2017 November

Making Cloud Security Experience As Safe And Sound And Secure As Possible

Posted by | Articles, Uncategorized | No Comments

Has your business adopted cloud computing yet? The private investigators in Boise see several benefits and drawbacks to this new technology. The benefits revolve around how fast IT delivery can be, the increase in productivity, financial streamlining and that it can keep any business running like a tight ship. The disadvantages stem from the challenges related to security of the sheer volume of information that can be kept in and pulled from the cloud. With multiple vendors and specific departments needing accessibility to some parts of the cloud and not others, the technology can become a Chief Information Security Officer’s worst nightmare.

The Need For Better Visibility

Because of the multi-layered needs of cloud users, many businesses have adopted different cloud formations. The private investigators in Boise state that private, public cloud and hybrid network technologies are one way to split the workload. However, the challenge still exists on visibility. Cloud-based workloads are harder to actual ‘see’ than those contained on a physical network. One way to control the cloud activity is through data governance. In other words, knowing where information is stored, where it is being shared and what cloud services are being used by the company. Without visibility it is impossible to enforce policies and control risk factors.

Compliance Issues

The private investigators in Boise also see compliance as another issue related to cloud storage and use. For example, questions to be asked when a company shifts all data files to the cloud environment should include the following:

  • Where exactly is the data going to be stored?
  • Who will be responsible for tracking and watching the data?
  • Who can see the data and can access/visibility be controlled in-house?
  • What is the security level of the cloud format being used?
  • Has the data been securely configured prior to movement?

The type of data can vary from personal information to payment data and intellectual property. Each of these contains their own standards in storage in order to be compliant.

Controlling The Situation

CISOs have such a complex IT environment to sort out in today’s world. It includes multiple endpoints that fluctuate constantly as a result of different mobile devices and desktops. Hybrid environments are as challenging but somewhat easier to control once security configurations in the cloud are made. The biggest part of the puzzle of securing cloud storage comes directly from the company using the technology. They need to control who has access to what which will eliminate a lot of unauthorized access, sharing and reducing risk at the same time.

Ask The Private Investigators in Boise

Not sure whether or not your cloud service is secure enough or that you have enough control over it? Advice from the private investigators in Boise can help. Be aware of what is stored and shared and by whom. A secure system is only as secure as the people who use it for the purpose it was designed. For more advice contact Custer Agency today.

Equifax Credit Assistance Site Served Spyware

Posted by | Uncategorized | No Comments

There is not a lot of tricks that the private investigators in Boise have not already seen. However, this particular one stands out for several reasons. Equifax is a consumer credit bureau with a large and popular online platform. Then one day it happened. A third-party code was installed that sent Equifax customers to what looked like an Adobe Flash Player software update. The fake Flash Player installer was caught by anti-virus protection tools which alerted Equifax that something bad was happening at their website. They removed the code from their website and all was once again fine in the world of Equifax.

How It Happened

Equifax said the fake Adobe Flash Player software update prompts came from a third-party vendor the company uses to record website performance information. The vendor’s code was sending out malicious content until it was caught and removed. The private investigators in Boise say that Equifax did not identify the third-party but warns that this is one of the many online tricks that can compromise services and farm sensitive data from its users. Equifax says that there was no damage to their system and that no personal data had been taken.

Not The First Attack To Equifax

Hackers have used Equifax’s database as a target for more than one attack. In fact, the general public has in some cases lost a lot of faith in the security of the credit bureau system simply because it has been hit several times. One such incident that earned a lot of news coverage was when the company’s servers were hacked into resulting in Social Security numbers and other sensitive personal information being stolen. The data farmed from this particular attack directly affected over 145-million US residents. The private investigators in Boise point fingers at Equifax for having a system that can be hacked into easily. One such instance was the Equifax payroll and tax administrative site. Until it was taken down, anyone could access salary and employment history on just about any person in the United States with just a Social Security number and date of birth.

Keep Your Data Protected  

The private investigators in Boise say you need to be diligent in protecting your private information. Hackers are everywhere and they are getting better and better at breaking into secure databases. You can keep yourself protected with the use of anti-virus software programs, securing your Wi-Fi connections and reducing the amount of private information available online. For more advice on how to do this contact the private investigators in Boise at Custer Agency today.

