’re able to recover lost, deleted or corrupted files from all devices. We also help secure your device, or reset it to factory settings. Whatever your need, give us a call at 918-369-4335.
June 13th, 2014
It’s long been understood that Google, Facebook and many other popular websites record users’ data. That data is used a variety of different ways, but most commonly it’s to produce more targeted ads that are relevant to you. This week, Facebook announced that they’ll begin collecting data from users’ browsing history for advertisement purposes over the coming weeks. Naturally, many users feel this is too invasive. At Gizmodo, Ashley Feinberg published a detailed walk-through for how to opt out of Facebook’s new policy. Here are the steps you’ll need to take.
The first thing to understand is that Facebook collects and uses this information by default, so if you don’t want to participate, it requires some proactive effort on your part. To do that, visit the Digital Advertising Alliance’s ‘Opt Out From Behavioral Online Advertising’ page. Turn off any type of ad blocker and make sure to enable cookies for the site to work. To be clear, this doesn’t stop Facebook from collecting information about your browsing history. This only limits how they are able to use that data. Unfortunately, if you want to keep your Facebook account, you’re pretty much accepting that they track your online behavior.
- Companies Collecting Data
Your first action at the Digital Advertising Alliance’s page should be to use the ‘Companies Customizing Ads For Your Browser’ tab. Scroll down to Facebook and check mark it. This is a good time to also look at other websites and companies who have similar policies and opt out as you need to. Then, with all companies that you want checked, hit ‘Submit’.
Chances are, you’re using Facebook’s mobile app also. To opt out on an Apple device, go to the ‘General Settings’ tab and open ‘Restrictions’ then ‘Advertising’. ‘Limit Ad Tracking’ will be a switch you can simply turn off. For Android users, visit the ‘Google Settings’ tab then ‘Ads’. Select ‘Opt-Out Of Internet Based Ads’ and you’re done.
That’s all it takes to be free from overly-invasive data collection on Facebook and other websites. Again, this doesn’t stop them from collecting data, it only stops them from using it to target you with ads.
For help locking down your valuable data, improving your computer’s security or other IT issues, call Geek Rescue at 918-369-4335.
May 16th, 2014
It’s important to have proper security tools in place to protect your computer from attacks and malware. Tools like antivirus programs, firewalls and router security are essential. If you’re a Windows 8 user, you’ve even got some handy built-in security features to assist. At Window Security, Ricky and Monique Magalhaes list the various security features you’ll enjoy with any version of the Windows 8 operating system.
You may not ever notice, but Windows 8 has made a concentrated effort to improve the security associated with wireless internet connections. By extending support to Mobile Extensible Authentication Protocol standards they’ve done just that and made it easier to connect to secure networks.
There are a few different scenarios where you’d need to remotely remove data from your device. If a device is lost or stolen, or if your company allows employees to bring their own device and you need to remove data after an employee has left the organization are just a couple. Windows 8 includes a remote data removal feature to help protect both users and administrators.
Windows 8 offers Unified Extensible Firmware Interface, or UEFI, which probably doesn’t mean much to you. It’s an interface between the operating system and the firmware that’s a significant upgrade in security over previous operating systems. When attackers gain access to and manipulate the firmware, it’s extremely bad for the user. UEFI keeps this from happening.
Windows Defender comes with Windows 8 and while that isn’t a new feature, it does have enhanced performance and decreased memory usage. While Defender and other features of Microsoft Security Essentials are useful, they’ve never been meant as stand alone security solutions. Using them in addition to other antivirus and anti-malware programs creates a more secure environment.
Improved and added security features in Windows 8 aren’t limited to what’s listed here. Microsoft clearly concentrated on improving security for their users with the latest version of their operating system, but that doesn’t mean that using Windows 8 security features alone will keep you safe from malware. These features are only a part of an effective security infrastructure.
For help with security for your PC or business, or to recover from an attack or malware infection, call Geek Rescue at 918-369-4335.
March 27th, 2014
In a previous post, false positives were listed as a factor in ranking the best available security tools. Even for an individual user, false positives can hinder the effectiveness of your security infrastructure but they become significantly more costly when applied to an entire company’s network. Ken Westin of The State of Security explains how false positives and an over-emphasis of security contributes to an insecure environment.
When’s the last time you heard a car alarm and reacted like there was a car in the area being broken into? The car alarm is a perfect example of false positives causing a lack of security. They go off constantly, which has made people ignore them in every situation. They’re now just noise.
In the case of security tools, antivirus programs that flag every download as a potential virus or even those that constantly warn you about a new application running with access to the internet turn into noise. If nine out of ten of the alerts you get from your antivirus program are safe to ignore, the one legitimate warning will likely be ignored also.
In a corporate environment, when the different security tools running don’t communicate with each other, they all flag the same perceived threat. Again, this puts IT professionals in a situation where it’s habitual to ignore security alerts, rather than investigating them.
