April 18, 2015
Network traveling worms are specifically encoded programs that are able to transfer from a computer to other through various ways. These worms are automated hackers that transfer important information to impair the entire network once they gain access into it. Worms are quite similar to viruses except that they spread in a slightly different way. When a worm infects a computer, it searches for another system connected through the same local area network (LAN). Once it is found, the worm facsimiles itself to the new computer and continues with its search for more machines to replicate further. Due to its nature of traveling through the network, a worm is able to consume most of the bandwidth, causing the servers to stop responding.
Different types of network traveling worms are:
- Email Worms: These worms travel by way of attachments in email messages or links to a corrupted website.
- Instant Messaging Worms: These spread by sending spam links to the contacts in an instant messaging application.
- Internet Worms: These types of worms scan the internet and other available network resources to search for vulnerable computers. If any such system is found, the worm attempts to connect and infect it.
- IRC Worms: These worms spread through Internet Relay Chat (IRC) channels and transmit infected links or files to the contacts list.
- File Sharing Network Worms: These worms replicate itself into a shared folder and spread by way of a peer-to-peer (P2P) network.
How Network Traveling Worm Attack Affects?
- Exploit Vulnerabilities: The worm begins launching attacks from one computer in your network to other systems that do not have an updated firewall/ patch installed. Using this, the worm implements ‘shellcode’ on the target machine to make it download and set up a similar type of worm.
- Weak Passwords: The worm tries to initiate a dictionary attack on other computers in the network. Through this, it aims at accessing the credentials required to execute commands on the target system.
- Insecure Vulnerabilities: The worm can simply recreate itself through openly shared folders on other computers connected through the same LAN.
- Email: The worm inspects the contacts list and sends well-written emails to make people click on a spam link, install software or download an attachment to their computers.
Tips To Counter Network Traveling Worms Attack
- Block auto-execution of attachments in email
- Keep your computer’s firewall and patches updated
- Filter traffic on your router and Wi-Fi network
- Disable auto run capabilities on the computer
- Use strong passwords
Following these tips can help you protect yourself against network traveling worms attack to a great extent.
April 13, 2015
An advanced persistent threat (APT) is a targeted cyber-attack mostly directed against businesses or political institutions. In this, a hacker gains unauthorized access to a system network and remains undetected for a long duration. The purpose of advanced persistent threat is not to damage the computer or infect the organizations’ network. Rather, it aims at stealing sensitive and high-value information from organizations involved in manufacturing, finance and national defense.
An advanced persistent threat has three main targets:
- Stealing information from the target
- Surveilling the target
- Sabotaging the target
How Does It Work?
An advanced persistent threat usually follows the following four steps to successfully accomplish its purpose:
- Investigation: This involves a thorough analysis of the weaknesses in the network security system of the organization. It may be done through domain queries, port as well as vulnerability scans.
- Initial Access: Once the weaknesses are discovered, the hacker tries to exploit them to gain access into the organization’s network. For this, he may use a sophisticated social engineering technique, known as spear fishing.
- Increase Rights: Following the initial entry, the hacker attempts to gather the necessary user credentials to gain more control over the system. He also creates several back doors to easily access the information while circumventing all the security mechanisms.
- Exploitation: Once full control has been established, the hacker will be able to constantly detect, steal and exploit all the sensitive data stored in the corporate network.
Counter Measures For Advanced Persistent Threats
In spite of the sneaky nature of the advanced persistent threats, there are many preventive actions taken by most organizations to safeguard their critical information. The most important of them is to recognize what data you need to protect and detect the threat at an early stage to prevent further penetration. You must also install a layered data security protection in your system. This would provide an added protection in case of a potential advanced persistent threat attack.
Another counter measure can be to hold continuous security awareness training sessions for all the employees. This will ensure that they are alert about what and what not to do while using the internet or email. Other technological defenses against advanced persistent threat attacks may include data encryption, classification, application whitelisting as well as security analytics.
It is also important for the IT security team of the organization to remain proactive to deal with any such unauthorized breaches in the corporate network. We at Centex Technologies evaluate and recommend security measures for your organization. For more information, call us at – (855) 375-9654
March 30, 2015
Internet safety has come up as a major concern for parents. While internet offers so many advantages, there are many threats like identity thefts, credit card frauds, wrong influence through social networks etc. that kids are exposed to. On one hand, it is essential to introduce them to new technologies and the benefits they offer. On the other hand, it is equally important to keep them secure from the potential threats in the cyberspace.
Given here are some important tips that can help to keep your family safe in the virtual world:
- Discuss with your family: Be open to discuss matters related to the use of technology and the consequences for its misuse. Develop a certain comfort level with your children so that they do not hesitate to come up to you in case if any guidance. This will help your family feel safe while individually exploring the internet, while knowing whom to turn to if they have any queries.
- Discuss about websites and online services: Talk to your family members about the kinds of sites each of you likes to visit. Also, let them know if the websites they are browsing is appropriate for them.
