Cyber Attack Preparation Tips & Tricks

  • 0

Cyber Attack Preparation Tips & Tricks

Tags :

Category : Uncategorized

cyber-attacks-700x525

The World Wide Web is the new frontier, but unlike unexplored territory on the  distant moons, there’s already a massive crowd of people exposing themselves to its unknown risks. So if you’re a business owner there are steps you can take to reduce your exposure. Cyber threats are primarily effective because many businesses don’t understand how to prepare for them. Here are some suggestions:

  • Know Your Network. Make sure you understand how all the machines in your network communicate. Identify bottlenecks and single points of failure.
  • Have a Disaster Response Plan. Create regular backups of your data and store them offsite on a machine that does not communicate with your primary network. Understand how to restore your system from these backups quickly in the case of an emergency.
  • Educate Your Team. Human ignorance is the vulnerability that most cyber threats take advantage. Make sure your team knows how to spot phishing attacks and avoid suspicious emails and attachments.
  • Have Security Software. Proactive threat detection that uses heuristics allows modern security vendors to identify threats even when they are brand new. Many security suites offer a number of additional features to help protect your network’s integrity or report a detected threat.

Keep your team informed about how to identify possible threats, and keep your system under tight surveillance — the combination of these actions is an effective way to protect your company’s data. But what if you are attacked anyway?

If your security software or your personnel have reported an attack on your network, here’s what to do:

  • Isolate the Threat. Locate the machine where the threat was detected and remove its access to your network. Leaving it connected could allow the threat to move to other machines, which can quickly drive up the work involved to mitigate the scenario.
  • Harden Your Network. Make sure that all devices on your network are using up-to-date software. If a security solution is in place, make sure it’s allowed to receive the latest updates on new threats.
  • Have a Response Plan. Your PR team should have a communications plan ready, particularly if your organization handles sensitive information. You should also have a security firm on hand with forensics experts who can trace the origin of the threat, analyze the extent of the damage to your system and advise you on how to clean your system and avoid similar threats moving forward.
  • Contact Authorities. . Know how to contact your closest Law Enforcement officer and begin an investigation. Collect log files and other diagnostic information from your network if possible, for submission. Doing so might keep this from happening to others.

Communication is key. There are a number of commercially available technologies that let you monitor network resources for signs of an event. Once you notice something, engage the right people inside and outside of your organization quickly to achieve the fastest resolution.Done right, you can avoid the shame many high-profile companies have had to endure


  • 4

Are you one In a million Gooligan victim?

gooligan

A family of malware called ‘Ghost Push,’ a vast collection of ‘Potentially Harmful Apps’ (PHAs) that affect devices running the Android operating system has in the recent month evolved into Gooligan. Gooligan is more aggressive as it roots the device to gain access to highly privileged system running version 4 (Ice Cream Sandwich, Jelly Bean, and KitKat) and version 5 (Lollipop) of Google’s Android operating system.

Once on the device, it downloads a module that enables it to steal the user’s email account and Google’s authentication tokens that provide it password-free access to the user’s Google Photos, Google Play account, files in Google Docs and Google Drive and G Suite.  It also uses your account information to install adware on your device and publish fake ratings and reviews on the Google Play Store, raising the profile of these spam apps. The fraudulent advertising revenue generated by these installed apps can generate up to $320,000 a month for the cyber criminals behind the Gooligan campaign

Check point the cyber security company that discovered this malware say you can check if your account is compromised by accessing the following web site that we created:  https://gooligan.checkpoint.com/.

If your account has been breached, the following steps are required:

  1. A clean installation of an operating system on your mobile device is required (“flashing”).
  2. Change your Google account passwords immediately after this process.

Gooligan spreads when victims download and install an infected app. Cyber criminals are slinging the malware by tricking victims into following malicious links in phishing messages.

 

Walmar Digital

 

 


  • 0

Security Tips for the Holidays

Tags :

Category : Uncategorized

The holiday shopping season has begun. Black Friday, Cyber Monday and the online promotional sales throughout this festive season, costumers are on the hunt for the best deals. This is usually the high season for cyber security breaches when shoppers are hungry for online discounts. Cyber attackers look out for vulnerable consumers and businesses to attack that will get them the largest pay out.

Tactics employed by these criminals include:-

  • PHISING SCAMS: Attackers know that during this time of year many of us are receptive to emails containing the latest sales and discounts, and may be expecting deliveries. The ransomware  Crypto Locker has recently been spread using this trick. Never click links or attachments in unsolicited emails
  • FAKE-OUTS: Fake product giveaways are another holiday tool used by cyber crooks. They especially like to offer the latest “hot” items for the holiday. Phishers try to steal personal information by getting unsuspecting victims to fill out details on “entry forms.”
  • PHONY WEBSITES: Phony websites are another hazard at any time of the year, but they are more prevalent during the holiday season. They might be fake banking sites, false social network sites, or phony online shopping portals. Pay close attention to domain names and URL addresses.
  • MALICIOUS ADS: Ads on legitimate web sites can also fool people. Hackers either buy ad space on real web sites, or they hack online ad systems illegally to inject fake ads. They also are getting very good at search engine optimization (SEO) tricks to get their phony web sites to show up at the top of popular searches. Before clicking ad links or following search results check the domains and URLs very carefully.

