Today we remember the veterans who sacrificed an easy life to protect our freedom.
Sadly, for many veterans who return home, life is hard. Low income, lack of marketable job skills, and other complications can often spell a life of poverty for those whose sacrifice has secured our peace and prosperity. Often the only thing preventing them from finding a better life is the lack of basic technology.
Thanks to charitable organizations, veterans and their families who are in need can receive basic computer donations. This Veteran’s Day, consider donating your old tech to organizations that refurbish and give them to veterans in need.
And let’s remember to thank veterans for their service.
Flint Tech Solutions wishes everyone a safe and peaceful Veteran’s Day!
Thanks for joining us for our month-long series on cybersecurity! Check out our social media pages and let us know what you think.
To wrap up our cybersecurity awareness series, we’re going to look at two attacks that can seriously hurt your small business: Session Hijacking and DNS Poisoning.
Session Hijacking is an advanced attack that has become easier to accomplish over time. Every time somebody logs into a website, a session is created (this involves two systems communicating with each other). When the user ends communication, the session becomes inactive.
A session is hijacked when an attacker takes control of the session using cookies. This can be accomplished by different methods:
Cross-site scripting (CSS): As we described in our last post, CSS is when attackers use a server or application’s vulnerabilities to inject script into a website for malicious purposes. If the server does not set HTTP Only in session cookies, injected scripts can gain access to the session key, which gives attackers all they need to hijack the session.
Session side jacking: This is when an attacker monitors the traffic within a network and intercepts the session cookies after the user has authenticated it. Unsecured Wifi Hotspots usually allow for this kind of attack.
Ultimately, encryption is the best line of defense against these attacks. The most effective ones include:
Secure Sockets Layer (SSL): This is the standard technology for securing an internet connection and protecting sensitive data being sent between two systems.
Transport Layer Security (TLS): This is an updated, more secure version of SSL.
DNS Poisoning is one of the trickiest attacks out there. DNS servers are compromised when the attacker substitutes the address of a valid website for a fake so that users are redirected to malicious websites, including phishing sites. Attackers can either collect passwords and other sensitive information, or simply refuse to load the site. The Chinese government uses this method to block access to sites they find objectionable.
Attackers are able to execute this attack by:
Mimicking a server: When your DNS server submits a query, the attacker responds quickly with the wrong answer before the legitimate server is able to respond.
Bombarding a server: Attackers send thousands of queries to a caching server, then send thousands of false responses, gaining control of the domain and the entire site over time.
Taking advantage of open ports: Again, attackers send thousands of queries to DNS resolver ports. Over time, they discover which port is open and focus future attacks only on that port.
Secure web hosting is crucial to guarding against this attack. Options for protection include:
Control your DNS server: This takes time, expertise, and determination to do properly. If you don’t have the time or knowledge, Flint Tech Solutions can help.
Limit queries: This means refusing DNS requests over open ports. This limits how much you get bombarded with queries that could compromise your data.
Find the best software: Again, this is an area where Flint Tech can help. Some DNS software comes with protections built in, and this is an area where you want to make sure you’re getting what you pay for.
We hope you’ve enjoyed this series and learned more than you knew before about cybersecurity. Stay tuned to our blog for more great content to come!
To learn more about how Flint Tech can help defend your small business, click on our logo below:
Flint Tech’s Cybersecurity Awareness Series: Web Attacks
Home /Flint Tech’s Cybersecurity Awareness Series: Web Attacks
If you’re still with us, we really appreciate your time and attention as we explore the issue of cybersecurity this month!
Now let’s look at something a little different from passwords and malware: Web attacks.
This is any attempt to breach your web site. As we said before, hackers are financially motivated, and anything from an eCommerce site to a small-business site is equally attractive. They tend to look for vulnerabilities that include a system flaw or weakness that can be exploited.
So let’s look at the most common types of web attacks:
Injection Attacks: These pose the highest risk for websites. The SQL (pronounced “sequel”) Injection is the most popular among hackers. Any injection attack directly targets the website and server database. The hacker inserts code that shows hidden data and user input, allows for data modification, and otherwise compromises the application as a whole.
Cross-Site Scripting: Whereas SQL attacks go after a vulnerable website’s data, a cross-site scripting attack goes after the website’s users. This also involves injecting code into a website, but it only runs in the user’s browser when they visit the compromised site and only goes after the users directly. Comments on blogs are one example of the ways an attacker could deploy this kind of attack.
Fuzzing: Also known as Fuzz Testing, this is used legitimately by software developers to test for coding errors and security loopholes. But attackers also use it to look for vulnerabilities in a website they want to target. At first, copious amounts of random data are fed into an application to force it to crash, then the fuzzer tool is used to identify weaknesses. Any loopholes in the website’s security can be further exploited by the attacker.
Path/Directory Traversal: This attack is less common than the others, but it’s still pretty serious. It’s a little more technical than the others too. Attackers attempt to access unauthorized files or directories outside the web root folder by injecting patterns to move up in the server hierarchy. This can allow for compromised access to all kinds of sensitive data, files, databases, and more on the same physical server.
As with the other types of cyber threats, any one of these attacks can result in catastrophic loses for your business. The best way to protect yourself is to enlist the help of a trusted tech partner like Flint Tech Solutions to monitor, protect, and help you recover in the event of an attack.
Here are some ways you can protect yourself:
Validation: Implementing advanced validation techniques for anyone who visits your website will help reduce your risk of attack.
Security Testing: Web application security testing tools are something any small business owner can use, and there are a number of open source tools available.
Firewall: Setting up a web application firewall (WAF) can help protect against web attacks.
