Why you need to know about the Poweliks threat

security

Most of us have suffered the horrors of a computer virus at some point, and we know the damage that can be caused by these security infections. Our work gets disrupted as IT systems go down and, if we’re really unlucky, sensitive and valuable data might be lost or even leaked. But there’s a silver lining to most viruses, worms and other such malware, in that they can at least be tracked down and removed. Well, not always – enter the invisible Poweliks, which even your most sophisticated anti-virus software might not be able to protect you against. So, what do you need to know and how can you protect yourself?

What is Poweliks?

Security firm Symantec describes Poweliks as a trojan horse that performs malicious activities on the compromised computer. But it’s no ordinary trojan – unlike the majority, which infect your computer with malicious files, Poweliks is a silent and invisible threat that hides away in the memory registry of your system. It’s not entirely new for a virus to seek to cover its tracks by making itself “file-less” but, in contrast with Poweliks, most are wiped when you restart your computer and its memory is cleared. Worse still, Poweliks hijacks the legitimate processes and applications running on your network, inserting its code into them where it can largely evade detection.

First discovered back in August 2014, Poweliks has therefore created something of a headache for firms behind conventional security solutions like anti-virus software. Symantec and others have admittedly managed a number of updates to their protection in response to the threat posed by Poweliks. But although very minor records of the presence of the trojan are left behind by way, for instance, of registry logs, the signs of its destructive presence are much lower key than the computer world is used to, meaning Poweliks is unlikely to show up on most system scans.

Poweliks has links to Kazakhstan, the home of two servers the malware connects to once it is up and running from within your computer. The servers in Kazakhstan then send commands to the bug to tell it what to do next. In theory, this then makes way for the tool to be used to download other undesirable programs that could infect your system without your knowledge. It could equally be used to steal and disseminate data from your network.

How can I best protect myself?

As well as the anti-virus updates that have gradually been released – but which are still likely to have only a limited impact on threats of this type compared with those of the past – a number of Poweliks removal guides are now available online. Nevertheless, prevention as ever, remains better than cure. One method reported to have been employed in the distribution of the Poweliks infection is embedding it in a Microsoft Word document, which is then sent as an attachment to spam emails, and which the attackers hope your curiosity will lead you to open. Among the senders that these spam messages have masqueraded as being from are the United States Postal Service and Canada Post. Of course the best advice remains to be suspicious of any and every email attachment you open, particularly if you weren’t expecting mail or it’s from someone you don’t know.

Should I be concerned?

In fact, revisiting your everyday security precautions is probably pretty good advice all round, since experts predict that this type of threat is likely to become ever more common as attackers seek to exploit the techniques of Poweliks in order for their infiltration to remain unnoticed for as long as possible. Sure enough, a number of copycat threats have already been detected by security specialists as of the start of 2015.

General awareness around web sites you choose to visit is also recommendable in particular, since others have also reported the bug making its way onto their systems thanks to so-called ‘drive-by download attacks’ – whereby simply visiting a malicious web site is enough to trigger the infection, and actively downloading a file isn’t even necessary. As a result, organizations may wish to consider more comprehensive filtering of internet access, or at the very least reactive blocking of known malicious sites, in order to prevent employees from inadvertently infecting a company network.

To find out more about IT security solutions and protecting your technology from attack, contact us today.

Published with permission from TechAdvisory.org. Source.

3 IT security take-aways from the Sony hack

security

Any business can become the victim of security breaches on a mass scale, as shown by the debacle which recently eclipsed Sony and forced it to temporarily cancel the release of blockbuster movie The Interview. Beneath the dramatic headlines are lessons for small business owners everywhere in how simple errors in IT security management can have grave consequences. These tips will help prevent your firm being the next to suffer Sony’s fate.

Don’t let basic security habits slip

Our modern-day instinct tells us that the answer to potential security breaches is to install new layers of antivirus software, firewalls and further encryption systems. While these are all worthy additions to your company’s armor of security shields, they will do little to help if good old-fashioned protective habits are allowed to slide.

