• 23 November 2024, 23:12 PM

Category Archives: blog

pen testing

A quick guide to effective pen-testing

Do you want to uncover vulnerabilities before a Cyber hacker exploits them? Maybe you are already aware of your network’s vulnerabilities, but need a third party to argue that your network security needs additional investments? Or does your Business need penetration testing services to comply with a certain security regulations.
Here is guide that explains the best practices to be used before, during and after network penetration testing.

 1.)  Pre-Test Stage

This section lists the activities to pay attention to before penetration testing.

  • Define the scope. Regardless of the pen-test type, list the number of networks, the IP address range within one network, subnets and computers to avoid any misunderstanding. Otherwise, pen testers might leave some network systems unattended or worse, hack some third party systems.
  • Define the time frame. Penetration testing shouldn’t disrupt your company’s everyday operations. Imagine if a pen tester used a technique involving heavy network traffic. If used at peak times, it could overload the network and crash it.
  • Decide if you want your IT security and technical information to be in the know. Unannounced penetration testing is good to assess the status of your security team. Yet, it may slow down the process or even block it, for example, by cutting access from internet for pen testers.

2.)  Test Stage

This section covers practices followed by pen testers while conducting network penetration testing.

  • Gather as much customer information as possible. Pen testers use the customer’s website, WHOIS databases and web search engines.
  • Conduct a network survey. This process provides pen testers with server names and domains, the range of IP addresses owned by the organisation, information about closed and open network ports, running OS and services.
  • Determine existing vulnerabilities. At this stage, pen testers scan the network looking for vulnerabilities to use for penetration attempt. Vulnerability scanning can be automated and manual. A combination of the two methods will boost the effectiveness of the process considerably.
  • Identify suitable targets. Pen testing will always be conducted within a time frame set by you. So, out of the list of vulnerable targets on your network, it’s essential to choose the proper ones not to waste time and effort doing unnecessary job. It would be sensible to choose the servers, as the primary targets for penetration testing.
  • Attempt penetration. To exploit vulnerabilities, pen testers use specialist, customised tools. These tools categorise vulnerabilities based on the severity. This helps to provide a customer with a report of vulnerabilities that need to be fixed immediately.

3.) Post-Test Stage

Network penetration, as such, is over. But the penetration testing procedure isn’t. Two stages are left: cleaning up and report generation.

  • Report generation. A well-structured report is a welcome hand in risk management. It should start with an overview of the penetration testing process followed by the most critical network vulnerabilities that need to be addressed in the first place. Afterwards, fewer critical vulnerabilities should be highlighted.
  • Cleaning up. Pen testers’ code of practice doesn’t allow to leave any surprises in your network. To keep it clean, pen testers should maintain a detailed record of all actions performed throughout the stages of penetration testing.
man in the middle

What is a Man-in-the-Middle Attack and How Can You Prevent It?

 

This type of cyber crime is very common and on the rise, so here’s what you need to know about MITM attacks, including how to defend yourself and your business against them.

What is a man in the middle attack?
The idea behind a man-in-the-middle attack is straight forward: Intercept traffic coming from one computer and send it to the original recipient without them knowing someone has viewed, and potentially altered, their traffic.
MITM attacks give the perpetrator the capability to steal funds, redirect a browser to a malicious website, or steal information to be used in later cyber crimes.

These are three popular types of MITM attacks your business will most likely encounter:

1. Email Hijacking
Hackers target and gain access to important email accounts, they will then monitor activity and transactions to make their eventual attack a lot more convincing. For example, they could wait for a scenario where the customer is sending money and respond, spoofing the company’s email address, with their own bank details instead of the company’s. Unfortunately, the customer thinks they’re sending their payment to the company, but they’re really sending it right to the hacker.

2. Wi-Fi Eavesdropping
Most MITM attacks rely on Wi-Fi connections. Hackers will set up a Wi-Fi connection with a legitimate-sounding name and all the hacker has to do is wait for you to connect and they’ll instantly have access to your device. Alternatively, the hacker can create a fake Wi-Fi device disguised as a legitimate Wi-Fi access point to steal the personal information of everyone who connects.

3. Session Hijacking
When you log into a website, a connection between your computer and the website is established. A hacker will then hijack your session with the website through various ways. One option they use is stealing your browser cookies. Your cookies store small pieces of information that makes web browsing convenient. It can be your online activity, login credentials, pre-fill forms, and in some cases, your location. If hackers get hold of your login cookies, they can log into your accounts and assume your identity.

“Who is the typical target of a man in the middle attack?”

Any person or any business could be the target of a MITM attack.

How do I prevent man-in-the-middle attacks?
There’s no simple ‘quick fix’ to protect yourself against MITM attacks, however here are a few to help you:

  1. Only connect known, trusted devices to your Wi-Fi networks. Don’t allow devices to automatically connect.
  2. Make sure all access points are secured and encrypted. Attackers that rely on physical proximity can be kept off a network by good security.
  3. Keep an eye out for phishing emails that request you to click to log in to a website.
  4. Train your staff to become a ‘Human Firewall’
  5. Make sure operating systems are patched and updated to prevent attacks that exploit weaknesses.

