443-992-7394

Cybersecurity News: Chinese Hackers Access American Weapons Designs

Citing “Resilient Military Systems and the Advanced Cyber Threat,” a report prepared for the Defense Department by the Defense Science Board, the Washington Post reports that Chinese Hackers have very recently accessed American Weapons Designs, including aspects of the nation’s missile defenses, fighter aircraft, and warships. Click Here for a full list of the compromised systems.

In a report to Congress earlier this month, the Pentagon stated that the United States government had been targeted by hackers that appeared to be “attributable directly to the Chinese government and military.”

“From the president on down, this has become a key point of concern and discussion with China at all levels of our governments—and it will continue to be,” said National Security Adviser Tom Donilon.

Of course Chinese officials have denied any involvement.

“China pays high attention to the cyber security issue and is firmly opposed to all forms of hacker attacks,” said Chinese Foreign Ministry spokesman Hong Lei. “Since it is very difficult to find out the origin of hacker attacks, it is very difficult to find out who carried out such attacks. I don’t know what the evidence is for media to make such kinds of reports.”

President Barack Obama is scheduled to meet with Chinese President Xi Jinping in the next 10 days.

“I’m sure it will be a topic of discussion,” said White House press secretary Jay Carney of the recent hacking.

“Cybersecurity is one of this administration’s top priorities, and we have long said that we are concerned about cyber intrusions emanating from China,” said Laura Lucas, a spokeswoman for the National Security Council. “What we have been seeking from China is for it to investigate our concerns and to start a dialogue with us on cyber issues.”

If you have any questions about Cybersecurity, please contact Working Nets by calling (443) 992-7394 or visit WorkingNets.com today! You can also follow us on Facebook, Twitter, LinkedIn, and Google+.

Source:

  1. Chinese hackers breach key US weapons designs Yahoo! News
  2. Chinese hackers steal U.S. weapons systems designs, report says NBC News

Disaster Recovery Horror Story #4: Baltimore Law Firm Takes a DIY Approach

Sometimes good intentions don’t translate into good ideas. That is what happened when one Baltimore Law Firm decided to take a DIY Approach to Disaster Recovery. Every night, an employee of Baxter, Baker, Sidle, Conn & Jones took a hard drive home as a security precaution in case fire or flood. This storage device held a complete back-up copy of the firm’s data, including information about is cases and medical records, patient names, addresses, dates of birth, social security numbers and insurance information. Worst of all, the information was not encrypted.

Then, the inconceivable happened. One night while traveling on the Baltimore light rail, the employee accidently left the hard drive on the train. She returned for it 10 minutes later, but it was already gone.

“We deeply regret any inconvenience this may cause you,” said the law firm in a letter to patients. “We have taken this seriously.”

Disaster Recovery Services from Working Nets in Baltimore, Maryland

Don’t try to take disaster recovery into your own hands. Trust the experts at Working Nets. We were founded to provide small businesses, like yours, with expert information technology support they needed. That is why Working Nets offers disaster recovery services to help assure that your vital business data is kept safe and secure if disaster strikes.

If you have any questions, please contact Working Nets by calling (443) 992-7394 or visit WorkingNets.com today! You can also follow us on Facebook, Twitter, LinkedIn, and Google+.

Sources:

  1. Law firm loses hard drive with patient records Baltimore Sun

Is Big Brother watching? The Government requests Data about Google Users

According to Google, government requests for data about Google users continue to grow each and every year. In just the last six months, Google has received 21,389 requests for information about 33,634 user accounts. The six months before that, Google received 20,938 data requests for information from about 34,615 user accounts.

However, despite the increasing number of requests, Google’s response rate has declined from 94% in 2010 to 88% in the previous reporting period. So does this mean that an increasing number of data requests lack sufficient legal basis?

“It’s difficult to draw meaningful conclusions about the numbers we’re reporting because they only show a tiny sliver of what’s happening on the Internet at large,” said a Google spokeswoman. “The vast majority of requests we receive are for legitimate reasons and follow proper legal procedures.”

