Price vs Cost: One Man's Opinion

Dollar_symbol

With the economic state of the country, you always hear folks talking about the price of an item or how much it cost them. Being in the security industry and a home owner, I can identify with the struggles that come with sticking to a budget and finding a solution.

However, with security it can truly be a gamble that all too often plays out in a negative way. One comparison we threw around a lot here in the office is a home security system. You constantly see on the news or hear from others stories about homes being robbed and the uneasy feeling of violation that comes with it. It makes you think about yourself, your home, and that could happen to me!

But then your subconscious says those famous last words, “It can’t happen to me.”

Sadly, this is the approach a lot of businesses can take on the stance of cyber security too. Recently, we have all seen the public spectacle that comes with being hacked and the consequences associated with cutting corners on security. In a couple of previous articles, I know that I have touched on this topic in previous articles, but we still hear of companies being breached.

This brings me to my point; when looking at a solution, sometimes we look for the cheapest fix and do not think any further than the price tag associated with the item. But let’s say you don’t even make it that far, you ignore the problem and hope it does not get worse. Then when you go to make the repair, it costs far more money than just addressing the problem from the start. To combat these types of situations, many companies that are working with a tight budget turn to the affordable authentication that PortalGuard offers.  

So when faced with the complex decision of price versus the cost, it is always best to consider the big picture and the cost or consequence of all that could happen if you are not proactive in preventing security breaches.

World’s Largest Beverage Company Compromised

 

coke cans

The importance of encrypting data has become more prevalent with recent data breeches at retail stores and social networking sites. The latest company to join the list of offenders or victims, depending on how you look at it, is Coca-Cola.

Last week the Wall Street Journal (WSJ) reported that Coca-Cola had exposed a security breech from within their own company, compromising the personal information of about 74,000 North American employees and contractors.

The breech was due to a few laptops being stolen by a former employee that had been assigned to the task of maintaining and disposing of company equipment. Coke reported that it is company policy for all equipment to prevent information from being exposed, however, the stolen laptops were not yet encrypted so the information was easily accessible.

“Coke said the laptops were later retrieved, and it has ‘no indication’ the personal information had been misused. It didn’t say how it learned of the theft or how the computers were recovered.” Reported the WSJ.

18,000 of the effected employees are being sent letters to notifying them that their personal information which included Social Security numbers, addresses, and license numbers have been compromised. Coke has offered to cover identity-theft services to all parties involved at no charge.

The breech was initially discovered on December 10, 2013, but was not shared with the effected parties until Friday January 24, 2014 leaving some employees feeling uneasy. Coke identified the reason for the delay in notifying the employees as needing time to go through the recovered laptops and identifying all of those involved.

Coke explained the process in a memo to employees: “To expedite the process, we brought in extra crews that worked long hours, including throughout the holiday period and on weekends, to sort through the data.”

Even though the hardware was physically stolen, if the information was properly protected this breech could have been easily been prevented. When a computer or network contains personal data, there should always be a barrier to protect the information. This will ensure that the information can only be viewed by authorized users. For this reason, many companies turn to authorization software, like PortalGuard, to make sure that only authorized users are viewing the information.

Source:

http://online.wsj.com/news/articles/SB10001424052702304632204579341022959922200?mod=WSJ_hp_LEFTWhatsNewsCollection

The N.S.A. Gets Crafty

How the N.S.A. Uses Radio Frequencies to Penetrate Computers

New details have been exposed that the National Security Agency has the ability to access computers even when they are “air gapped.” This term refers to computers that are not connected to a network, wireless, or LAN.

This information was leaked in association with the Snowden exposer that was made public last year. The New York Times article on Tuesday described that the N.S.A. had implanted hardware in almost 100,000 computers around the world that allowed them to access the computers via radio waves.

“The technology, which the agency has used since at least 2008, relies on a covert channel of radio waves that can be transmitted from tiny circuit boards and USB cards inserted surreptitiously into the computers. In some cases, they are sent to a briefcase-size relay station that intelligence agencies can set up miles away from the target.”

In order to install this hardware successfully on the machines, spies and sometimes manufactures would implant the hardware on the machines, making it possible for the computer to be tracked. This was a step in the right direction as far as gaining access to information that previously was unavailable to US Intelligence Agencies.

The article goes on to explain that, in the recent past, the Chinese Army has performed similar covert operations to US companies and government organizations. The N.S.A. and the United States Cyber Command have been victims to the Chinese attacks; the attacks were used to mostly gather and steal secrets or intellectual property.

In the article, James Andrew Lewis, the cybersecurity expert at the Center for Strategic and International Studies in Washington, was quoted. “What’s new here are the scale and the sophistication of the intelligence agency’s ability to get into computers and networks to which no one has ever had access before… Some of these capabilities have been around for a while, but the combination of learning how to penetrate systems to insert software and learning how to do that using radio frequencies has given the U.S. a window it’s never had before.”

Sources:

http://www.nytimes.com/2014/01/15/us/NSA-effort-pries-open-computers-not-connected-to-internet.html?hp&_r=0

http://www.stratcom.mil/factsheets/Cyber_Command/

When Will We Learn? An observation about security

Dan_Ariely_speaking_at_TED_in_2009

A friend sent me a great TED Talk video this morning, “Are we in control of our own decision?” by Dan Ariely, behavioral economist and author of the book Predictably Irrational.  This video was excellent, well worth a watch and opened my eyes helping me understand some social behaviors.  Personally, I love to consider different perspectives and think outside of the box, whether this makes me genius or crazy has yet to be determined…

The video discusses many examples and makes different comparisons to prove his point on how the actions of people are “predictably irrational”, this made me think about authentication and security naturally.  When looking at recent security breaches in the media, the problems do not seem like new issues, just a recycled story of how information was compromised due to a lack in security.  It would seem that when it is a hot topic in the media many people talk about the issue, but few take action to protect themselves which leads to more security breaches down the line.

After watching this video it became apparent why this may happen.  Dan explains that when a person is faced with a problem and there are many or complex options they are less likely to act.  This could explain why security issues are continuous and abundant.  There are so many options out there which can overwhelm the general public and organizations alike.  If the public or corporation is unsure which angle to cover or how to best protect their information, they are very likely just fold their arms, do nothing and hope for the best.

Dan also spoke about the need to seeing something to believe it, for instance making it tangible.  When security is approached this way it makes more sense, when it comes to protecting a physical asset it is a lot easier to comprehend the risk because it is a tangible object.  People take out insurance policies on their homes, cars and even their lives because it is easier to picture your life with or without their presence.

However, when it comes to the security of identity theft through a security breach it is harder to envision the impact, which results in less people taking it as serious as they should until it is too late and the information is compromised.

All-in-all, this helped me understand a little more why history seems to repeat itself so often.  However, it raised a question in my head… Why do we not learn from others mistakes when it comes to security?

Sources:

http://www.ted.com/talks/dan_ariely_asks_are_we_in_control_of_our_own_decisions.html

http://danariely.com/about-dan/

Do You Know Who is Watching You? Part 2

Invisable Hand

On Tuesday we covered the basics of Remote Access/Administration Trojan also known as RATs. You can read that post here.

To dive deeper on the topic, one of the most common types of RATs is “Pandora”. The Pandora RAT allows an attacker to gain access to the following items on a compromised computer: files, processes, services, and active network connection.

If all of this doesn’t concern you, Pandora can also: remotely control the compromised desktop, take screenshots, record webcam footage, record audio, log keystrokes, steal passwords, download files, open Web pages, display onscreen messages, restart the compromised computer, hide the taskbar, and  hide desktop icons. It can even cause one of the most dreaded attacks: system failure and the blue screen of death.  Like many RATs, Pandora is user friendly, and can be mastered by expert and beginner hackers alike.

There is prosperous market of underground software sales based on RATs. They can be purchased from many websites and even appears for sale in hacking forums online.  The three main types that appear for sale are:

1) FUD which is fully undetectable by security vendors

2) Crypter which is a tool used to rearrange files in a way that the actual bytes are scrambled

3) JDB (Java drive-by) which involves a Java applet being placed onto a website disguised as a  pop-up to continue to the site

A few rules to stay protected: keep your anti-virus software up-to-date, avoid opening emails that look suspicious or if you are unsure of the sender, always be a skeptic when clicking on links that you receive from other sources, and only download files from sites that you know are secure. Always be aware of your webcam activity, if you do not have a shutter that closes then consider putting a piece of paper over the shutter as a precaution. Most importantly use common sense, if your computer told you to drop it off a bridge would you?

 

Resource:

http://www.symantec.com/connect/blogs/creepware-who-s-watching-you

Image Source:

http://i.telegraph.co.uk/multimedia/archive/01961/hack_1961123b.jpg

Can I Borrow a Cup of Internet?

cup of sugar

Recently I experienced a modern day version of a classic neighborly good deed. Last night up here in New Hampshire, we had a snow storm that hit right at the heart of the evening rush hour. This storm nearly tripled my wife’s ride home as well as mine.

Upon arriving home I realized that my internet service was out, great. This would not be such a big deal; however, there is no cell phone service in my neighborhood either. This means I need to run a local tower that runs via my internet. Upon driving up the road and calling my service provider they were not open because it was after business hours, how convenient.

To make the situation worse, this posed a real problem because my wife needed internet access to send some files to a client when she got home. Verging on a nervous breakdown in our house I started thinking of solutions to this problem.

Then it dawned on me!

My neighbors have wireless, I wonder if I could borrow some bandwidth for the night?  I double checked that there were wireless networks in my area and was happy to see that all the wireless networks were encrypted by passwords. I bundled back up in my winter garb and trekked out in the snow to my neighbor’s house, and knocked on the door. Meanwhile in my head I was thinking how odd this whole situation was. Once they opened the door and I explained to them my current position and they were very generous and shared their password with me.

