Friday, October 21, 2016
1. You don’t personally manage the cloud hosting and know nothing about how they are protected;
2. The world-wide hackers are very sophisticated on finding the holes in the security systems, and they have been successful in their attempts to break the security not only in the average-protected systems but also in the government and large corporations networks that have enough resources for protection;
3. When you use the local (at home) storage, perhaps if you are security-aware, you have protected home network and know what secures your PCs and storage;
4. Your home network is a very small target to distort money because the large companies will pay more and, therefore, are more desirable targets for hackers.
If you think that your stored in the cloud images or documents are not important and you don’t care if you lose them, think again.
The cloud storages and services serve thousands of people and companies, so you will become one of many victims who had to pay a ransom to the hackers because by compromising the cloud they can also gain an access to your home PC and cause you a major headache.
Recent news: Microsoft’s OneDrive for Business was recently exploited by cybercriminals. Although it’s unclear how the accounts were compromised, this new series of hacks allows cybercriminals access to sensitive business information. Cybersecurity experts advised businesses to take actions and secure their accounts.
Here are few suggestions:
1. Consider keeping your data and images locally instead of could-based. Yes, I know your arguments regarding free services and convenience to share the data. Still, it is a fact that cloud can be compromised.
2. Remember that the Facebook is also a cloud-based service. In addition, almost every smartphone application communicates thousand times per day with Amazon-based cloud storage (I have personally seen it on my smartphone when I have installed the software firewall on my Note IV).
3. Think about your home network as your asset and a part of your belonging (like furniture, electronics, clothe, and jewelry). Would you let anyone steel or damage it? You would probably install the home security sensors on every door and window.
4. Start with your home cable modem/router. Check with the vendor if the firmware of your router has the latest updates. Apply them as soon as possible.
5. Replace your passwords with passphrases.
6. Install software firewalls on each PC in addition to anti-malware software. Spend some time on reading the articles about the best protection software today. Replace your existing antimalware software if it is in the bottom of the list vs. competitors. I have recently replaced my Viper and even Avast (still not bad) with the licensed copy of Bitdefender (good for 3 computers).
7, Create regular user accounts on your PCs or laptops that have no administrator's privileges. Login with those new user names. Switch to Administrator's account only as needed.
You may want to spend time reading my article (March 2015) about protecting your home network and smartphone.
Now, read below the latest information (the most important statements from the article) about compromised cloud hosting services.
Homeland Security News Wire | October 19, 2016
A study of twenty major cloud hosting services has found that as many as 10 percent of the repositories hosted by them had been compromised — with several hundred of the “buckets” actively providing malware. Such bad content could be challenging to find, however, because it can be rapidly assembled from stored components that individually may not appear to be malicious.
In the cloud, malicious actors take advantage of how difficult it can be to scan so much storage. Operators of cloud hosting services may not have the resources to do the deep scans that may be necessary to find the Bars - and their monitoring of repositories may be limited by service-level agreements.
Overall, the researchers scanned more than 140,000 sites on twenty cloud hosting sites and found about 700 active repositories for malicious content. In total, about 10 percent of cloud repositories the team studied had been compromised in some way. The researchers notified the cloud hosting companies of their findings before publication of the study.
“It’s pervasive in the cloud,” said Beyah. “We found problems in every last one of the hosting services we studied. We believe this is a significant problem for the cloud hosting industry.”
In some cases, the bad actors simply opened an inexpensive account and began hosting their software. In other cases, the malicious content was hidden in the cloud-based domains of well-known brands. Intermingling the bad content with good content in the brand domains protected the malware from blacklisting of the domain.
Beyah and Liao saw a wide range of attacks in the cloud hosted repositories, ranging from phishing and common drive-by downloads to fake antivirus and computer update sites. “They can attack you directly from these buckets, or they can redirect you to other malicious buckets or a series of malicious buckets,” he said. “It can be difficult to see where the code is redirecting you.”
Tags: cloud hosting, hacking, compromised data, storage
Posted by cyberteacher at 9:15 AM
Tuesday, March 17, 2015
from Malwarebytes.org. They complement each other’s capabilities very well without the danger of “fighting” when they run. Both companies offer free or paid versions. Paid versions offer more protection including identity protection, ability to run on your own schedule during night hours, and few extras. I usually recommend to have configured ZoneAlarm in auto scan mode and run the MalwareBytes manually once a week while updating the antivirus signatures before every scan.
The beauty of MalwareBytes licensed copy ($25.00) is the ability to run as a resident in a PC memory. When you hit the malicious web site, the software will block the site and popup the warning message. Just yesterday, I have mistyped the name of the bank in the address field and hit the Enter key. The browser went to the Chinese –owned, infected web site that was immediately blocked. Another great feature of this software is ability to work in the Windows’ Safe mode (used for Windows troubleshooting) and removing the malware that cannot be removed in the full mode.
