Posts Tagged Cyber Security

Frequently Asked Questions About Malware Botnet

A Malware-Bot is a type of malware that exercises control over the infected machine once the infection spreads through the system. It acts according to the instructions given by the master i.e. malware writer. Following are some most commonly asked questions about Malware Botnet:

  • What Actions Does A Malware Bot Perform?

A Malware Bot can perform numerous tasks such as-

  • Spying & tracking
  • Sending spams, hosting command servers, working as proxies & performing other malicious activities
  • Accessing corporate resources & hijacking
  • Stealing confidential information, documents, credentials, etc.
  • Bitcoin mining
  • Web browsing
  • Do All Malware Bots Perform The Same Actions?

The bot can perform all the above mentioned actions, however there are two types of malware actions that the Malware Bot does not perform, not because it is incapable to do so but because they make little business sense. Following are the two malware actions:

  • Actions Which Impend The Machine: A Malware Bot cannot work in a damaged environment. When the software environment is damaged the machine is usually reinstalled, thus removing the bot. So, Malware Bot does not usually perform an action that would restrain it from running on the machine.
  • Actions That Reveal The Infection: A bot does not want a user to know about its presence on their machine, which is why it operates stealthily. Thus, it does not resort to activities such as modifying browser setting, popping up dialogue box, etc.
  • How Are Botnets Investigated?

When the malware is launched, it reaches the malware researchers sooner or later. They capture it through various channels such as malware spam, honeypots, phishing sites, product reports, etc. Once captured, the malware researchers analyze it in a controlled environment to receive the updates.

  • How Is A Botnet Controlled?

It is controlled by a computer or a group of computers running a command & control server (C&C server). The server communicates & sends instructions to the Malware Bot in the format understood by it. The server then performs numerous functions such as instructing the bots to schedule or execute a task, keeping track of number & distribution of bots as well as updating the bots by replacing them with a new type of malware.

  • Why Do Botnets Emerge?

The main reason why the malware writers develop, deploy & maintain a botnet is to tap on financial gains.

  • How To Prevent A Malware Botnet?

After understanding the working of a malware botnet, let us know how to prevent it:

  • Update your operating system regularly.
  • Avoid downloading from P2P & file sharing networks.
  • Don’t click on suspicious attachments & links.
  • Install a good antivirus software.
  • Follow good surfing habits.

For more information, call Centex Technologies at (254) 213-4740.

, ,

No Comments

How Does Touch ID Scam Work

Smartphones are coming up with new features every day, touch ID scan being one of them. This feature allows you to unlock your phone, approve a purchase or protect access to applications using a fingerprint or face scan instantly. It is highly beneficial as it prevents people from accessing your critical apps & personal information if they happen to lay hands on your unlocked device.

However, off lately cybercriminals have come up with touch ID scams to exploit users and steal away their confidential information.

How Does The Scam Work?

Since touch id scan is a convenient option, people are using it for more than just unlocking the phone. Nowadays, touch ID is being used for authentication on various apps. However, once you press your finger against the home button, there is generally no additional prompt to confirm whether you want to purchase the app or not.

The scam apps often pose as health assistants and invite users to use a touch ID to track calories, heart rate, etc. When you scan your fingerprint, an in-app purchase pop-up appears on the screen. Consequently, the screen is dimmed to make it hard to see the prompt. Once authorized, it usually charges you somewhere between $90 to $120 and the user is victimized by a touch ID scam.

How To Avoid Falling Prey To A Touch ID Scam

  • Double Check If It Looks Suspicious: If any app functions in a way other than normal, then be wary of it and avoid it altogether. The app might ask you to hold down your finger longer than usual, register your fingerprint in different ways, might not support fingerprints that you have saved with android/iOS or ask you to do a fingerprint scan numerous times to authenticate.
  • Check Reviews: Make sure that you read the reviews before downloading a new app. To some extent, this may help you know if the app is legitimate or not. However, if you decide to download it, then stay a little cautious and report it if you find any problem.
  • Disable Fingerprint Or Face Authentication For Purchases: The best way to stay safe is to disable fingerprint as well as face authentication for purchases. Even though you will have to type the password manually, it will give you extra time to consider if you wish to purchase an app or not. This is unlike fingerprint authentication where pressing the home button prompts the purchase.
  • Prefer Trusted Developers: When downloading an app, it is always preferable to buy the one that has been developed by trusted companies. Reputed apps usually have thousands of downloads and their developers have a significant online presence on websites & social media.

