Menu

Tec-Discussions

Check out the newest discussions

Three Ways To Survive A Ransomware Attack

Young Asian male frustrated, confused and headache by WannaCry ransomware attack on desktop screen, notebook and smartphone, cyber attack internet security concept

By Efrem Gonzales

There’s been a great deal of talk about the recent WannCrypt/WannaCry ransomware attack. The virus targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in Bitcoin. The result was more than 230,000 computers in more than 150 countries hit, including FedEx, the UK’s National Health Service, Spain’s Telefónica and others. 

The biggest issue for those affected was that it all could have been avoided. Microsoft issued a “critical patch” for its newer operating systems nearly two months before to remove the underlying vulnerability. In other words, improper network management was the bigger culprit in this incident.

Take the lessons to be learned here. More to the point, here are three ways that companies can ensure the likes of a WannaCry-type of attack doesn’t wreak havoc on their organization.

Be Diligent In Security Updates

Establish processes to upgrade equipment systematically. This doesn’t mean to accept updates or set your gear to download modifications automatically. Nevertheless, your company should formalize stated policies and procedures that consistently looks at updates and their potential impacts — both good and bad — to your network. Prioritize which ones — especially ones deemed “critical” — to implement. Set up a “proof of concept,” or test environment, before going live with any updates.

Identify Roles and Responsibilities By Name

Highlight specific individuals by roles, job duties and the equipment they manage. This also helps orchestrate how data will flow through the network. Go a step further by empowering your team to take ownership of particular aspects of the network and incentivize their efforts to keep it operating in a highly efficient and protected environment.

Segment Your IT Network

Should a hacker infiltrate one area, it is far less likely their disruption will spread across your entire landscape. Segmenting the network can also make it easier to maintain your IT infrastructure. You’ll detect abnormalities, such as an unusually high level of activity or traffic at odd hours, faster and create fixes for them in quicker fashion.

As important, though, is how your organization segments its IT assets. Don’t arbitrarily decide what equipment and data are housed in one area versus the other. Keep servers and workstations separate. Doing otherwise defeats the purpose of segmentation. Otherwise, a user who takes a phishing bait will allow the perpetrator to bypass all protective firewalls and access to the entire server farm in short order.

While we don’t know when the next attack will come, it will be prudent to surmise that one is coming and organizations that haven’t keep a keen eye on their system’s network vulnerabilities will become victims.

About the Author: Efrem Gonzales is the Founder and CEO of Tec-Refresh, a nationwide provider of IT infrastructure, cyber security, data and networking solutions and support services. He can be reached at efrem.gonzales@tec-refresh.com.

Android Phone Hacks Could Unlock Millions of Cars


Kaspersky security researchers find missing security safeguards in nine different connected car apps. The post Android Phone Hacks Could Unlock Millions of Cars appeared first on WIRED.

Read More…

Cloudy With a Chance of Poor Network Performance

Many strategies are employed to isolate VNF resources to ensure performance and scale, each of which comes with its own certain risks and trade-offs. This white paper explains those isolation strategies, and why they might not work as intended.

Read More…

Three “Never Do’s” In Cybersecurity

Child saying no. Toddler lifting hand in protest isolated on white background.

 

We recently penned a piece on three things organizations should always do when creating a stable foundation for a secure network. We understand how overwhelming it can get when trying to keep up with all facets of protecting the precious information housed within an IT infrastructure. We wrote that article to provide some perspective in what must occur at all costs.

With that in mind, let us provide you a similar piece on three things NEVER to do when running a network:

Take Security Lightly
Many organizations view the task as overhead; a cost center if you will. There’s a business case to be made for the strategic importance of planning and implementing company-wide security initiatives with the goal of driving behavior throughout the organization.

Instead, view security as a channel for doing business. That means ensuring that an adequate budget and right toolsets exist to help employees stay productive and drive revenue. The lack of appropriate security controls will only increase the risk of downtime — often when it’s least convenient — and kill profits as well as raise liability exposure.

Believe You Are Too “Small” To Be Hacked
We often hear the argument from small to mid-sized organizations that feel hackers will opt to not go after their networks and focus instead on larger firms. The belief is that these criminal elements won’t view the effort as worthwhile.

Nothing could be further from the truth. Hackers will not discriminate based on your size. Every organization is connected to each other in a wide range of forms, so accessing one organization to get to another is commonplace and, if not addressed, easy.

Moreover, deploying a program that infiltrates millions of networks simultaneously takes very little effort for the savvy criminal elements that operate in today’s cyber landscape. In fact, the chances are good that you’ve already been hacked at some point, but don’t even know it.

Be Unclear On Security Roles
It’s one thing to have a plan but quite another to execute. We’ve seen many instances where an organization’s cyber security policies look good on paper but fail in its implementation.

Ensure staff members know their responsibilities for things such as log reviews, security patch management, and the like. Employ third-party services if necessary to keep up to date on these and other issues. What’s more, regularly review these activities against stated business goals, including uptime, data transfer rates and the like. The devil will always be in the details.

Keep in mind that these “never do’s” will assist organizations in balancing the divergent, yet business critical, objectives of maintaining productivity AND network security high. They will serve as the key elements to promote operational efficiency and ensure business continuance in the event of a disaster. Over time, your IT costs will not only be as small as possible but generate a measurable return on investment as it assists in driving the maximum amount of revenue per employee.

About the Author: Efrem Gonzales is the Founder and CEO of Tec-Refresh, a nationwide provider of IT infrastructure, cyber security, data and networking solutions and support services. He can be reached at efrem.gonzales@tec-refresh.com.

CEOs and board members may be the biggest cyber risk.

CEOs and board members may be the biggest cyber risk.

Read More…

How the CIA Can Hack Your Phone, PC, and TV (Says WikiLeaks)


A new leak hints at the spooks’ digital arsenal, from iOS and Android to Samsung smart TVs. The post How the CIA Can Hack Your Phone, PC, and TV (Says WikiLeaks) appeared first on WIRED.

Read More…

Spring Cleaning Cyber Hygiene Guide For Business

It’s spring, and many of us are gripped with the urge to open the window and let the fresh air in.

The urge for spring cleaning is nearly universal. Wouldn’t it be great if your enterprise had the same urges toward cybersecurity hygiene?

You are aware of the weakness in your security plan: All the security in the world won’t work if an employee opens malware disguised as an innocuous link in email.  It’s estimated that 91 percent of cyber attacks start as phishing. But locking down your enterprise from the outside world is not an option.

Hackers exploit busy employees’ who may fail to change default passwords or use the same password for many accounts. Even social media puts you at risk when employees post intellectual property, photos of unreleased products or details about associates on personal and company accounts.

But, what if you could make those same employees your best advocate for safety this season?

Training is the first line of defense.

When you train your colleagues to be aware of threats and risky online behaviors, they can become the front line of defense on your war against hackers.  

Training should be interactive. Old-school training where HR herds staff into a conference room didn’t work 20 years ago; so don’t do it today.

Now you can use interactive tools that has employees practice concepts as they learn them. In fact, last year’s Gartner’s Magic Quadrant report on Security Awareness Computer-Based Training noted  “SaaS-based Learning Management Systems are now the status-quo” and the market was expected to grow in 2017.

What will you teaching?

  • Each machine counts. Whether it’s a work computer where you download software, a device in a workspace connected to the internet or a computer brought from home that logs into wifi, employees need to be careful with what they connect to the enterprise’s network.
  • Be suspicious of what comes in. Emails that look like they’re from directors that have odd email addresses; links that look suspicious but “might” be appropriate; emails that are obviously spam should not be opened.
  • Strong passwords work. Default passwords on machines that are not changed are an open invitation to hackers. Hard-to-decipher passwords are a must, and should not be used in many locations.
  • Save copies. If you cannot automatically backup your employees’ work, show them how to do it, and do it often.

