New security flaw leads to Shellshock

security

In late spring of this year news broke of the biggest security issue to date – Heartbleed. Many companies leapt to secure themselves from this, but the fallout from it is still being felt. That being said, there is a new, even bigger, security problem called Shellshock that all businesses need to now be aware of.

What exactly is Shellshock?

Shellshock is the name applied to a recently uncovered software vulnerability which could be exploited to hack and compromise untold millions of servers and machines around the world. At its heart, the Shellshock vulnerability is based on a program called Bash. This is a Unix-based command program that allows users to type actions that the computer will then execute. It can also read files called scripts that contain detailed instructions.

Bash is run in a text-based window called a shell and is the main command program used by OS X and Unix. If you have a Mac computer and want to see what Bash looks like, simply hit Command (Apple Key) + Spacebar and type in Terminal. In the text-based window that opens in Bash you can enter commands using the Bash language to get your computer to do something e.g., eject a disc, connect to a server, move a file, etc.

The problem with Bash however is that it was recently discovered that by entering a specific line of code ‘() { :; };)‘ in a command you could get a system to run any following commands. In other words, when this command is used, Bash will continue to read and execute commands that come after it. This in turn could lead to a hacker being able to gain full, yet unauthorized, access to systems without having to enter a password. If this happens, there is very little you can do about it.

Why is this such a big issue?

To be clear: Shellshock should not directly affect most Windows-based machines, instead it affects machines that use Unix and Unix-based operating systems (including OS X). So why is this so big a deal when the majority of the world uses Windows-based computers? In truth, the majority of end-users will be safe from this exploit. However, the problem lies with bigger machines like Web servers and other devices such as networking devices, and computers that have had a Bash command shell installed.

While most users have Windows-based computers, the servers that support a vast percentage of the Internet and many business systems run Unix. Combine this with the fact that many other devices like home routers, security cameras, Point of Sale systems, etc. run Unix and this is becomes a big deal.

As we stated above, hackers can gain access to systems using Bash. If for example this system happens to be a Web server where important user information is stored, and the hacker is able to use Bash to gain access and then escalate themselves to administrative status, they could steal everything. In turn this could lead to the information being released on to the Web for other hackers to purchase and subsequently use to launch other attacks – even Windows-based systems. Essentially, there are a nearly unlimited number of things a hacker can do once they have access.

If this is not dealt with, or taken seriously, we could see not only increased data breaches but also larger scale breaches. We could also see an increase in website crashes, unavailability, etc.

So what should we do?

Because Shellshock mainly affects back-end systems, there is little the majority of users can do at this time. That being said, there are many Wi-Fi routers and networks out there that do use Unix. Someone with a bit of know-how can gain access to these and execute attacks when an individual with a system using Bash tries to connect to Wi-Fi. So, it is a good idea to refrain from connecting to unsecured networks.

Also, if you haven’t installed a Bash command line on your Windows-based machine your systems will probably be safe from this particular exploit. If you do have servers in your business however, or networking devices, it is worthwhile contacting us right away. The developers of Bash have released a partial fix for this problem and we can help upgrade your systems to ensure the patch has been installed properly.

This exploit, while easy to execute, will be incredibly difficult to protect systems from. That’s why working with an IT partner like us can really help. Not only do we keep systems up-to-date and secure, we can also ensure that they will not be affected by issues like this. Contact us today to learn how we can help.

Published with permission from TechAdvisory.org. Source.

5 Ways business security is flawed

security

Business owners and managers are becoming increasingly worried about the security of their systems and networks. While the vast majority have implemented some form of security, this may not be enough. In fact, we have helped a number of businesses with flawed security measures in place. The issue is, how do you know if your security is working sufficiently? Here are five common security flaws you should be aware of.

1. Open wireless networks

Wireless networks are one of the most common ways businesses allow their employees to get online. With one main Internet line and a couple of wireless routers, you can theoretically have the whole office online. This method of connecting does save money, but there is an inherent security risk with this and that is an unsecure network.