How would your business stand up against a Cyber attack?

business data

Data: The basis of your entire business

Businesses are struggling with the deluge of data flooding their systems and need to find an effective solution for managing it. Adding to the challenge is the amount of old and inactive data that must be kept for legal and/or legacy reasons. Many organisations are still using expensive primary storage systems for their old data which eats up vast amounts of their annual IT budget. The time and effort needed for IT teams to manage overloaded and expensive traditional storage solutions is an unnecessary waste of valuable resource.

So what should you do with all those terabytes of data?

Things to consider when making decisions about storage management are:

Data Storage Solutions Vary With Business Size
Only 20% of businesses store a petabyte or more of data while 40% of businesses have less than 50 terabytes of data. Recognising this, most IT managers and business owners consider that, if they are in the SMB sector, an enterprise storage solution would be an overkill. In reality the best solution for them is likely to be based on enterprise technology but tailored to fit their data storage requirements.

Tape Storage Is Not The Answer
Tape storage is still being used by many organisations who believe this is a cheap option however, in reality it is very demanding in management, highly unreliable and when needed, rarely leads to complete recovery of data.

How Important Is All That Data?
Studies have shown that almost 60% of data stored is old or inactive and is unlikely to be used ever again. Therefore, considering the cost of storage, it would be financially worthwhile to invest time in cleansing this data and weeding out duplicated or obsolete information.

Public Cloud Storage Can Be Risky
Studies suggest that many businesses have suffered unauthorised cloud access using storage services like Dropbox and Google Drive. This is often caused by individual employees using the cloud to store their data without the security precautions of a corporate storage solution. Most organisations do not adequately consider the implications of what measures their service provider has made to enable recovery of customer data in the event of a system failure – or worse, if their service provider goes out of business altogether.

Storage Will Remain A Business Challenge
It is apparent that business data will continue to grow at a rapid rate and therefore storage management is always going to be an important consideration. By being proactive about creating long-term solutions, organisations can save time and money, which is better invested in developing their core business.
It is important to evaluate the overall needs of the business when deciding which way to go in enterprise data storage. Price, technology, SLAs, disaster recovery, security and compliance are only a few of the factors that must be considered.

DSM Group have experts on hand to discuss your specific storage requirements and help you to find the best solution for your business.

key cyber security trends look out for 2021 1024x440 2

12 Steps To Secure Your IT System

Online criminals are increasingly targeting SME’s instead of large corporate entities, so it’s more important than ever to take steps to protect your IT and data.
Let’s look at how you can do that in 12 easy steps:-

  1. Make IT security a priority. Technology is integral to every small business, even those with just one computer so don’t fall into the trap of ‘it won’t happen to me’!
  2. Make someone responsible for IT security and ensure they have the time and resources to create new security processes. If not, it’s easy for things to get overlooked.
  3. Assess the risks to your IT system. Look at how you and your employees use IT to identify vulnerabilities. For example, your internet connection should be protected by a robust security package that includes virus and malware protection, plus a firewall.
  4. Take care of IT security basics. Simple precautions like not opening email attachments from unknown sources, education on threats like phishing and changing passwords regularly can significantly reduce the risks.
  5. Draw up an IT security plan. Once you have identified the risks your IT system faces, write an IT security plan. This should set out general rules to minimise the threat of hacking, theft and data loss.
  6. Be prepared to invest time and money. Good security software with regular updates usually costs money. It also takes time to identify what precautions you need to take.
  7. Perform regular backups and test that you can restore your data from your backups. At some point, every business will suffer a data loss – perhaps a result of accidental file deletion or a failed hard drive. Having a good backup system enables you to recover important data and carry on working.
  8. Protect lost property. One of the quickest ways for someone to access your data is through lost or stolen laptops, smart phones or USB memory sticks. Mobile equipment should be password protected and encrypted. Implement a remote wipe system so your data does not get into the wrong hands if a device is lost or stolen.
  9. Be aware of staff-owned devices. If employees are using their own smart phones or tablets for work then make sure this doesn’t create additional security risks.
  10. Train your staff. Ensure all employees are familiar with your security plan. Explain security procedures clearly, both during training and in employment contracts. For example, make it compulsory for staff to change their passwords regularly or to encrypt sensitive emails.
  11. Make it easy to be secure. One of the biggest threats to good security is employees who circumvent rules because following them makes their jobs difficult. It’s important your security measures don’t place an unreasonable burden on staff.
  12. Secure your website. Your website could be one of your weakest spots if hackers target you, particularly if it is the main point of contact for customers. In particular, make sure your online shop is secured by an SSL etc.
The Case for a Cloud Email Security Supplement

Top 10 Email Security Tips

Email security involves using different tools and tactics to help identify and filter out potential harms and attacks. Without protection, emails are essentially open and free for hackers and other malicious users to snoop and poke around in. While the best way to ensure email security is to enlist the help of a full stack security service, users can help improve their protection by following these email security tips.

