Sounds scary and technical, another vulnerability, another frightening acronym KRACK, makes one think what is the risk and how does one overcome this concern?
It’s been everywhere in the news, social media and blogs for the past week and this article will aim to try and simplify the technical side and answer some of the questions one has.
Discovered and named by Marty Vanhoef a Belgian researcher, KRACK stands for Key Reinstallation Attack. This in effect is a security flaw which allows a hacker (attacker) to break the internet communications between a router and a device. For the weakness to be exploited though the hacker needs to be in close physical proximity of the access point of the communications.
It means there is a potential for a cyber security incident where the attacker can capture or interrupt the flow of information from your communications or they can use the weakness to potentially inject and manipulate data. For example, this may mean an attacker injecting ransomware or other malware into websites.
Like all vulnerabilities, the risk is the loss of sensitive information such as credit card numbers, passwords, emails, photos, and documents.
This is difficult to say as there are potentially so many situations, however, one potential target is those organizations that provide wifi access without a lot of IT resources. An example of this would be your local coffee shop.
Changing passwords regularly is a basic security measure that is recommended, however, this will not prevent or mitigate an attack. In fact, the key element to protect yourself includes ensuring all devices are up to date with the latest updates. This includes ensuring the firmware on your router is updated.
A simple tip is to ensure you have automatic updates turned on which will help ensure you have the latest versions and protection installed.
Until you are sure that your device has been updated limit your usage of public networks especially with phones utilizing the Android operating system.
Only transact with websites that have an SSL certificate meaning that the sites URL will start with https instead of HTTP. This in effect means the site is using encryption which therefore makes it difficult to see what data is being transferred.
Keep yourself informed and be sensible with your usage of public wifi if in doubt do not connect and turn the wifi option off on your device. If still uncertain contact us and ask for a KRACK risk assessment.
Many customers we see during our daily work (and rescues) don’t even have the most basic cyber security measures in place. The author intends this article for the non-technical business owner or manager, to assist and educate the need to protect their business and computer users against ever-evolving cyber threats.
Cyber security threats are continually evolving. Viruses, worms, Trojan horses, Spyware, Phishing, Adware and Scare-ware have all been around for a long time. Lately, one particular form of malware known as Ransomware has been creating havoc with businesses and organisations worldwide.
Ransomware, when detonated works by locking up your files using encryption. The cyber criminal then demands a ransom from the victim in bitcoins. In theory this ransom gets a code that allows the unlocking of your vital files. However some cyber criminals are not very honest in this respect. They just take your ransom and you don’t get a code.
In all cases we have seen, humans detonate the ransomware package at an endpoint in the network. Ransomware mostly arrives in email as either an attachment or as a link to a malicious or compromised website. Ransomware spreads also from software downloads, websites and advertising delivered over online ad networks.
Once the basics are covered off, we can then talk topics like firewalls, VPN, cloud virus and spam pre-filtering of emails, changing settings in software, 2-factor authentication, and an application that detects and stops unauthorized encryption etc. These will give a much more comprehensive solution beyond basic, however “comprehensive” is probably beyond the scope of this document titled “Basic Cyber Security” and would make it rather long and too technical.
NZ Government Communications Security Bureau – NZ Information Security Manual Download Page
Every day, every month there is a new threat to being able to conduct business effectively and efficiently. How do you protect a business from the threat of disruption whether it is a scam, virus, ransomware or simple network or internet failure?
Dr Hossein Sarrafzadeh, director of the Centre of Computational Intelligence for Cyber Security at Unitec Auckland said ransomware affected tens of thousands of people and is estimated to have profited the criminals to the tune of US$1 billion in 2016.
The majority of cyber-attacks in New Zealand still go unreported, though figures released by New Zealand’s National Cyber Security Centre (NCSC) this year showed that attacks have more than doubled since 2011.
Scams continue to become more sophisticated using modern technology to make fake emails, invoices, and websites appearing legitimate to even the most astute business person. These scams have devastating effects on businesses by eroding the investment they have made in their reputation, increasing operational costs and in certain cases crippling the business from operating.
This article looks at how a business can avoid becoming a victim of a scam by ensuring they have the right support and systems in place to minimise the risk of disruption.
Why does size matter?
Larger organisations have the resources, time and budgets to invest in ensuring they are not subject to an attack. As the headlines indicate even with this effort they are not always successful in defending themselves. The reality is that as smaller organisations are hampered by the amount of money and resources they can spend on IT, means that these organisations are an easier target for the cyber criminals. The cyber-criminal finds it easier to get in and often it takes longer to detect meaning more havoc created.
Smaller organisations are often a means to access and breach larger organisations. Why? Because the smaller organisation is often the weakest link (security wise) in a supply chain relationship thereby providing an entry point to the larger business partner.
What are the key elements to protect Business Continuity?
