First, it will help to briefly review how each attack works. How Ransomware Works Imagine for a second the surprise you would have if you tried to log into your computer and you were presented with a message telling you that your files have been encrypted and that you need to pay in Bitcoin before the clock runs out or you will lose those files forever. Then you noticed the clock clicking down. Would you panic? You probably would. That is ransomware, a particularly ugly malware that could cost you everything.  How Phishing Works Do you ever get emails that seem to come in randomly from the government, your bank, or your insurance company? Do they want you to take action now and provide links or attachments to make that possible? The truth is most professional organizations that you depend on will never want you using email to do anything other than verify your identity. That means that the emails you get that say you have to act now to avoid going to jail for owing money are as fraudulent as they seem. These are phishing messages. They can come in through email, social media, or via SMS or phone call. Unfortunately for the modern user, they are constant, often sophisticated, and can be especially problematic if handled improperly. Phishing + Ransomware = Major Trouble Since today?s hackers can?t just hack their way into an account, they use social engineering tactics to do so. If they are able to expose their fraudulent message to someone that is less than vigilant, they may gain access to a computer (or worse yet a computing network), and then deploy their ransomware payload. Not a good situation for any individual; and, a major problem for any business. This is why it is essential that your staff understands phishing tactics and can spot fraudulent emails and messages when they come in. Let?s take a look at some telltale signs that you are dealing with a phishing message. Identifying Phishing  Phishing tactics are a lot more sophisticated than they were even a few short years ago, but they can?t do anything for the one variable that matters: legitimacy. Here are a few ways you can tell that you are dealing with a phishing attack. The details in the message are suspect – Many people don?t pay much attention to the email address an email is sent from, or if a word here or there, is misspelled. This is how phishing attacks get you. If you receive a message that has spelling or grammatical errors that you wouldn?t find in professional correspondence, you probably are dealing with a scam. You can also look at the email address itself or best yet, mouse over any links found in the text of the email. If it seems fishy, it?s probably phishing. Don?t click on it. The tone is desperate – One telltale sign that you are dealing with a phishing attack is that the message written to you seems urgent. No reputable financial institution or government entity is going to demand immediate action from an email.  There?s a link or an attachment – Using phishing to deploy ransomware (or any kind of malware), you will typically see an attachment or be asked to follow links in the message. If […]

Understanding What a VPN Is A VPN is a tool that enables you to encrypt your internet traffic. An analogy that can be used to describe a VPN is that of a subway, as compared to a street on the surface. Let?s say that you?re traveling from point A to point B. If you choose to ride in a car on the surface, you are visible to anyone who might be on the street as well. Not only can people see who is in the car, they can see where the car is going. This is what the ?typical? Internet connection is like, as far as your Internet traffic and information are concerned. On the other hand, using a VPN is more like using the subway. When you ride the subway, someone on the surface may be aware that there is a subway traveling below them, but they cannot see it inside its underground tunnels. More importantly, they cannot see you in it. This lines up to how a VPN works: by encrypting your data and identity while in transit across the Internet, everything you do is hidden from hackers and even your Internet Service Provider. This is commonly used, especially now, to enable secure remote work to take place. By using a VPN, an employee who is working from home can securely access resources that exist on the business? private network. This helps to protect this data from snooping eyes. How Well Does a VPN Protect Your Data? Frankly, it depends, and it depends on a variety of factors. The first factor is how you are defining the word ?protect.? There are a lot of different ways that your business? computing in general needs to be protected. A VPN?s purpose is to prevent your history and Internet connection from being snooped upon. That?s basically it. You can still download spyware, malware, and/or viruses while you?re using a VPN, especially if you visit a malicious website or allow in infected files. There is nothing particularly secure about a VPN in its concept. Rather, the security behind the VPN?s protocols is where the real difference is. Some protocols, like the heavily exploited point-to-point tunneling protocol, just aren?t secure enough nowadays. Others, like OpenVPN or WireGuard, are considerably more secure, due to the ciphers that are in place to protect them. Turn to us for assistance with your Virtual Private Networking. White Mountain IT Services can assist you with your VPN, assisting you in selecting a provider and implementing the solution that best fits your business? needs. There is far more to consider than what we?ve covered here, so make sure to give us a call and talk to our team. Give us a call at (603) 889-0800 today.

1.  Know What Your Needs Are, and What to Expect of Your Devices Before you even acquire the Wi-Fi access points that will make up your networks, a little clerical work will be helpful. To accurately identify your needs, you need to crunch a few numbers. How many people will need to access the Internet, with which devices? Which of your systems will rely on an Internet connection, and how many of those cannot be hardwired? What will people be doing while they?re on the Internet? Having an idea of these points will tell you what your business will require, and then you can make an informed decision regarding your wireless network configuration and the equipment you will need. 2.  Be Strategic About Your Access Point Placement You also want to think about where your wireless access points should be placed, because it isn?t necessarily always in the most central location. Instead, it is often dependent on where the most demand is coming from. You also need to consider if your access points will serve you best mounted on the wall or ceiling, or if they will be most effective while placed on a desktop. Make sure that you account for obstacles that may cause signal interference, like HVAC vents, wires, and other devices. As you make these deliberations, it will be very helpful to identify where your signal is strongest and weakest with your access points in different configurations. That way, you can place them in the optimal position for connectivity. There are various mobile applications available that will allow you to analyze your available Wi-Fi signal, so be sure to take advantage of one. 3.  Don?t Forget About External Factors Unfortunately, the strength of your Wi-Fi signal doesn?t succeed or fail based solely on whether there?s an obstruction in the way. There are plenty of other potential reasons that your network performance is detrimentally impacted. Access points can interfere with one another, especially if they are operating on the same wireless channel. If you?re sharing space with other businesses, this could especially be the case. Don?t leave your business at the mercy of its wireless Internet signal. White Mountain IT Services has years of networking experience to draw upon as we address these challenges and needs. TO learn more about what we can do for you, reach out to us at (603) 889-0800.

In truth, there is a middle ground that many people don?t realize is present: cybercrimes that can be carried out via artificial intelligence to varying degrees of success. In fact, a newly published study analyzed twenty cybercrimes that might incorporate AI to target their victims more effectively. Let?s observe a few takeaways from this study to see what the data can tell us about AI-enhanced crime as it is projected for the next 15 years. Spoiler alert: Deepfakes are predicted to be really, really bad news. The Research Process To determine the largest threats that AI could play a part in, researchers identified 20 threat categories present in academic papers, news, current events, and even pop culture. Reviewed for two days by a conference of academic, law enforcement, defense, government, and public sector representatives, these threats were debated and analyzed to create a catalogue of threats that AI could enable based on four considerations: Expected harm to the victim, whether in terms of financial loss or loss of trust. Profit that could be generated by the perpetrator, whether in terms of capital or some other motivation. This can often overlap with Harm. How achievable the threat was for the perpetrator to carry out. The attack?s defeatability, or how challenging it would be to overcome, prevent, or neuter. Divided into independent groups, participants ranked these attacks in a bell-curve distribution via q-sorting, with less-severe threats falling to the left, and the worst of the worst falling to the right. The Relationship Between AI and Criminal Activity Crime, as a concept, is remarkably diverse. Not only can a crime potentially be committed against a considerable assortment of targets, there are equally assorted motivations and impacts upon their victims that can come as a result. The introduction of artificial intelligence (either practically or conceptually) adds another variable into the equation. Of course, AI is much more applicable to some forms of crime than others. While robotics have come leaps and bounds from their origins, AI is still a better tool for phishing than it would be for assault and battery?which, in our computing-centric modern world, makes it a very effective tool for cybercriminals to harness as they can. Furthermore, the kind of crimes that AI is most effective at enabling can be repeated ad infinitum and ad nauseam. As a result, cybercrimes can now be bartered, shared, and sold. Seeing as data and information are considered just as valuable as physical goods, this makes AI-powered cybercrime a significant threat. As one of the authors of study, Professor Lewis Griffin of UCL Computer Science, said, ?As the capabilities of AI-based technologies expand, so too has their potential for criminal exploitation. To adequately prepare for possible AI threats, we need to identify what these threats might be, and how they may impact our lives.? The Researchers? Results By the end of the conference, the assembled experts had created a bell curve of the 20 assorted threats that they had identified, with the mean values of the above four considerations defined for each threat in terms of whether or not they were advantageous for the criminal responsible. Each column in the bell curve contained threats that were considered on par with one another. As a result, these AI-enabled threats could be broken down into three categories: […]

As such, we felt it was necessary to discuss these developments to try and clear up a few misconceptions that have arisen, particularly on social media. This has become a predictable chain of events: some popular application or platform is updated, misunderstandings and misinformation abound, and uproar pops up on social media. For instance, look back to the response to Facebook?s Android application requesting access to a smartphone?s camera. Instead of simply accepting this as a necessity for Facebook?s new photo capabilities, theories and outrage popped up on social media. Of course, we aren?t saying that changes in technology are always good by any stretch, especially if a user?s privacy is involved. We just want to make sure that the misinformation out there doesn?t cloud your judgement. You can?t trust giant tech companies to act in your best interests (as if their data collection practices hadn?t already made that abundantly clear), so you should always have some degree of skepticism. In this case, however, we?ve noticed an unnecessarily extreme response to the application framework that Apple and Google developed to assist contact tracing processes. Did Google or Apple Install a COVID-19 Tracking App on My Phone? There?s a simple answer to this: they did not. Neither Apple or Google have added an application to their mobile devices without your knowledge or consent. What Google and Apple have done is develop an application framework, which makes it easier for app developers to create COVID-19 tracking applications. This news, however, resulted in posts like this one appearing on Facebook: ?**VERY IMPORTANT ALERT!*** A COVID-19 sensor has been secretly installed into every phone. Apparently, when everyone was having ?phone disruption? over the weekend, they were adding COVID-19 Tracker [SIC] to our phones! If you have an Android phone, go under settings, then look for google settings and you will find it installed there. If you are using an iPhone, go under settings, privacy, then health. It is there but not yet functional. The App can notify you if you?ve been near someone who has been reported having COVID-19.? Here?s the thing: almost all the information shared here is very misleading. The update that this post is referring to was just a new setting that enables the COVID-19 Exposure Notification system. The user still needs to install an application and activate the Exposure Notification system setting, confirming their participation with their chosen platform?s developer. All this update does is give local governments and health industry members the starting point to build a COVID-19 application, while also providing users the choice to participate, So No, This ?App? Doesn?t Track COVID-19 Without you actively installing a tracking application, your mobile device isn?t going to use your activity to help mark the spread of COVID-19. In fact, if we look at the alarmist Facebook post above, we can even see that a participating application needs to be installed and set up before you can receive notifications. Google and Apple shared a joint public statement, stating, ?What we?ve built is not an app?rather public agencies will incorporate the API into their own apps that people install.? An API is an Application Programming Interface, the application?s foundation that we?ve been discussing. Because Apple and Google have teamed up on this project, application developers will have an easier time building […]