Recent Blog Posts
What is the IoT, and What’s a Botnet?The Internet of Things (IoT) is a blanket term describing any item that collects data and connects to the Internet to process that data. Think everything from fitness trackers to smart home assistants, smart watches, and internet-capable security cameras. If you have any device that is described as ?connected? or ?smart,? you?ve interacted with the IoT. These kinds of devices are becoming more and more commonplace in everyday life. The big problem with IoT devices is that there is little, if any, attention devoted to maintaining their security. This, combined with their reliance on an Internet connection to function, make them perfect for building the online threat known as a botnet. A botnet is a network of devices utilized as an attack vector. By infecting numerous pieces of hardware, an attacker is able to leverage their combined resources as part of a brute force attack, overwhelming the targeted system?s security. We?ve seen this before, including events that took down dozens of popular websites on the Internet all at once. A Bad Memory Comes Back AgainThere are plenty of examples of IoT botnets, but a particularly nasty one, Mirai, has made headlines again as a new derivative botnet has begun to rise. Called Persirai, this botnet leverages the same IP cameras as Mirai to power its attacks. Persirai has been making its rounds around China, infecting thousands of devices. Of course, there are other botnets that warrant concern as well. A currently-dormant botnet, called Hajime, was measured by Kaspersky Labs to have almost 300,000 IoT devices powering it. The researchers also noted that it was very well-written and put together. As a result, should the idle botnet be put to use (as experts suspect is very likely will) it could very easily be as potent as Mirai was. How You Can Protect Your BusinessFortunately, many botnet-powered DDoS attacks can be avoided through some relatively simple preventative measures that are in line with recommended business continuity best practices. For example, keeping your data on multiple, distinct locations will help keep it safe should you find your business to be the target of such an attack. Furthermore, it never hurts to have a firewall put into place, as many varieties of DDoS attacks can be mitigated by them. White Mountain IT Services can help you to implement these measures to protect your business against threats that come from misused IoT devices. Give us a call at (603) 889-0800 to get started.
Nobody likes to think that an employee would (or could) be deliberately responsible for a network security breach. However, a recent study revealed that 95 percent of surveyed businesses have employees who were actively involved in undermining the security measures the organizations had put in place. The same report stated that: 60 percent of attacks can, in some part, be linked to a company insider. 68 percent of which are the result of employee negligence. 22 percent are the result of intentional malicious activity from a company insider. 10 percent come about as a result of credential theft. Studied workforces also found that negligent behavior included the common misuse of company resources to access inappropriate content. 59 percent of those organizations surveyed had employees using the network to access adult-themed websites and 43 percent reported trends of employees using the network to engage in online gambling activities. It isn?t as though these networks were left unprotected, either. One of the companies covered in this survey discovered that in order to bypass their company?s network restrictions, one of their employees had simply done an online search for ?how to bypass network proxy? and run through the results until they discovered one that effectively rendered the company?s network controls ineffective. On a related note, a lot of the most effective means of attacking a business has been proven to be targeting one of its employees in what is known as social engineering. An untrained employee may not recognize the warning signs of such an attack, assuming they were even aware of the risks in the first place. Taking all of these facts and figures into account, one thing becomes clear: your employees are your first and last line of defense when it comes to your cybersecurity. As such, it is crucial that they are not only fully educated in the terms and warning signs that accompany a breach, but are made aware of the procedures you have in place to protect your business and why these procedures are so important to follow to the letter. White Mountain IT Services can help you improve upon your cybersecurity as it stands. We are available to help ease your workforce into the transition. Our network security strategies and solutions can help your organization comply with industry best practices; and, we can help implement controls to prevent your employees from allowing their personal activities from interfering with their workday productivity. Give us a call at (603) 889-0800 for more information.
What follows are some common issues that often trip up companies when their IT is audited. Outdated Software – From the operating system on company workstations to the network itself, a failure to apply any updates or security patches is a big red flag for auditors. This is because outdated solutions are vulnerable to security threats, and therefore, the business is put at risk and could potentially put others at risk as well. No Business Continuity Plan – A business without a business continuity plan is a business that is vulnerable to chance–and while chances are that your business won’t burn down or be flooded by a tropical storm, there’s still a chance that it might. A lack of preparation for a potentially business-ending event is certainly not in line with best practice, and will prevent your business from receiving approval from auditors. Poor or Lacking Implementation – A wide variety of internal processes will be checked to determine a company’s compliance, and so you must be sure that yours are all in line. Outdated IT policies will often result in a failing grade, as will a lack of penetration testing or two-factor authentication practices. Furthermore, auditors will not look well upon security responsibilities being spread throughout an IT resource team, so every member will have to be able to handle all security responsibilities if called upon. These are just the beginning of the ways your company could potentially come up short in an audit. In order to truly perform well, you must be sure that the entirety of your IT is up to standards. It is also important to remember that auditors are not the bad guys. In fact, they are just the opposite–they’re the ones who are actively making sure that the bad guys have as difficult a time as possible entering your systems by enforcing basic security practices. White Mountain IT Services can help you prepare your security for the next time you potentially face an audit by implementing the solutions that the auditors are looking for. Give us a call at (603) 889-0800 to get started.
It doesn?t matter which phone you have. This week?s tip will help you learn how to block everything from telemarketers to stalkers. Even though telemarketing is completely legal, the last thing you want to do is put up with it time and again. The most effective way to deal with it is to just block them. Follow these steps to block a number and never be bothered by the pesky number again. Android UsersFor users of Android Nougat and Marshmallow, follow these steps: Go to the Phone application Select All Calls Choose Call from Undesired Contact Select Block/Report Spam You will be asked if you want to report the call as spam. If you?d like to report it, select this box. For users of Android Lollipop (on Samsung Galaxy S4, S5, S6, and Note 4 users): Open the Phone app and tap the Call Log Select the phone number that you want to block Tap More Add the number to the Auto reject list iPhone UsersIf you want to block a number on your iPhone, follow these steps: Select Recents, which is found at the bottom of the screen Find the number of the caller that you want to block Tap the i icon in the right-hand side of the screen You?ll now see the caller?s information, along with how to create a new contact. Look at the very bottom of the screen and you?ll see the option to Block This Caller Select this and a message will ask if you really want to do this. Tap Block Contact and you?ll seal the deal. In the event that you?re receiving unwanted text messages from a stranger rather than phone calls, iOS demands that you add the number to your Contacts list before actually blocking them. To create a new contact directly from your Messages app, select the phone number at the top of the screen and select Create New Contact. Once you?ve done this, follow the directions outlined above. However, if you have yet to upgrade to iOS 10, you?ll have to look for the i icon in the top-right corner of the text conversation. Once you?ve selected it, tap Block This Caller and proceed to Block Contact. Was our guide on how to block phone numbers helpful? Let us know in the comments, and be sure to subscribe to our blog for more technology tips and tricks.