What You Should Know About the ‘KRACK’ WiFi Security Weakness

Posted by | Uncategorized | No Comments

The private investigators in Boise advise you to pay attention to your WiFi network. There has been a newly discovered weakness in the WPA2 security program. WPA2 is a security standard that protects contemporary WiFi networks. It is the shortened form of Wi-Fi Protected Access II and the flaw that has been identified will allow data to be stolen from the stream between your wireless device and the Wi-Fi network. In other words, a hacker could potentially break into the security of the WPA2 protocol and gain access to photos, chat messages, passwords and any other sensitive data you are using when on your WPA2 network.

The attack is named KRACK which is short for Key Reinstallation AttaCK. The research that led to the discovery of KRACK also says the security weakness could allow for the injection and manipulation of data. However, that may depend on the configuration of the network under attack. The private investigators in Boise say that an attacker could possibly inject ransomware or some other form of malware into websites that can be accessed through the WPA2 weakness. This means that a wide range of devices could be venerable as a result of this security issue.

There Are Some Conditions, Though

You can relax somewhat knowing that an attack through the KRACK weakness cannot be carried out remotely. However, this means that in order to be successful, a hacker must be within the Wi-Fi signal range of the WPA2 network. There is another reason to heave a sigh of relief – sensitive data such as information from financial institutions have an added layer of protection with SSL (Secure Sockets Layer) encryption. SSL encryption is a completely different security feature than the WPA2 encryption layer.

Should You Be Worried About KRACK at All?

The private investigators in Boise do not view the WPA2 security hole as a huge issue for private home network users. However, if there is a potential for hacking damage it could come in the form of large corporate entities that have not separated their wired and wireless networks very well. That being said, any threat to online security should not be taken lightly and you should take necessary precautions to protect your network, devices and the information stored on them.

Contact the Private Investigators in Boise For Information

Cyber security is a huge issue thanks to the continued growth of the internet. In order to stay secure, let the private investigators in Boise give you some advice on the simple ways in which you can stay protected. Contact Custer Agency today for more information.

Reaper: Calm Before The IoT Security Storm?

Posted by | Uncategorized | No Comments

The private investigators in Boise concern themselves these days with a lot of issues related to online security. A zombie malware strain known as Mirai enslaved IoT (Internet of Things) devices over a year ago which disabled many top websites. The IoT targets included security cameras, wireless routers and digital video cameras. There now appears to be an even stronger threat on the horizon.

Known as Reaper or IoTroop, this more powerful strain of IoT attack malware spreads through IoT software and hardware security holes. In fact, Reaper is evolving and in doing so it is recruiting IoT devices at a faster pace and could cause even more damage that Mirai did in the Spring of 2016. The private investigators in Boise say Reaper leverages security vulnerabilities found in a dozen device manufacturers.

The Reaper/IoTroop DNA

The Mirai and Reaper programs are in actuality computer worms. They grow by having a built-in mechanism that spreads them automatically from one infected device to a ‘clean’ device. Once the ‘clean’ device is infected, Reaper moves on. Research has shown that the behavior of Reaper in not aggressive but it is designed to spread in a more deliberate pattern than Mirai was meant to do.

What to Watch Out For

When Mirai attacks started in August 2016, there were warning signs that something was about to hit the internet. The initial injection of the malware was fed into the internet in July 2016 and it bullied control away from systems that had been infected by an IoT malware contagion known as Qbot. Cyber criminals then spent that summer taking over poorly-secured IoT devices from other hackers who had used weaker IoT strains such as Qbot.

Mirai was designed to launch DDoS (distributed denial of service) attacks. When a DDoS attack is targeted at a single internet host or website, it creates a widespread internet disruption. The private investigators in Boise say that when this happens, IoT malware is spread once venerable devices are found through internet scans. With Mirai the scanning activity was so aggressive at times that it constituted unintended DDoS on home routers, web cameras and DVRs that the malware was made to subvert and recruit into the botnet.

The botnet then launched attacks against web hosting firms which results in several large websites going down. A source code was released by the malware creators which resulted in several copycat clones of Mirai which proceeded to infest and infect an even larger pool of venerable IoT devices.

How Secure Is Your System?

The private investigators in Boise warn that in order to keep your internet system safe from attack you should have malware protection installed in your computers. Any form of anti-virus protection is better than none at all and in order for it to work to its designed potential, you must keep the anti-virus programs current and up-to-date. For more information on internet security, contact the private investigators in Boise at Custer Agency.