If a Teen Can Hack the CIA, Your Business Needs to Prioritize In Security

As reported by WIRED, CIA Director John Brennan was the victim in question. His AOL account was broken into by a hacker who claims that he weaseled into Brennan?s account by posing as a Verizon worker. In other words, the hacker used a targeted spear phishing tactic, in which he posed as a worker, to trick another employee into handing over information required to access Brennan?s account. In this case, it was the last four digits of Brennan?s bank card. The teenage hacker and his associates then proceeded to change the password on Brennan?s email account, and gained access to his inbox, which contained secret government documents from Brennan?s work email address, which he forwarded to his personal inbox (a practice that?s highly frowned upon in matters of government secrecy – just ask Hillary Clinton). According to WIRED: After providing the Verizon employee with a fabricated employee Vcode?a unique code that he says Verizon assigns employees?they got the information they were seeking. This included Brennan?s account number, his four-digit PIN, the backup mobile number on the account, Brennan?s AOL email address and the last four digits on his bank card. ?[A]fter getting that info, we called AOL and said we were locked out of our AOL account,? he said. ?They asked security questions like the last 4 on [the bank] card and we got that from Verizon so we told them that and they reset the password.? AOL also asked for the name and phone number associated with the account, all of which the hackers had obtained from Verizon. The scary part of this entire situation is that the victim wasn?t at fault for the data breach. This situation just shows how easy it is for hackers to obtain sensitive information that they can use to infiltrate your systems. Security questions like ?What is your mother?s maiden name?? or ?What was your first pet?? are easy enough to answer for a hacker that?s hell-bent on stealing your information. A solution to this dilemma is to take proper security precautions that are designed to keep hackers out of your accounts by utilizing several security layers. The first step toward implementing this is to use a strong password that?s made up of several different letters (both upper and lower-case), numbers, and symbols. Strong passwords make hacking into an account significantly more difficult, even for seasoned hackers. The second step is to integrate two-factor authentication for your accounts. Two-factor authentication requires a secondary credential in addition to your normal login credentials, making it that much more difficult for hackers to gain access to your account. These credentials are usually sent to your smartphone in the form of a SMS message, an automated voice message, or even to your secondary email account. In other words, hackers need physical access to your device in order to obtain this credential. White Mountain IT Services can help your organization set up the two-factor authentication solution that your business needs in order to maintain top security protocol. Just give us a call at (603) 889-0800 and ask us what we can do for your business.

Tip of the Week: 3 Considerations to Make When Setting Up a Guest WiFi Hotspot

What are some of the benefits that you can expect to achieve from integrating a guest wireless connection? For one, you can greatly increase your customer satisfaction rating. In service-type industries like fast food restaurants and cafes, customers will come in to use the wireless signal, and in the process they will purchase food or coffee. Translating this to the professional environment is kind of a stretch, but being able to access the Internet while visiting the office is sure to put a smile on any visitor?s face, and it could potentially make or break a deal with prospective clients. Here?s how you can plan for a guest WiFi hotspot. Consider Your Current Internet ConnectionOne major variable to consider before implementing a guest wireless hotspot is whether or not your Internet connection can handle the increase in users. You want to make sure that you have enough bandwidth to sustain not just everyone in your office, but guests as well. Ask yourself how many users you can expect to use it at any given moment, and what purposes they?ll be using your wireless for (for example streaming music or videos requires a ton of bandwidth). You need to ensure that your connection can accommodate the increase in traffic. Some guest WiFi solutions also allow you to restrict bandwidth on a per-user basis. Be Sure to Secure the ConnectionWhen integrating a guest WiFi hotspot, use the same precautions that you would consider for your private wireless connections. Your guest connection should require a password that someone in your office can provide. Otherwise, you might get some wireless scavengers loitering around, which doesn?t look good for your professional image. You should keep an antivirus, firewall, content filter, and other security measures active on your network to prevent incriminating content from being browsed from your WiFi location. There are even WiFi solutions that enforce users to have antivirus running on their device before letting them connect, as added protection. Contact a Professional IT TechnicianBefore attempting to set up your own guest WiFi hotspot, it?s a best practice to contact a professional IT technician like those at White Mountain IT Services who can understand and interpret your business?s computing infrastructure needs. We can help your business determine what it will take to handle the increased traffic, and we?ll work with your organization?s individual needs in order to make your technology work toward your goals. White Mountain IT Services can help your organization set up and utilize a guest WiFi solution that?s designed to keep your organization safe, while allowing your guests to benefit from the web. Give us a call at (603) 889-0800 to learn more.

