Brute Force Attack

This post is part of our Cyber Threat Series.

The Challenge:

Hackers use Brute Force Attacks to target a single service exposed to the Internet, including Remote Desktop, Outlook Web Access, and email services. Brute Force Attacks gain access by trying every viable access method or password.

Hackers use these attacks to access your data or to install other malware within your systems. Patient hackers space out attempts; they are difficult to notice or detect. When hackers rush, the impact can be similar to a DDOS attack.

Hackers can launch Brute Force Attacks externally or from malware-infected systems on your network. Internal attacks often target specific systems and vulnerabilities, such as SQL Server and SQL Injection vulnerabilities.

What to Do:

Require robust passwords; they are your first protection from Brute Force Attacks. Put controls in place to enforce best-practice password structure and expiring passwords can thwart an attack.

Deploy Multi-Factor Authentication. MFA creates and additional level of protection since a compromised password is not sufficient for access.

To protect against internal attacks, ensure systems run current operating system versions. Keep all systems current with patches and updates.

Deploy “Next Gen” protections to keep Brute Force Attack malware from making it onto your servers and clients:

  • Advanced threat protection (ATP) for email
  • Endpoint and mobile device protection
  • DNS security and protection
  • Web protection and filtering

 


Contact us to discuss your cyber threat protections. The Cloud Advisory session is complimentary and without obligation.


 

Distributed Denial of Service Attacks

This post is part of our Cyber Threat Series.

The Challenge:

Cyber criminals can cripple your business without every breaching your security. By using systems and botnets, they blast garbage Internet traffic at your public IP address(es).  The Denial of Service Attack is distributed (hence the name) across many sources, making it more difficult to block.

DDOS attacks stop your Internet traffic. They block communications and access to applications and services. In some cases, DDOS attackers demand ransom payments to halt the attack.

What to Do:

Move your computing to cloud services. Google, Microsoft, Amazon, and other public cloud providers build their networks to prevent DOS attacks.  They have multiple entry points and routes to their services and manage multiple layers of DDOS protections.

Upgrade to “Next Gen” routers with improved DDOS protections. These routers can identify attacks and help reroute your Internet traffic around the attack.

Add an alternate Internet connection.  Having a second connection can allow your network traffic to circumvent the attack or can provide a failover connection when needed.

Maintain strong endpoint protection to prevent botnet malware from being installed on internal systems.

Subscribe to hosted DDOS services that can route traffic around, and prevent, DDOS attacks.

 


Contact us to discuss your cyber threat protections. The Cloud Advisory session is complimentary and without obligation.


 

Hostile Network Probes and Scans

This post is part of our Cyber Threat Series.

The Challenge:

Hostile network probes and scans check your network devices and systems for security holes. Hackers and bots scan specific IP address for open and unsecured ports. While most scans come from the outside, hackers use malware to infect systems and probe networks from the inside. Once they find a security hole, hackers access information, install malware, or gain control systems.  Some probes look for specific vulnerabilities, others use brute force.

What to Do:

Close as many Internet-facing ports as possible across firewalls, routers, and other Internet-facing devices. Close ports on network devices that are not needed for internal communications. If a port isn’t open, it cannot be hacked.  

Avoid consumer-grade and low-end firewalls to protect your physical network.  Low-end devices lack features needed to protect your business. With advanced protection features and tools, “Next Gen” firewalls offer better protection from modern threats. With models designed for SMBs, you fill find these new solutions affordable.

Scan your network for vulnerabilities on a regular schedule. Finding problems before an attack is worth the effort and relatively low cost.

Configure alerts, when able, to notify you of potential risks.  While you and most SMBs cannot afford and do not need a network and security management system, you can configure many devices to send basic alerts by email. These alerts give you an early warning you can evaluate and manage.

Move to cloud solutions and hosting service providers and increase your cyber security profile.  Google, Microsoft, and Amazon depend on the security of their environment to earn and maintain the trust of customers like you. They staff security teams with thousands of experts, follow best practices, and deploy the most advanced threat protection technologies.  Your risk of a network scan or probe attack when using Google Cloud Platform, Microsoft Azure, or Amazon AWS is orders of magnitude less than running systems in-house.

