Shield Your Business With Cloud Network Armor!

Cyber-security, a term that almost seems outdated in 2014, has surged to the forefront once again as the hackers and malware and spyware proliferators are at an all time high. And as their sophisticated pilfering becomes ever more successful their funding base also broadens allowing them to have the resources to hire talent and expand operations.

What does this mean to the small business owner? Danger, and danger in so many ways. Payroll deposits are being emptied, data is being stolen and ransomed or sold to competitors, trade secrets are under attack; and the troubling thing is that so much of this is happening out of sight and therefore out of mind. And further concern is warranted as there seems to be frequent nonchalance concerning the steps necessary to keep as secure as possible.

Look at the recent hubub over the sunsetting on security updates for Windows XP. We've encountered cavalier attitudes and even some defiance that all the warnings must be a hoax, an attempt to force an upgrade and therefore a windfall for Microsoft. Yes, Microsoft stands to gain by the upgrades, of course, but XP's been around long enough to have run its course and MS has been warning users for years that 4/11/14 was coming. It's now come and gone and some 26% of all systems still sport the outdated and unsupported software. Not smart.

But let's look at what a business can do to maximize their data security. Make sure you have an up to date firewall and then make sure you, your I.T. person or vendor is absolutely religious about making sure the updates and patches are made promptly to the firewall and all of your software applications.

But let's face it, when you have PC's and employees surfing the internet, and opening odd emails the likelihood of having issues is there. It becomes not a question of "if" but "when" you'll get hacked. If you ask to see your security statistics and everything's in order you'll no doubt see how many times the attempt's been made to infect your system. And it's possible it's already infected and you don't even know it. It's not uncommon at all.

So why to these organizations and individuals from Russia and the former Eastern Bloc nations attack small business networks? In the words of master bank robber and disguise artist, Willie Sutton, "Because that's where the money is." And when the malware is installed and every keystroke on a computer is recorded they can monitor account numbers, passwords, security questions and then boom! Once the payroll deposit is made the funds are siphoned off.

If this happened to you personally the mighty FDIC would back your account up and the funds would be covered. But since you're a business there is no FDIC coverage. And every bank's fine print will make it clear that if someone breaks into your network and engineers a theft there's no recourse as there's no way for them to tell if it's a thief or if it's you. So it's incumbent upon you to fortify your network at every turn.

One way you can eliminate a lot of the worry and concern is to convert to a cloud network. With the cloud you potentially have no more PC's in your offices and your server is virtualized on a super computer in a military bunker style data center behind a state of the art and up to date firewall. With Cloud Access Devices instead of somewhat dangerous and labor intensive PC's you'll be much safer as they have no moving parts and cannot be hacked. With the server gone, more moving parts are out and your virtualized server is just much safer.

So your network in the cloud is now accessible from anywhere and everything is 256 bit encrypted, just like online banking. So you're more secure, your data is more secure, your uptime is better and you'll only see an IT person due to the lack of moving parts there on the rarest of occasions. And now your bank account is secure, a major relief.

If you cannot move to a cloud network soon consider doing your online banking on a separate PC that you only turn on for banking and only use for banking. This will greatly reduce but not eliminate your risk. If you're asking yourself daily, "What can I do to make my network more secure?" and posing the same question to your I.T. personnel, employee or vendor, you'll be much safer over time than those who ignore the issue and hope everything's fine. Trust me, it's not.

How to Detect Malware: 5 Basic Signs of Malware Infection

Computers are already complicated enough that sometimes they fail in performing exactly what we want. The strange behavior of computer may often be a fluke, but sometimes it may also be the warning sign of malware infection. If your computer is repeating any of these behaviors from quite sometime, chances are higher that it's infected from malware:

1. Popup ads are shown even if no browser window is open: Many of the latest malware programs don't behave like this because of the smart programming, but this behavior is still found in many older malware programs. Adware programs bombard the user with popup ads even if no browser window is open. Sometimes those ads may include links for selling any product or service while other times they may include links to malicious sites, which may drop even more malware in your computer.
2. Unnecessary redirects: Not all browser redirects are malicious, but if you try opening Google, Facebook or Twitter but get redirected to somewhere else then certainly your PC is in trouble. Sometimes redirects may be more subtle and complicated in nature. For example, a banking Trojan may redirect you to a fraudulent site that looks same as your bank's original site. In such cases the only clue that you may see is the URL in address bar.
3. A security program that you didn't install starts showing security warnings: The business of distributing fake antivirus programs is very lucrative. Such fake antivirus programs are often distributed and installed in our computers through drive-by downloads and other sneaky techniques. Once these programs enter our PC, they start showing scary warnings about made-up threats. Needless to say that they require a license fees for cleaning our PC, and cleaning with these antiviruses is often quite smoother because in reality they're not doing anything.
4. Posts that you didn't write start appearing on social media profiles: Malwares also target Facebook and other social media websites and start posting fake information from your account on them. In most cases they post inflammatory statements with links. So if you see some posts that you didn't update from your social media account then your computer may be under the influence of malware.
5. You can't use common system tools: Anyone who's a smart computer user will get the smell of malware infection quickly and will try to justify his doubts by looking into Task Manager or Registry Editor. But if you can't access any of these tools and see a message that says Administrator has disabled this option then it may be a self-defense attempt of malware.

How to Pick a Strong Password

Knowing how to choose a strong password is essential to protecting your sensitive information, and strengthening your computer and online security. There are a few key things to avoid when choosing a strong password, however, it will be easier to understand how to choose a strong password when you understand how hackers compromise people's passwords.

How the hackers do it:

When a hacker is trying to get into a victim's account, there are various methods they can use to go about doing that, it depends on what the hacker wants, this can just be a broad attack -an inelegant mad dash using the law of averages to guess a password,(a relatively easy attack to thwart) or, it can be a surgical highly targeted attack on one user. (Slightly harder to combat)

When a hacker goes for the broad attack they utilize programs that repetitively try words from a "Dictionary file". A dictionary file is an enormous list of words, hundreds of thousands of them. Dictionary files can reach sizes greater than 10 Gigabytes. (For a point of reference the download for the English version of Wikipedia, in it's entirety, is 9.7 gigabytes) Dictionary files can have hundreds of the same word for instance Password, Password1, Password_1, password1, etc, etc.

When a hacker goes for the targeted attack all of the information about you that they can get their hands on will be used to try and find your password. Most people's Facebook profiles are rife with information, birth date, hometown, interests, family member's names, your spouse's names. You may be reading this and thinking to yourself something along the lines of "I have a Facebook account I'm in trouble" don't worry, by following a few simple guidelines you can choose a strong password.

What Not To use as a password:

Your own name, or your username, or for that matter any name.

The name of your significant other.

Something that would be in a dictionary.

Something related to your interests, hobbies, or occupation.

What You should use:

A random combination of lowercase and capital letters.

Special characters eg!@#$%&()_-+=

Long Phrases with spelling errors eg "mareehadaliddlelam"

Something you can remember

Replace numbers with letters eg "MyN4M3155am" for "My Name Is Sam"

Congrats, you now know how to choose a strong password! Having a strong password is great but its only half the battle for password safety, like all computer security, there's still the behavioral aspect to deal with.

NEVER EVER M mean EVER TELL ANOTHER PERSON YOUR PASSWORD, for any reason what so ever. I know you trust your friends, and they're great, but just don't.

DON'T WRITE DOWN YOUR PASSWORDS. They shouldn't be that hard to remember and chances are if you have a password that is a random meaningless string of numbers and letters a computer could randomly generate it faster than a long phrase with spelling errors.

Just because you have one strong password does not mean you can use it for every account you have, i repeat DON'T USE ONE PASSWORD FOR EVERYTHING. If a hacker gets the password to one of your accounts, and all of your accounts have the same password, you've just helped them get away with your sensitive information.

And Finally, change your password regularly. The more secure you want the account to be, the more frequently you have to change the password. A good rule of thumb is every three months for your primary Email account.