Granted sharing passwords is not a very good idea, however there is always an exception to any rule. While walking back to my house feeling like a hero because I got the internet access we needed to get by, I couldn’t help but have a little laugh. In the past people used to ask to borrow a cup of sugar, now we ask for a “spot of internet.”

Do You Know Who is Watching You? Part 1

Hand Through Screen

Everyone knows at least one paranoid person that insists on covering the web cam of their computer. Activities like this may be necessary due to the malicious attacks out there. These attacks use your web cam and allow it to be taken over, giving them access to your computer remotely. According to Symantec, “Remote access Trojans (RATs), or what we (Symantec) are calling creepware, are programs that are installed without the victim’s knowledge and allow an attacker to have access and control of the compromised computer from a remote location.”

The two most common types are Remote Access/Administration Tool and Remote Access/Administration Trojan, the biggest difference between the two is that the Trojan is installed for malicious purposes.  One of the major ways that they take advantage of your computer is to remotely access of your device; there are lots of different pieces of malware out there.

“Creepware” as Symantec calls it, flips your machine with the hacker’s, so your computer is the victim and the attacker’s computer becomes the client.  Once this has happened an attacker then has the ability to retrieve files easily from the victim’s machine. The degree to which this takes place can vary from people out to commit fraud to those who just think it is a harmless prank. Most victims don’t report this type of crime until their reputation has been damaged so often the attackers often aren’t caught.  Many of these activates often fall under the umbrella of cyber bullying.  

The hackers get crafty and downright mean, for example one instance they attacked a victim by sending a pop-up on the screen saying, “their webcam’s internal sensor needed to be cleaned. To do this, they were told to place the computer close to steam.” Many victims brought their laptops into the bathroom to “steam clean” their machine, but don’t most people understand that you are not supposed to put electronics near moisture? 

Check back on Thursday for Part 2.

Resource:

http://www.symantec.com/connect/blogs/creepware-who-s-watching-you

Image Source: http://www.sitejabber.com/blog/wp-content/uploads/2013/02/identity-theft-500×260.jpg

EU Behind the Times for Cyber Security

Night view of Europe

 

Often in our blog we focus on what is happening here in America, but we work with companies all over the globe. Recently, there was a survey done by the  where they questioned over 27,000 people in the European Union about their internet use, security attitudes and experiences. 1  The survey showed that individuals in the EU were behind the times when it came to cyber security.

Just over a quarter those surveyed only use their own hardware to go online, and just under that figure (24%) use unique passwords for different sites. Does this remind you of any recent breaches?

“Of those surveyed 48% of web users said they had not changed any of their online passwords in the last year. Out of those who had made changes, the highest figure was for webmail (31%) with social networks just behind on 26%. Online banking passwords were less likely to be changed, with only 20% changing in the last 12 months, and shopping site passwords were rarely changed, at only 12%. “1

These numbers seem slightly off because you would think the information that could obtained from hacking into your bank account would be more detrimental than a social media account.  The website Naked Security adds that maybe this is a sign that there is a need for more education.

Most of the statics in the report point back to the fact that there is a common fear of the risks associated with using the internet, so they put off taking advantage of all that it has to offer.  The catch is that most of these people are not even doing the basics to protect themselves.

If you have a fear about using the internet take the time to educate yourself and those around you, whether it’s your family or co-works.  Make sure you have strong passwords in place that cannot be easily guessed. And if you do not have anti-virus software installed on your machine then definitely take the time to do so.

You can read the full report here, for more statistics.

Resources:

1.)    http://nakedsecurity.sophos.com/2013/11/27/only-24-of-europeans-use-different-passwords-for-different-websites/

2.)    http://ec.europa.eu/public_opinion/archives/ebs/ebs_404_en.pdf

Everyday Cyber Crime

On our blog we have often discus malware and passwords, but how much information do you actually put into action in your life and workplace?

If you have not yet watched the TED Talk by James Lyne: “Everyday cybercrime — and what you can do about it,” you should.

Lyne breaks down the threat of your computer being attack to a level that all of us can relate to. He reminds us that even if we are taking all of the necessary precautions, our family members and co-workers could be exposing us.

How often have you uploaded a photo from your smart phone not realizing it has geographic coordinates linked to it? Did you know that when you use public Wi-Fi on your device, someone else in the same location is able to track what other Wi-Fi networks your device has previously connected to. These are just a few of the points that Lyne covers, along with the basics of today’s hackers.

Lyne closes with the following, “You are going to see some astonishing stories in the news, you are going to read about malware doing incredible and terrifying scary things. However 99% of it works, because people fail to do the basics. So my ask is this;  go online, find these simple best practices, find out how to update and patch your computer, get a secure password, make sure you use a different password on each of your different sites and services online, find these resources, apply them.  

The Internet is a fantastic resource for business, for political expression, for art and for learning. Help me and the security community, make life much much more difficult for cyber criminals.”

We encourage you to take 20 minutes to watch the complete Ted Talk here.