The Central Texas IT Guy

Web Development Austin, SEO Austin, Austin Search Engine Marketing, Internet Marketing Austin, Web Design Austin, Roundrock Web Design, IT Support Central Texas, Social Media Central Texas

Tag: Cyber Security Page 46 of 48

What Is Network Traveling Worm Attack?

By

On April 18, 2015

In Security

April 18, 2015

Network traveling worms are specifically encoded programs that are able to transfer from a computer to other through various ways. These worms are automated hackers that transfer important information to impair the entire network once they gain access into it. Worms are quite similar to viruses except that they spread in a slightly different way. When a worm infects a computer, it searches for another system connected through the same local area network (LAN). Once it is found, the worm facsimiles itself to the new computer and continues with its search for more machines to replicate further. Due to its nature of traveling through the network, a worm is able to consume most of the bandwidth, causing the servers to stop responding.

Different types of network traveling worms are:

  • Email Worms: These worms travel by way of attachments in email messages or links to a corrupted website.
  • Instant Messaging Worms: These spread by sending spam links to the contacts in an instant messaging application.
  • Internet Worms: These types of worms scan the internet and other available network resources to search for vulnerable computers. If any such system is found, the worm attempts to connect and infect it.
  • IRC Worms: These worms spread through Internet Relay Chat (IRC) channels and transmit infected links or files to the contacts list.
  • File Sharing Network Worms: These worms replicate itself into a shared folder and spread by way of a peer-to-peer (P2P) network.

How Network Traveling Worm Attack Affects?

  • Exploit Vulnerabilities: The worm begins launching attacks from one computer in your network to other systems that do not have an updated firewall/ patch installed. Using this, the worm implements ‘shellcode’ on the target machine to make it download and set up a similar type of worm.
  • Weak Passwords: The worm tries to initiate a dictionary attack on other computers in the network. Through this, it aims at accessing the credentials required to execute commands on the target system.
  • Insecure Vulnerabilities: The worm can simply recreate itself through openly shared folders on other computers connected through the same LAN.
  • Email: The worm inspects the contacts list and sends well-written emails to make people click on a spam link, install software or download an attachment to their computers.

Tips To Counter Network Traveling Worms Attack

  • Block auto-execution of attachments in email
  • Keep your computer’s firewall and patches  updated
  • Filter traffic on your router and Wi-Fi network
  • Disable auto run capabilities on the computer
  • Use strong passwords

Following these tips can help you protect yourself against network traveling worms attack to a great extent.

What Are Advanced Persistent Threats

By

On April 13, 2015

In Security

April 13, 2015

An advanced persistent threat (APT) is a targeted cyber-attack mostly directed against businesses or political institutions. In this, a hacker gains unauthorized access to a system network and remains undetected for a long duration. The purpose of advanced persistent threat is not to damage the computer or infect the organizations’ network. Rather, it aims at stealing sensitive and high-value information from organizations involved in manufacturing, finance and national defense.

An advanced persistent threat has three main targets:

  • Stealing information from the target
  • Surveilling the target
  • Sabotaging the target

How Does It Work?

An advanced persistent threat usually follows the following four steps to successfully accomplish its purpose:

  • Investigation: This involves a thorough analysis of the weaknesses in the network security system of the organization. It may be done through domain queries, port as well as vulnerability scans.
  • Initial Access: Once the weaknesses are discovered, the hacker tries to exploit them to gain access into the organization’s network. For this, he may use a sophisticated social engineering technique, known as spear fishing.
  • Increase Rights: Following the initial entry, the hacker attempts to gather the necessary user credentials to gain more control over the system. He also creates several back doors to easily access the information while circumventing all the security mechanisms.
  • Exploitation: Once full control has been established, the hacker will be able to constantly detect, steal and exploit all the sensitive data stored in the corporate network.

Counter Measures For Advanced Persistent Threats

In spite of the sneaky nature of the advanced persistent threats, there are many preventive actions taken by most organizations to safeguard their critical information. The most important of them is to recognize what data you need to protect and detect the threat at an early stage to prevent further penetration. You must also install a layered data security protection in your system. This would provide an added protection in case of a potential advanced persistent threat attack.

Another counter measure can be to hold continuous security awareness training sessions for all the employees. This will ensure that they are alert about what and what not to do while using the internet or email.  Other technological defenses against advanced persistent threat attacks may include data encryption, classification, application whitelisting as well as security analytics.

It is also important for the IT security team of the organization to remain proactive to deal with any such unauthorized breaches in the corporate network. We at Centex Technologies evaluate and recommend security measures for your organization. For more information, call us at – (855) 375-9654

Keeping Your Wireless Internet Secure

By

On March 17, 2015

In Security

March 17, 2015

Setting up a wireless internet network has become much easier these days. All you need is a cable modem or DSL plugged in to a Wi-Fi router. However, most people are not aware of the necessary measures that must be taken to keep the network secure from unauthorized users. Configuring the router settings appropriately is essential to prevent the misuse of your wireless internet.