Differences Between Computer Viruses, Malware, Spyware, and Worms

To help avoid computer viruses, it's essential that you keep your computer current with the latest updates and antivirus tools, stay informed about recent threats, run your computer as a standard user (not as administrator), and that you follow a few basic rules when you surf the Internet, download files, and open attachments. Because new viruses are arriving every day, it is critical to keep your virus definitions up-to-date. Be sure to enable the scanning software's automatic-update feature and have it do so every day.

Make sure you use a fire wall. A firewall is a piece of software or hardware that sits between your computer and the network and only allows certain types of data to cross. For example, a firewall may allow checking email and browsing the web, but disallow things like Windows file sharing

With most things just a little information can help you protect yourself. What are the differences between Computer Virus, Worm, Malware, Adware, Trojan and Spyware?

• Virus is a program to cause damage to computer. Computer viruses also spread through downloads on the Internet. They can be hidden in illicit software or other files or programs you might download. Once a virus is on your computer, its type or the method it used to get there is not as important as removing it and preventing further infection. Viruses can be disguised as attachments of funny images, greeting cards, or audio and video files.


• A Worm is a program which infects the computers which are connected by some network. Worms slow down the network.


• Mal-ware is a program with malicious intention. It can be damaging your computer, spying on you or any other malicious task.


• Adware is a program which delivers ads to your computer (generally in POP-UP form). They consume your network.


• Trojan is a program which is used to gain access to a computer by installing a program on infected PC to open some backdoor. [Trojans are also known as Back-doors].


• Spyware is a program used to monitor/Log the activity performed on a computer. This is used to spy on someone either for legal or illegal purpose. Example: Key-logger applications.

Here are some indicators that your computer may be infected:

1. Your computer has become unstable. Does your computer seem to run slower than before?

2. Strange messages indicating that you can't access certain drives on your computer are another sign that something is wrong.

3. If you notice that file sizes are fluctuating even if you aren't accessing those files, that's another sign of a computer virus.

4. If your homepage has changed on its own

5. Other indicators include hardware (like printers) that don't respond to commands. While none of these guarantee the presence of a virus, they do suggest that something is wrong with your machine.

Beware, Your Social Media "Friends" May Be Robots Acting Like Real Humans

Social Media such as Facebook, Twitter, LinkedIn, Pinterest, Google Hangout, YouTube, Foursquare, blogs, forums, and virtual games is being invaded by Social Robots (called "bots that are programmed to appear as your real friend on social media) in order to see what you type, understand how you feel, know what you buy, analyze messages, promote certain brands to you, record your data and interactions, popularize topics and people, imitate people and brands, and influence behavior. Bots are website software applications that run a set of automated tasks over the internet. Bots operate in phases. First they establish a believable network to hide their artificial appearance. Second, they befriend people in networks. Third, they solicit human users. Finally they explore their new found network by making friends with other friends of friends and harvesting the data of interest.

With so many people interacting on social media bots are of concern. Bots are very powerful virtual tools that are used to affect the choices that we make, how we respond, what and where we shop, what we see, what we believe and where we go. Social bots take that information and use it in marketing, research, social media, and in the development of fake friends.

Social bots take on several functions such as those listed below:

• Increase or decrease your likes, dislikes, fans, followers, and friends
• Analyze weak points in programs that can be attacked
• Send out cyber attacks
• Determine weak data breaches
• Gather personal information such as names, numbers, email addresses, etc.
• Spread negative or positive messages about products, people, companies, policies.
• Improve awareness about a topic
• Determine your location based on your IP Address
• Steal information
• Drive attention to brands
• Understand the users state of mind
• Manipulate voting
• Locate you
• Target and expand friends and network
• Increase the number of followers
• Gather and report data about you
• Change social behavior

Social bots are used for good and not so good purposes. On the one hand they can influence campaign outcomes by delivering a constant flow of key messages to voters. The key messages may cause you the consumer to vote for a certain political party or candidate. Social bots may also be used to create fake friends who you think are real people liking your information but in reality they are learning about who your friends are, what they like, and targeting them for key messages that promote or decrease sales of a particular product. A bot called @hackernewsbot, is a good bot because it provides the user with the latest update on Hacker News. Overall, being aware of their existence is a first step to addressing bots that may be harmful to your profile, business, or network of friends. As consumers it is urgent that we know whom we are communicating with and what is taking place with the information that we share with our Friends.