The gut reaction to a breach of security is to add to the number of tools protecting a network. While that may help protect previously uncovered endpoints, it also creates an overlap of the existing tools. Without an infrastructure that works together, you’re just creating more noise and no more protection. In the case of many more complex security resources, staff will spend an exorbitant amount of time debugging and integrating these tools, which significantly decreases the amount of time available to monitor and mitigate threats.
The tactics of attacks evolve quickly and there are more highly targeted attacks victimizing businesses than ever before. Since most security tools work by recognizing known characteristics and patterns of previous attacks, these tools are less effective at spotting and preventing threats to a network. That’s why it’s increasingly important to have a team in place to review data and activity so a breach can be detected early.
Effective network security requires and investment, but it needs to be made intelligently. For help creating a security infrastructure for your business, contact Geek Rescue at 918-369-4335.
March 4th, 2014
There are dozens, hundreds or even thousands of important files stored on your computer’s hard drive. What happens when vital files are deleted by accident? Files can be infected with a virus, corrupted or lost due to hardware damage. Or, you may just delete an entire folder only to realize later that you need some of the files stored in it. As Andy O’Donnell of About reports, a deleted file isn’t necessarily lost forever.
First, it’s important to understand what happens when you tell your computer to delete a file. This is important not only for recovery purposes, but also for security.
Windows users delete a file and send it to the Recycle Bin, which they’ll empty later. Once the Recycle Bin is emptied, most users have lost any means of accessing or recovering those files. But, they may not be completely deleted. In many cases, the actual data is still on the hard drive and only the pointer record, which contains the location of the data, has been deleted.
Without the pointer record, users can’t see files in directories. To find them, you’ll need a special recovery tool, which can be extremely expensive and difficult to use effectively. But, for those with some expertise, deleted files can be found and recovered.
This leads to another problem, however. If files you’ve deleted could still be unearthed by experts that means anyone who steals your computer or buys it legitimately could potentially restore the files you thought you had deleted. That could lead to some costly incidents.
To protect yourself, remove the hard drive from any computer you’re planning to sell. That’s the only way to ensure that no one can find and restore data that you have tried to delete.
Other options aren’t fool-proof, but they are helpful. Use a tool to encrypt your entire hard drive. Regularly use the disk de-fragmentation tool. Format your hard drive before selling it and use a secure drive erase tool, which adds zeroes and garbage data to your drive to make recovery more difficult.
If you need to restore valuable files to your hard drive, call Geek Rescue at 918-369-4335 before spending hundreds of dollars on a difficult to use restore tool.
February 24th, 2014
Over the weekend, Apple released an update to its mobile operating system, iOS. Version 7.0.6 for iOS 7 devices and 6.1.6 for iOS 6 devices were seemingly rushed out to fix a bug that put users’ data at a significant risk. At Gizmodo, Brian Barrett explains why iOS users should update their devices as soon as possible.
The bug, or security vulnerability, that Apple is now attempting to fix involves a flaw in the operation of SSL, which stands for Secure Sockets Layer. Using SSL allows for private and secure communications between your web browser and the servers it need to communicate with to access different websites. When you see the small lock icon appear in your browser’s address bar, that means that SSL is functioning and securing your connection to the site you’re currently on.
Without SSL, everything you send to a server and receive back is up for grabs. SSL verifies that your browser is contacting the correct server for the website it’s displaying, but the Apple bug prevents that from happening. This opens the door for what’s called “man in the middle attacks”, which refers to a third party intercepting data intended for someone else. So, your log-in credentials for any online account you have, payment information for an online purchase, emails and a number of other potentially costly possibilities can all be stolen and monitored by criminals.
The vulnerability affects not only browser Safari, but also Calendar, Facetime, Keynote, Twitter, Mail, iBooks and more. Any time you’ve used one of these apps on an unsecured network, which could be anything from free WiFi in a coffee shop to the network at your job that doesn’t require a password, all the data you’ve accessed and submitted could have been intercepted.
This flaw has an update for devices dating back to the iPhone 3GS and fourth generation iPod Touch. Any devices older than that likely won’t have an update available to fix the problem. This is also an issue for Mac users with the OS X operating system. While there’s a known vulnerability for Macs, there isn’t currently a patch or update to fix it.
While exploits of this vulnerability only recently began being spotted, the SSL flaw has been in both iOS and OS X since September of 2012. For the past year and a half, data has been available through a fairly simple exploit on one of the most popular mobile devices. If you haven’t already updated, do so now. If there isn’t an update available for your device yet, avoid using the affected apps on any unsecured networks.
Security vulnerabilities are a serious concern for any device. If you’ve experienced an attack and have a device infected with malware, or want to explore additional security options, contact Geek Rescue at 918-369-4335.
February 21st, 2014
DDoS are a very real and potentially very costly possibility for any business. An attack capable of making your servers sluggish or unavailable could hit at any time and you need to plan for it. That involves both setting up a proper security infrastructure and planning for how to recover from and mitigate an attack. At TechWorld, Ellen Messmer published tips for what you need to know in order to be properly prepared for DDoS attacks.
