FBI — International Cyber Ring That Infected Millions of Computers Dismantled

FBI — International Cyber Ring That Infected Millions of Computers Dismantled.

Six Estonian nationals have been arrested and charged with running a sophisticated Internet fraud ring that infected millions of computers worldwide with a virus and enabled the thieves to manipulate the multi-billion-dollar Internet advertising industry. Users of infected machines were unaware that their computers had been compromised—or that the malicious software rendered their machines vulnerable to a host of other viruses…..”

Read more and check to make sure your computer isn’t infected @ FBI.gov.

 

 

How the Hybrid Cloud Differs from the Public Cloud

Cloud computing is becoming increasingly more common.

Cloud computing is becoming increasingly more common. A very basic definition of the cloud is: a group of remote servers where people can store and access their data. One advantage of utilizing the cloud is that powerful programs and files may be stored at a remote location so they don’t burn up memory on personal computers and slow down operating systems.

Not All Clouds are the Same

However; there are different types of clouds. You have the public cloud, the private cloud, and the hybrid cloud. Most people use the public cloud, businesses that wish to use cloud services to store very private data can elect to use a private cloud, and the hybrid cloud is a combination of the two.

The hybrid cloud typically works like this: A business provides some resources in-house. For instance, it might store current consumer data on its private in-house cloud. It may also store employee information, new marketing campaigns, and current proposals to new clients on its in-house storage. That same business, though, might store older, archived data on a public cloud service. This frees up space on the business’ servers, and permits its in-house computers to perform more efficiently.

The Hybrid Cloud Approach Makes Sense

This frees up space on the in-house servers while making sure certain data is highly safeguarded. The hybrid cloud is a fantastic strategy to provide businesses with high security cloud services while decreasing costs and saving space.

It’s not surprising that many businesses use the hybrid cloud. There is too much data storage needed these days for a organization to store it all and not slow down their systems. Furthermore, in this competitive climate, companies must ensure their sensitive information is safeguarded. The hybrid cloud is often the best way businesses can accomplish these two things.

New year, New Tech Security Challenges

Technology is always changing and adapting. So, unfortunately, are cyber-criminals. MIT’s Technology Review website not long ago presented its list of the biggest technology security threats of 2012

Technology is always changing and adapting. So, unfortunately, are cyber-criminals. MIT’s Technology Review website not long ago presented its list of the biggest technology security threats of 2012. If you spend much of your life surfing the web or communicating with your friends through social media sites, you should be curious about this list. Understanding what’s on it can protect you and your computer in 2012.

Stolen, Spoofed Certificates

The biggest problem that the Technology Review article dealt with is the growing quantity of stolen or spoofed certificates. As the article reports, each time you connect to a site, such as your bank’s website, your traffic is encrypted using a “certificate” that the site uses to prove to your web browser that it can be trusted. In 2011, though, cyber-criminals had the ability to spoof or steal a number of these certificates. This can help them steal user data or install malicious software on their computers.

A Common Security Mechanism in Trouble?

This is a major problem since the use of certificates and encrypted data is the most common security mechanism on the web. If they can no longer be trusted, that means possible trouble for all computer users.

Another key security challenge that we should become aware of is “hacktivism”. “Hacktivism” is the blend of the words activism and hack. Groups such as Anonymous and LulzSec target corporations that they feel are either guilty of wrongdoings or just want to prove the companies have lax security. Whatever the reason, Technology Review says we should anticipate groups like these to carry on their “hacktivism” well into the future.

Home Automation

The growing popularity of home automation also creates security risks in 2012. As Technology Review writes, an increasing number of automation systems link security systems, thermostats, lights, and even the locks to homes’ front doors to the web. Imagine the damage that hackers can do should they break into these systems.

Data Security and Your Small Business: What You Need To Know

It is easy to fall into the mistaken idea that you already possess enough safeguards in place to protect your small business. You almost certainly stay current with the latest antivirus software, but is that enough

It is easy to fall into the mistaken idea that you already possess enough safeguards in place to protect your small business. You almost certainly stay current with the latest antivirus software, but is that enough? You also probably feel that since you’re not a huge corporation, you don’t have to worry about cyber criminals hacking into your system. But here’s the unfortunate reality: cyber criminals have upped their game and are starting to target small businesses increasingly more. Let’s take a closer look to  give you a better understanding of the level of danger your business may be under.

