The Central Texas IT Guy

Web Development Austin, SEO Austin, Austin Search Engine Marketing, Internet Marketing Austin, Web Design Austin, Roundrock Web Design, IT Support Central Texas, Social Media Central Texas

Tag: Cyber Security Page 36 of 41

The Rise Of Cyber Extortion

By

On January 23, 2016

In Security

January 23, 2016

Cyber extortion is a relatively common online crime wherein a hacker demands money to stop or prevent attack on an organization’s website, computer systems/servers or internet network. Since a large number of businesses depend upon internet, cyber extortion has become an increasingly common cybercrime. Most cyber extortionists use malware laden email attachments or spam URLs to infect the target computer systems.

Types Of Cyber Extortion Attacks:

  • Ransomware: This is the most common cyber extortion attack that involves the use of a ransomware to infect an individual’s computer, steal confidential information or encrypt the stored data. The victim needs to pay a certain sum of money in order to retrieve the files. Examples of ransomware Trojans include CryptoLocker, CryptorBit, CryptoWall and CryptoDefense.
  • Denial Of Service: A denial of service attack occurs when a business’ internal network is flooded with unauthenticated traffic that it denies access to the legitimate users. The company’s website may even be shut down for an indefinite period of time. This type of attack primarily targets start-up businesses as they do not have the sophisticated IT infrastructure and security software.
  • Hijacked Accounts: Online account breaches can be quite serious, particularly if they involve financial or social accounts. Cyber criminals are specifically targeting social media accounts as they are not fully protected by the users. In these attacks, the hacker may threaten the victim to erase, alter or leak out the sensitive information until the extortion amount is not paid off.

Tips To Safeguard Your Business Against Cyber Extortion

  • Know Your Data: Understand the type of data your company needs to store and what risks are involved with it. Depending upon the nature and the amount of sensitive information, you should implement cybersecurity practices in your organization.
  • Set Limits: Restrict the administrative privileges for computer systems and corporate network. Limit the number of employees who can access or use the computers containing all the important information.
  • Enforce Strict Password Policies: Educate employees about the importance of creating strong and lengthy passwords for their online accounts. Also, a single password should never be used for more than one account. You can further increase password security by implementing two-factor authentication, wherever applicable.

We, at Centex Technologies, can help you to prevent cyber extortion attacks in your organization. For more information, you can call us at (855) 375 – 9654.

Effective Ways To Prevent Security Leaks In Your Company

By

On January 8, 2016

In Security

January 8, 2016

Your business stores and handles a lot of sensitive data every day. These may include the personal and financial information about your clients, customers or employees. Failure to implement proper security measures can lead to data breaches and have serious implications for your company’s credibility.

Given below are some of the steps you should follow to prevent security leaks in your company:

  • Protect Information: All the information stored on your company’s computer systems should be properly encrypted to avoid unwanted access. Use of removable media should be limited as far as possible. If required, only encrypted data should be allowed to be transferred to these devices. Restrict the number of employees who can view or use the data. Conduct thorough employee background checks and never inadvertently allow temporary or new workers to view confidential information.
  • Good Password Practices: A lot of people make the mistake of creating short and simple passwords, which makes them easy to be hacked by cybercriminals. In order to increase data security at your workplace, set strong passwords for all business accounts. You can also implement two-factor authentication for an added layer of security. This involves the use of a password along with another security element, such as a one-time password, to verify the identity of the user.
  • Outsource Payment Processing: Avoid handling customers’ financial information, credit and debit card details on your own. If you own an ecommerce website or accept online payments, make sure you outsource the task to reputable vendors or payment gateway providers.
  • Keep Security Software Up-To-Date: Keep your computer’s operating system and security software up to date. Use reliable firewall, spyware and anti-virus software and update them regularly. Implement password protection and timeout functions for all the systems. Configure router settings to prevent unauthorized users from accessing company’s internal network.
  • Employee Training: Providing comprehensive security and privacy training to all the employees can considerably bring down the risk of a data breach. Frame a written security policy and make sure the employees adhere to it. Let them know which information is sensitive and what are their responsibilities towards maintaining its confidentiality. Also, restrict the use of computer systems for business purposes only. Do not permit unauthorized downloads and block access to inappropriate websites.

We, at Centex Technologies, can help to optimize cybersecurity practices for your business. For more information, feel free to call us at (855) 375 – 9654.

Cyber Security Trends For 2016

By

On December 28, 2015

In Security

December 28, 2015

The year 2015 was marked by an unexpected increase in both the numbers and methods of carrying out cyberattacks. With an overwhelming move towards mobile and cloud computing, 2016 is also likely to witness certain additional developments in the field of security risks.

Here are some of the predicted cyber security trends for 2016 that need to be watched out by businesses:

Internet Of Things

As more devices become connected to the internet, physical objects continue to be targeted by the hackers. Unpatched security vulnerabilities in smart TVs, cars, wearable devices, refrigerators etc. are likely to be exploited in order to initiate a more sophisticated attack. Manufacturers of Internet of Things (IoT) devices should lay more focus on increasing security instead of including enhanced features.

Attacks Through Apps

Apps have now become the new way to access the internet. A minor security flaw tends to compromise the privacy of the mobile device as well as the entire company network. Also, people store a lot of sensitive information on their phones, such as credit card details, internet banking passwords, social security number etc. Thus, it is important to download apps from credible sources and keep them updated to ensure the safety of your data.