 


Contact us to discuss your cyber threat protections. The Cloud Advisory session is complimentary and without obligation.


 

Cyber Threat Series Overview

Protecting your network, systems, apps, data, and people is no easy task as the scope and variety of attacks continues to multiply.  You want and need to protection, but must make smart buying and decisions. Too little or too much means higher risk or unnecessary cost.

We see your business as a target not because we know cyber criminals have you in their sights, but because most cyber attacks throw a wide net and catch those who are unprepared. Appropriate measures to prevent, protect, and respond to cyber attacks has business value and should be part of your IT strategy and plans.

As a series of blog posts, this Cyber Threat Series intends to educate and inform. We will cover the types of risks and attacks and how to prevent them. We discuss solutions. We take a pragmatic approach that respects priorities and budgets.

Topics will include


Contact us to discuss your cyber threat protections. The Cloud Advisory session is complimentary and without obligation.


 

Partner for Productivity

Partnering for G Suite Productivity

Partner for ProductivityG Suite is more than an email, calendar, and simple file sharing service.  G Suite is a productivity suite that serves as a platform for a range of tools that helps your team, and your business, work more effectively.

9 ways your team can be more productive with G Suite:

  1. Share Files, Not Copies:
    Stop sending attachments. Stop wasting time figuring out of the copy of the file in you inbox, on your local drive, or on a shared folder is the most current. Whether you use Google Docs for creating documents, spreadsheets, and presentations or you continuing using Microsoft Office, Google Drive and Team Drives serves your files rather than just sharing them.  People share via link, so all comments, suggestions, and edits are made within a single copy of the file. Versioning keeps this orderly and gives you the ability to look back and compare.
  2. Serve Files, Not File Servers:
    Use Team Drives and Drive File Stream to provide users with “explorer” access to files from Macs, PCs, and local software. Store files under central ownership and managed permissions; avoid performance and capacity problems with unlimited storage. Allow team members to work remotely and securely on computers, tablets, and mobile devices without VPNs and remote desktop services slowing things down.
  3. Communicate, Don’t Just Text:
    Most laptops now have microphones, speakers, and Bluetooth features similar to your smartphones and tablets. Have face to face conversations using Hangouts Meet instead of long email threads, phone tag, or text messaging. Communication is 55% non-verbal. Let you employees see and hear each other, your vendors, and your customers. You can share screens to live document reviews and discussions. Why pay extra for a conferencing service?
  4. Collaboration, Don’t Just Comment:
    True, Google Docs allow contributors to comment and suggest edits. You can also collaborate in real-time or as each participant is able. Version history lets you look back at who contributed, when, and where. You can name versions to track official revisions or specific working copies of documents.
  5. Schedule Productivity, Not Just Appointments:
    Your personal and shared calendars track your time as well as project or team activities. Resource calendars let you book rooms or any scheduled resource. Integrated with Hangout Meets, automatically include voice and video conferencing for the human touch. Integrated with Chrome for Meetings and you have 1-click video conferencing with screen sharing in your conference rooms.
  6. Manage Customer Relationships, Not Data:
    Integrated CRM applications, automatically pull person and company data into your CRM records and automatically track inbound and outbound emails with your prospects. Side panel gives you “pane of glass” access and context from within your Gmail inbox.
  7. Manage Communications, Not Data:
    Integrated sales and marketing tools, empower you team to better manage marketing, sales, and service communications without leaving your Gmail inbox.  Templates, mail merge, and tracking save time and energy as you drive your sales pipeline forward.
  8. Automate Tasks, Not People:
    Automate workflows and repetitive tasks, and build simple apps to boost productivity with AppMaker. The Low-code/no-code tool means you don’t need a cadre of programmers. Free up task time for more valuable activities.
  9. Protect Your Business; Not Just Data:
    Compliant archiving and e-discovery covers your email communications and your documents. Integrated solutions provide third party backup/recovery protection from accidental or intentional damage and loss. Cloud-to-cloud backup is less costly and requires less admin effort than traditional file server protection services.

Get the most value from your G Suite platform:

  • Verify you are on the right version of G Suite, with the capabilities that best meet your needs
  • Help your team learn how to use the G Suite apps to their fullest
  • Integrate 3rd party solutions for line of business needs, such as marketing, sales, and service

Please contact us for a free Cloud Advisor session to discuss getting the most value from G Suite.