Small firms: low-hanging fruit

The facts are, hackers have found that small businesses are easier targets, and are increasingly preying upon them. They are able to infiltrate their systems at a much faster rate, and with a better percentage of success as well. This means a cyber criminal can assault multiple targets in the time it would take them to lay siege to a better-guarded system with a higher level of data security. How can it be worth their while to steal from a mom and pop operation? In the present modern world, virtually every business employs digital payment processing methods. When your customers pay using a credit card, this data must run through your system to be verified. This represents a goldmine of data for hackers, as they can lift this information without being discovered. With your customers’ credit card numbers, addresses and names, they are able to make bogus charges on their accounts.

How hackers gain access to your data

How can they get this delicate data? Though you might be protected by software designed to firewall your systems, hackers still have several points of entry. Email attachments are a major offender, and openingjust one piece of malware can leave you exposed. Believe it or not, in the first quarter of this year alone, industry experts have found over six million unique malware programs. Attackers don’t have to be sophisticated to be harmful: when trying to breach your data security, some hackers have a low-tech strategy instead. They could contact your employees directly, and posing as a network administrator, ask for their password to boost security. This is known as “phishing.” While you may believe your employees know better than to be seduced by such an evident tact, it takes merely one lapse in judgment to leave your systems open to attack.

The buck stops with you

If you feel that maintaining data security is not vital, consider that should your systems be breached, your clients will likely hold you personally responsible for any stolen information or property. These kind of events cost companies thousands of dollars each year and can damage a company’s name so badly  that they have to close their doors permanently.

An ounce of prevention…

Taking extra precautions when it comes to your business’ data security is a very wise move. Continue to update your programs and passwords on a regular basis. Teach your employees good security practices like setting up strong passwords and instructing them to never give out login information or open suspicious emails. Hiring an outside consultant is another great way to ensure your clients’ information. These measures not only give you peace of mind, they tell your clients that you care about keeping them safe.

Microsoft introduces real-time threat feed

It looks as if Microsoft is ready to do its part to discourage cyber crimes. Microsoft plans to offer real-time feeds that partners can use to examine potential cyber threats and take the proper steps to boost their defenses against these attacks

It looks as if Microsoft is ready to do its part to discourage cyber crimes. Microsoft plans to offer real-time feeds that partners can use to examine potential cyber threats and take the proper steps to boost their defenses against these attacks.

Microsoft currently has a process set up to take down destructive botnets. Microsoft “swallows” the botnets and permits them to infect accounts that are highly controlled by Microsoft’s team. Once the botnets infect the accounts, Microsoft learns how they work and removes them as a threat.

This collected information is now given to ISPs, private and government agencies, & CERTs. While real-time data may not lessen the quantity of attacks by destructive code, the result of sharing this data will in all probability be quite remarkable. IT security companies will be able to respond more quickly to these threats and thus be able to limit the level of damage they can cause.

Even more importantly than a reduction in damage, a live threat feed could mean that the IT security industry overall will begin to share more information.  It’s been a long-standing belief that sharing validated threat data could lead to copycat attacks. However, this is not a valid concern. Cyber criminals have already been sharing secrets and ways to get around security systems. It only makes sense for the IT security industry to be sharing their information about how to battle these cyber criminals.

Microsoft’s real-time feed is an excellent first step toward a change for the better in IT security. Let’s hope this trend continues and that the IT security world will discover that secrecy is not more important than sharing information!

How Secure is the Cloud? Part 2

Businesses that have struggled in these tough economic times are finding some relief in the cloud.

Businesses that have struggled in these tough economic times are finding some relief in the cloud. The cloud can save a company a lot of money. Never the less, the cloud is not perfect for everyone, particularly when it comes to security concerns. There is the risk that documents, presentations, and data can be damaged or destroyed when stored in the cloud.

Password issues

One of the biggest security issues when dealing with the cloud is password protection. This is also one of the biggest security issues outside of the cloud.

Business owners must be careful to select passwords for their cloud projects that are challenging for others to guess. The best option is for owners to include a blend of letters and numbers in their passwords. Owners should also be careful about sharing their passwords with too many people. The more individuals who have access to passwords, the more vulnerable important data and documents are.

Hacker alert

A few serious problems that will not soon go away for anybody who uses a computer are hackers, malware, and spyware. As business owners have little control over how secure the cloud is this part of security can be very frightening indeed. Businesses like Microsoft and Google must create their own security measures to safeguard the data stored in the cloud.

Common sense protection

As with all computing, companies can protect themselves from the loss or theft of data with some common-sense practices.

