Blog

November 16th, 2009

smb_securityThe National Cyber Security Alliance (NCSA) and  Symantec recently released the results of a survey they did as part of National Cyber Security Awareness Month to assess the awareness and preparedness of small businesses (51 or fewer employees) in countering cybersecurity threats.

Some notable findings:

  • Only 28% have formal Internet security policies in place
  • Only 25% provide even minimal Internet use/Internet security training to employees
  • Those companies that do train spend less than 5 training hours per year on average
  • 86% do not have an employee focused on Internet security
  • More than 90% believe they are protected from malware and viruses

However:

  • Barely half of the businesses surveyed check their antivirus software weekly to insure they’re up to date
  • 11% never check security tools to make sure they’re current

For many, it seems, online security is simply not a top priority, falling far behind other issues such as meeting payroll and managing cash. But this is dangerous thinking, since more and more companies’ operations have become highly dependent on their IT infrastructure and the Internet for communications and business transactions.

How about your business? Is it secure? Call us today and find out how we can help.

Related articles:

Published with permission from TechAdvisory.org. Source.
Topic Articles, News
September 29th, 2009

I have been hearing a lot about scams and the like recently and it has prompted me to think about the whole “buying online is cool” thing and wonder if there are some idiots out there that are going to ruin the whole thing for us law abiding folk?

Now if you are wonder what in God’s name I am talking about, I like to call it the “Pub Quotient”. This is the ratio of idiots to normal people at the pub. The idiots are the ones that smash glasses, cause fights and ruin everyone else’s evening. Now on the web the ratio I would expect is even smaller than the pub quotient which I rate at about 2%. I reckon the web may be a hundredth of that. Yet they affect a whole lot more people in a more sinister, intrusive and criminal way.

Who are “they”? “They” are the people that create viruses, install spy ware, and try to skim your credit card details. “They” are the types of people that can type faster than me and would definitely kick my butt in World of Warcraft. “They” are the types of people that you’d love to lock in a room with yourself just so you can teach them a lesson… right?

Wrong!!!

“They” are sophisticated criminals that have honed their art, are often affiliated with terrorist organisations and are so powerful that, often, they are not caught. “They” can earn millions of dollars in a day by stealing from the innocent in ways that can both devastate and also not even be noticed. “They” can skim a dollar from your bank account, and a million others and keep doing this daily until you notice. Have you checked lately?

So what can we do about this?

Cyber-criminals are the new train robbers, and like trains had to employ more guards after Ronnie Biggs, so does the every day Internet user need to up security to fight the threat. The threat now is global, as we let the world into our offices, bedrooms and lounge-rooms through the web. The world sits with you at lunch and talks to you while you watch TV or listen to your iPod at night. We have let this into our lives without really analysing what we are doing.

Much like a stalker watching his victims for visual pleasure, cyber-criminals have information as their vice. They get information by hiding things on your PC watching you. They don’t watch you physically; they watch your fingers, what you type, sites you go to and usernames and passwords that you enter. It’s that simple.

They can even use your PC to do the dirty work for them in something called a “denial-of-service” attack. By installing certain programs on your computer they can use your PC, without you even knowing, to bring down sites, and on occasion entire networks.

This was seen on ABC recently when the Federal Police were digitally incapacitated by a cyber attack on their network so large that it took down the BigPond network across Australia’s east coast. For these types of attacks unwitting pedestrians’ computers are used, without their knowledge or consent.

The best thing to do to fight these threats is to install anti-virus from a reputable company so that you are protected and so that your computer wont be used against others in these denial-of-service attacks. Sophos Small Business Security Solutions 2.5 is a fantastic place to start. Sophos’s products have earned them awards and accolades from large independent testers such as InfoWorld, Virus Bulletin and SC Magazine. You can see the full credit’s here http://www.sophos.com/products/reviews/. This is important. To be tried and tested and succeed against others in the land of independent testing is a massive honour, and one held by few companies globally.

Sophos Small Business Security Solutions 2.5 is Antivirus, Spyware Removal and Client Firewall all in one. There are three levels, so it caters for all budgets. The basic level includes automatic updates, 24/7 support and works on PC, Mac and Servers.

If you would like for us to give you a demo of Sophos Small Business Security Solutions 2.5, just contact me by clicking here.

Topic Articles
September 1st, 2009

phishers_DollarsAnother reason to keep your computer malware free: cyber-pirates raided several businesses as well as a school in recent attacks through the Automated Clearing House (ACH) Network.