Understand Cyber Crime

Cyber crime comes in many shapes and forms, ranging from harmless pranks to company bankrupting crime. BEC (business email compromise) attacks should be considered one of the biggest threats to businesses today. They have cause billions in company losses and continue to evolve and multiply at an alarming rate.
The first step in defense against cyber criminals, is a clear understanding of the various types of malware, ransomware, viruses, and phishing attacks. Each of these target a specific type of user and require different precautions to be taken to avoid infection.

Use a Strong Password

As far as email security tips go, password creation and security have always dominated the conversation, for good reason. The importance of a strong account password can not be understated when talking about email security. Passwords should always be over eight characters, include of mix of lowercase and capital letters and number, and never be easy to guess (i.e. town of birth, pet’s name, favorite band).
For further protection, users can implement a password management system, such as KeePass, or enable 2-factor verification.
Control Who Has Your Email
Email addresses are used for almost everything on the web now, but that doesn’t mean user’s should just hand theirs over. The more public an email address is, the more likely it is to be targeted for an attack by hackers. User email addresses are also exposed to attacks through the email lists that are collected and compiled by companies and businesses. This leaves the security of the user’s email address to the company, which may or may not be completely secure.

Protect Your Sent Emails

The path email takes when sent, is not direct, the email will go through 3rd party servers on it’s way to it’s destination. Anyone along this route is able to look at or edit the original email without the sender’s knowledge and can lead to serious data and information breaches.
To protect against unwanted snoopers, users can use a range of tactics and email security tips. One of the most applied method is the enabling of TLS encryption. TLS adds an additional layer of protection to email and stops hackers from being able to read the content of the email. If TLS can not be enabled, or the destination server doesn’t have TLS enabled, emails will continue to be unsecured and the user should be cautious.
In general, user’s should protect their email attachments with passwords or by placing them in a zip file. This ensures the user’s files can not be tampered with or infected on the path to it’s destination regardless of if TLS is enabled.

Enlist an Email Security Service

Email security is nothing to take lightly, especially when the number and sophistication of these cyber attacks are increasing. Email security companies use filters and other tools to help sift through email looking for spam and potential attacks.
The biggest advantage of enlisting an email security solution is the ability to combat both known and unknown attacks. Security software, such as antivirus, use data from previous versions attack to identify and defend against it; they can not identify or stop new attacks.

Know What Your Opening

The majority of cyber attacks happen through email as it is the easiest way onto a user’s computer. Proper education and training should be completed by anyone who interacts with email on a regular basis. Hacker tactics are getting more advanced and authentic looking by the moment, so user’s should always be aware of how to detect a malicious email and what to do if they receive one/open one by accident.

Be Wary of Public Connections

One of the lesser known email security tips is to avoid the use of public devices and connections. Public computers and hot spots can be tempting for those users on-the-go, but their unsecured nature makes them a hotbed for cyber attacks.
When a user logs onto a public computer they are completely unaware of who and what has been on that device in the past. While the machine may appear normal to a user, there could be unsavory programs installed such as keyboard logger, waiting to collect credentials.
Hackers use public hot spots as a way to lure in unaware victims, once connected, these victim’s computers become completely accessible. Once they have access, the hacker can view the computer’s information, lead the user to phishing sites, or trick them into downloading malware or ransomware.
The best way to stay safe in public is to avoid open connections and shared computers.

Restrict What You Put Online

Social media is one of a cyber criminals favorite hacking tools. Hackers research social media accounts get vital personal information directly from profiles and self written bios. This information helps hackers to bypass the account security questions like “what is your mother’s maiden name,” used by official institutions, banks, and government agencies.
It may be impossible to protect all personal information while online, but users should still be careful about what information they share.

Back Up Your Information Regularly

One of the greatest email security tips a user can receive is to frequently back up their data.
Ransomware attacks are becoming more and more popular, mostly due to the high ROI the attack awards the hacker. Once installed, these attacks start by scanning through the user’s computer, selecting files and encoding them. When encryption is complete, the user is notified that their files are being held for ransom and the user must pay a fee to get the key.
This type of attack can be severely detrimental to a user, leaving them with nothing more than shell of a computer. After the files are encoded, user’s are left with an option to pay the ransom or to lose all their data, which may not be possibility for a user/company.
Backing up information on a consistent basis is the best and easiest way to protect oneself from a ransomware attack. Since the user will already have a backed up version of their information, there will be no need to stress over the encryption or pay the ransom.

Stay Safe on Mobile

Although not publicised as much as desktops, mobile phones can and do, still get attacked. A user’s phone is not only vulnerable through email and phishing sites, user’s must also be wary of the apps they are downloading. While Android devices are more likely to be attacked, iPhone users should also be cautious to ensure safety. Be sure not to visit any potentially dangerous sites or download any unknown attachments with out putting in place other security strategies.