The Federal Communications Commission (FCC) works on antibot initiatives and codes that can be used to identify bots. This is a new and ongoing process that produces recommendations for ISP providers to consider. As of today best practices and guidelines are under development and research on this topic is ongoing. In addition, the FCC created a set of Anti-Bot Code of Conduct (ABC's) for Internet Services Providers that is Voluntary. They are currently listed on the FCC website along with a list of companies (showing less than 10 ISP Service Providers) that have adopted the guidelines on a voluntary basis.

There are things that you can do to avoid some bots and limit the information bots take from you on social media:

1. Don't accept friends from people who you don't know (especially on your personal page)
2. Don't accept friends without faces. A friend without a face may simply be a bot.
3. Develop a personal and a business page and separate the personal from the business information.
4. Use systems like Botornot to determine if your friend is real or not.
5. Notice when the tweets or messages appear on social media. Bots often send out messages around the same time. Real people send out messages sporadically.
6. Bots follow a large number of groups but have fewer followings.
7. View how bots follow and unfollow you within 24 hours. They follow you hoping that you will follow them and then they unfollow you in 24 hours. If someone follows you, wait 3-4 days to follow back.
8. Check to see who else has your profile name or similar name. It may be a bot posing to be you to seek data.
9. Beware of accepted friend requests that you never sent.
10. Check to see how quick friend requests are accepted. If your friend request is accepted in seconds from when you sent it, it may be a bot accepting your friend request. This isn't always a bot, some people have quick fingers and religiously follow social media.
11. Check the API on Facebook for example. People tweet from the web, or mobile, or Tweetdeck. You will see that in your timeline on Facebook. If it says "from API" there is a pretty solid sign they have at least automated the tweeting and chances are you are dealing with a bot.
12. Limits posts to your timeline to a select group who you know. Don't let anyone post to your timeline.
13. Send the bot a complicated message; bots don't usually answer complicated questions and they don't usually answer back. Few bots run by software answer back.
14. View Photos to see how many are listed. Bots dont usually have tons of photos. They may have fewer than 5.
15. Watch out for the babe factor-photo that looks great but it may be a bot used to simply obtain your friendship and get into your network.
16. Lastly, don't just use social media, use the internet to learn about social media and the internet. Start researching topics on your own and become savy about the world in which you operate. Bots will only get smarter with the information that you provide them.

From 2012 to 2013, Incapsula, a website security firm found that bot traffic went from consisting of 51 percent to 61.5 percent of all Internet traffic, a 10.5-percent increase. Thirty-one percent of those bots are malicious, according to data from the report. Since bots are growing day to day it is very important to know that they exist and to take steps to mitigate the damage that they can do.

Cloud Computing - Is It Safe?

There are essentially two kinds of computing environments:

On-premises computing is the traditional form of computing in which you or your company own and manage your own systems. All the applications you use, as well as your data files, are in your own computers on your own premises either on individual PCs or on an in-house local area network.

In cloud computing, by contrast, your applications and files are held remotely on the Internet (in cyberspace) in a network of servers which is operated by a third party. You access applications and work on your files from your PC simply by logging on to the network.

Cloud services are provided by cloud-hosting providers, companies such as Google, Amazon, Oracle Cloud, Rackspace, Microsoft Azure, and so on.

There is nothing fundamentally new about the concept of cloud services. If you are using Gmail, Hotmail or yahoo for your emails, you are using cloud services and probably have been for years.

What is relatively new is the types of services that are being offered in a cloud-environment. These now go far beyond email to cover all the IT services that an on-premises computing environment would deliver, such as accounting, marketing, human resources and so on.

Advantages of cloud computing

Cloud computing has several advantages over on-premises computing:

1) You can run an application or access your files from anywhere in the world using any computer.

