Posts Tagged Cyber Security

Stages Of A Cyber-Attack

Cyber-attacks are increasing at a soaring rate. As per a report by Juniper Research, the average cost of data breach will exceed $150 million by 2020. Also, it is projected that cybercrimes will cost businesses over $2 trillion by 2019. The figures are alarming, and the businesses need to do something to prevent falling prey to a cyber-attack.

No wonder, better security and anti-virus systems are being designed but even the cyber-attacks are getting sophisticated & more complex with each passing day. Cyber criminals are finding one way or the other to infiltrate into the systems and get hold of private & confidential data.

In order to avoid falling prey to a cyber-attack, it is important to understand the life cycle of an attack. Following are the stages of a cyber-attack.

Step 1: Reconnaissance
Reconnaissance is often used in military and refers to the process of conducting a planned observation on the target area. Thus, before an attack is launched, cyber criminals tend to identify their target victim & explore the possible ways to exploit them. They gather sufficient information about the victim through various open sources such as business website, social media handles, etc.

Step 2: Scanning
Attackers often try to find a weak link which can act as an entry point. Once identified they infiltrate and tend to spread the malware throughout the system.

Step 3: Access
After identifying the vulnerability point in the target network, the next step in the process is to gain access to the system. Hackers plan the modus operandi of gaining the access and once successful they take over the network and exploit it.

Step 4: Exfiltration
When they have gained access to the system they are free to move around the network. They use this opportunity to gather the organization’s private & confidential information. They might also change or erase files for their benefit.

Step 5: Sustainment
After gaining an unrestricted access throughout the target network, they now tend to sustain in it quietly to avoid being caught before they have hands on the organization’s confidential information. They disguise their presence to maintain access so that there is no dependence on a single access point. This is done so that cyber attackers can come and go as per their choice.

Step 6: Assault
This is that stage of the attack when things get really nasty. It is generally too late for the victim organization to defend itself as the cyber criminals by this stage have taken full control of the network.

In order to mitigate a cyber-attack it is important to be able to control privileged access. Also make sure that you remove all the weak links and educate your employees to identify such attacks.

For more information, call Centex Technologies at (254) 213-4740.

,

No Comments

Gandcrab Ransomware

Generally distributed using RigEK toolkit, Gandcrab ransomware demands payment in DASH cryptocurrency. It utilizes “.bit” top level domain and when once it is injected into your computer system it encrypts the data & adds “.GDCB” extension to all the compromised files. For example, imagesample123.jpg (the original file) changes to imagesample123.jpg.GDCB (the infected file).  After encryption, the ransomware generates a “GDCB-DECRYPY.txt” file and places a copy in each existing folder and when the victim tries to open a file it shows up a message that contains information regarding their files being encrypted and instructs what needs to be done next.

The files can be decrypted using a unique key which is stored on a remote server that is controlled by developers of the ransomware. To get that key the victim is generally required to pay 1.5 Dash cryptocurrency which is equivalent to approximately $1130. However, there is no guarantee that your files will be decrypted even after you pay the ransom amount.

Most Common Ways Through Which The Ransomware Can Infect You

  • It can reach your system when you use third party software download sources.
  • Spam emails or emails sent from untrusted sources often contain malicious attachments which when opened install malware into your system.
  • Sometimes your system can get infected through Peer-to-Peer (P2P) networks which install malicious executables by masquerading them as legitimate software’s.
  • Victim often fall prey of fake software updaters which infiltrate into their system.
  • Trojans are another reason that can cause a ransomware attack. They exploit the system and also allow such malwares to be injected in the system.

How To Protect Yourself Against The Ransomware

  • Make sure that you backup your data on a regular basis because if once your files are decrypted by the ransomware, the chances of recovering your data even after paying the ransom amount are meagre.
  • If you are unsure about an email sent from an untrusted source then it is highly advisable to not download the attachments sent along.
  • Ensure that none of the computers are running remote desktop services and are connected to the internet directly. Instead, make sure that they can only be accessed by logging into a VPN first.
  • Download all the Windows updates as soon as they are launched since older versions might contain certain loopholes which may be exploited by the attackers.
  • Make sure that you do not use weak passwords. Also it is important to note that no matter how easy it might seem to have a single password for multiple logins, it should always be avoided as it opens the doors for such attacks in which your confidential data & files might be compromised.