One must ask if the IT environment something that can just be left alone or does it need to be looked after? The answer is obvious it needs to be managed and looked after, it needs somebody who is accountable and responsible for ensuring that the risk is minimised.
For smaller organisations this leads to either employing a resource or developing a relationship with an IT Service provider who is accountable. It makes sense to develop a relationship where the provider is on the front foot and is monitoring all key elements and maintaining an organisations systems in advance of something going wrong. This is commonsense as it is about protecting against a major disruption to a business.
The key components that need to be looked at are:
The key element for a business owner is to understand how this approach shifts the nature of the relationship with your IT provider from being reactive to proactive. It means the IT provider is preventing breakdowns instead of reacting to a break down. This means a monthly fee for the maintenance rather than a call out figure. It means the provider is monitoring and using tools to remotely manage and perform maintenance activities.
What does this cost?
The key thing to remember this is an investment in ensuring a business is not disrupted. Some providers will charge per device; others will charge a monthly figure based on complexity of what they are managing; others will charge based on per user.
As a business owner understand what is included and what is not and what service agreement does the provider use. For instance, at Computer Troubleshooters we provide a 100% guarantee. Contact us now for more information.
Change is hard to accept for anybody and in the case of IT management it is hard for people to see the monthly outlay as an investment in their future. But this is exactly what it is. It is a strategic investment that allows a business to minimize the risk of disruption and ensure it can continue to grow and develop.
Sources of information for this article:
Cyber security breaches are in the news every single day of the week. Yet every day I hear another story about a small business that has had a cyber security breach. When talking to the owners, the anger, frustration and disbelief is evident to see. The shock is expressed in the following words; this is costing me so much, it’s the inconvenience, it’s the damage to my reputation and worst of all I am losing customers and I know they will not come back.
All businesses no matter what size are subject to privacy laws. Currently our NZ Privacy Act which went into effect in 1993 contains breach-related penalties from $2,000 to $10,000. New Zealand’s privacy commissioner is now recommending new civil penalties against companies of up to NZ $1,000,000 for a “serious” data breach to keep NZ up with sterner penalties adopted by Australia and the European Union. Ultimately there is significant accountability on businesses to keep customers’ private information secure or face potentially large fines as well as bad publicity and damage to their reputation.
This may be obvious but every cyber- criminal is looking for a soft target, in effect every small to medium business has more information (data) to target than an individual consumer and, because of resource restrictions and lack of knowledge they have a less secure environment than a larger organisation. This is not only in terms of software but also in having security policies that are effectively implemented. For example; user training, passwords, network access, usage of personal devices and external storage devices such as USB sticks.
Too often small business owners are not proactive because they do not believe they have anything worth stealing. This is not the case as every small to medium business holds customer credit card information, customer personal details such as bank details and emails. Every bit of information is useful to a cyber-criminal who can make money, for instance, by selling an email address.
The short answer to this question is YES. In the 12 months to June 2016 the NZ National Cyber Security Centre reported a 78% increase in cyber security incidents over the previous year. Our Australian neighbours (Australian Cyber Security Centre Threat Report 2015) identified that the number of cyber criminals with capability will increase, that the sophistication of the current cyber adversaries will increase making detection and response more difficult, ransomware will continue to be prominent and there will be an increase in electronic graffiti such as web defacements and social media hijacking. All this is occurring because every day no matter what size business you are there is a greater reliance on technology to run and conduct a business. The cyber-criminal is aware of this.
The four key elements in thinking about preventing cyber security breaches are to know your environment, to secure your environment, effectively control your environment and proactively monitor your environment.
The best approach is to make sure that the challenge of cyber security is at the forefront of the business owner’s mind and that of employees.
Do you have young children who risk being exposed to pornographic or inappropriate websites?
Do you feel you should control the type of applications your children use and the amount of time they spend on the internet on websites such as social media?
Are you worried your children are using gaming, gambling, or in-app purchasing applications?
If you answered “yes” to any of these questions you are part of a growing movement of concerned family’s’ who are struggling to control their childrens’ exposure to the internet.
Why is access to internet content so hard to control?
There are 3 main reasons why internet consumption by children is hard to control:
With anywhere anytime internet access from multiple devices, is it still possible to regulate internet access to our children?
Thankfully development of cloud technologies has enabled user management to be lifted above the physical network layer and enables user profile management to be delivered across multiple access networks and devices. Effectively the cloud allows an additional layer of control above the traditional approach to user management and content control.
Here is what a cloud based portal can enable:
Given all this is possible, how it is achievable?
As a business who has been help protect Australian and New Zealand families for over 20 years we have watched the evolution of different internet security software and hardware struggle to keep up with these changes. In our view, if families wish to take control of how internet is consumed they must consider using a cloud based portal to provide comprehensive protection.
To the best of our knowledge the most comprehensive and accessible product for family internet management is called Family Zone. Family Zone is a new generation cloud based product that allows for all these changes in technology from anywhere access from multiple devices.