For more information, call Centex Technologies at (254) 213-4740.

, ,

No Comments

More About Industrial Espionage

PDF Version:  More-About-Industrial-Espionage

 

 

, , ,

No Comments

Things To Include In Your Data Response Plan

Making efforts to ensure organizational data security is of utmost importance in the wake of rising identity data breaches as well as cyber-attacks. It is extremely important to stay aware and alert of data breach incidents to minimize the effect and loss. Thus, in order to avoid the implications of data loss, one needs to design a data breach response plan.

Data Breach Response Plan acts as a guiding force to be followed when a data breach is discovered. If you already know what to do and how to do it; it would help in saving both time as well as efforts. Also, a well drafted strategy helps you avoid missteps at the time of crisis.

Setting Up A Response Plan

  • Define Breach: The first step is to define the term ‘breach’ i.e. deciding the type of incident that would initiate a response. For example, a phishing email might not have as much impact on the company as a ransomware attack. So, a business needs to categorize the serious issues and then work on the causes of disruption. There are many aspects that need to be monitored i.e. from compromise of private & confidential information to material loss such as distributed denial of service (DDoS).
  • Form The Response Team: There are numerous things that need to be done once a data breach is discovered. So, a good data response plan pre-sets the roles that everyone needs to perform. Every individual has a designated and defined task that he has to perform in the need of hour. Following are the teams who should be assigned the roles & responsibilities beforehand:
    • IT Security Team
    • Legal Team
    • Communication Team
    • Risk Management Team
    • Human Resource Team

    However, it is important to make sure that you vest this responsibility in your trusted employees who understand the complexity of the situation. Other factors such as size of the company, type of data breach etc. also govern the size and composition of response team.

  • Design Course Of Action For Every Scenario: The response plan should lay down a proper procedure of steps that need to be taken when a data breach occurs. Decide the course of action that needs to be followed for escalating the incident through the organization hierarchy once a data breach is discovered.
  • Setup A Follow-Up Procedure: Once you have been able to implement the plan to control a data breach, sit with your response team and review. Do a follow up and list down the problems faced by members, lessons learnt, etc.

For more information about IT Security, call Centex Technologies at (254) 213-4740.

, ,

No Comments

Stages Of A Cyber-Attack

Cyber-attacks are increasing at a soaring rate. As per a report by Juniper Research, the average cost of data breach will exceed $150 million by 2020. Also, it is projected that cybercrimes will cost businesses over $2 trillion by 2019. The figures are alarming, and the businesses need to do something to prevent falling prey to a cyber-attack.

No wonder, better security and anti-virus systems are being designed but even the cyber-attacks are getting sophisticated & more complex with each passing day. Cyber criminals are finding one way or the other to infiltrate into the systems and get hold of private & confidential data.

In order to avoid falling prey to a cyber-attack, it is important to understand the life cycle of an attack. Following are the stages of a cyber-attack.

Step 1: Reconnaissance
Reconnaissance is often used in military and refers to the process of conducting a planned observation on the target area. Thus, before an attack is launched, cyber criminals tend to identify their target victim & explore the possible ways to exploit them. They gather sufficient information about the victim through various open sources such as business website, social media handles, etc.

Step 2: Scanning
Attackers often try to find a weak link which can act as an entry point. Once identified they infiltrate and tend to spread the malware throughout the system.

Step 3: Access
After identifying the vulnerability point in the target network, the next step in the process is to gain access to the system. Hackers plan the modus operandi of gaining the access and once successful they take over the network and exploit it.

Step 4: Exfiltration
When they have gained access to the system they are free to move around the network. They use this opportunity to gather the organization’s private & confidential information. They might also change or erase files for their benefit.

Step 5: Sustainment
After gaining an unrestricted access throughout the target network, they now tend to sustain in it quietly to avoid being caught before they have hands on the organization’s confidential information. They disguise their presence to maintain access so that there is no dependence on a single access point. This is done so that cyber attackers can come and go as per their choice.

Step 6: Assault
This is that stage of the attack when things get really nasty. It is generally too late for the victim organization to defend itself as the cyber criminals by this stage have taken full control of the network.

In order to mitigate a cyber-attack it is important to be able to control privileged access. Also make sure that you remove all the weak links and educate your employees to identify such attacks.

For more information, call Centex Technologies at (254) 213-4740.

,

No Comments