Tag Archives: Network

The Greatest Vulnerability in your Network: Users

vulnerability

The most thorough firewalls are useless against oblivious users, who are duped into inviting malware and spyware onto secure networks. Users are, more often than not, the biggest weakness in your network’s security, and hackers are increasingly using social engineering to gain access to secure data.

Human Hacking

Social engineering, much like classic hacking, takes note of unintentional patterns and finds openings in otherwise secure environments. Human-hacking takes advantage of our unconscious decision making patterns to gain access to secure networks.

Trojan Horses

Hackers take advantage of our assumptions about what kinds of devices and hard media are “safe.” Even air-gapped networks are vulnerable to these trojan horses. For example, hackers will leave USBs with reconnaissance software on a reception desk or in the parking lot of a business, trusting that some good samaritan will plug it into a secure computer, to see if they can identify the owner. Meanwhile, the device is taking note of the network map and transmitting that information as soon as it is plugged into a networked computer. And of course, any company with a bring-your own-device policy is highly vulnerable. Even when personal devices for work use are prohibited, in air-gapped offices, employees itching for that email or Facebook fix often turn their cell phone into a hotspot to connect work devices, however briefly, to the internet.

Malware can also be hidden within files that appear to be legitimate communication. One famous hack involved a hacker posing as a conference photographer, taking pictures of attendees during social functions, and then sending out the photos with malicious code embedded in the images.

Clever Disguises

Some USBs are programmed to appear to the computer as another kind of external device, such as a keyboard, so they can enter malicious commands. CDs and DVDs of all kinds can also hide malware and spyware. Sophisticated hackers have even intercepted shipments of software CDs, hard disk drives and other devices, installed malware, rewrapped it–reproducing shrink wrapping, packaging,  etc.– and sent it along to be installed by unsuspecting IT pros. This malware infects the firmware of hard disk drives prior to the OS load, creating a secret storage vault that survives military-grade disk wiping, formatting, and encryption. Vendors that were impacted by this type of hack include Maxtor, Samsung, IBM, Toshiba, and others.

Another example of infiltration disguised as innocuous activity are viruses that impersonate a device’s network interface card so that when the user searches for password protected sites, it can redirect to a dummy site that records the password.

Prevention: User Policies

Given the variety of ways hackers exploit users, what can IT professionals do to keep a network secure? First, a strong, highly-enforceable acceptable-use policy is a must.  Include policies that govern email, websites, and social media usage. Consider disallowing external devices. Tie compliance with this policy to promotion, advancement, or pay raises. Some highly secure organizations terminate employees for breaching these policies.

To discourage employees from visiting dangerous sites, you can send out an email every week with a recording of their web usage. They’re likely to be more careful when they know they’re being watched.

Prevention: Admin Policies 

On the admin side, IT departments should insist on user-access control and never make average users admins. Limiting their access also limits the chaos unleashed by their lapses in judgement.

Finally, all network equipment that comes into the office, from hard disk drives to network interface cards, must got through the IT department. IT pros should look carefully to make sure tamper-proof packaging is intact, to help prevent compromised devices from accessing your data.

Byline: Leslie Rutberg is a tech and IT industry blogger for CBT Nuggets. This article was based on their recent webinar “10 Tips for Locking Down End-User Security.”

Firewalls 101: Hardware, Software & Web Application Firewalls – Part 2

English: This picture describe the engine of t...

Let’s continue our discussion of firewalls. In the first part of this series, we talked about firewalls as a general concept. Today we will discuss hardware firewall and software firewall technology. Then in the next post, we will look at web application firewalls (WAFs).

For this three-part series, we are reviewing the following articles: “Hardware Firewall vs. Software Firewall” (Michigan Cyber Initiative); “Best Practices: Use of Web Application Firewalls” (Open Web Application Security Project); “What You Should

Know About Firewalls,” (PCWorld); and “Better Protection – Hardware or Software Firewall?” (PChuck’s Network).

In the last post, we also reviewed furwalls – walls of genuine animal fur or a synthetic alternative that are quickly becoming more popular than wallpaper or fake wood paneling in home and office environments. Today, in addition to discussing hardware and software firewalls, we will look at how to make sure live walls of fur are adjusted frequently and best used to properly motivate your employees.
Continue reading Firewalls 101: Hardware, Software & Web Application Firewalls – Part 2

Network & Server Security

Network/Server SecuritySecurity relating to computers and networks has always been a concern for IT managers tending to Enterprise-class operations. Despite all their efforts to keep their networks free from intruders – be it a hacker, a worm, a trojan, or a virus – the biggest security risk to these systems is most often the users themselves. Over time, more and more businesses have started to depend on Technology and their hardware infrastructure, for their daily operations, and as these aspects of a business have become more critical, these hackers, worms, and trojans have become more targetted, again, typically focussing on the users. Instead of coming from the 13-year-old computer aficianado looking for some fun and fame, organized teams have been setup with a specific target, which, more often than not, is data.

In the last year, security flaws or breaches at large corporations have resulted in individuals being at-risk. Consumer information, from search results to personal credit card and debit card numbers, has been compromised; sometimes it’s a simple (albeit costly) mistake from an individual, but with multi-national corporations and millions of dollars potentially at stake, insider breaches are also a concern. But what does this mean for the average business?

All companies with sensitive data need to be aware that they are a target. Unless the proper steps are taken to ensure that your networks are secure, your data and your systems will be susceptible to attacks. The average webmaster or designated ‘IT guy’ in the company will not have the ability to maintain this level of security, and these types of services may require an outside resource to perform security audits on your systems. It’s also important to note the differences between network and server security.

For those that take advantage of co-location or a hosted server from companies like Superb, network security isn’t the issue; instead, keeping up-to-date with patches and updates for the server’s operating system and maintaining solid, secure coding practices is key to preventing unauthorized access. To help prevent unnecessary risk, we (the Superb Team) are putting together an unofficial checklist for self-managed servers, but it is definitely recommended that a professional review your server security regularly.