Advertizing And Tracking

Search engines track your search history to personalize your internet browsing experience. Various advertizing networks tend to create a detailed profile of the users which can put their security at risk. Advertizing, a form of cyber-attack, involves disguising spam code into online advertizements that seem to be legitimate and may interest the user. When you click or simply hover above these ads, malicious software may be downloaded to damage data, steal information or take complete control of your device.

UDP Amplification Attacks

This is a relatively new type of DDoS attack that may lead to a large scale security breach in 2016. In a UDP (User Datagram Protocol) based amplification attack, the attacker overwhelms random ports on the targeted host with relatively small requests of hoaxed IP addresses. This causes the host to respond to the victim, which ultimately makes the system overwhelmed and unresponsive to other clients.

Ransomware

There are many malware such as CryptoLocker and CryptoWall that are used to prevent or restrict users from accessing their computer systems. When the malware is installed on a computer, the victim is required to pay a sum of ransom to the hackers in order to restore the data.

We, at Centex Technologies, can help in the implementation of an efficient cybersecurity plan for businesses across Central Texas. For more information, you can call us at (855) 375 – 9654.

Tips For Improving Router Security

By

On December 22, 2015

In Security

December 22, 2015

Unsecure wireless routers are targeted by most cybercriminals to carry out hacking attacks. After gaining control of your router, they can easily track, block, redirect or alter the online activities being performed on the network. With an increase in the number of network breaches, it has become even more important to improve the security of your internet router. Here are some tips that can help:

  • Change the default logins: Most routers use a default username ‘admin’ and a system generated password from certain known algorithms, making them easy to be guessed by the hackers. Therefore, it is critical that you change your login credentials to a unique username and a strong password. You should not use your name, date of birth, home address or any other personal information as the password.
  • Change Default IP Ranges: The default IP ranges, usually 192.168.1.1, is quite predictable by the hackers and may lead to cross-site request forgery (CSRF) attacks. Users can prevent themselves from such attacks by changing their IP range to something different, such as 10.8.9.7.
  • Enable MAC Filtering: Restrict the number of devices that can access your internet connection by enabling MAC filtering. Even if a user has the password to your Wi-Fi network, he would not be able to connect to the router if their device’s MAC address is not listed by the router’s admin console.
  • Turn Off WPS: Wi-Fi Protected Setup (WPS) allows the users to bypass password and connect to the internet simply by entering a default eight digit pin usually printed on the router itself. Though it offers convenience to the authorized users, it also makes it easier for the hackers to gain access to your corporate network. To avoid this, you must turn off WPS and enable WPA2 encryption to limit access to your router with a complex password of more than 20 characters.
  • Update Router Firmware: Make sure you keep your router’s firmware updated. Frequently check the administrative interface to look for upgrades to fix various security flaws. Logging into the router routinely will also allow you to identify any unusual behavior that may indicate unauthenticated online activities.
  • Log Out After Each Session: Once you have configured the router’s settings, do not forget to log out to prevent abuse of authorized browser sessions. Many routers do not automatically logout after the admin page is accessed, thus, allowing the hackers to bypass the authentication process to gain access.

For more network security tips, feel free to contact Centex Technologies at (855) 375 – 9654.

Ransomware – The Malware That’s On The Rise

By

On December 16, 2015

In Security

December 16, 2015

Ransomware is a type of malware that uses a malicious software code to lock a user’s computer and allows access only after certain ‘ransom’ fee is paid. It may infect the system in the form of a Trojan horse or worm by exploiting a security flaw. Ransomware usually spreads through email attachments, spam website links or infected software applications. Once executed in a computer, the malware can either lock the entire system or encrypt the stored data with a password.

Types Of Ransomware

  • Cryptowall: This ransomware is mainly spread through spam emails that contain a malware infected attachment claiming to be an important message. Once the user opens the attachment, the malware is executed and the device gets locked.
  • FBI Ransomware: It is installed on a user’s computer once he visits a website with malicious script. When the system is infected, it displays a message, purported to be from FBI, that the computer has been blocked and the user needs to pay a fee to restore his data.
  • Power Worm: This is probably the most perilous type of ransomware in which the victim’s data is not only encrypted but the key to restore the information is also destroyed. In such a malware attack, the only option to get the data is to restore it from back-up.
  • Chimera: The Chimera malware works by threatening to post the victim’s files on the internet if he does not pay the demanded ransom. In such situations, even if a user has a back-up of the files, he might get convinced to pay the fine just to prevent the files from being leaked.

Defending Against Ransomware

  • Never open embedded URLs or attachments in emails from an unknown source.
  • Download and constantly update anti-virus and firewall definitions.
  • Maintain a backup of your files on an external hard drive or online.
  • Enable your popup blocker to avoid accidentally clicking on a spam advertizement.
  • Update all the software on your computer to fix any open security vulnerability.
  • Enable the option to ‘Show file extensions’ in your systems settings. This will make it easier to detect malicious files. Make sure you do not open any file with an unknown extension.
  • If you notice malicious software running or view a ransom message on your computer, disconnect the internet immediately to avoid transmitting your data to the cybercriminals.

Taking precautions to protect your information and staying cautious are the best counter measures to avoid being infected by Ransomware.

© Copyright 2022 The Centex IT Guy. Developed by Centex Technologies
Entries (RSS) and Comments (RSS)