Given here are some tips that will help to keep your wireless internet secure:

  • Encode With Password: When you set up a Wi-Fi network, make sure you turn on encryption with a WPA2 password. Operating an unsecured network or selecting WEP encoding method is not advisable. With WPA2, your computer will ask you to set up a password that has to be entered by the users who want to access your network. You must create a passcode that is complex, lengthy, unique and contains a combination of alphabets, numbers and special characters. Weak passwords can be easily determined by the hackers to gain access to your network.
  • Change Pre-Set Passwords: Many routers come with a default password set by your administrator company. Cyber criminals know these passwords, so make sure that you change it to something that only you know. The tougher the password, the harder it would be to crack.
  • Disable SSID Broadcast: When someone searches for available Wi-Fi networks, your connection will pop up in the list if you have enabled SSID broadcast. Deactivating this setting will not let everyone know about your wireless network, unless you provide them the information.
  • Enable MAC Filtering: This is probably the easiest way to prevent intruders from accessing your network connection. Most routers have an option to restrict the right to use based on the MAC (Machine Access Code) address of any device. You can create a white list of MAC addresses that you want to allow to use your network.
  • Disable Remote Access: Most routers offer the feature of remotely accessing your wireless internet from anywhere outside of your home network. Even if you have set up a strong password, anyone can gain access to your Wi-Fi without the need of any log in credentials. Disabling remote access will make sure that you are secure from any unauthorized people remotely using your internet connection.

You must also keep your router’s firmware updated to keep your wireless internet secure. Some routers might have the ability to update software automatically. Alternatively, you can check your administrator’s website to see if a newer version is available.

What Are DDoS Attacks And How Can You Prevent Them?

By

On February 27, 2015

In Security

February 27, 2015

A ‘Distributed Denial of Service’ (DDoS) attack can be defined as an attempt made by the hackers to make a system unavailable to the users. This is usually accomplished by interrupting the functioning of the host network or a server to which the system is connected. Unlike a Denial of Service (DoS) attack, DDoS uses multiple remotely monitored computers to overpower the target system and making it unable to respond to the requests of legitimate users.

In a DDoS attack, the hacker begins by exploiting certain vulnerability in a particular computer. Using this, the attacker can easily identify and infect the other connected systems. These computers, also called as zombies or bots, are then directed to launch a flood attack towards the target systems.

Tips To Prevent DDoS Attacks

  • Buy More Bandwidth: This is one of the easiest techniques to ensure that you are protected against DDoS attacks. With this, you can easily distribute your traffic to different servers and create a lot of space to handle the persistently increasing users. Purchasing more bandwidth can allow you to handle more requests, thus, tackle low intensity outbreaks.
  • Restrict Connectivity: If you have multiple computers that directly connect to the internet, you must properly configure routers so as to restrict connectivity. For instance, if you need to receive some information from the client’s system, you can configure it to pass from some selected ports through the firewall.
  • Buy Intrusion Detection System (IDS): These are the software applications that are attached to the network in order to monitor all the malicious activities. If anything suspicious is detected, the IDS alerts the network administrator so that preventive measures can be taken well before time.
  • Encode Your Website Efficiently: If you have programmed your website in an efficient way, the botnets need to be more sophisticated to be successful in the attack. Thus, you must make sure that your web pages are properly encoded and involve minimum server requirements to load.

DDoS attacks are becoming increasingly common due to the vulnerabilities in most of the devices. Cyber criminals are finding it very easy to implement these attacks, particularly against small businesses. Following the above mentioned tips can help you to create a resistant web network that is capable of preventing or mitigating the effects of a DDoS attack.

What Is Botnet And Rootkit Security Threat?

By

On February 23, 2015

In Security

February 23, 2015

Cybercriminals are constantly developing new ways to access computer systems for unlawful purposes. Two of such threats to network security are Botnets and Rootkits, which can infect your computer before you even realize that you are a victim of cybercrime.

Botnet

Botnet simply means a group of bot infected computers. In a botnet attack, the owners of computers do not know that a bot has infected their system and the bots remains dormant till the time they receive a command to perform particular action by their controller or botmaster. The bots are commonly transferred to computers through unprotected internet ports or other malicious downloads.

The number of computers in the botnet can range from just a few to thousands or even more. Botnets are often used in Denial of Service (DoS) attacks, spreading virus and spam, and stealing sensitive data such as bank account or credit card details.

Rootkit

A rootkit is referred to as software that can be installed on a computer system without the user being aware of it. It can either come as a part of a larger software package or installed by an attacker by convincing you to inadvertently download the bug. This allows the hacker to take control of your computer system or network.

It is not always necessary that rootkits are malicious, however, they may hide such activities. The cybercriminals can alter your system programming, access important data, and carry out many other tasks on your computer while being hidden. Rootkits are also used for some genuine purposes such as observing illegitimate activity and preventing misuse of an organization’s network by the employees.

How to protect your PC for Rootkit and Botnet?

  • Make sure you create strong passwords that are difficult to be cracked by the hackers. It should include a combination of uppercase, lowercase letters, special characters and numbers. Do not allow your internet browser to remember passwords.
  • Installing an anti-virus software can also help to avoid attacks by obstructing the malicious users from accessing your network.
  • The anti-malware programs should always be authentic and reliable. They should be constantly updated to search for any viruses or bugs in your system.
  • Always be cautious while using emails and internet. Hackers usually deliver malware in the form of images, videos, links or pop-ups on your computer screen.

Following good cybersecurity practices can help you protect your network and stop the hackers from taking control of your computer system.

© Copyright 2022 The Centex IT Guy. Developed by Centex Technologies
Entries (RSS) and Comments (RSS)