Follow us: Entypo-facebook Entypo-twitter

CM-web-Banner-2014-b

Internet security by Advantum

Forewarned is forearmed...

When it comes to internet security, everyone should be aware of the threat posed by so-called ‘social engineering’, which involves tricking the internet user into ‘volunteering’ sensitive information. The best defence is to be on your guard and know the danger signals.

With the internet playing a major role in what seems like every aspect of our lives these days, it begs the question: how secure is it? More importantly, how secure is OUR data?

Internet security can be broken down into layers. From a more local standpoint, it can start from how we as end-users access the internet, our browser (or browsing habits), operating system and, on a wider scope, network security. Keep in mind that we are still not ‘on-line’ at this point.

lockRemember the last movie you watched with a hacking scene? Quite likely it had someone sitting at a desk in front of multiple screens, batting away at a keyboard while lines of what appears to be gibberish flow up each screen. To what end? Maybe they were trying to infiltrate the infrastructure of a massive financial institution. Maybe they were just trying hack their way to better grades in school. Or maybe they just wanted someone’s email password.

Maybe that still happens in the real world, but you know what would be easier? Having an unsuspecting internet user ‘willingly’ volunteer that information to them, which brings us into social engineering.

Social engineering is an attack vector that relies heavily on human interaction and often involves tricking people for the sole purpose of gathering sensitive data.

The most prominent form of social engineering is ‘phishing’. This is typically done via email, appearing to come from a legitimate source, usually a financial institution or retail outlet. The email prompts the receiver to take action on something with their account and supplies a fraudulent link to carry out this action. This link takes the user to a (usually) well done, albeit fraudulent, web page that requests sensitive information. Sometimes they take the form of a log-in page, prompting you to enter your user name and password, or go as far as asking you for sensitive banking information.

ENTITIES

In some incidents closer to home, a myriad of local entities including government agencies were the target of the Locky Virus. This attack came in the form of so-called ‘ransomware’. This is a form of malware which, in a nutshell, holds the files on an infected machine to ransom by encrypting them and demanding payment for the decryption key. It is even more devastating in an environment with multiple computers, as it seeks out network share destinations and mapped drives and ends up affecting those as well. So, while you may not have been the person who downloaded the virus, you could have been affected just by being on the same network as an infected computer. Why these attacks were so effective locally is because they seemingly came from a source that most people, especially in the business world, have heard of: the Bank of Jamaica.

Remember when we spoke about phishing earlier? Emails coming from what appear to be ‘trusted’ sources? One of the main vectors of this virus came from a This email address is being protected from spambots. You need JavaScript enabled to view it. domain. Most people wouldn’t think twice about opening an email from this address, especially if they have done business with the Bank of Jamaica in the past. The email went on to say: “Greetings. Please find enclosed the new transaction guidelines set by the Bank of Jamaica for individuals and companies, effective from Tuesday, March 1, 2016. Regards, Bank of Jamaica.” It also contained an attachment, assumingly with these new guidelines. Upon opening that attachment, however, a script was executed and the infection began.

Affected entities were sent scrambling for back-ups, early detectors were able to isolate infected machines from the network and restore them individually. Those without back-ups or those who were not able to follow the removal guidelines had to cut their losses and start over, while some had no choice but to pay the ransom of between US$ 200 and US$ 400, which was required in the largely popular and nearly untraceable cryptocurrency, Bitcoin.

How can we protect ourselves?

Read your emails thoroughly.

You may see a mail come in from your bank, or maybe it’s your uncle sending a link to some family photos. What does the body of the message say? If the link isn’t shortened, does it look like something actually coming from the sender? I personally have received mails from what looked like my primary banking institution requesting my account be reset. First giveaway was the sender’s email address. It did not come from an address resembling anything from the institution. Out of curiosity I continued reading until I came upon a link which was supposed to reset my account. The URL, however, did not have my bank’s name or initials in it and contained a lot of 0s – yet another giveaway.

Watch what you click.

While related to the above, this is not limited to email. Every day we are bombarded by pop-ups and flashy banners when we browse the web. Luckily, today, modern web browsers come with pop-up blockers, but they can’t catch everything. Chances are, that flashy banner telling you that your computer is slow and you can download a free application to ‘tune up’ your computer is going to do the complete opposite. We have encountered many computers with these applications on them and while they do not seem particularly harmful to the layman, they install a lot of malware (the same things they claim to remove) that run in the background. While you do not know what is going on, these applications hijack your browser by adding even more advertisements, pop-ups and, in some extreme cases, log your key strokes. Anything you type (including names, addresses, credit card info, etc) is stored, and likely sent to the makers of the application. (I think I have your full your attention now, yes?)

Back-ups.

Do I even need to explain this? You should have multiple copies of anything deemed important to you or your organization. Portable storage is very cheap these days in the form of USB flash drives or external hard drives. Cloud storage may be even cheaper (or free) and more convenient, as it can replicate your files seamlessly without much (or any) interaction. Network Attached Storage devices are also a good choice if you have large amounts of data you want to store locally. There is NO reason today not to have important files backed up.

In the words of Kevin Mitnick, dubbed the world’s greatest hacker turned security expert: “It’s much easier to hack a human than a computer, because computers follow instructions. They don’t vary. Humans go by emotions, by what’s happening in their day. So it’s not hard [to socially engineer someone] especially if they haven’t been burned before.”