First, sensitive data is probably not the best thing to store in the cloud. If your data is so sensitive that a compromise on its security could spell the demise of your business, consider saving it on a physical computing system and apply a secure back up protocol that is more controllable.

Secondly, before giving every employee free access to cloud-stored data, think carefully about which employees actually needs access to that information. People are often careful about protecting their laptops and desktop computers from prying eyes; this attitude should be applied to the cloud as well.

Cloud Security: Whose Responsibility Is It? Part 1

The advantages of storing information in the cloud are numerous.

The advantages of storing information in the cloud are numerous. Backing up important data, creating more space on your servers, and having your data easily available to your employees are only a few. If you’ve been looking into this route, you most likely have many questions about the security of the cloud. If your company handles sensitive information that belongs to your customers you may need to stay compliant with HIPAA, PCI or Sarbanes-Oxley regulations.

Is your cloud storage solution following these requirements? If they don’t specify it in their privacy policies, it’s not easy to tell. Let’s explore this further below.

Compliance

More and more companies are turning to the cloud for storage. For obvious reasons, it is a very affordable approach to take. Even so, improper handling of your client’s information can harm your reputation and lead to a loss of business for your company. If your company requires that client data be handled in a regulated way, you need to first learn how secure the cloud service is and what regulations does the cloud service providers comply with. If a company has not specifically said they comply with certain policies, it’s safe to assume they don’t.

Who is responsible

Cloud security is paramount when handling your sensitive data, but whose responsibility is it? Should you assume that if it is not explained in the privacy policy, that a service provider doesn’t follow these regulations? Even though this is clearly the safest option, it may leave you unable to use cloud computing at all. Many services don’t provide detailed information in their privacy rules, possibly to lessen their liability. The hope is that over time cloud storage and sharing will become better self-regulated and corporations will choose to disclose their individual practices to the businesses they serve. While such self-regulation is not required at this time, many businesses think it is their duty to display clear warnings, explaining what they don’t provide or guarantee.

In the end, as cloud computing service providers are not required by law to be transparent about their security, the responsibility rests in your hands. If you choose to use the cloud, it’s your responsibility to pick a service provider you trust. Weigh the pros and cons and make the best decision for your business.

Will Digital Currency Make Your Dollar Bills Irrelevant?

Consumer spending heavily relies upon digital currency and perhaps someday paper money will be obsolete.  It may sound fantastic but consider the frequency of which you yourself use a credit card to buy things, go online to shop, or receive gift cards preloaded with a specific dollar amount.  Most likely you pay your bills via internet banking, pay-at-the-pump with a credit card, and even purchase movie tickets online.  Once you consider how often you actually use digital currency on a day-to-day basis, we aren’t really that far off from going completely digital with our currency. The Bitcoin revolution? Some consumers have been using an actual digital currency since 2009, Bitcoin.

Consumer spending heavily relies upon digital currency and perhaps someday paper money will be obsolete.  It may sound fantastic but consider the frequency of which you yourself use a credit card to buy things, go online to shop, or receive gift cards preloaded with a specific dollar amount.  Most likely you pay your bills via internet banking, pay-at-the-pump with a credit card, and even purchase movie tickets online.  Once you consider how often you actually use digital currency on a day-to-day basis, we aren’t really that far off from going completely digital with our currency.

The Bitcoin revolution?

Some consumers have been using an actual digital currency since 2009, Bitcoin. Bitcoin is a peer-to-peer digital currency that users around the world can use to buy products and services. The open-source program behind Bitcoin is considered impossible to hack, so that relieves many security concerns.

Bitcoin is not truly a worldwide digital currency and is not legal tender, so most retailers won’t take it. It’s possible that if someone were to produce a competing digital currency, Bitcoin could become worthless.

The digital currency model

There are many advantages to ditching paper money. You can’t lose it, you don’t have to worry about having exact change, and there is no need to replace damaged currency, which saves time, energy, and funds.

Digital currency can be more secure than paper money, too. When you’re robbed as you are walking down the street, you have little chance of recouping the money. However, if someone steals your credit card, you can quickly cancel the card, protecting yourself financially. The same scenario could easily exist with your digital dollars.

Holdouts

It’s unlikely the change to an all-digital currency world will be met without a few strong objectors. There are still consumer luddites today that have never opened a line of credit with a credit card company, never used the banking system, and prefer to handle all purchases with cash. The future is always in flux and it will be interesting to see how both sides of the debate form their stance on the issue.