Security Tips for Online Shoppers

a.    Avoid doing any proprietary transactions, such as banking, shopping or purchasing, on insecure wireless networks

b.    Use strong passwords, never share them, and use different passwords for multiple web services so that if a cybercriminal hacks one account they can’t gain access to other accounts

c.    Education, awareness, and vigilance are some of the best cyber security tools

d.    Keep your operating systems and software applications updated and patched.

Security Tips for Businesses

i.        Implement a Web Application Firewall, making sure it is maintained and monitored continuously by a security expert.

ii.        Implement a robust Intrusion Prevention Solution (IPS) to defend against cyber threats, including web exploit kit attacks, SQL injection attacks, banking Trojans, etc

iii.     Institute and enforce a centralized plan for keeping your computer applications, operating systems and security software updated. Make sure servers and workstations are fully patched promptly and regularly.

iv.        Do Vulnerability Assessment and Penetration Testing (VAPT) regularly to detect and patch any vulnerability.

v.        Enforce policies that are in line with your security needs.

The fight against cybercrime is challenging, and sharing knowledge about cyber threats and incidents is essential. Just remember to staying vigilant is critically important and will go a long way to ensuring that you avoid cyber threats this season. The best security solution is only as good as the people behind it.

 

Walmar Digital


  • 0

Database Activity Monitoring :Essential to Database Security

networking

Companies need to think through their entire data security strategy which includes attacks on data from inside and outside the organization. Privileged insiders such as database administrators can pose a significant risk to customer and proprietary data if allowed to act unchecked.  A recent survey show database administrators are more reactive than proactive in regards to monitoring their database(s). Many seem to be driven by compliance mandates, rather than taking a proactive approach to intrusion detection and prevention hence the need of database monitoring.

Database Activity Monitoring (DAM) is defined by Gartner as “… tools that can be used to support the ability to identify and report on fraudulent, illegal or other undesirable behavior, with minimal impact on user operations and productivity.” These tools also help in detecting unusual and unauthorized, internal or external activities while still gauging the effectiveness of security tools and policies in place.

Database activity monitoring tools are implemented as standalone configurations or as software modules loaded on the database servers. The monitoring is accomplished through a combination of several methods, including network sniffing, reading of database audit logs and/or system tables and memory scraping. Regardless of the methodology chosen, the data must be correlated in order to detect and get a clear view of what’s going on within the database. These tools can help simplify that correlation and provide the administrator with the ability to detect and prevent attacks, provide forensic evidence when a data breach occurs, and ability to reconstruct data or restore it to a previous state. .

Database Activity Monitoring is an extremely valuable tool for compliance and security in our organizations, it is critical to the emerging practice of information-centric security. Database Activity Monitoring gives insight into our most sensitive systems in a non-intrusive way, and can evolve into a proactive security defense and prevent potential breaches. It’s a tool that can help improve data security and reduce compliance overhead without affecting the business processes.
Walmar Digital

 


  • 1

How vulnerable is your system ?

Tags :

Category : Uncategorized

 

total-2016-data-breach-statistics

 

In the ever changing cyber world I wonder how well prepared are businesses and Organizations in these countries. Each day an exploit is being reported to have affected a new system and the system admin become powerless on fighting it.

 

Just last week on 1st November the Mirai malware which is an open source, denial of service toolkit that hijacks busybox systems (commonly used on IoT devices) attacked Liberia’s Internet infrastructure causing massive downtime.

Ransomware is increasingly becoming a problem in Africa and local companies are not reporting incidents for fear of reputation damage, Statistics in Africa remain vague as organizations are reluctant to reveal the extent to which they have been targeted by ransomware. The impact of ransomware is difficult to calculate, since many organizations opt to simply pay to have their files unlocked – an approach that doesn’t always work.

“Antivirus is Dead “John McAfee and Brian Dye of Symantec have in the recent past been quoted saying that. Malware pose a great threat in that its signature keep on evolving hence making antivirus hard to detect it. We must move from the traditional norm that the antivirus will protect us to a more realistic approach of detect and respond paradigm

Endpoint is now becoming the focus of the cyber world, Whilst a complete security plan still involves technologies like Next generation  IPS, NGFWs and sandboxing, enterprises need to understand this new emphasis on endpoint and why it is vital to a layered defense to our system.

 

Walmar Digital.