Once you have brought the staff up-to-speed on how to be secure, creating an environment where security is part of the culture is the next step. Encourage employees to be vigilant and speak up is something doesn’t look right – even if it comes from someone in the C-suite.

Lastly, training should be easy to access and continual — everyone should know how to follow security protocols, and all should be able to stay up-to-date on the latest threat. To do that, you’ll need to find a good partner with access to the latest security technologies and approaches.

A partner of Fortinet and managed security services provider, TecRefresh can deliver the technical expertise and technology benefits you need to bolster the strength of your cybersecurity-aware workforce.

Inter Valley Health Plan Hires Tec-Refresh To Develop New IT Infrastructure

IVHP_new_logo

Company to work with not-for-profit’s IT department to architect, design, implement new platform

Tec-Refresh, a nationwide provider of IT infrastructure, cyber security, data and networking solutions and support services, announced today that Inter Valley Health Plan has contracted them to develop their new IT infrastructure in anticipation of implementing new cloud-based solutions.

The company will work with the not-for-profit, federally qualified, Medicare Advantage Organization’s IT department to architect, design and implement a new platform while seamlessly migrate its network without disruption.

“We’re honored to be the firm of choice for this comprehensive project,” said Efrem Gonzales, Founder and CEO of Tec-Refresh. “With this initiative, we’ll add value and reduce operation costs, spearhead an expeditious and seamless transition of its data networks, and empower the organization to provide a measurable increase in service quality, communication and consistency.”

“We needed a partner that can take our design vision and implement it using best business practices. Furthermore, we operate in a highly regulated environment. It means the project has to be completed with minimal impact to end users and virtually zero downtime,” said Hatim Mouissa, Manager of Information Technology and Operations of Inter Valley Health Plan. “We went with Tec-Refresh because of their deep infrastructure expertise in implementing best of breed solutions to improve performance and allow for scalability. We’re looking forward to launching this new infrastructure in the coming weeks!”

About Inter Valley Health Plan

Since 1979, Inter Valley Health Plan is a not-for-profit, federally qualified, Medicare Advantage Organization with more than 25,000 members throughout Los Angeles, San Bernardino, Riverside and Orange counties. In addition to the health plans offered, the organization provides useful health education and wellness programs for members and the community. More information is available at www.ivhp.com.

About Tec-Refresh, Inc.

Tec-Refresh designs, delivers and supports technology solutions that become the foundation of its clients’ businesses. This includes network storage, cyber security, managed services, virtualization and data infrastructure solutions. The company is headquartered in Ontario, Calif., with technicians deployed across the U.S. to serve the needs of customers nationwide. More information is available at www.tec-refresh.com.

###

© 2017 by Tec-Refresh, Inc. All rights reserved. 

Dark Days Ahead: DDoS Attacks To Escalate

Although not new, DDoS attacks took a turn for the worse in 2016.

Among the biggest was the massive attack in September against the website of security expert Brian Krebs. At its peak, the colossal attack bombarded the site with traffic at the rate of 620 gigabits per second. On October 21, an attack crippled the operations of domain name services provider, Dyn — rendering major websites like Twitter, Airbnb and Reddit unavailable for hours.

DDoS Trends To Worsen

The DDoS forecast shows no signs of letting up in 2017. A report by Deloitte predicts ten million attacks this year, with at least one attack a month exceeding 1 terabit per second. These will be made possible by:

  • Widespread availability of malware to create botnets for launching attacks. The Mirai software, used for some of the biggest attacks, is available in open source form.

  • Large numbers of “Internet of Things” devices with weak security, making them easy to pull into botnets.

  • Growing availability of high data rates, which let the devices send out large amounts of data.

Attacks are growing more sophisticated, disguising themselves as legitimate traffic. Brute-force attacks usually come through layers 3 (network) and 4 (transport) of the OSI network model. Attacks through layer 7 (application) are crafted to drain the resources of particular applications, rather than relying just on volume. They're especially difficult to detect and stop and are becoming more popular.

Any business can be a target, although Deloitte notes there are some more likely to get caught in the crosshairs than others — including retailers with a robust online business, streaming video, financial and business services, and government.