 

What You Don’t Know Can’t Help You

I expect you have heard the old saying:

“What you don’t know won’t hurt you.” — Anonymous

In the cloud-y world of IT services and solutions, the lesson is better expressed as:

“What you don’t know, can’t help you!” — Allen Falcon

For a long time, small and midsize businesses (SMBs) moved to the cloud to replace existing services with more efficient, secure, and accessible cloud services. This was good for a while, but the landscape has and will continue to change. Now, when we talk to SMBs like yours about current IT services and the cloud, we talk about your business objectives and priorities. We talk about your growth opportunities, challenges to overcome, and how we can help you and your business succeed.

Today’s cloud services reflect your need for business results.

Cloud services, like Microsoft 365 Business, include a range of additional apps new to Office and, in most cases, unique to the cloud.  These apps give you access to value-add tools designed to help your business, such as:

  • Outlook Customer Manager: A simple contact manager and CRM tool that integrates with your existing inbox, calendar, and contacts
  • Bookings: An app that allows customers to easily self-schedule appointments from available time slots
  • Listings: A marketing app to build online pages and presence on Facebook, Google, and other platforms
  • MileIQ: Automated mileage tracking app for expense reports and/or tax filings
  • Connections: An easy-to-use app for simple email marketing tasks and campaigns
  • Flow: Automate processes, work flows, and approvals

These apps are joined by low-cost add-on services that let you to consolidate and simplify your IT environment — and save money.  For example, in Microsoft 365, adding PSTN conferencing gives you a standard telephone bridge for any Skype for Business or Teams conference call.  You can replace paid conferencing and web meeting services like WebEx, Zoom, and GoToMeeting with a tool that truly integrates with Outlook, your inbox, and your calendar.  At a cost of only $4 per user per month, and the ability to limit your purchase to users with a defined need, you can dramatically lower the cost of audio and video conferencing while providing a better experience for organizers and attendees.

Clearly, Microsoft 365 is not simply “Office in the Cloud.”  The value-add apps, low cost add-on services, and more than a half dozen additional security features in Microsoft 365 create a more robust ecosystem for productivity, efficiency, and growth.

The Challenge is Adoption.

Adding value only happens when your team is aware of, and knows how to use, the broad range of capabilities in services like Microsoft 365.  Getting your team from Point A to Point B, and then Point C, takes effort.

Here are some ideas to help you empower your team and enable your business:

  • Don’t Overwhelm:
    • Presenting too many capabilities, or too much training, all at once can overwhelm your team. Instead of understanding how they can do their jobs more efficiently, they may feel lost.
    • Not knowing where to start leads to paralysis.
  • Start with the Familiar:
    • Even the traditional Office applications (Word, Excel, etc.) have features that are unique to the Microsoft 365 versions and ecosystem.
    • Refresh your team’s knowledge of the apps they already use and know, adding these incremental productivity features into the mix.
  • Focus on Capabilities Specific to each Role:
    • Not every person needs every app or feature.
    • Focus on matching specific features, apps, and capabilities to the people on your team that will benefit the most.
    • Lessons and learning should be relevant to each team member’s job.
  • Provide Continuous Learning for Continuous Improvement:
    • Make learning an on-going activity that happens in small, manageable events.
    • 3 to 5 minutes per day, less than 20 minutes per week, can provide team members with ideas and insight they can put to immediate use.
  • Create a Culture of Learning:
    • Incent participation to set clear expectations and establish value for the learning process.
    • Monitor team member participation and progress.
    • Provide feedback and encouragement, particularly to the “leaders” and “laggers”.
    • Encourage team members to share their knowledge with peers.

Getting more value from your existing IT and cloud solutions starts when your team understands what is there for them, and how to use it to their advantage.  Improving adoption improves results, and need not be a major cost or time commitment.


Cumulus Global offers a self-paced, video learning system that tailors content to roles within your organization.  For more information, contact us for a brief call with one of our Cloud Advisors.


 

Dark Web Threat Alerts

When Your Identity is on the Dark Web

Dark Web Threat AlertsAs a courtesy to our existing clients and prospective clients, we have been running complementary Dark Web Summary Scans of their domains. These summary scans let us know how many email addresses from each domain currently appear on dark web and identity theft websites. We can then perform a more detailed scan and analysis to identify the specific user identities.