Data Request Statistics

  1. 22% of requests came with a judge-issued warrant.
  2. 68% of requests were made using a subpoena.

“The alarming statistics in this latest Transparency Report serve as a reminder of the need for stronger national and regional privacy protections in relation to online communications,” said Carly Nyst, head of international advocacy at Privacy International.

How do you feel about the subject?

If you have any questions, please contact Working Nets by calling (443) 992-7394 or visit WorkingNets.com today!

Welcome to Working Nets – your virtual IT Department!

You can also follow us on Facebook, Twitter, LinkedIn, and Google+.

Sources:

  1. Google Sees Growing Government Demand For User Data InformationWeek

Losing Control of your Digital Life: Tablet Cybersecurity Tips

Happy New Year!

In 2012, we started to outline several ways in which your tablet could be putting you at risk, from wireless hotspots to unencrypted email servers to downloading apps from untrustworthy sources. Well, it may be a new year, but we are going to continue our countdown, unveiling the rest of our Tablet Cybersecurity Tips.

  1. Virtual Private Networks (VPN): If available through your mobile service provider, always use a VPN. This offers tablet users, like you, a safe and secure way to surf the Internet without compromising your sensitive data.
  2. Physical Thieves: Cybersecurity threats are ever present, but you must not ignore physical threats, as well. This is why it is so important to have a strong PIN code or passphrase to prevent unauthorized access.
  3. Security Apps: A good security app could be the difference between safely surfing the net and putting your sensitive data at risk. These apps are similar to computer security software and can help protect your tablet from malware and other online threats.
  4. Update your Software: It is critical that you keep your tablet and software up to date. This is the best way to protect your tablet and your data. Many updates contain vital security fixes. If you ignore these updates, you could unknowingly be putting your data at risk.

So please be safe!

If you have any questions, please contact Working Nets by calling (443) 992-7394 or visit WorkingNets.com today!

Welcome to Working Nets – your virtual IT Department!

You can also follow us on Facebook, Twitter, LinkedIn, and Google+.

Source: Securing a tablet for web browsing in six easy steps

Windows 7, Windows XP, & Malware Infections: Is your Computer at risk?

According to the latest Microsoft Security Intelligence Report (volume 13), the average number of infected Windows 7 SP1 machines has increased in 2012 by 23% on 32-bit systems and 7% on 64-bit systems, compared to the last quarter of 2011. Meanwhile, the average number of malware-infected Windows XP SP3 PCs has increased by around 10%.

According to the report: “A similar trend of slowly increasing infection rates was observed for Windows Vista between 2007 and 2009, prior to the release of Windows 7.” But why? Well, as more and more people adopt software, security suffers. Early adopters are often well versed in cybersecurity techniques. However, the general populous is not.

“As the Windows 7 install base has grown, new users are likely to possess a lower degree of security awareness than the early adopters and be less aware of safe online practices,” according to the Microsoft security report.

Quick Security Tips from Working Nets

  1. Avoid questionable behavior. If you engage in questionable behaviors; if you don’t have SOME healthy skepticism about clicking on links to who-knows-where; if you download “drivers” or “players” willy-nilly, so that you can see that “new video”, and especially if you don’t have some form of anti-virus software, you’re going to get hurt.
  2. Trying to avoid paying for software by downloading license key generator, also known as Keygen, software to allow you to install a full-version of whatever software you’re talking about is not only illegal, it constitutes “questionable behavior.” Remember what we just talked about. There is plenty of free software, and if the software you want to use isn’t free, and is that important to you, it’s probably worth paying for. It’s usually cheaper than having to have viruses uninstalled, and is certainly cheaper than having financial credentials stolen.

If you have any questions about Cybersecurity, please contact Working Nets by calling (443) 992-7394 or visit WorkingNets.com today!

