Posts Tagged VPN

What Is An Evil Twin Attack

With the advancement of technology, there has been a rise in the use of wireless connectivity solutions. It has found applications in restaurants, coffee shops, offices and shopping malls. However, wireless connectivity in the form of Wi-Fi is inherently less secure. It is largely unprotected from threats that can result in theft of credentials and sensitive information. The unprotected access points expose your connection and personal data to cyber-attacks such as ‘Evil Twin Attack’.

Understanding An Evil Twin

An evil twin is a rogue wireless access point that appears as a genuine hotspot offered by a legitimate provider. It typically clones the MAC address, name and service set identifier (SSID) of the network. This makes it hard for the users to differentiate between original and fake access point.

An attacker can conveniently create an “evil twin” within the smart phone or other internet-capable device using some easily available software. He discovers the radio frequency of a legitimate access point and uses the same to send out his own radio signals with the same name as original access point. This enables the attacker to eavesdrop on the network traffic, capture traffic or plant malware on the system.

Implications To Cybersecurity

Once the fake access point is set up, it poses as a local hotspot. The attacker positions himself near the end-user so that his signal is strongest within the range. The strong signals tempt users to connect manually to the evil twin for internet access. Also, it can be a case where the end-user’s computer automatically chooses that connection. This allows the hacker to intercept user’s sensitive data that is being shared between user and the host. Thus, he can obtain sensitive information or login credentials resulting in identity theft or financial loss of the end-user. Attackers are also using social engineering to clone a login page through which credentials can be stolen.

Ways To Prevent Evil Twin Attack

To avoid evil twin network connections, following tips should be considered by end-users:

  • Refrain from using public hot spots for online shopping or banking.
  • Users should disable auto connect feature on all wireless devices.
  • Connect via a virtual private network (VPN) to compress all traffic while using a public access point.
  • Before connecting, ask the owner of the area for official name of the hotspot and security key, if any. Type the incorrect key intentionally; evil twin hotspots will grant access irrespective of the key.

Companies should also incorporate measures to protect corporate data from evil twin attack:

  • Instruct employees to use Wi-Fi Intrusion Prevention Systems (WIPS) to prevent their systems from connecting to unauthorized duplicate access points.
  • Protect company’s wireless connections with Personal Security Key (PSK) and provide its details to employees and customers.

For more information on IT security solutions for your business, call Centex Technologies at (254) 213 – 4740.

, , , , ,

No Comments

Reasons To Use VPN

PDF Version: Reasons-To-Use-VPN

, , ,

No Comments

Security Risks Concerning Virtual Personal Assistants

VPA (Virtual Personal Assistant) software application follow commands of a user intelligently and performs a variety of tasks such as searching information on the web, scheduling an appointment, monitoring health data, initiating online shopping, searching for addresses & location, etc. Also known as Intelligent Personal Assistant (IPAs); Siri, Google Now, Alexa, Cortana, etc. are the most commonly used ones.

Although Virtual Personal Assistants are of great use, there are certain security risks concerning them. Here we have discussed the most prominent security threats associated with VPAs

  • Eavesdropping: A VPA is programmed to follow voice commands. So, it passively listens to everything being said, if the user forgets to turn it off when not in use. Thus, it ends up collecting user’s voice data without his knowledge. This recorded data always poses a risk of hijacking because cybercriminals might collect & use it unlawfully.
  • Vast Exposure Of Personal Information: VPAs resort to different databases on the web in order to respond to user’s query. Although it is highly convenient, it can pose a serious security threat.
  • Data Theft: VPA keeps a track of the user’s activity and stores that information on the device as well as a remote database. When an VPA hijacker gets hold of this information, he can extract the data and exploit it to offend the user.
  • Voice/Audio Hijacking: This technology recognizes voice to take commands. Even though it understands different words & their pronunciations, it does not distinguish the voices of different users. This can be used against the user, as an impersonator might command the VPA to perform tasks that may harm the user. Even if it recognizes the user’s voice, there is a possibility that a cybercriminal might use the actual user’s voice recording and issue commands to the VPA.
  • Remote Malware Downloading: A compromised VPA might be instructed to visit certain sites containing a malicious link. Once clicked, this link installs a malware in the device which continues to operate & damage the device remotely without the user’s knowledge.
  • Undertake Tasks Autonomously: Users might register automated commands with a VPA. This can be exploited by the hijacker to victimize the user.  For example, the user may direct his VPA to pay his phone bill every month. The VPA further takes the command and connects it to an authorized payment gateway. If the VPA is compromised, the hacker might dismiss the bill payment and transfer funds to his remote account.

