Remember the weakest link in the chain – your own employees…

we can attempt to stop all hacker attacks from external to the network, but there is not much that can stop an employee with the correct security access from making copies (be it soft or hard copies) of your data and walking off with it.

in this economic time, when companies are downsizing and cutting job, employees are unsure of their future. SOME are taking some steps to copy sensitive company data. This can be used to start a new job, start own company and in some cases – just for revenge !

“People are worried about their jobs and want to hedge their bets,” he said.

“Our study showed that 59% of people will say ‘I’m going to take something of value with me when I go’.” “

check out this new story by the BBC (http://news.bbc.co.uk/2/hi/technology/7902989.stm)

<Gulp!>

: : : : : : : : : : : :

“It found that 16 percent took a first name as a password, often their own or one of their children, according to the study published by Information Week.

Another 14 percent relied on the easiest keyboard combinations to remember such as "1234" or "12345678." For those using English keyboards, "QWERTY", was popular. Likewise, "AZERTY" scored with people with European keyboards.

Five percent of the stolen passwords were names of television shows or stars popular with young people like "hannah," inspired by singer Hannah Montana. "Pokemon," "Matrix," and "Ironman" were others.

The word "password," or easy to guess variations like "password1," accounted for four percent.

Three percent of the passwords expressed attitudes like "I don’t care," "Whatever," "Yes" or "No."

There were sentimental choices – "Iloveyou" – and their opposite -"Ihateyou."

My additional 5 cents on this – not only must you use a nice long password but also dont use the SAME password for each and every website that you visit.

Its amazing how many people use the same password again and again and again – all it takes is one slip up ….

So if you are reading this and you know that your password is on this above list – CHANGE IT !!!

so  here is the story – You have read why you should be careful when using internet cafes in my last post so you now know why you need to have a secure connection which no one can listen to and steal your information.

the basic concept of a VPN (Virtual Private Network) is that it is a secure connection which is made to your company’s network even though you are using an unsecure connection such as internet cafe or your internet service provider.

You need to have a very basic understanding of how your network works.

When you are in the office, your computer gets a Private IP address which is how you connect to your gateway and servers. This is typically something like 192.168.0.5.  Now you leave the office and you still want to connect to your servers (which might be 192.168.0.2)- but here is the catch – when you are out of the office you get an IP address from your internet service provider or from your internet cafe. However, this address is not part of your private network at the office and therefore your computer can not “talk” to your servers (this could be anythign such as 165.146.10.193).  Now from a techie point of view a 165.146.10.193 is a public ip address which can not “see” the private 192.168.0.2 address of your email server. Therefore, you can not get any mail !

So here is what you do :

your network administrator will create a secure “key” or “certificate” that is linked to your account.

When you are off-site and you would make an internet connection

You then open your VPN client (software) which has your certificate built into it

This VPN client makes a secure connection to your office and then assigns you an IP address as if you were on the network !

you can now access your system in a secure way, read your emails, access your file server and even print (all depends on how your system is set up).

just a bit of basic info on  VPN usage…

: : : : : : : : : : : :

When a hacker is looking to penetrate a network, they look for the obvious open doors (in geek talk – open ports).  Once they find these doors, they get information about your system. What is the operating system of the server, which version it is, any updates that are installed – and more importantly any updates NOT installed.

In the cases where the network is so secure that these doors are closed – the hackers cannot gain entry. So the next step is to attack the weakest link – not the firewall, not the server – the USER

This is done by what is known as Social Engineering – this is a process where the hackers gains the trust of someone on the network. The hacker then uses that user to give him confidential information such as username and password.

An example of how this is used – the hacker could send the users on the network an email which seems to come from the internal IT team. This email will contain instruction telling the user to click on the link that will take them to a website (which looks identical to the company website) and then the user will be asked to put in their username and password “in order to comply with a verification process”

Walla – the hacker has a username and password to log onto the system !

Another way a hacker would use  a user is by placing a Trojan program (see previous post on Trojans) on a memory stick. The “helpful” hacker would then hand in the memory stick to someone in the company saying this was found. the unsuspecting user, would do what anyone would do – put the memory stick into their computer to see what is on the stick to trace its owner. As soon as this is done, the Trojan is activated and the hacker has a backdoor to enter the system !

What to do in order to prevent this in your company ?

Awareness, Awareness and more Awareness ! You need to educate people on the network not to give away their password, not to open suspicious attachments, and generally be aware. If they suspect something is fishy, they need to report it.