- Use internet together: This is the best way to teach internet safety to the kids. Browsing web pages together and addressing safety issues together will make your kids more capable of keeping themselves secure online.
- Protect Passwords: Make sure your family is aware of the tips and tricks to create strong passwords. Let them know that they should not use the same password for multiple websites. They should also keep their passwords strictly confidential and not give it out to anyone, except parents. Also, tell them the importance of signing out everytime they access their online accounts, specifically on public computers.
- Check age requirements: A number of websites require the users to be of certain age to be granted access. For instance, you must be 18 years or older to use some of the Google’s products. Always make sure that you read a website’s terms and conditions before letting your child use it.
- Safeguard your computer: Install reliable anti-virus software and update it regularly to prevent yourself from online security threats. Discuss with your family about the information that you should or should not share over the internet. Also, make sure that they do not download any files or email attachments from unknown sources.
Following the above given guidelines can ensure a safe and secure online experience for your family.
March 23, 2015
Data Loss Prevention (DLP) can be defined as a strategy to identify or monitor confidential data to ensure that it is not sent outside a corporate network. It involves real time tracking of data as it moves through the end users in an enterprise and prevents its unauthorized access by implementing strict privacy policies. The term may also be used to describe software solutions that enable the web administrator to control the data that can or cannot be transferred by the users.
With the increasing number of devices connected to the network, Data Loss Prevention has become extremely important for the organizations to maintain their stability and protect confidential information. The types of data that may be leaked include:
- Corporate Data: such as employee information, company strategies, financial documents etc.
- Intellectual Property: such as product designs, price lists, source code etc.
- Customer Data: such as financial records, personal details, credit card and bank account numbers, social security numbers etc.
Mainly, Data Loss Prevention products offer three different types of protection:
- In-Use Protection: This is applicable when the confidential information needs to be used by certain applications. Access to such data depends upon the user’s ability to pass through different levels of control systems to authenticate his identity such as employee ID, job role and security policies. Additionally, such information is likely to be stored in an encrypted form to prevent the attempts to access snapshots, paging or any other temporary files.
- In-Motion Protection: This is applicable when the sensitive data is being transferred through the network. Proper encoding methods are implemented to alleviate the risk of spying or hacking attack. The more confidential the information, the tougher the encryption will be.
- At-Rest Protection: This is applicable when the data is saved on some kind of physical storage medium. It involves restricting access to the programs, monitor the attempts to use such information and use strong encryption to prevent threats to the physical media where the information is stored.
Requirements Of A Data Loss Prevention Software
- Your DLP product should be capable of finding and protecting all information, regardless of its storage location.
- It should also be able to track the usage of the data and prevent it from getting out of the organization’s internet network.
- The system must also accurately detect any potential threats or breaches of network security.
- Lastly, DLP software must be able to encrypt the sensitive information to prevent loss of data.
It is extremely important to have an effectively functioning Data Loss Prevention system to keep your business and data protected from potential security threats.
March 17, 2015
Setting up a wireless internet network has become much easier these days. All you need is a cable modem or DSL plugged in to a Wi-Fi router. However, most people are not aware of the necessary measures that must be taken to keep the network secure from unauthorized users. Configuring the router settings appropriately is essential to prevent the misuse of your wireless internet.
Given here are some tips that will help to keep your wireless internet secure:
- Encode With Password: When you set up a Wi-Fi network, make sure you turn on encryption with a WPA2 password. Operating an unsecured network or selecting WEP encoding method is not advisable. With WPA2, your computer will ask you to set up a password that has to be entered by the users who want to access your network. You must create a passcode that is complex, lengthy, unique and contains a combination of alphabets, numbers and special characters. Weak passwords can be easily determined by the hackers to gain access to your network.
- Change Pre-Set Passwords: Many routers come with a default password set by your administrator company. Cyber criminals know these passwords, so make sure that you change it to something that only you know. The tougher the password, the harder it would be to crack.
- Disable SSID Broadcast: When someone searches for available Wi-Fi networks, your connection will pop up in the list if you have enabled SSID broadcast. Deactivating this setting will not let everyone know about your wireless network, unless you provide them the information.
- Enable MAC Filtering: This is probably the easiest way to prevent intruders from accessing your network connection. Most routers have an option to restrict the right to use based on the MAC (Machine Access Code) address of any device. You can create a white list of MAC addresses that you want to allow to use your network.
- Disable Remote Access: Most routers offer the feature of remotely accessing your wireless internet from anywhere outside of your home network. Even if you have set up a strong password, anyone can gain access to your Wi-Fi without the need of any log in credentials. Disabling remote access will make sure that you are secure from any unauthorized people remotely using your internet connection.
You must also keep your router’s firmware updated to keep your wireless internet secure. Some routers might have the ability to update software automatically. Alternatively, you can check your administrator’s website to see if a newer version is available.