The losses, which ranged from $150,000 to more than $400,000, were accomplished by the crooks in mere minutes. Luckily for these companies, the banks managed to reverse some of the transfers. If they hadn’t, the losses would have amounted to $700,000 up to a whopping $1.2 million.

The modus operandi of the hackers is simple. Making use of the ACH network, they send out “phishing” emails to account holders. When the recipient clicks on the link, malicious software – a Trojan horse or virus – automatically downloads itself to the recipient’s computer, allowing the hacker to infiltrate the system. Keylogging software (software that tracks keystrokes) is installed, which gives phishers access account numbers, names, and passwords. They then divert the company’s funds into their own accounts.

ACH fraudsters can also use the same method to not only siphon off money into their own pockets, but also to establish “ghost employees”, which they insert into the payroll and qualify to receive regular paychecks.

While banks are doing their best to strengthen the system, they can only do so much, and experts admit that the ACH network is a very old system compared to today’s standards. The volume of money that flows through the ACH is also so massive that it is difficult to keep track of specific amounts for specific accounts.

Despite its shortcomings, the ACH system still remains widely used, and the best defence is to guard your system well. For our clients, we have firewalls and anti-malware software in place, but you should also make sure your bookkeepers and staff are briefed on how to avoid being the victim of fake phishing emails.

If you have any questions or concerns please give us a call.

For more details about this story, visit http://www.computerworld.com/s/article/9136334/Cyber_attackers_empty_business_accounts_in_minutes?taxonomyId=17&pageNumber=1.

Published with permission from TechAdvisory.org. Source.
Topic Articles
August 12th, 2009

img2From annoying to destructive, malware is a bane to any computer system and the person who uses it. The benevolent Wikipedia defines malware (short for malicious software) as: “software designed to infiltrate or damage a computer system without the owner’s informed consent.”

The good news though, is that there are simply ways to avoid getting infected by malware. Clearly having the right anti-virus and security installed and up to date is critical – that’s where we help. But it’s also important to know how you can make a difference.

Here are few simple tips to help you keep your system malware-free:

1. Never click indiscriminately
These days, there are ads and pop-ups, designed to induce a PC user to click on them. From sexy models to seemingly too-good-to-be-true offers and promotions, many web advertisers are counting on people’s curiosity and the impulse to click away. The thing is, many of these ads lead you to unsecure sites filled with malware.

2. Cancel Autorun.
When you plug in a portable hard disk or flash drive, you computer automatically opens a window with preset options to enable file viewing for that drive. Immediately opening a flash drive allows infections to access your system, so cancel the window and scan first before opening the drive or any file inside it.

3. Never open suspicious emails.
Unsolicited email is always best unopened and deleted immediately. If you don’t know who sent it, send it straight to the trash bin and delete it forever.

4. Only download if you must and only from trusted sites.
Installing peer to peer downloads may be a great source of free music, media and software. But it’s not only piracy and is probably prohibited by your company policy – it’s also a fertile breeding ground for files embedded with Trojans, worms, and other forms of malware. Download files only when necessary and only do so from legitimate and trusted sites.

You make the difference
Your behavior online plays a big factor in making your PC and your system malware free. Especially if you’re on a network, failing to exercise caution not only compromises your system, but everyone else who’s connected to the same network. A simple click on a wayward link or ad can cause your whole company to be bombarded by spam, so always be careful in what sites you go to and what files you open and download.

If you’d like us to come in and talk to your staff about this and other safe-computing habits just let us know.

Published with permission from TechAdvisory.org. Source.
Topic Articles
June 22nd, 2009

As if the scare from the Swine Flu virus were not enough, some opportunistic and malicious hackers have started spreading a computer virus with emails of the same name. Otherwise also known as the Navia.a virus, it seems to have surfaced during the height of the Avian Flu scare. However, the computer virus may have started spreading again. Initial reports from Japan say that the country’s National Institute of Infectious Diseases (NIID) posted on its website that a suspicious Japanese-language email message purportedly coming from them has been circulating with an attached file called “information on swine flu”. The email, originating from senders in the “@yahoo.co.jp” domain, seemed to be sent to random Internet users, the institute said. Users, as always, are advised to avoid opening attachments from suspicious-looking emails to prevent infecting their PCs with malware.While we can’t protect you from the real swine flu virus, we can help you protect your PCs from its new malicious online cousin. Contact us today to find out how.