Instill a disciplined, security-conscious mentality in your organization, and keep the messages simple so that staff remember and follow them. Focus on regularly changing passwords and keeping them secret, being vigilant about avoiding unexpected links in email messages, and limiting network access for the likes of external contractors to that which is absolutely necessary.

One of the ways hackers made their way into the Sony network was by tricking administrators into thinking they had a legitimate need for access: teach your staff to be careful, and praise cautiousness even if it turns out access is warranted. Encourage staff to flag up potential security lapses, and make sure they know that reports will be followed up and loopholes closed.

Take a flexible and agile approach to IT

IT changes, and so do the ways best suited to keeping it safe. This means it is vitally important to keep your IT systems up to date, and where necessary to do away with outdated practices that could leave your business technology exposed. This involves more than just ensuring that your network is running updated antivirus software to catch the latest bugs and worms – it means staying abreast of emerging methods to mitigate potential threats from hackers worldwide.

All of this uses staff and resources that your small business might not have – which is where outsourced managed services come in. Using a managed service provider as an add-on to your own IT team can give you extra flexibility and the ability to keep abreast of industry security developments, even when you lack the time to do so yourself.

Equally, know when it is time to ditch data – think of emerging social networks like Snapchat, which set messages to self-destruct after a set time, as your cue to make your data retention policy less permanent, particularly in relation to email. If you no longer have a business need or a regulatory requirement to retain information, then delete it – in the process you can limit the possible damage even if the worst should occur and you fall victim to an external attack.

Backup, backup, backup

The last thing you want in the event of a security breach is for it to hit your day-to-day operations – the potential damage caused by the hack itself is likely to give you enough to worry about. But that is exactly the situation Sony found itself in after its latest hack, with its email system down and staff forced to return to the days of pen, paper and even the fax machine.

As well as ensuring alternative means of communication remain open to your business in the aftermath of a possible attack, it is also vital to make sure that you retain access to the information most critical to your work. Regular, secured backups help ensure that, whatever happens, the show is able to go on and your firm’s productivity and revenue are not unduly hit. Engaging professionals to undertake your backups on a managed service basis also means this can happen routinely and without fail, while you stay focused on running your business.

Want to learn more about how to reduce your IT network’s vulnerability to attack? Get in touch with us today.

Published with permission from TechAdvisory.org. Source.

Looking at a new spear phishing attack

security

Take some time and research how companies are hacked and you will quickly come to realize that there are a wide variety of methods at a hackers disposal. One of the increasingly common, and effective strategies being employed is spear phishing. In early December 2014, a new spear phishing attack was uncovered, one that has proven to be quite effective against large businesses, and could possibly target small companies as well.

What is spear phishing?

Spear phishing is an advanced form of phishing where attackers troll the Internet for relevant information about you and then create a personalized email that is sent to you. This email is usually developed so that it appears to be coming from a friend or trusted partner and contains links to a site or program that can initiate an attack or steal information.

More often than not, these links are to websites where you enter account information, passwords, and even bank account details, or any other personal information which can be used to break into computers and even steal your identity.

What is this latest spear phishing attack?

This new form of spear phishing, being carried out by an organization who calls themselves FIN4, has actually been around since as early as mid 2013. When they attack Wall Street listed companies they are doing so to steal valuable plans and insider information.

What we know is that they send highly savvy and targeted emails to people at a company, trying to harvest Microsoft Outlook account information. Once they have this crucial data they then target others inside, or connected to, the organization, with the same email, while also injecting the code into ongoing messages. This method can spread the attack quickly, leading to a potentially massive security breach.

In the email examples of this phishing threat, the attackers write mainly about mergers and other highly valuable information. They also include a link to a forum to discuss the issues raised further. These emails come from people the recipient already knows, and the link is to a site that asks them to enter their Outlook account and password before gaining access. When this information is entered, it is captured by the attacker and used to launch more attacks.

What can we do to protect our systems?

From what we know, this attack is being carried out largely against law firms, finance companies, and other large organizations. While this discounts many small businesses, there is a good chance that the attackers will turn to small businesses operating with larger companies at some point.