The results are fascinating.

Of 200 domains recently scanned:

  • 87.4% had at least one potential identity compromised
  • The average number of potentially compromised identities is 41%
  • 16% of the companies had more exposed identities than users, indicating breaches occurred from multiple sources

What does this mean?

Just because employee@yourcompany.com appears on a dark web or identity theft site does not mean that the user account on your system has been breached.

It does mean, however, that a breach is likely. And, the more exposed identities for your domain, the greater the risk.

How does it work?

Chances are, your employees are using their work email address, employee@yourcompany.com, as their login identity for other systems.  These other systems are often work related services like Uber, Dropbox, online banking, credit cards used for business expenses, etc. Studies show that about 80% of people use the same or substantially similar passwords across systems.

If there is a data leak or breach at one of these third party services, hackers will test the identity on other systems.  If you have an employee whose email and password were leaked in one of the Dropbox incidents, for example, cyber criminals will test that email address and password, along with similar passwords, across common services like G Suite, Office 365, Facebook, LinkedIn, Instagram, and others.

A compromised identity on a third party service can easily lead to a breach of your systems.

What to do:

  • Get the Details:
    Get a detailed scan on your domain to clearly identify which user identities are exposed and at risk.
  • Mitigate Your Risk:
    Work directly with identified staff to reset passwords. Run additional scans on their systems for malware.
  • Communicate:
    Educate, train, and guide users on the risk of identity breach and how to avoid becoming a victim. Provide guidance, coaching, and policies around the use of company email addresses on other systems and best practices for password selection and management.
  • Challenge:
    Periodically test your employees using “honeypot” and “sandbox” methods to determine who is following best practices and who remains susceptible to attack.
  • Monitor:
    Monitor your domain, and personal accounts of key executives, for future issues and respond accordingly.

Next Steps

Your best next step is to contact us (email or web) to

  1. Request a detailed Dark Web Scan
  2. Discuss security education and testing services
  3. Setup on-going monitoring for your domain

 

 

Email Encryption

EFail Flaw: Encryption Alone Does Not Protect Your Email

Email EncryptionAs reported last week by eWeek and others, researched found two flaws that allow hackers with access to email accounts to read emails encrypted with OpenPGP and S/MIME.  This is significant for two reasons:

  1. These standards are available for us in almost every email client
  2. Budget-conscious users often relay on public-domain or free tools to use OpenPGP or S/MIME for email encryption

As noted in the eWeek article, 23 of 35 email clients tested as of the publication date were vulnerable.  While the actual risk from EFail is currently moderately low — hackers need access to the encrypted emails before they can exploit EFail, the rate of identity compromise is on the rise. Secondary threats, such as EFail, will become a more prominent form of attack in the future.

Free Encryption Solutions Often Lack Sufficient Protection

Robust email security and encryption services include features, such as validation of digital signatures, that ensure the integrity of encrypted email messages.

Furthermore, solutions, like ZixEncrypt, control both ends of the encryption process, so any messages (with or without S/MIME encrypted attachments) with an invalid or missing digital signature get bounced. Integrity checks prevent the delivery of compromised messages, thereby preventing exposure.

As you face an increasing need to secure email communications, the robust features in services like ZixEncrypt create a value proposition most businesses cannot and should not ignore.


Contact us for more information about email security, encryption, and compliance.


 

WiFi Performance

5 Things You Don’t Know Are Killing Your WiFi

WiFi Performance

Bad WiFi service frustrates employees, hurts productivity, and can send customers to your competitors.  Even if you use your wireless access point (AP) vendor’s management tool, here are five (5) things that may be hurting your WiFi service quality without your knowledge:

  1. Network traffic actually transmitted over the air:
    APs know that they attempted to transmit  data to a client, but cannot detect if a malfunction prevented transmissions.  APs cannot detect their own transmission problems, such as dropped packets, chatter, and jitter.
  2. Clients consuming channel bandwidth that are not connected to your infrastructure:
    Not every device using channel bandwidth connects to your network. These devices often interfere with connected traffic, hurting performance for others.
  3. Misconfiguration within your infrastructure:
    APs cannot self-detect if they are configured improperly or if neighboring APs are creating interference. APs are not clients on the network, so they can only see what they transmit and what they receive.
  4. Clients connected to APs not managed by your AP controller:
    While your AP management tool may identify unmanaged or unauthorized APs on your network, they cannot detect or analyze clients connected to those APs and/or the impact these unmanaged devices have on your WiFi performance.
  5. Interference from devices and networks outside of your control:
    Vendor AP management tools are built to manage the vendor’s APs. These tools do not identify or analyze neighboring networks that interfere with yours. Bandwidth and channel conflicts go undetected and unresolved.

Your vendor AP manager misses these issues because your APs are not WiFi clients.

The best way to monitor and manage WiFi performance and reliability is to place a passive sensor client in your environment.  Unlike expensive WiFi assessments of the past, done by on-site technicians lugging around specially equipped computers and meters, innovative services like the Wyebot Wireless Intelligence Platform™ (WIP) give you a plug-and-go solution for about 1/10th the cost.  WIP is a vendor agnostic tool that can see and monitor your entire WiFi environment, analyze and prioritize issues with alerts, make knowledge-driven solution recommendations, and provide remote network testing tools.

Tools like Wyebot help you ensure your WiFi network best serves your business.


Please download our eBook, Understanding WiFi Quality, for more information, or contact us to arrange an initial WiFi Assessment.


 

WiFi Quality

WiFi Quality is About the User Experience

WiFi QualityAn ever increasing number of businesses are learning that WiFi is more than a convenient network connection.

  • Restaurants, bars, and coffee shops that want patrons to linger and spend more lose business when customers can’t check the score, answer an email, or scan their social apps.
  • When your mobile app doesn’t work in your establishment because of poor WiFi service quality, your patrons go elsewhere.
  • WiFi quality influences which conference rooms get booked, where teams choose to huddle, where individuals choose to sit and work, and where people choose to socialize.

WiFi service quality is becoming a competitive factor that can help or hurt your business.

Most network managers rely on vendor management tools to monitor and control their wireless Access Points (APs). These tools provide basic statistics on traffic volume and patterns.  The more sophisticated solutions provide cool looking color-coded heat mats that overlay WiFi signal strength onto blueprints of your business. Some tools even use APs to triangulate users’ locations within their business.

What vendor AP management tools do not show you, however, is the client experience. You can have great WiFi signal coverage, but applications time-out if client devices experience too much interference. Your network may be setup to support a high density of users, but if clients end AP-hopping for signal strength, management overhead can cripple performance.

To understand WiFi quality: Understand the user experience.

By definition, your Access Points are not and cannot be clients on your WiFi network. The data your APs gather represents only what goes in and out of (or is simulated by) each Access Point. WiFi clients will see your network performance and reliability differently than your APs.

Think of it this way.  A chef creates a new signature dish. The chef knows that she’s used the best, freshest ingredients. The chef has sampled dozens of variations to get the taste just right.  The chef believes that this her best new meal ever. Even so, a few, many, most, or all customers may not like the taste, texture, or presentation of the meal. Fortunately, WiFi quality and reliability is not subject to personal taste and preferences; WiFi service quality is determined by the client experience.

The only way to understand, monitor, and manage WiFi service quality is to monitor your network from a client.

Historically, this has meant expensive service engagements in which technicians bring in monitoring and analysis systems for a “point in time” assessment. These assessments, which can cost thousands of dollars and only capture one point in time, are beyond the budget of most small and midsize businesses and schools.

New solutions, however, provide vendor-agnostic analyses of your WiFi network using passive sensor WiFi clients, prioritize identification of service issues, and offer knowledge-driven recommended solutions.  With the Wyebot Wireless Intelligence Platform™ (WIP), for example, in most instances we can provide periodic WiFi Assessments for less than 1/10th the cost of a traditional assessments. Ongoing monitoring becomes affordable for nearly all businesses and schools, the the added value of historical data analysis, real-time alerts, and remote network testing.

If your business relies on WiFi, you can now afford to make sure your WiFi network is reliable and performs well.


For more information, download our eBook, Understanding WiFi Quality, or contact us about arranging an initial WiFi Assessment.