Contrary to popular belief, simply plugging in a wireless router and creating a basic network won’t mean you are secure. If you don’t set a password on your routers, then anyone within range can connect. Hackers and criminal organizations are known to look for, and then target these networks. With fairly simple tools and a bit of know-how, they can start capturing data that goes in and out of the network, and even attacking the network and computers attached. In other words, unprotected networks are basically open invitations to hackers.

Therefore, you should take steps to ensure that all wireless networks in the office are secured with passwords that are not easy to guess. For example, many Internet Service Providers who install hardware when setting up networks will often just use the company’s main phone number as the password to the router. This is too easy to work out, so changing to a password that is a lot more difficult to guess is makes sense.

2. Email is not secure

Admittedly, most companies who have implemented a new email system in the past couple of years will likely be fairly secure. This is especially true if they use cloud-based options, or well-known email systems like Exchange which offer enhanced security and scanning, while using modern email transition methods.

The businesses at risk are those using older systems like POP, or systems that don’t encrypt passwords (what are known as ‘clear passwords’). If your system doesn’t encrypt information like this, anyone with the right tools and a bit of knowledge can capture login information and potentially compromise your systems and data.

If you are using older email systems, it is advisable to upgrade to newer ones, especially if they don’t encrypt important information.

3. Mobile devices that aren’t secure enough

Mobile devices, like tablets and smartphones, are being used more than ever before in business, and do offer a great way to stay connected and productive while out of the office. The issue with this however is that if you use your tablet or phone to connect to office systems, and don’t have security measures in place, you could find networks compromised.

For example, if you have linked your work email to your tablet, but don’t have a screen lock enabled and you lose your device anyone who picks it up will have access to your email and potentially sensitive information.

The same goes if you accidentally install a fake app with malware on it. You could find your systems infected. Therefore, you should take steps to ensure that your device is locked with at least a passcode, and you have anti-virus and malware scanners installed and running on a regular basis.

4. Anti-virus scanners that aren’t maintained

These days, it is essential that you have anti-virus, malware, and spyware scanners installed on all machines and devices in your company and that you take the time to configure these properly. It could be that scans are scheduled during business hours, or they just aren’t updated. If you install these solutions onto your systems, and they start to scan during work time, most employees will just turn the scanner off thus leaving systems wide-open.

The same goes for not properly ensuring that these systems are updated. Updates are important for scanners, because they implement new virus databases that contain newly discovered malware and viruses, and fixes for them.

Therefore, scanners need to be properly installed and maintained if they are going to even stand a chance of keeping systems secure.

5. Lack of firewalls

A firewall is a networking security tool that can be configured to block certain types of network access and data from leaving the network or being accessed from outside of the network. A properly configured firewall is necessary for network security, and while many modems include this, it’s often not robust enough for business use.

What you need instead is a firewall that covers the whole network at the point where data enters and exits (usually before the routers). These are business-centric tools that should be installed by an IT partner like us, in order for them to be most effective.

How do I ensure proper business security?

The absolute best way a business can ensure that their systems and networks are secure is to work with an IT partner like us. Our managed services can help ensure that you have proper security measures in place and the systems are set up and managed properly. Tech peace of mind means the focus can be on creating a successful company instead. Contact us today to learn more.

Published with permission from TechAdvisory.org. Source.

Cloud and data breach prevention

security

Today’s technology advancement has one obvious parallel: increasing security threats. One such issue which has been growing both in number and intensity is data breach. And while many businesses have turned to the cloud in the hope of improving security, there is still a chance of a collision between data breaches and cloud usage. But don’t panic just yet, there are measures you can take to avoid the headache of a cloud and data security breach.

The cloud opens up some great tech advancements for businesses and is here to stay. However, as with all tech developments, you need to also be aware of any vulnerabilities and security issues as they change and develop at the same time too. If you use the cloud and want to proactively prevent cloud-and-data security breaches then here are five tips to follow:

  1. Know your cloud apps: Get a comprehensive view of the business readiness of apps and which ones render you more or less prone to a breach. Ask yourself these questions: Does an app encrypt data stored on the service? Does it separate your data from that of others so that your data is not exposed when another tenant has a breach? The idea here is to know exactly what each cloud service employed offers and how your company uses them.
  2. Migrate users to high-quality apps: Cloud-switching costs are low, which means that you can always change and choose apps that best suit your needs. If you find ones that don’t fit your criteria, take the time to talk to your vendor or switch; now more than ever you have choices, and the discovery process in step one will help you find out what these are.
  3. Find out where your data is going: Take a look at your data in the cloud. Review uploads, downloads, and data at rest in apps to get a handle on whether you have potential personally-identifiable information (PII), or whether you simply have unencrypted confidential data in or moving to cloud apps. You wouldn’t want cloud-and-data breaches with this critical data.
  4. Look at user activities: It’s important to understand not only what apps you use but also your data in the context of user activity. Ask yourself: From which apps are people sharing content? According to tech news source, VentureBeat, one-fifth of the apps they tracked enable sharing, and these aren’t just cloud storage apps, but range from customer-relationship management to finance and business intelligence. Knowing who’s sharing what and with whom will help you to understand what policies to best employ.
  5. Mitigate risk through granular policy: Start with your business-critical apps and enforce policies that matter to your organization in the context of a breach. For example, block the upload of information covered by certain privacy acts, block the download of PII from HR apps, or temporarily block access to vulnerable apps.

The key to preventing a cloud-and-data security breach lies in careful attention to your cloud applications and user activity. Analyzing your apps and looking into user activities might be time consuming, but the minimization of cloud-and-data security breaches makes this task worthwhile. Looking to learn more about today’s security? Contact us and let us manage and minimize your risks.

Published with permission from TechAdvisory.org. Source.

What’s juice jacking?

security

Everyone today seems to be constantly relying on their smartphones to help complete daily tasks which has resulted in the need to recharge subsequently increasing. And when you’re far from your charger, public charging kiosks can seem like a good substitute. However, this can lead to juice jacking of your smartphone. If this is news to you then let’s find out what juice jacking is and how you can avoid it.

What’s juice jacking?

Regardless of the kind of smartphone you have, whether it’s an Android, iPhone or BlackBerry, there is one common feature across all phones: the power supply and the data stream pass over the same cable. This setup allows for juice jacking during the charging process whereby user access is gained on your phone by leveraging the USB data/power cable to illegitimately access your phone’s data and/or inject malicious code onto the device.

The attack can be as simple as an invasion of privacy, wherein your phone pairs with a computer concealed within the charging kiosk and information such as private photos and contact information are transferred to a malicious device. However, on the other hand, it can also be as invasive as an injection of malicious code directly into your phone. According to security researchers at this year’s Black Hat security conference, your iPhone can be compromised within one minute of being plugged into a harmful charger.

Exposure to a malicious kiosk can also create a lingering security problem even without the immediate injection of malicious code. Once a device is paired to a computer, it can access a host of personal information on the device, including your address book, notes, photos, music, sms database, typing cache, and even initiate a full backup of your phone, all of which can be accessed wirelessly at anytime.

How do I avoid it?

The most effective precautions center around simply not charging your phone using a third-party system. Here are some tips to help you avoid using public kiosk charger:

  • Keep your devices topped off: Make it a habit to charge your phone at your home and office when you’re not actively using it or are just sitting at your desk working.
  • Carry a personal charger: Chargers have become very small and portable, from USB cables to power banks. Get one and throw it in your bag so you can charge your phone anytime you’re at the office or while on-the-go if you use a power bank.
  • Carry a backup battery: If you’re not keen on bringing a spare charger or power bank, you can opt to carry a full spare battery if your device has a removable battery.
  • Lock your phone: When your phone is truly locked as in inaccessible without the input of a pin or equivalent passcode, your phone should not be able to be paired with the device it’s connected to.
  • Power the phone down: This technique only works on phones on a model-by-model basis as some phones will, despite being powered down, still power on the entire USB circuit and allow access to the flash storage in the device.
  • Use power only USB cables: These cables are missing the two wires necessary for data transmission and have only the two wires for power transmission remaining. They will charge your device, but data transfer is made impossible.

Even the tiniest detail like charging your phone from a kiosk charger could affect the security of your device. While there are many substitutes to using a third-party system, ultimately the best defense against a compromised mobile device is awareness. Looking to learn more about today’s security and threats? Contact us today and see how we can help.

Published with permission from TechAdvisory.org. Source.