Virus/Spyware Protection Services: Viruses and spyware are time-consuming and costly. The virus protection we offer is top-notch and consistently updated. Our monitoring software ensures your business is safe.

Welcome to Working Nets – your virtual IT Department!

You can also follow us on Facebook, Twitter, LinkedIn, and Google+.

Sources:

Windows 7 Malware Infection Rates Soar

 

Cybersecurity News: The Current State of the Cybersecurity Act of 2012

The Cybersecurity Act of 2012: “To enhance the security and resiliency of the cyber and communications infrastructure of the United States.”

As you may or may not know, The Cybersecurity Act of 2012, sponsored by Joseph Lieberman (I–CT) and Susan Collins (R–ME), was defeated in the Senate after failing to gain the 60 votes necessary to move the bill past cloture and go up for a full vote. Obviously, the Act is still not ready, at least in the eyes of the Senate. And Senator Al Franken (D-Minn), a strong proponent for national cybersecurity, agrees. But he also acknowledges that something must be done.

“News reports and experts confirm that our nation’s critical infrastructure-such as our water systems, our power grid, and so forth-are vulnerable to attacks from hackers and foreign governments,” said Sen. Franken. “…Our nation needs to respond to those threats.”

Luckily, Franken has a solution. Rather than scrapping the Cybersecurity Act of 2012 all together, Franken believes it can be amended.

“The Cybersecurity Act is not perfect, but when it comes to striking a balance between cybersecurity and privacy and civil liberties, it is the only game in town,” said Sen. Franken. “Unfortunately, it’s hard to write a good cybersecurity bill-because when you try to make it easier for the government or Internet companies to detect and stop the work of hackers or other bad actors, you often end up making it very easy for those same entities to snoop in on the lives of innocent Americans.”

Franken has proposed several amendments that would remove provisions found in Section 701 of the Cybersecurity Act of 2012 that allow Internet Service Providers (ISPs) the authority to monitor and take actions against their users. It is the Senator’s hope that these amendments will alleviate many of the issues that his fellow Senators have with the Act.

“And I hope that my colleagues here in the Senate will join me in passing this amendment,” added Sen. Franken.

If you have any questions about Cybersecurity, please contact Working Nets by calling (443) 992-7394 or visit WorkingNets.com today!

Welcome to Working Nets – your virtual IT Department!

At Working Nets, we support your business by providing top-notch Information Technology (I.T.) services to companies like yours: Companies that don’t need full-time I.T. services, but do need someone to turn to, when they are having a problem. We provide services like Network Design, Monitoring and Maintenance. We troubleshoot technical issues when they arise, and give you options for solving them. We help you use your technology investment to achieve your business goals.

At Working Nets, our focus is on your needs!

You can also follow us on Facebook, Twitter, LinkedIn, and Google+.

Sources:

Sen. Franken: Improved Cybersecurity Bill Will Better Protect Privacy, Civil Liberties, but Still Needs Work

Franken Amendment Would Remove Worst Part of Cybersecurity Bill

 

Cybersecurity News: Microsoft PCs are infected before reaching Consumers

It has not been a good couple of weeks for Microsoft. First, they discovered that Hackers had found a Security Hole in Internet Explorer. Now, the computer company has discovered that many of their PCs and laptops made in China were embedded with malicious software before ever reaching the consumer. The computer virus allows hackers to switch on a microphone or Webcam, record keystrokes, and access login credentials and online bank accounts.

And because computer companies rely on such a long and complex supply line, the malicious software could have been uploaded at any point, something Richard Domingues Boscovich, the assistant general counsel for the Microsoft Digital Crimes Unit, called “especially disturbing.”

“It’s one of the toughest cybersecurity challenges out there,” said Tom Kellermann, vice president of cybersecurity at Trend Micro. “There’s not really a solution unless you start to only build computers in the USA again.”

This isn’t the first time this has happened either. In 2008, the Defense Department and Federal Aviation Administration unknowingly purchased counterfeit Cisco routers, which were pre-loaded malicious software. FBI investigators found the routers allowed hackers to “gain access to otherwise secure systems.”