In spite of being a "must have" on each computing device, the antivirus software takes plenty of resources when activated. This is a reason why I despise licensed McAfee, Symantec, and many free programs like AVG, Avira, and others not only because they are weak on filtering the malware comparing to leaders but also because they take plenty of computer resources and slow the PC down. I always uninstall pre-installed programs from Symantec and MacAfee and replace them with the mentioned above software.
- Applications' patches (updates)
The broadly available hacking software (that can be downloaded for free or purchased for few dollars) can scan your applications for known vulnerabilities, and then exploit them to hack your device. While you may have automatic updated of Windows operating system, the other programs on your PC or laptop are not being updated automatically. It is your job to verify and update religiously. For instance, the Adobe Flash Player is the main "open door" for hackers to your computer if you do not update it regularly.
Having 5-10 programs or 25-30 (as I have), the updates could become a cumbersome job. What you can do is to install the Secunia Personal Inspector (PSI). The program starts right when you power your computer and it scans your hard drive for all versions of the programs. If you have the outdated programs, the popup window will inform you. The final report provides the links to the upgrade sites. It is not the most reliable program as it has some glitches running on Windows 8.1 but it is the best one (and free) that I know.
- Separate browsing
It makes perfect sense to separate the sensitive information including PII from the web sites that are being hacked periodically, like Facebook, DropBox, e-mail sites, and any questionable sites that offer hot news, free pictures, free books or movies, etc.
If you are really sensitive to protecting your privacy, I would not recommend using IE and Google Chrome browser because they are proprietary companies that have their own interest, the companies that often bend under the government pressure and reveals the collected information to the government organizations. Instead, use Firefox – the Open Source software. Uninstall everything from Google.
It is essential to note that when you use the Internet browser you should never open suspicions emails (including unexpected e-mails from your contact list). The most common form of social engineering is through email - very effective method for cybercriminals - because, according to the Verizon report, "at least 8% of users will visit a link in a phishing email."
- Security add-ons
My own experience suggests that while it is a good plug-in to have, it slows down the browser. So, do not wonder why your Internet browsing is slightly slower than usual, it could be because of plug-in. If you did not install any plug-in but the browsing is slower, I would not also exclude that your browser is infected with Adware (advertising malware) or some other type of malware. Run the MalwareBytes to verify.
- Scheduled Backup is a king
You may use Windows built-in backup programs but better use one of the additional programs like the one that came with your external hard drive from Seagate or Western Digital. Put your regular backup on auto-schedule.
I have lost data due to my negligence few times due to a failed hard drive. Now, I have the automated and scheduled backup to the external hard drive that collects data from 3 different computing devices. You may also use the high capacity USB sticks instead of hard drives.
- Wireless network at home.
There are multiple hacking tools and mobile applications that designed to break through your password protection within minutes. You can download them for free or buy on the Internet. So, you can imagine what can be done to your mobile phone if you are using any public wireless network with NO password protection and no security.
What to do? Perhaps you can take three basic steps to limit the danger. The first thing is to use the strongest available wireless network security at your router or cable modem. Use the 802.11g security specification. There are WPA (older), WEP, and WPA2 technologies. WPA2 (Wireless Protected Access 2) is a security technology commonly used today on Wi-Fi wireless networks – the one you should activate.
The second step is to identify the home computing devices to be connected through the wireless network and find out their MAC addresses (the manufacturer's uniquely assigned address of a network interface) . If you are not very sure how to find it, you have to ask IT professional to assist you. Add the MAC addresses to the table of devices that allowed access to your network and deny all others. It will make the hacker’s life more difficult (but still will not entirely protect you).
The last step is to use the complicated password or phrase to login to your wireless network. Use special characters, lower and upper-case, and, of course, some numbers.
When the newer and more secure technology will be available, spend money on it -it really worth. Since we can’t predict the future, the best option is to be as secure as technology allows.
- How to protect the smartphone
- Never use the public wireless access points that offer no security. If you disregard this requirement alone, your phone can be hacked within few minutes. What if you must use the public Wi-Fi in special situations? Then, there is a way to encrypt your Internet traffic using VPN (Virtual Private Networking) that creates the secured channel for your communication through a special gateway. Use the free or very-low fee VPN clients for Android or iOS that can be downloaded from Google and Apple.
- Install one of the best possible anti-malware programs like Avast or Lookout for Android (I believe Avast is good for iPhones, too). Activate the identity protection, backup, application locking (like Facebook, Twitter, and any important programs), firewall, anti-theft, and antivirus.
- Do not install the games or programs that require special access privileges to your personal data, location, contact list, and more. Perhaps, if you must, keep the mentioned programs to the minimum. For instance, I have removed from my phone the WBAL program (news and weather) due to access to everything on my phone including my wireless data, contact list, phone calls, etc. Outrageous!