2) Cloud computing is cheaper.

3) You need less technical knowledge.

4) Cloud computing delivers a better performance.

5) Cloud computing is eminently scalable. Increasing the number of applications you use or the amount of data you store does not require a heavy investment; you only need to advise the cloud-hosting adviser.

Given these advantages it no surprise that over the last few years there has been a widespread rapid adoption of cloud computing. Analysts estimate that the growth rate of all spending on cloud IT will soon be at least four times faster than the growth rate of all spending on on-premises computing.

Indeed, analysts are expecting the annual growth rate of spending on cloud computing to average 23.5% compound from now until 2017. In addition, by that year spending on cloud services will probably account for one-sixth of all spending on IT products, such as applications, system infrastructure software, and basic storage.

Given the rapid growth in cloud computing, the big question, of course, is whether cloud computing is safe. Is it more or less safe than on-premises computing?

The short answer is that cloud computing is not less safe than on-premises computing. However, the threats are somewhat different in nature, though they are converging.

Threats

Generally speaking, there are six major threats to computer security. These are:

Malware - is malicious software such as viruses, trojans, worms, spyware and zombies. Malware is installed on either a PC in your home-office or a cloud-computing server. Where malware gives control of a network of computers to a malicious group (eg, to send spam) it is called a botnet.

Web app attack - is an attack in which web-based applications are targeted. It is one of the most common forms of attack on the Internet.

Brute force attack - works by trying all possible combinations of letters or numbers in order to discover a cipher or secret key. For example, you could crack a password by repeatedly trying to guess it. Modern computing power and speed makes brute force a viable form of attack.

Recon - is reconnaissance activity that is used to choose victims that are both vulnerable and valuable.

Vulnerability scan - is an exploit using a special program to access weaknesses in computers, systems, networks or applications in order to generate information for planning an attack.

App attack - is an attack against an application or service that is not running on the web, ie the program will be on a computer somewhere.

Honeypots

A honeypot is a decoy website, network, system or application that has been intentionally designed to be vulnerable to attack. Its purpose is to gather information about attackers and how they work.

Honeypots allow researchers to:

• collect data on new and emerging malware and determine trends in threats
• identify the sources of attacks including details of their IP addresses
• determine how attacks takes place and how best to counteract them
• determine attack signatures (pieces of code that are unique to particular pieces of malware) so that anti-virus software can recognise them
• develop defences against particular threats

Honeypots have proved to be invaluable in erecting defences against hackers.

The Spring 2014 Cloud Security Report

Alert Logic provides security services for both on-premises and cloud computer systems. The company began issuing cloud security reports in 2012. Its Spring 2014 Cloud Security Report covers the year ending 30th September 2013.

This report is based on a combination of real-world security incidents experienced by Alert Logic's customers and data gathered from a series of honeypots the company set up around the world.

The report throws some interesting light of the security of on-premises and cloud computing relating to the company's customers. Here are some of the highlights:

[1] Computing is shifting more and more from on-premises to cloud-based computing and the kinds of attacks that target on-premises systems are now targeting cloud environments. This is probably due to the increasing value of potential victims in the cloud.

[2] Although attacks on cloud environments are increasing in frequency, the cloud is not inherently less secure than traditional on-premises computing.

[3] The frequency of attacks in both on-premises and cloud computing has increased for most types of threats, though for a few types of threats it has fallen. Here are the main points of comparison between both computing environments:

The most prevalent types of attacks against on-premises customers were malware attacks (including botnets) at 56% during the six months ending 30th September. At only 11%, these attacks were much less frequent among cloud customers. However the number of cloud customers experiencing these attacks is rising quickly, more than doubling in one year.

Attacks using brute force increased from 30% to 44% of cloud customers but remained stable in on-premises environments at a high 49%. Vulnerability scans jumped dramatically in both environments. Brute force attacks and vulnerability scans are now occurring at almost the same rates in on-premises and cloud environments.

Web app attacks are more likely among cloud customers. However these attacks are down year-on-year in both cloud and on-premises computing, as are recons. App attacks increased slightly in both categories of customers.

The most prevalent types of attacks vary between on-premises and cloud environments. In on-premises computing the top three were malware (56% of customers), brute force (49%) and vulnerability scans (40%), while in the cloud the most common incidents were brute force, vulnerability scans and web app attacks, each of which affected 44% of customers.

[4] The incidents involving Alert Logic's cloud-based honeypots varied in different parts of the world. Those hosted in Europe attracted twice as many attacks as honeypots in Asia and four times more than honeypots in the USA. This may be due to malware 'factories' operating in Eastern Europe and Russia testing their efforts locally before deploying them throughout the world.

[5] Chillingly, 14% of the malware collected by honeypots was not detectable by 51% of the world's top antivirus vendors. Even more frightening: this was not because these were brand-new malware; much of the malware that was missed was repackaged variations of older malware and thus should have been detected.

The report concluded with a statement that security in the cloud is a shared responsibility. This is something that individual entrepreneurs as well as small and medium sized enterprises tend to forget.

In cloud computing, the service provider is responsible for the basics, for protecting the computing environment. But the customer is 100% responsible for what happens within that environment and, to ensure security, he or she needs to have some technical knowledge.

Conclusion

Advertisements by cloud service providers seem to imply that cloud computing is safer than an on-premises computing. This is simply not true. Both environments seem to be equally safe or unsafe viz-a-viz hackers and their malicious programs.

Attacks in the cloud are increasing as potential targets are becoming more 'theft-worthy'. Thus, the security in the cloud needs to be just as robust as security in on-premises environments. However, you cannot rely solely on antivirus software vendors to detect all attacks.

Your best bet is therefore to enter an annual maintenance contract with an online computer maintenance firm that can periodically access your computer(s) from a remote location and ensure that it is protected as well as possible. This should not cost more than €120 to €150 a year depending on the number of computers you have.

Ensure Complete Network Security With Next Generation Firewalls

The moment your network connects to the internet, it becomes exposed to all types of viruses, malware and other 'contaminated stuff' circulating on the internet. Regardless of the size of your organization, it is important to ensure complete security of your network. As most organizations are highly dependent on computers these days, ignoring the security of the network may compromise data integrity and prove detrimental to the health of any business. Using network firewall is one of the primary ways of preventing your network from serious security threats.

It is important for business organizations to ensure the safety of each and every computer. A network firewall filters out communication between all the computers in a network. A firewall can effectively prevent hackers and viruses from reaching your computer. Firewalls can also be programmed to prevent employees from transmitting certain types of confidential data outside of the network. Installing a firewall will go a long way when it comes to ensuring the safety of a computer network.

These days the organizations require a comprehensive network security systems to ensure complete protection from internet threats. Next Generation Firewalls (NGFWs) promise the best network security to the companies. Apart from having the capabilities of traditional firewalls such as packet filtering and network address translation (NAT), NGFWs offer intrusion prevention, deep-packet inspection and other useful features that traditional firewalls don't have.

Here it is important to highlight two important limitations that make traditional firewalls obsolete-

• First, the traditional firewalls are unable to inspect the data payload of network packets
• Second, they don't have the intelligence to distinguish one type of web traffic from another

NGFWs effectively overcome both of these limitations to ensure complete network security. However, the most important feature that makes next generation firewalls superior to traditional firewalls is application awareness. Unlike traditional firewalls, NGFWs have the ability to recognize web applications as well as other types of applications by using different techniques. Instead of opening ports for all web traffic, NGFWs are able to filter traffic based on specific applications. This way, they effectively identify and block malicious applications on the web and protect businesses from becoming a victim of cyber-crime.

Using next generation firewalls can go a long way when it comes to ensuring complete security for your network from all kinds of security threats. By intercepting incoming and outgoing web server traffic, NGFWs stop harmful malware from causing any harm to the network. Also, it is important for business to follow a proactive approach and use iPv6 firewall to secure their network. This will prove to be very helpful when the current IPv4 Internet addressing system moves to IPv6. There are many companies that offer network firewall and iPv6 ready firewalls to business organizations all over the world.