Then in May, the Senate Armed Services Committee released  a report citing 1,800 cases of counterfeit electronics from China, electronics used in the Air Force’s largest cargo plane and Special Operation helicopters.

“Companies are in a competitive dogfight to make products cheaper and hit the market faster,” said Scott Aken, a former FBI special agent who dealt with cyber counterintelligence. “They’re not spending time or money to ensure those products they are sourcing from overseas are devoid of counterfeits.”

So what are consumers to do?

Boscovich offers this simple advice: Consumers can often spot dangerous counterfeit technology if the deal “appears too good to be true.”

“However, sometimes people just can’t tell, making the exploitation of a broken supply chain an especially dangerous vehicle for infecting people with malware.”

If you have any questions about Cybersecurity, please contact Working Nets by calling (443) 992-7394 or visit WorkingNets.com today!

Welcome to Working Nets – your virtual IT Department!

At Working Nets, we support your business by providing top-notch Information Technology (I.T.) services to companies like yours: Companies that don’t need full-time I.T. services, but do need someone to turn to, when they are having a problem. We provide services like Network Design, Monitoring and Maintenance. We troubleshoot technical issues when they arise, and give you options for solving them. We help you use your technology investment to achieve your business goals.

At Working Nets, our focus is on your needs!

You can also follow us on Facebook, Twitter, LinkedIn, and Google+.

Sources:

Pre-Infected PCs Expose Flaws In Global Supply Chain

Cybersecurity News: Hackers have found a Security Hole in Internet Explorer

It was recently reported that security researcher Eric Romang of Zataz.com discovered a major cybersecurity issue with Internet Explorer (IE) versions 6, 7, 8, and 9. The popular Internet browser has a major hole, a hole that hackers have already discovered.

The fresh “zero day” vulnerability allowed cyber attackers to install malicious software – a form of the old Poison Ivy Trojan – on Windows computers. This allowed the hackers to take control of the victim’s computer.

It is thought that the hackers behind the IE attack may also be the group responsible got last month’s exploitation of Oracle’s Java browser plug-in.

Microsoft Responds to the Cybersecurity Threat

Microsoft quickly responded with a security advisory, including an extensive list of work-arounds. Unfortunately for IE users, these work arounds are somewhat burdensome.

“I would recommend not using Internet Explorer until this issue is patched,” Sophos’ Chet Wisniewksi tells me. “While the exploit is not in widespread use, it could be integrated into popular attack kits like the Blackhole Exploit Kit any time now.”

The Solution: Make the switch to another browser, like Google Chrome, Mozilla Firefox, or Opera. You can always come back to IE after Microsoft issues a patch.

If you have any questions about Cybersecurity, please contact Working Nets by calling (443) 992-7394 or visit WorkingNets.com today!

Welcome to Working Nets – your virtual IT Department!

At Working Nets, we support your business by providing top-notch Information Technology (I.T.) services to companies like yours: Companies that don’t need full-time I.T. services, but do need someone to turn to, when they are having a problem. We provide services like Network Design, Monitoring and Maintenance. We troubleshoot technical issues when they arise, and give you options for solving them. We help you use your technology investment to achieve your business goals.

At Working Nets, our focus is on your needs!

You can also follow us on Facebook, Twitter, LinkedIn, and Google+.

Source:

Hackers Just Found a Big Hole in Internet Explorer. Should You Switch Browsers?

Updating the Virus Signature: Why it isn’t enough

What is a Virus Signature?

A virus signature, sometimes referred to as a definition file or a DAT file, is an algorithm or hash used by antivirus software to identify a specific virus or threat. However, signatures are only affective at detecting previously known viruses. When a new virus arises, a new signature must also be created.