- Do not install questionable programs. Before installing, read the users’ comments. Disregard "sugary" comments as they could be posted by the designers. Look more on negative comments as they can reveal the truth.
- Do not use your phone without password protection (use the PIN with at least 6 characters or digits). The fingerprint-enabled login is helpful (if available) but is not 100% proof. Do not store any password in a clear text. There are good password manager programs available. Make password invisible (see your phone settings).
- Use the third-party browsers (perhaps for Android) like Dolphin that does not collect your personal information or tracks the web sites you accessed.
- Backup your data, pictures, and setup settings.
- Disable installation of the programs from unknown sources.
- If you must access the banks online, bring it to the minimum. Better use the home PC.
- Use the Bluetooth technology carefully. I usually disable it when I am out of my home or my car because anyone within 80-100 feet can hack your phone (when the Bluetooth is enabled) with the right tool.
- Finally, if you have a serious concern about security of your smartphone, buy the new Blackphone 2 that is all about privacy over all usual fanfare features (should be available by the end of a year). Encrypt external SD card (if any). Your phone should have a special setting for it. Setup SIM card lock.
If you store valuable data on SD card, and if it’s lost, without the decryption password the data will not be accessible. Also, encrypt your entire mobile phone (it will require the password every time you boot it). The new versions of the iOS and Android (5.1) allow locking your phone if a case it is lost or stolen. So, the perpetrator won’t be able to use it without knowing the password to unlock the phone.
8. What if you are not the computer professional?
First of all, know your enemy: try on the shoes of a hacker. What is easier of all to steal? Exactly! Something that is not secured or secured poorly. Did you leave your mobile phone in the car seat? Did your put your luggage or purse in the airport on the floor while looking out in the opposite direction? You are in a trouble.
The hacker tries to hack what is easier to hack with minimum of efforts. If you have no password protection it is an invitation to hack. If you are not security conscious and open unexpected emails or click on infected attachments, you are a good target for hacker. If you are browsing the web without basic antimalware protection, you are the next hacker’s victim.
Windows continues to be compromised more frequently than other platforms primarily because most of the world's computers run Windows. Criminals figured out long ago that the biggest targets offer the best return (which explains why hacking the companies is better and more rewarding objective).
Hackers intend to break what is the easiest, so if you take recommended precautions, your computer system will not be an easy target, and the hacker might consider looking for easier one and leaving your PC along.
Competently managed, a Windows system that's kept behind a firewall, has fully up-to-date virus protection, is run with non-administrative user accounts, and is operated by someone who doesn't click on weird e-mail attachments or installs obviously disreputable software, is the best approach that perhaps if not guarantees complete protection but eliminates large part of the threats from hackers. The same can be said about your Android, Windows, or iOS - powered mobile phones and tablets.
9. Useful resources
Beyond mentioned above programs and methods to protect your data and networks, I want to refer to a few more. They are especially useful to those who are IT professionals.
Once your home network was configured and protected, there is a good and free program to test your guards. It’s called Nessus Home.The program offers free security scanner that scans your network including all attached wired and mobile devices. The reports will reveal the configuration problems, missed patches, malware, etc.
Sometimes you need to download the file from the Internet from not very familiar site. How to ensure it is not infected BEFORE you run it? There is a very useful web site – free online service – to test the files against 50 antimalware programs at once. Virus Total is your friend! It can detect not only the malware in the file but also can scan your PC for any known malware.
Recently, I found one useful web site that works similarly to Nessus Home but it has one single purpose: to test your firewall from outside. Try ShieldsUp! It can be found under Services menu. Beyond the ShieldsUp, there are few other good programs to explore. Similar online program that checks the PC's open ports is HackerWatch probe.
I have already mentioned MalwareBytes as a program that covers what ZoneAlarm misses. One more similar program is HijackThis. The program can be installed along with others but you can run it manually or schedule through the Task Scheduler.
When you boot your PC and open the Task Manager, you'd be surprised how many processes are running on your PC. In fact, many of them are not essential to your daily activities and slow down your PC by consuming the memory and CPU cycles. The solution is to disable them or even to remove completely. Make sure you know what you are doing.
Microsoft offers the Autoruns tool (formerly Sysinternals). The tool contains many other useful utilities. It is a free program. Install this tool and disable “autorun on start” for the programs you found not being essentials (like background updaters, speed boosters, pre-loaders).
There are 3 more useful programs on my list that I did not try myself but want to recommend.
- Pandora Recovery – to recover deleted files by mistake
- CCleaner – to delete unneeded temporary files and pieces of old programs from your PC. I personally prefer spend time and delete the files myself, so I have better control over my PC.
- WDO – Microsoft Windows Defender Offline – your last resource. Download the program and keep it on your USB stick.
Here is the last thing I want to mention. If you want to improve your employability and appeal to the potential employers, the known IT certifications will not only enhance your knowledge but will improve your chances to be hired. Here are few resources I personally used: