Cybersecurity for Small Business

Mention the word “ransomware” at a meeting of small business owners and you’ll feel the temperature in the room drop by 20 degrees. A ransomware attack is a chilling prospect that could freeze you out of the files you need to run your business. When FTC staff met with business owners across the country, you cited ransomware as a particular concern. New resources from the FTC can help protect your company from this threat.

Ransomware: How It Happens

What is a ransomware attack? It can start innocently enough. An employee clicks on a link, downloads an email attachment, or visits a website where malicious code is lurking in the background. With just one keystroke, they inadvertently install software that locks you out of your own files. The cyber crook then demands a ransom, often in the form of cryptocurrency. But even if you pay, there’s no guarantee that hackers will live up to their end of the bargain. They may pocket the payment and vanish without unlocking your files. Meanwhile, the information you need to run your business – and confidential data about your customers and employees – is now in criminal hands.

[More]

Keeping up to speed with Hacker Lingo

Like nearly every passion, sport, profession, or hobby, hacking has its own lingo. Here's a quick review of some hacking lingo!

Test your knowledge here

You already know what phishing and spyware are, but how about spearfishing? Shodan? Zombies? Here’s a glossary of some hacker lingo that you and your IT team should be aware of.

Brute Force Attack

When a hacker tries to guess your system’s password by guessing all the passwords with an intensive automated search. One of the biggest reasons the US and China are investing in quantum computing research is because quantum machines can, in theory, defend against this kind of barrage.

Doxxing

Exposing a person’s sensitive personal information on the internet. It can be anything from addresses and phone numbers to credit card and social security numbers. An example of doxxing specific to the business world is Whaling.

Evil Maid Attack

When a hacker goes in and hacks your device in person. This person has access to your space—the kind of access that a maid tidying your office might have.

Grey Hat

Black hats are hackers who are up to no good; White hats are cybersecurity experts who spend their time helping organizations defend themselves. (To make things more confusing, some white hats are good at their jobs because they used to be black hats.) Meanwhile, grey hats employ black hat techniques, but they don’t do it for profit or nefarious reasons; they’re hacking because they’re on a mission (that can be good or bad). If you are a grey hat, sometimes you are also a...

Hacktivist

People who hack to make a political or social statement. Prominent groups like Anonymous and WikiLeaks think of themselves as hacktivists.

R.U.D.Y attack

Short for “R U Dead Yet,” this is a slow-rate (also known as a “low and slow”) attack designed to exhaust a web server by submitting long-form fields until it crashes.

Sniffing

Capturing unencrypted data as it transmits over a network. Sniffers can be used to diagnose network issues—or steal sensitive information.

Spearphishing

A phishing scheme that targets a certain group within an organization. (Also see Whaling.)

Shodan

Shodan refers to Shodan.io, a site that scans entry-level devices connected to the internet (such as many IoT devices) and looks for vulnerabilities. Ostensibly it’s used to help you secure devices, but hackers will look for vulnerabilities to exploit them. (In Japanese, “shodan” refers to an entry-level martial arts belt.)

Whaling

A phishing scheme that takes aim at the very top of the c-suite food chain. Hackers collect executives’ personal information (and threaten to doxx them) or compromising information (such as their salaries) to blackmail them into paying a ransom or some other demand.

Worm

A type of malware that replicates itself automatically, spreading across the network.

Zero-day exploit

Also known as a zero-day attack. This is when a hacker finds a weak point in a system and releases malware before developers can release a patch. “Day zero” is jargon for the day the target learns of the vulnerability; in a zero-day exploit, the target has “zero days” to do anything about it.

eNews 2018 in Review

We have been publishing The Computing Center eNewsletter since 2005. Our current database has been used since 2011 and contains over 380 stories, some written by our staff, others written by computer industry experts and other commentators.

In addition to our actual monthly eNewsletter which many of you receive via email, all our stories are also published on our website - click on eNew Cabinet on the home page of www.compcenter.com. Here they live on forever while more and more people (and systems) also read and scan them. This is one of the places we look to get the statistics about our readership.

So, here's the review of the best read entries for 2018:

1. We actually go back to 2017 for this one. In Sept 2017, The Computing Center aquired the assets of Sherpa Technology. By December 2017, there were about 1,630 views of that article. During 2018 and nearly 3000+ views later, this is our most read story of 2018.  www.compcenter.com/client/index.cfm/2017/9/8/The-Computing-Center-acquires-the-assets-of-Sherpa-Technologies-Inc

2. Something far more mundane comes in 2nd. The Computing Center's Privacy Policy which we published an update to in May. Obviously there were readers who needed help falling asleep! www.compcenter.com/client/index.cfm/2018/5/25/The-Computing-Center-Privacy-Policy

3. Ithaca has a lot of freelancer's and micro/individual businesses.  This article received a lot of views in March 2018. www.compcenter.com/client/index.cfm/2018/3/27/Freelancing--When-to-Save--When-to-Spurge

4. All of us have to deal with lots of passwords.  Are they slowly becoming passe?  Our article in February 2018 covered that idea. www.compcenter.com/client/index.cfm/2018/2/27/Are-Passwords-Pass-Not-Quite-Yet

5. And ending on a bit of a sad note.  Last December, The Computing Center's first client (from 1978), David Flinn passed away. We wrote the article in December, but many of you read it during early 2018. www.compcenter.com/client/index.cfm/2017/12/29/A-Sad-Farewell-to-The-Computing-Centers-First-Client

Please keep reading  We regularly get suggestions and try to find interesting stories to cover and to reprint.

Online Social Circles are becoming riskier

 by Jacqueline Beauchere, Microsoft Chief Online Safety Officer

Bullying, unwanted contact and receiving unwelcome sexual images and messages were the most prominent risks in our latest digital civility research and, while strangers still pose the majority of online threats, data show a distinct rise in risk-exposure from people’s own social circles.

According to preliminary results from our latest study, 63 percent of online risks were sourced from strangers and people whom respondents knew only online – largely unchanged from the previous year. Meanwhile, 28 percent of online risks came from family and friends, up 11 points. In addition, findings revealed a relationship between risk-exposure and familiarity with the perpetrator: respondents who had met their abuser in real life were almost twice as likely to experience an online risk. More disheartening were indications that people were targeted because of their personal characteristics, namely gender, age and physical appearance.

[More]

Securely connecting while on vacation

It's winter and everyone wants to get out of town to somewhere warm. While it's easy to stay connected to your office, it needs to be done securely. Some guidance for you and your staff.

The snow gently falls outside as you kick back in your Snuggie, ready to conquer that Netflix backlog. You’ve earned it! During the months leading up to winter, you vanquished any and all network security vulnerabilities threatening your digital kingdom, and now, your office is more secure than the Fortress of Solitude.

But then, you look at your watch and realize the minutes are melting away, even though the outside world is freezing over. Days are getting shorter, and the seasons are changing. While you’ve admirably confronted office security head-on, cold weather heralds more travel, as employees seek to escape the freezing temperatures for warmer paradises. More travel means more devices outside your newly secured office.

[More]

More Entries