What it means to Update the Virus Signature

When a new virus is discovered that is not detectable by an existing signature, a new signature must be created and tested by the antivirus vendor. This new signature is then pushed to the public in the form of a signature update, adding the detection capability to the scan engine.

Why it isn’t enough to just Update the Virus Signature

Because it is not practical for antivirus companies to release individual signatures, they often release several at a time on a set schedule. Still, keeping your signatures up to date will not guarantee a new virus will not slip through. To better protect yourself, it is recommended that you purchase the latest version of the antivirus software.

It’s important to keep the actual software current; not just the virus signatures!

If you have any questions about Antivirus Software, please contact Working Nets by calling (443) 992-7394 or visit WorkingNets.com today!

Welcome to Working Nets – your virtual IT Department!

At Working Nets, we support your business by providing top-notch Information Technology (I.T.) services to companies like yours: Companies that don’t need full-time I.T. services, but do need someone to turn to, when they are having a problem. We provide services like Network Design, Monitoring and Maintenance. We troubleshoot technical issues when they arise, and give you options for solving them. We help you use your technology investment to achieve your business goals.

At Working Nets, our focus is on your needs!

You can also follow us on Facebook, Twitter, LinkedIn, and Google+.

Olympic-Themed Internet Phishing Scams :: Cybersecurity Tips

Every four years, the best athletes gather from around the globe to compete in the Olympics. Unfortunately, the Olympics also provide Internet scammers with a new outlet to try and phish information from unsuspecting and trustworthy individuals.

What is Phishing?

Phishing refers to attempting to acquire personal information – such as usernames, passwords, and credit card information – and money by masquerading as a trustworthy entity.

Olympic-Themed Phishing Scams

  • London 2012 Ticketing Team: This phishing scam sees scammers pose as ticketing officials offering unsuspecting individuals with an once-in-a-lifetime opportunity to purchase Olympic tickets that have been made available because of a previous bidder’s inability to pay for them. However, unlike the previous bidder, you are expected to pay upfront. This is why the original email is followed by a phone call asking for credit card information.
  • London Olympic Cash Officer: Unsuspecting individuals are sent an email from the “London Olympic Cash Officer” stating that the recipient has been randomly selected to receive a cash prize of 1.6 million GBP. However, to receive the payment the individual must provide personal information.
  • Dr. Beavis: Unsuspecting individuals are sent an email (signed by Dr. Beavis) stating that they, along with 6 other individuals, have been randomly selected as the winners of 7 million GBP. And, of course, they must provide personal information to claim their prize.
  • You are needed … Get Back to Us: Unsuspecting individuals are sent an email headed “You are needed … Get Back to Us.” It informs the recipient that they are needed to participate in the Olympics as a coordinator or event staffer. The individual is then directed to a site where they must input personal information and provide payment for the placement services.
  • Ring Steward: Unsuspecting individuals are sent an email (or letter) informing them that they have been selected to be a ring steward in the Olympics. Recipients are asked to call a phone number for additional details. And guess what? They are then asked to provide personal information.
  • Text Message Scams: Yep, phishing scams can include text messages, as well. This phishing scam involves a text message stating that the recipient has won 300,000 pounds in the London 2012 lottery. Recipients are then asked to call a phone number and provide personal information to claim their prize.

And this is just the beginning!

If you have any questions about Internet Phishing Scams and IT Security, please contact Working Nets by calling (443) 992-7394 or visit WorkingNets.com today!

Welcome to Working Nets – your virtual IT Department!

At Working Nets, we support your business by providing top-notch Information Technology (I.T.) services to companies like yours: Companies that don’t need full-time I.T. services, but do need someone to turn to, when they are having a problem. We provide services like Network Design, Monitoring and Maintenance. We troubleshoot technical issues when they arise, and give you options for solving them. We help you use your technology investment to achieve your business goals.

At Working Nets, our focus is on your needs!

You can also follow us on Facebook, Twitter, LinkedIn, and Google+.

Sources:

10 Olympics-Themed Phishing Scams To Avoid At All Costs