DDoS Defense Strategies

A DDoS attack can strike at any time, and organizations need to prepare. A well-configured firewall and network security software will stop minor attacks. Having spare bandwidth will help in these cases.

Cloud-based defenses can handle bigger attacks by providing substantial reserve capacity and avoiding a single point of failure. Content delivery networks help a site to withstand high-volume attacks. The reserve comes out of a pool of resources shared with other sites, so it can be shifted as necessary. Even so, having a high level of protection can get expensive.

Another approach is the use of dedicated devices to detect and block malicious traffic. This approach can be used separately or in combination with reserve cloud capacity.

Fortinet's FortiDDoS solution is an example of this approach. It uses dedicated security processing units (SPUs) to provide better performance than software on general-purpose processors can.

A FortiDDoS device in a data center examines all layer 3, 4, and 7 traffic and identifies threats using a behavior-based model, rather than threat signatures. This approach is more effective at catching zero-day attacks for which signatures aren't available. To avoid blocking false positives, FortiDDoS uses a reputation scoring system to help distinguish good traffic from bad, enabling legitimate users to get through.

A Fortinet partner, Tec-Refresh has the expertise and technology to help customers prepare for the new breed of DDoS attacks to come. Contact us to learn more.

Three “Must Do’s” To Securing Your Networks

 

dreamstime_s_48769244_copy.jpg

Many organizations get bogged down in the litany of requirements related to protecting their data networks. The overwhelming feeling many executives face drives them to the point of inaction.

Ignorance will not adequately defend sensitive corporate and customer information. Moreover, businesses will create unnecessary risk by simply hoping for the best. If nothing else, companies should at least employ these three “must do’s” that will build the foundation for protecting their networks.

Outline roles and responsibilities

Identify specific individuals by roles, job duties and the equipment they manage. This also helps manage how data will flow through the network. Go a step further by empowering your team to take ownership of particular aspects of the network and incentivize their efforts to keep it operating in a highly efficient and protected environment.

No matter if the organization consists of five or 500 people, developing and maintaining a network security plan that spells out roles and responsibilities should take priority.

Evaluate how your network currently PROTECTS and ENABLES

Regardless of industry — finance, healthcare, energy, construction, fitness, fast food or any other market — identifying what and how your network currently protects and enables your operations will provide the framework for improving your infrastructure for today as well as in the future.

The art of this initiative lies in the ability to perform two seemingly conflicting tasks. Your data network needs to ensure that hackers are thwarted in their efforts, while, at the same time, enabling staff to accomplish mission-critical tasks in the most effective and efficient way. Anything less puts a drain on productivity and profits. Understanding how your network performs both these tasks will help identify current and future cybersecurity needs.

Data and network protection seek to balance several divergent, yet business critical, objectives simultaneously. Determining how the different technologies and processes within your system are working to this end will allow your organization to promote operational efficiency and ensure business continuance in the event of a disaster. At the same time, evaluating your network’s current efforts along these lines will help minimize both operational and capital expenditures in addition to proactively identifying and remedying security issues before they become catastrophic.

View cybersecurity differently

Most organizations label cybersecurity expenses as overhead. Reality shows us otherwise, though. Placing appropriate emphasis on establishing effective protocols and investing in employee training on safe practices will reduce liability risk while, at the same time, increasing productivity. This perspective considers cyber security initiatives as business drivers; not something to simply check off on a list.

Given that data is the cornerstone of your business, your company cannot afford to ignore security. Without proper plans and understanding as to what your networks do in both protecting and enabling your operations, both you and your customers take on greater risk. Creating a solid plan that aligns with your organization and ensuring protections are integrated into your IT infrastructure is key. Do that if nothing else to get started on creating the fundamental foundation to a workable, secure network platform.

About the Author: Efrem Gonzales is the Founder and CEO of Tec-Refresh, a nationwide provider of IT infrastructure, cyber security, data and networking solutions and support services. He can be reached at efrem.gonzales@tec-refresh.com.