For more information about Cyber Security, call Centex Technologies at (254) 213-4740

,

No Comments

Security Risks Associated With Your Smart TV

Gone are the days when your TV sets were just used to watch regular TV shows. Smart TVs rule the market nowadays and can be used to play games, browse internet, download and access apps, etc. Since smart TV sets can be connected with internet, pen drives, webcams, gaming consoles and other devices, they are susceptible to a number of security risks.

As per Statista, there will be an estimated number of 759.3 million TV sets connected to the internet globally by the end of 2018. The figures are startling, and they necessitate the need to cognize people about security and privacy threats associated with smart TVs. Although there has been massive increase in number of IoT devices being used, the question that arises is whether devices such as your smart TV are safe to use or not?

Following are some security risks associated with your smart TV:

  • Hackers can gain access to data i.e. photos and other information through storage devices such as USB or your smartphone connected to the smart TV.
  • Your data is also at risk if you operate social and communication apps such as Skype on your smart TV.
    Once your smart TV is connected to Wi-Fi then there is risk to your personal information/ browsing history etc.
    Smart TV can also be used to target you with instant advertizing messages.
  • Your smart TV can be used to launch a botnet attack.
  • You might have to make subscription payments through your smart TV for viewing different programs, web series or videos. However, your financial information can be tapped and is at risk in case your smart TV is hacked or is compromised.

Preventive Measures To Be Taken

  • Update Regularly – The first and foremost thing is to buy a smart TV of a reputed brand. They usually take measures to protect privacy of their users. It is also important to regularly update the TV’s software to prevent security & privacy issues.
  • Use Firewalls – All devices that are connected to internet should be protected by firewalls. The smartest move is to install a router based firewall or any other firewall which your television set supports.
  • Camera Security – Disconnect your smart TV from plug as well as internet when not in use. Also to prevent the problem altogether, cover the smart TV camera with a piece of opaque tape.

It is important to stay vigilant to protect yourself from such vulnerabilities. For more information about IT Security, call Centex Technologies at (254) 213-4740.

, , ,

No Comments

Ways To Ensure Social Media Security

Your private information is not private anymore. Social media portals which were initially launched as platforms to connect with family & friends are now facing security issues. This has made it important for everyone to take necessary measures to ensure safety of personal information shared on social networks.

Here are some ways to secure your private information over different social media portals.

  • Spend Some Time On Understanding Privacy Settings
    No matter how complicated it may seem to you, it is important to go through them once & understand the provisions thoroughly. By choosing appropriate settings, you can restrict information that is shared with different groups and applications.
  • Have Different Personal & Professional Social Media Accounts
    Your professional account is generally open to public round the clock. So, in order to restrict people accessing or viewing your personal updates, it is advised to create separate account for personal and professional use. Having separate accounts is also important because if there is some dispute at personal level then the person can negatively use the information available on your social media handle to his advantage & disrupt your professional image on the web. However, having separate social media accounts can help you in preventing this.
  • Set Different Passwords For Different Social Media Accounts
    Probably the biggest mistake that we do is to set same passwords for our different social media accounts. This is more like an open invitation to cyber criminals to hack multiple accounts that you have created on different platforms and get access to your personal & private information.
  • Do Not Provide Too Much Information
    Social media platforms encourage you to fill in a lot of information. However, be wary of the quantum of personal information that you provide as the more information you share, more would be the chances of someone landing their hands on it.
  • Disable Location Settings
    No matter which social media platform you are using, make sure that your location settings are disabled so that nobody is able to keep a track over your current location.
  • Not Everyone Is Your Friend!
    Make sure that you do not add random people in your account without checking out their profiles. It is necessary that you know people with whom you share your information, else you might just provide your private data to a cyber-criminal with an appealing profile by accepting their friend request.

To know more about IT Security, call Centex Technologies at (254) 213-4740.

,

No Comments

Everything About Jigsaw Ransomware

PDF Version : Everything-About-Jigsaw-Ransomware

, ,

No Comments