There is no denying the fact that virtual personal assistants provide numerous benefits. However, it is important to stay cautious in order to avoid security risks.

For more information about IT, call Centex Technologies at (254) 213-4740.

, , ,

No Comments

Guide To VPN Routers

A VPN router is a routing device that helps in enabling network communications within a VPN environment. It connects & communicates between multiple VPN end devices that are located at separate locations.

These routers are specifically designed to protect your system from a cyber-attack. This is made possible because all the devices connected with a VPN router are protected by a Virtual Private Network
.

Methods Of VPN Router Setup

  • There are 3 main methods and one can go with any one of these:
  • Buying a pre-configured VPN router
  • Using a VPN enabled router that supports OpenVPN
  • Flashing a non VPN compatible router with new firmware to support VPN.

Benefits Of Using VPN Routers

  • Easy To Install – They are very similar to regular routers apart from the fact that in this case internet connection is routed through the servers of a private network. Setting up a VPN router completely negates the need of installing VPN on multiple devices separately. It can be done all at once because as soon as the VPN router is installed, you can easily connect your devices with it.
  • Less Expensive – It is always beneficial to set up a VPN router due to the twin benefit it has. Firstly, buying a VPN router is a better deal than taking separate internet subscriptions for each device. So it can help you save costs and also ensures complete security at the same time.
  • Device Friendly – You can connect multiple devices with the VPN router i.e. your smart TV, smartphone, laptop, etc. So configure the device which you have and connect it to the VPN router for added security. In other words, it requires a one-time effort in setting it all up and then you are ready to go.
  • Ensures Security – Installing a VPN router secures all the devices on the network. It adds an additional layer of privacy and maintains anonymity of all your online activities. This way it is hard for cyber criminals to break through a network secured by a VPN router.

Things To Consider When Setting Up A VPN Router

  • Cost – You’ll need to buy a decent router and VPN subscription. However, the cost of a VPN router may vary depending upon the option you choose.
  • Speed – It is one very important factor that needs to be considered to ensure that there are no server overloads, network disruptions or snags etc.
  • Features – The way you plan to use your VPN router determines which firmware & VPN service you need to go with. Although it is very important to make sure that it is up to date, fast, reliable, secure and enforces policy based routing.

For more information about VPN routers, call Centex Technologies at (254) 213-4740.

, ,

No Comments

All You Need To Know About VPN

December 24, 2014

Virtual Private Network (VPN) is a private network that uses the public telecommunication system, usually the internet, to enable a secure network access within an organization. It aims at providing the entire organization with the same network capabilities, but at a much lesser cost. VPN is often used to extend intranets across the world in order to broadcast information to a wider audience. If a user wants to gain access to the network, he must go through an authentication protocol using a username and password.

Types of VPN

  • Dial-up VPN: This is a software based system developed over your existing internet connection. It involves creating a secure channel between the two remote points which allows the users to connect to the network. There is often little or no cost associated with this type of network set-up as you can easily use your existing software and equipment.
  • Site To Site VPN: This type of VPN can be used to connect several computers present in remote locations to a particular network. All the systems connected to the network can have an access to each other.
  • Client VPN: This is an encrypted connection from one remote device to a VPN router. Traffic is channeled from the device towards the router so that the user can access the inside information of the organization.
  • SSL VPN: This type of VPN works much similarly to the client VPN. The major difference lies in the fact that it does not require any preconfigured software to connect to the network. Rather, the web browser performs the function of VoIP software.

Security Tips For VPN

  • Install and constantly update firewalls to strengthen your VPN network.
  • An intrusion detection or prevention system is recommended to effectively monitor malicious attacks on the network.
  • Unmanaged or unsecured systems without any authentication should not be provided access to the network.
  • Remote network servers or computer systems should have anti-virus software installed to prevent any infections.
  • Network administrators should be provided proper training to follow best security measures during the installation and use of VPN.
  • Auditing and logging functions should be present to record any unauthorized attempts to access the network.
  • Guidelines and policies should be provided to the responsible parties to regulate their network use.
  • Unnecessary access to the intranet should be controlled and limited.

Following the above given security tips can help you have a safe and secure network connection in your organization.

, ,

No Comments