A DDoS attack doesn’t come from nowhere and immediately render your servers useless. Instead, a you’ll be able to spot a surge in activity before any real damage is done. That is, if you’re regularly and properly monitoring traffic. If you don’t know what normal activity on your servers looks like, you won’t be able to tell when things are out of the ordinary. If you spot the early warning signs of a DDoS attack, taking the proper precautions can save you from any down time, or at least greatly reduce the damage done.
- Understand Different Attacks
Not every DDoS attack is created equal. There are variations in scope, with data transfer speeds running as low as 5Gpbs for small-scale attacks and upwards of 100-Gpbs for large scale attacks. Some attack specific applications, while others attack a network, website or multiple servers. The ways they produce the attack traffic also varies. Many DDoS attacks also come in conjunction with other types of attacks and are used solely as a distraction. Understanding the different types of DDoS attacks and being able to tell what type of attack you’re dealing with dictates how best to protect yourself.
Just as the nature of DDoS attacks varies, so too do the motivation of the hackers behind them. As mentioned, some DDoS attacks are distractions for more costly attacks and data breaches. Some extort you for money before they’ll stop the stream of malicious traffic. Some are aimed at specific targets because the attackers disagree with the victim’s opinion, or certain policies. It’s important to try to spot an attackers motivation before they strike. For example, holidays are a popular time for attacks because hackers believe companies will be more unprepared with fewer employees on watch. Similarly, if your company has been in the news lately, there might be an attack coming soon.
DDoS attacks can be extremely costly for companies. Even only a few hours of downtime can mean the loss of thousands of dollars of revenue.
For help protecting against attacks and monitoring for them, contact Geek Rescue at 918-369-4335.
February 21st, 2014
A DDoS attack, or Dedicated Denial of Service, interrupts the service a website or network is able to offer, usually by overloading servers with communication requests. In basic terms, the attackers send so much fake traffic to a server that it can’t function normally. As Zeljka Zorz reports for Net-Security, one recent DDoS attack used previously unknown methods to take down more than 300 domains.
The target of the attack was Namecheap, a web hosting service and domain registrar. The fact that a hosting company was the target of an attack isn’t noteworthy. Namecheap has a platform spread across three continents and claims that their infrastructure protects them against nearly daily DDoS attacks. This most recent and successful attack was bigger and different than any previous attempts, however. After overwhelming DNS servers, performance became sluggish or completely unavailable for more than 300 of their hosted domains.
Namecheap estimates the attack to be over 100 gigabits per second, which refers to an extremely high data transfer speed. While other attacks have been observed at 300 or even 400 Gbps for a brief time, the DDoS attack against Namecheap is still considered one of the largest in history. It would have to be to overwhelm such a large scale operation.
Even for a company with a robust security infrastructure and planning in place, this attack knocked them offline for about three hours, which usually equates to thousands of dollars in lost revenue for the affected domains.
DDoS attacks have been growing more common recently and have also improved their tactics. Reflection attacks, which allow for the exploitation of vulnerable servers to multiply the scale of an attack, have grown in popularity and made DDoS attacks more successful.
Specific details of the Namecheap attack have not been released, but from the description, it seems that another new tactic has surfaced.
If a company like Namecheap is vulnerable to DDoS attacks, every company has reason to worry. For help improving your company’s security infrastructure, call Geek Rescue at 918-369-4335.
February 20th, 2014
Nearly every day, news stories are written about security vulnerabilities being patched or exploited. Most users believe that if they keep their applications updated, they’ll be safe from attacks. While it’s true that regular updates do eliminate some vulnerabilities in applications, they don’t take the possibility of a successful attack away completely. As Mark Wilson reports for Beta News, security firm Cenzic recently published its Application Vulnerability Trends Report and found that 96-percent of all applications contain security issues.
Not only does nearly every application being used have security flaws, but also the media number of flaws per application is 14. So, it’s likely that even up to date, well-patched applications still have vulnerabilities that would allow for successful attacks.
The good news is that this grim news is actually an improvement over last year’s report. In 2012, 99-percent of tested apps displayed security flaws. However, the media number of flaws per application was 13.
Mobile users specifically also have the concerns of what downloaded apps are allowed to access. Cenzic found that 80-percent of mobile apps had excessive privileges, which means they’re able to access data they shouldn’t need or are capable of controlling features they shouldn’t be able to.
The takeaway for users is that even a well-secured network, computer or mobile device can be undone by an insecure application. For example, many of the attacks on Apple devices stem from apps with vulnerabilities that have been added to an otherwise secure environment. These vulnerabilities open the door for attackers to access data and remotely control devices.
For businesses, this means that a renewed investment in security is likely needed. If applications your company regularly relies on are likely to contain security vulnerabilities, data needs to be protected in other ways, like encryption.
This also introduces concerns about employees bringing their own devices into the workplace. Apps on those devices that aren’t even used for business could contain flaws that allow attackers onto your network.
To find out how to better protect your data, call Geek Rescue at 918-369-4335.