Stay Up-to-Date: Make sure your security applications get updated regularly.
The bottom line for small business owners today is that cyber attacks are getting more and more sophisticated, and having a tech partner you can rely on to have your back is essential.
At Flint Tech, our goal is to take the pressure off when it comes to your small-business tech needs so that you’re free to pursue your goals, because your success is our success. Click on our icon below to find out more.
We hope you’re enjoying this month’s series on cybersecurity! Stay tuned to learn about more cybersecurity threats and what you can do to protect your business.
Thanks for reading this month! We hope you’re learning more about cybersecurity. As you’ve hopefully observed, it’s never been more important for businesses to have an effective security plan.
Let’s get back at it with the next type of threat on the list: Denial of Service (DOS) Attacks.
Yes, this one’s pretty scary too. It happens when legitimate users cannot access information systems, devices, and other network resources because hackers have shut them down and seized control. There’s also a Distributed Denial of Service (DDOS) Attack, which happens when multiple computer systems flood their target with enough traffic from a “botnet” (a group of malware-infected private computers across the internet) to crash the server. If you’ve ever been asked to prove you’re not a robot when entering a website, this is the reason why.
These attacks are rudimentary, but they can cost organizations time and money while their people are unable to access resources for anywhere from days to weeks. The record for the number of DDOS attacks launched per year was broken in 2020 with 10 million, a 20% increase from 2019.
Ransomware is probably the most intimidating form of DOS attack, as the Colonial Pipeline found out earlier this year. The sad thing is, that attack happened because of one compromised password.
Can it really be that hard to keep your passwords secure? The truth is there are at least 7 types of password attacks, and it takes a strong, dynamic password management plan to guard against them.
The more well-known attacks include:
Brute Force: Much like it sounds, numerous guesses are made to crack the password and gain access. A simple but usually automated form of attack.
Credential Stuffing: Another type of brute-force attack involving trial-and-error using stolen credentials.
Dictionary: A variation on the brute-force attack that involves commonly used words and phrases and oft-used passwords.
Man-in-the-Middle: An attack involving the user, the attacker, and a third party. Cyber criminals imitate a legitimate third party, usually via phishing emails that try to convince the third party to click on a link leading to an apparently legitimate website, thus allowing the attacker to collect user log-ins.
Keylogger: Spyware that records the user’s keystrokes.
Password Spraying: Yet another form of brute-force attack where a large number of common passwords are used on a small number of accounts, even just one.
Phishing: A versatile attack that can be as simple as one email or as complicated as a multi-step attack involving voice calls.
So how do you protect your company’s passwords? The only choice is to create and carry out a password management plan that is up to date with best practices. This includes:
Creating lengthy, complicated passwords for every account
Using multi-factor authentication everywhere you can (this creates an additional barrier to keep out hackers)
Utilizing a password manager to safely manage and store all passwords
Managing your passwords, limiting access to privileged accounts, and adding additional layers of security is something a solid tech partner can do to help back up your plan. Having employees and other company players learn about password security is also a crucial step.
Next we’ll be examining what happens when your company’s website is attacked, and what you can do about it. Stay tuned!
We’re so glad you’ve joined us for our month-long series on cybersecurity! Today we’re moving beyond the well-known threats to something a little more sinister: security breaches.
As we wrote about before, security breaches include any attempt to gain unauthorized access to your system, also known as “hacking.” Cracking passwords, elevating privileges, and breaking into a server are all examples.
Hackers generally attack by means of assessing their target, using network or social-based attack methods, and extracting confidential data.
Security breaches can happen at any time, and when they involve the exposure of customer or client data, they are difficult to keep private. The loss of business that often results from a breach can be devastating for a small business.
Often, breaches are caused by the human errors of insiders, whether it’s clicking on a malicious e-mail or not keeping passwords secure enough (too weak, not changed often enough, etc.).
There are several types of processes that, if handled properly, could prevent a breach:
Weak Passwords: As stated earlier, overly simplistic passwords are prime targets for hackers. Making up something you can remember is no longer an option: the longer and more complex, the better.
Orphan Accounts: After an employee has left a company and moved on, their access to accounts is often left inactive rather than being terminated. If a malicious user were to gain access to an account via the unused credentials, nobody in the company would know unless appropriate controls were in place to monitor such activity.
Over-entitled Identities: Unregulated access to sensitive information and systems can create areas of weakness if not managed carefully. Executive and low-risk system and data users alike are equally valuable targets for hacking.
“Ok, so I just set reminders to change the passwords regularly,” you say. “Boom. Done. No extra money splashed out on a fancy Tech company I can’t afford. Next question…”
But hear us out: why burden yourself and your people with taking partially effective measures when a solid IT team can provide the kind of wide-ranging protection your company needs?
There are certainly things you can do yourself, like…
Establish better securityhabits: For instance, make it a policy to have strong passwords that get changed routinely. Establishing this habit alone will substantially cut down the risk–the longer it takes a hacker to get through, the more likely it is they’ll be caught.
But there are other things your people may not have the right kind of support or resources to accomplish, such as…
Solid Identity Protection: Allow your IT team (be they in-house or hired from outside) to have a holistic view of your systems and data so they can assess your risk and create a plan to detect attacks as quickly as possible.
If you haven’t developed a cybersecurity plan for your company or even budgeted for cybersecurity in the first place, there’s no time like the present to start. A few questions to ask yourself when considering your plan include:
What will it cost us if a breach occurs?
What controls/protections do we currently have in place?
What will we do if a breach takes place?
What can be done now to offer the best protection?
And of course, keep following our blog as we continue to discuss cyber crimes and solutions this month. Stay tuned!