Related articles:

Published with permission from TechAdvisory.org. Source.
Topic Articles, News
June 13th, 2009

article_ProtectWhile the internet is a vast resource for all sorts of information, data, and other useful thingamajigs, there are aspects of it that aren’t so desirable. Viruses, for instance. They wreak havoc in your system, destroying files, crashing the operating system – generally making life much more difficult. But if you thought that viruses were the only nasty thing out there that you need protection from, think again.

Adware (advertising software) and malware (malicious software) are types of harmful software called “spyware” that are not usually covered by anti-virus scans. While viruses affect your system directly, spyware runs in the background and transmits information about you through the ’net, which can be used a number of ways ranging from annoying to downright illegal.

These dangers are often unnoticed by users since they don’t directly affect the computer’s operation the way viruses do. What’s more, many people confuse them with viruses, but they’re very different and should be handled differently. Lots of spyware can also slow down your computer, so it’s important to have anti-spyware programs installed on your computer to keep it free from these harmful invaders.

There are many free spyware scanners and removers on the internet – simply download and install one, and then run it on a regular basis. Scanning for adware, spyware, and malware takes approximately the same time as doing a virus scan. Also, remember to update your scanners so that you have current definitions and less chance of overlooking new threats. Finally, we recommend that you refrain from visiting and downloading from unfamiliar websites since they could serve as hosts for both spyware and viruses.

Published with permission from TechAdvisory.org. Source.
Topic Articles
April 28th, 2009

ConfickerThe past couple of weeks, a new malicious and particularly virulent worm known as Downadup, also more popularly known as Conficker has started to infect millions of PCs. In fact by some estimates, it has infected over 10 million PCs worldwide. As with many threats proper prevention can greatly reduce or eliminate your problem.

This worm is particularly dangerous as it can infect your PC in many ways. You can be infected by simply visiting your favorite Web site, downloading a file or email from the Internet, loading a USB drive, or just by leaving your networked computer on, overnight while you’re asleep.

The worm takes advantage of known vulnerabilities in Windows to spread. Its removal can be difficult, as it blocks many known antivirus software and associated websites. In some cases it even disables antivirus software already installed or the Windows Update service.
After infection, it may choose to run rogue software on the machine, or use it as a host to infect other machines. Particularly troubling, security experts believe, is that on April 1st, a new variant of the worm will begin to randomly check various websites on the Internet to download new instructions. What those instructions are unknown at this point and could be anything as harmless as telling a joke, displaying an ad or as harmful as destroying files or even stealing usernames and passwords.

The worm itself is not new, it made its first appearance late November 2008, known under the names Conficker or Kido. It shouldn’t have spread if people had made sure to the latest Windows and other updates were applied to their PCs and have kept up to date with their security vendors’ latest antivirus releases. Also since it spreads via network shares, making sure to use strong passwords on shared network drives would have helped to contain it early as well.
If you aren’t sure if your PC and network are protected, make sure to contact your IT service provider for advice.

Here are some other articles you might want to check out for more information:

Related articles:

Published with permission from TechAdvisory.org. Source.
Topic Articles
June 5th, 2007

A new client called today after being referred to us from the Sophos website. The gentleman expressed his frustration to me, explaining he’d just spent two solid days trying to clean up a destructive virus from their network of about ten PCs – even though he was sure he had adequate anti virus protection. In a nutshell, Computer Associates lost a customer – CA Anti Virus was the product that failed to detect the virus in this case.
Whilst I don’t know exactly what the problem was just yet (our engineers are on the way out to clean up the mess and roll out Sophos Computer Security SBE) it’s a timely reminder that Anti Virus products are only as good as their last update! Sure, most AV products are set and forget type installs these days but certain things can cause the automatic updating feature of AV products to fail. If your product isn’t configured correctly to alert you, or you never check the administration console, then there’s every possibility that your AV software is simply months out of date (the record that I’ve witnessed is approximately 24 months!). Even just being a week or two out of date pretty much renders your AV strategy useless.
Making a small investment in time or money to ensure your AV is actually working (therefore getting value from the software subscription costs!) by far outweighs the time and effort wasted in trying to pick up the pieces after a destructive virus. Make a note to start doing this, or talk to us about some of the services we offer to ensure routine maintenance tasks are regularly performed or critical components are continually monitored.

Topic Articles