Common Types Of Ransomware And How To Protect Against Them

12th August, 2017

A ransomware is a malware that restricts user’s access to its system until a certain sum of money is paid.  It appears as a random note on screen and may look like a legal notice or threat. A ransomware may arrive in the computer system through malicious emails, websites or spams. Cases of ransomware attacks have been increasing day by day and in order to protect your systems from getting affected, you must stay updated about its various forms and how they work.

Here is a list of different strains of ransomware.

WannaCry – The ransomware affected thousands of computer systems this year. It works by exploiting a flaw in Windows’  “Server Message Block (SMB)”protocol. After infecting the system, the malware spreads, encrypts the files and asks the victim to pay in bitcoins in exchange for the decryption key.

Cerber – This ransomware uses phishing emails or exploit kits to gain user’s information. It doesn’t need an active internet connection to run and therefore disconnecting from the web won’t stop the encryption.

Crysis – It uses RSA and AES (Advanced Encryption Standard) encryption algorithms which make the recovery of files almost impossible. The malicious code affects the system and asks for ransom in return of the decrypted files.

CryptoLocker – This malware is distributed via spam email that contains infected attachments or links. The cyber criminals trick people by sending emails regarding their shipment or cancellation of orders. This ransomware uses AES CBC 256-bit encryption algorithm and asks for a payment of around $1300.

CryptoWall – Distributed via spams and exploit kits, this ransomware appeared after the downfall of CryptoLocker. The CryptoWall 4.0 released in 2015, encrypts file names of the encrypted files which makes it more difficult to identify the infected files.

CTB-Locker – CTB is an acronym for Curve, Tor and Bitcoin. These words are basically the advantages offered by this malware, which allows the cyber criminals to access and infect the systems without being traced back.  CTB-Locker uses unique RSA key to encrypt files.

ZCryptor – This malicious software is a cryptoworm. It not only affects the victim’s system but also copies itself to the other connected devices and computers. To infect the system, the ransomware masquerades to be an installer of some famous program like Adobe Flash or enters through the infected MS Word macro files.

Jigsaw – It uses the AES algorithm to encrypt the files and deletes them with every passing hour, until the money is paid in the form of bitcoins. If the user tries to restart the system, 1000 files are instantly deleted.

  • Protective Measures
  • Always keep a backup on an external drive
  • Install a comprehensive security software
  • Know how to recognize spam emails
  • Keep your operating system and software up to date
  • Avoid downloading apps from unfamiliar websites on your mobile

For complete network security solutions, contact Centex Technologies at (855) 375 – 9654.

Cyber Security Tips

View Full Image


A Layered Approach To Network Security

25th July, 2017

Cyber criminals today are getting tech savvy and coming up with more sophisticated hacking techniques, thus a meticulous approach is required to address all the potential causes of an attack.

Moreover, as Bring Your Own Device (BYOD) and the Internet of Things (IoT) trends continue to rise in the workplaces, it has led to an increase in the endpoints that are vulnerable to attacks. Cyber security professionals must follow a layered approach to address the multiple aspects of network security.

Given below are the different layers that must be incorporated in a network security program:

Physical Security

The first step towards protecting your network should be to ensure security of all the computer systems and other devices connected to the network. Establish proper access control systems to prevent unauthorized usage. Limit the number of employees who can use computers that contain sensitive information. There should also be certain restrictions on accessing the corporate network, such as allowing only those devices that that have proper security software installed.

Computer Security

Unpatched software vulnerabilities provide the easiest backdoor for the hackers to gain access to your company’s network. Therefore, it is critical to fortify the computer systems’ security by installing anti-virus software, creating an application whitelist, removing unused programs and services, closing unwanted ports etc. Restrict software downloads by any employee except the system administrator. Software updates and patches should be downloaded directly from the vendor’s website.

Application Security

This layer focuses on securing the different web applications to ensure that they receive only genuine and relevant traffic. This may be done by using email spam filters, secure socket layer (SSL), virtual private network (VPN), XML security system etc. You can even set role based access control systems that prevent the ability of employees to view, create or modify files that are not related to their work.

Network Security

This is an important layer between the computer and application security. It involves real time monitoring of network anomalies, blocking unwanted traffic and monitoring bandwidth usage to ensure availability for critical processes. With network security, organizations can not only prevent breaches but also boost productivity and efficiency.

We, at Centex Technologies, provide network security solutions to businesses in Central Texas. For more information, feel free to call us at (855) 375 – 9654.


Host-Based Vs. Network-Based Firewalls For Cloud Security

18th July, 2017

If you are planning to move your company’s data to the cloud, it is important that you take the necessary steps to safeguard it against viruses and malicious attacks. No matter you own a small start-up business or a well-established organization, hackers are always on the lookout for unprotected confidential information that can be exploited for malicious purposes.

It is recommended to use a firewall solution to stay protected against any online attack or malware infection. The firewall will record the incoming requests, inspect data packets and block any unauthorized or unusual traffic to the network. There are different firewall options available depending upon the level of control required and where you want to deploy it. The two main types of firewall are – host based and network based.

Given below is a complete comparison of both the options so that you can choose the right one for your cloud data.

Host Based Firewall

A host based firewall is installed on every virtual machine that is connected to the cloud. It helps to monitor all the incoming and outgoing traffic to determine if it is safe to be directed to the device. Host based firewall offers the following advantages:

  • More Flexibility: Virtual machines and applications can be easily moved between the cloud environments without the need to change the firewall’s security policy.
  • Better Features: Host based firewall also supports anti-virus and data loss prevention to provide complete protection to the virtual machine.
    Customization: The firewall settings of each device can be individually configured according to the level of security required.

Network Based Firewall

Network based firewall refers to a solution that is embedded into the cloud infrastructure. It is a good option to be deployed in a larger network. It offers a slightly stronger defense as compared to host based firewalls. Some of the advantages of using network based firewall are:

  • Greater Security: This type of firewall solution is quite difficult to circumvent. In a host based firewall, the hacker can directly access the virtual machine and easily gain administrative privileges. However, in a network based firewall, unauthorized access is likely to be detected right at the network level.
  • Scalability: These firewalls can easily be scaled up if the client requires additional bandwidth.
    Affordability: Network based firewalls prove to be cost-effective in the long run as they do not require a dedicated IT team to monitor regular maintenance and updates on every server.

For more tips on choosing the right firewall solution for cloud data, you can contact Centex Technologies at (855) 375 – 9654.


Building A Successful IT Security Program

12th July, 2017

The increase in the number and frequency of hacking attacks in the recent years has led many to organizations to strengthen their cyber security. Having a well-formulated IT security program is not only essential to safeguard sensitive data and conform to legal requirements, it helps to boost employee productivity as well as reduce bandwidth consumption.

Given below are some tips that will help you in building a successful IT security program in your organization:

Establish A Core Team

First and foremost, it is important to formulate a core team to handle the information security of your business firm. The team should have complete knowledge of different aspects of network security such as managing IT assets, minimizing threats and vulnerabilities, establishing policies and regulations, conducting regular audits, training the employees etc. Make sure that you include employees from all levels, instead of assigning the job solely to the IT department.

Create An Inventory Of Organizational Assets

In order to be able to identify and manage potential risks, you should have a clear idea of what all you need to protect. Therefore, you must create a detailed inventory of all the hardware, applications, FTP sites, network drives, databases etc. Categorize these assets according to their level of importance and confidentiality. This will help you to apply security controls in a better way, making sure that the more sensitive assets are safeguarded on priority.

Assess Threats And Vulnerabilities

The next step involves identifying all the threats and vulnerabilities in the organizational assets. Make a list of all the risks, classify them and assign a rank on the basis of the potential damage they can cause to the company. You should also note down all the back doors in the software programs, applications and network that may be exploited to initiate a security breach against the organization.

Implement Security Controls

Access control mechanisms also need to be put in place to minimize risks arising out of unwanted and unauthorized use of data. Set strict guidelines regarding the use of computer systems, hardware, software etc. Forbid the employees from connecting removable storage devices to the organization’s computer systems. Downloading unwanted software or applications should also be prohibited.

We, at Centex Technologies, can help to create and implement an IT security program in your Central Texas based organization. For more information, feel free to call us at (855) 375 – 9654.