Because this is an email-based attack, you need to be extra vigilant when opening all emails. Be sure to look at the sender’s address, and read the body of the email carefully. While hackers generally have good English skills, they aren’t fully fluent, which means you will notice small mistakes. Also, keep in mind previous emails sent by the recipient. If the tone and style is off, then the email may be fake.

It is important to always look carefully at all links in email messages. If a link looks suspicious, then ask the recipient for more information or to tell you where the link goes. If you come across any site asking you to enter account information, be extra careful. Look at the URL address in your browser, if it doesn’t sat HTTPS:// before the address, then it may be a good idea to avoid this.

If you have any questions on spear phishing and how you can prevent it, contact us today to see how we can protect your business.

Published with permission from TechAdvisory.org. Source.

5 Affordable business systems

Business value

BusinessValue_Dec11_CAs the new year has approached, stress levels go up within businesses. There is often the pressure to finish reports and budget for the new year, not to mention that there was probably extra expenditure requirements during the past holiday season too. This is also the time when many businesses begin to look for newer business systems that are not too expensive. To help, here are some free or affordable solutions that could make your business run far easier.

1. Canva

If you are a business owner, chances are that you aren’t the world’s best graphic designer, unless you run a graphics company of course! In order to design graphics, icons, flyers, and even posters you need specific graphics software. This can be expensive and the software is not going to be easy to use for design novices. You may even need an in-house graphic designer. This is where Canva comes in.

Canva is an online app that allows users to quickly and easily create professional looking graphics using drag and drop functionality and a wealth of free, or affordable, stock images. In other words, you can create designs in a short amount of time.

The service itself is free, but some images do need to be purchased.

2. FreshBooks

Most business owners are not certified accountants either, and even if you understand the basics of accounting and tracking of finances, the money side of your business is often a full time or at least a specialized job. If not handled correctly, this could spell disaster for your business. One solution is cloud-based FreshBooks.

FreshBooks is accounting software that allows you to invoice clients, track payments, accept payments, track expenses, and access financial reports at the click of a button. Beyond this, you can connect FreshBooks with your payroll services to ensure that your employees are paid on time.

The platform offers a free plan that allows you to track and manage one client, while paid subscriptions start at USD 19.95 a month.

3. Hootsuite

Many businesses have a presence on more than one social media network. While this is a great way to reach out to the highest number of customers, it can be a chore to manage and maintain a presence on all of these networks all of the time. Hootsuite is specifically aimed at this task.

Hootsuite is a tool that allows you to manage your social media accounts from one platform. Using Hootsuite you can schedule posts, set up streams, establish keyword tracking, and track engagement. It really is a one-stop-shop for all of your social media platforms.

Hootsuite offers a free subscription which allows you to manage three social media profiles, while a business subscription starts at USD 8.99 and allows you to track up to 50 profiles and gives you access to more advanced analytics and features.

4. Podio

Managing projects and ensuring that all employees are aware of what they should be doing, and what others are doing, can be one of the toughest tasks for any business owner. Sure, spreadsheets and communication work to a point, but there is always room for error and of course improvement, which is what Podio provides.

Podio is a project management app that allows you to easily manage projects, tasks, deadlines, and even files. Using an intuitive dashboard that all users have access to, employees and managers can easily see who is doing what, as well as what needs to be done and what has already been done.

Podio is free with limited features for five users and costs USD 9 per user, per month for the full subscription plan.

5. CoSchedule

If you have a blog, either on WordPress or hosted by WordPress, sharing the articles you post on your social media profiles is a great way to increase content reach and interaction. However, it can be time consuming to actually create posts on each different platform, unless you use CoSchedule.

With CoSchedule you can write your social media posts for a blog article and schedule them to be posted once the article goes live. Think of it as automating the sharing of your blog articles. This will save you time, while making it easier to manage your content, largely because the calendar included in CoSchedule is easy to work with and gives you a good view of your content.

CoSchedule is USD 10 per month, per blog.

If you are looking for more affordable ways to improve your business operations, contact us today to see what boost we can offer you at a price you can afford in 2015.

Published with permission from TechAdvisory.org. Source.