From a techie point of view – make sure that the Virus definitions are up to date, make sure the pc has a firewall, restrict user’s access to sensitive information and become stricter in the length and complexity of passwords.

Get a security audit done (by Swift Consulting) so you know if your network is safe or not.

Keep your guard up !

: : : : : : : : : : : :

The short version: a business man used an internet cafe to log onto his Standard Bank online banking. This resulted in someone getting his logon details and proceeded to withdraw over R700 000 out of his bank account ! (You can read the full article here)

Banking systems have not implemented that One Time Password, so how are these accounts still being hacked ?

Simple – the one time password, is send via Email to the person whose info was just hacked ! So all the hacker needs to do is log onto the victim’s email, get the One Time Password, and use it on the banking site.

What should you do to avoid this happening to you ?

1. If you must use Internet Cafe – DON’T log onto anything sensitive – like your bank. Rather go to your bank and either do the transactions are the counter or use their in house computer that is set up just for internet banking

2. Watch your bank account carefully – looks out for small transactions that you don’t normally make.

3. Set the One Time Password to be SMSed to you rather than emailed.

4. If you need to access sensitive information rather use a VPN connection (ask Swift Consulting to set it up for your business)

5. Instead of using Wi Fi, rather use a cellular modem to get an internet connection (like the 3G Modems). This makes it much harder for anyone to “sniff” the infromation off your computer.

In case you didn’t notice – we are in the information age. Information is a very powerful currency that hackers sell to not-so-nice people !

Be on the look out !

: : : : : : : : : : : :

FYI – for those who don’t know what Trojans are (frankly that is scary all by itself): Trojans are small programs that are inserted into other programs such as funny video clips or computer games or email greeting card. When you click on the funny video clip whilst it is playing the Trojan program is installed on your computer and there it lives. The Trojan is then programmed to perform certain tasks such as sending out copies of your documents, or going through your email, or opening up a backdoor that a hacker can get into your computer.

When you hear statistics like 250 000 new Trojans being developed, this worries me and it should worry you too.

In the past underground hackers wrote software for kicks and to be challenged to see “if they can”. These days, there are now companies trading in Trojans where you can buy Trojans to use.

Why would someone want to use it ?

Here is an example: If your company and a rival company has been chosen as the final two companies to supply the same product to a large national retail chain. If you purchase a Trojan that emails you the rival company’s confidential document, you can use that information to your advantage !

It is Illegal ? well here is the kicker – YES but which law enforcement agency will enforce this ?

Most of these programs are hosted somewhere obscure (like Panama or Peru) where they have more legal problems to worry about than a silly thing like cyber crime.

There was recently a case where someone in the US built a website and registered a domain that looked very similar to the Sydney Opera House official website. He sold tickets for shows and clearly was out to defraud the public. The Oz police were tipped and they contact the US police who simply ignored this !

How do Trojan make money ?

Trojan are sold. So that is simple to understand. Other people use Trojans to get information – they sell this information. Some Trojan hook into your cell phone and dial premium-rated numbers and send SMS to competitions that you premium rated The Trojan owner owns those numbers and competitions lines so they make money per SMS and per phone call that comes in.

Whilst typing this -  I came across this article published today !!!

“The fraud allegedly involved more than R20-million and pertained to the use of spy software on computers in several government departments.”

So what can you do ?

1. Don’t open/ click/ download anything you are not sure of. EVEN if it comes from a friend. Trojans are very clever in attaching themselves to email and sending it to everyone in the address book. The result is that you see an email that appears to come from a friend saying something along the lines “you have to watch this – it’s brilliant !”. Don’t be tempted !

2. Make sure your computer has a firewall – this will tell you if a program is trying to communicate with someone on the internet and you can block it.

3. Make sure you have the latest anti-virus updates.  Update the virus definitions daily !

4. Be Cell phone aware. Your Cell phone is a target much like your computer is !

Keep your guard up – there are some very funny things going on out there on the net and I am afraid the problem is only going to get worse !

: : : : : : : : : : : :

This is a link to the Microsoft website where it outlines the various fixes that Service Pack…..ehhhh…fixes

Hotfixes and Security Updates included in Windows Vista Service Pack 1

another intressing link is this one that outlines the Notable Changes in Windows Vista Service Pack 1

Enjoy !

: : : : : : : : : : :