Hackers Find a Way to Take Over Smartphones Using Google Now and Siri

The exploit in question is capable of pulling off all sorts of stunts by using Siri or Google Now to administer silent commands to your device. The targeted device needs to have headphones plugged into it to act as a receiving antenna, like the headsets that you might use to communicate while on the go. The antenna acts in a similar manner to FM radio chips to communicate with mobile devices. ZDNet explains further how this particular exploit works: With the open source GNU Radio software on a laptop, electromagnetic signals can be sent to those devices. Depending on the sent command, Siri or Google Now can be told to open up a website, send a text, place a call or do any other number of things. It?s also explained that the tools a hacker would need to pull off this exploit successfully include a laptop and some sort of antenna, but this equipment could easily be concealed and taken advantage of in a bag. Of course, the entire exploit is dependant on whether or not the device user is using a wired headset, and many users probably won?t have them in the device when not in use. The researchers even went so far as to demonstrate how the hack works. The exploit worked from approximately six feet from the phone, but it?s estimated that the signal could extend up to 16 feet with a powerful enough battery and antenna. The good news about this powerful equipment, however, is that if hackers want to achieve this further range, they?ll have to use a significantly larger machine that probably isn?t nearly as portable as a laptop. Furthermore, it?s very likely that users will realize what?s happening while the hacker is using the exploit. Since the hack doesn?t disable the display on the device, it?s possible to detect what?s happening to the device and prevent it from occurring if you?re paying attention to it. Hacks like this are why it?s so important to practice proper smartphone security. While it?s not known whether or not your device?s lock screen can be ignored by this exploit, it?s best not to take chances and ensure that you?re using some sort of login credential for your device. What are your thoughts on this concerning new development? Do you think there?s a possibility that this kind of exploit could take off, or do you think that Google and Apple will nip the vulnerability in the bud before it has a chance to be exploited? Share your thoughts in the comments.

If Classic Monsters Were Computer Viruses

We think that connecting well-known Internet viruses with classic monsters is a fun Halloween exercise that?s sure to strike fear into the hearts of IT technicians and casual users alike. Read on (if you dare!) to find out White Mountain IT Services?s take on what it would be like if these four well-known monsters were computer viruses. The Fly is an Overwrite Virus What an overwrite virus does: This virus infects a file and deletes its information while overwriting it with new information. The only way to rid a computer of this virus is to completely delete the original file. Why The Fly is an overwrite virus: Before The Fly was a hideous monster buzzing around and eating people, he was a brilliant scientist working on teleportation. One day, he volunteered himself as a test subject for his own teleportation machine. Little did he know, but a small fly found its way into his teleportation pod too, causing his DNA to become overwritten with fly DNA. Unfortunately, the only way to end The Fly?s reign of terror was to permanently ?delete him.? The Wolfman is an Executable VirusWhat an executable virus does: This is a non resident computer virus that stores itself in an executable file. When the file is executed, it then infects other files. However, until the file is executed, it will sit dormant on a user?s PC, awaiting orders to strike. The activation of the virus could come from the launching of a specific application, restarting of the PC, or even a direct command from a remote hacker. Why the Wolfman is an Executable Virus: In order for Wolfman?s transformation to take place, something has to activate it that?s outside of his control–a full moon. Until his werewolf side is ?executed,? nobody knows that he?s a werewolf and he doesn?t pose a threat. Then, like a hacker remotely activating an executable virus, a full moon appears in the night sky and Wolfman does unspeakable acts of violence that are outside of his control. Zombies are Botnets What a Botnet does: A Botnet is designed to spread its malicious malware to other systems, and its traffic can be masked as regular network traffic. These newly infected systems will then create more Botnets, which can then be utilized as one makeshift system with a singular purpose, predetermined by a hacker. Often times, Botnets are used for malicious purposes, like stealing data, spamming, and DDoS attacks. Why it?s a zombie virus: A zombie infection spreads from person to person by completely overtaking their system. Sometimes, an infection isn?t discovered until it?s too late. Once a person becomes a zombie, they?ll then join forces with other zombies in a Botnet-like horde to bite people and turn them into zombies too. Also, like a Botnet, zombies are united with a single, malicious goal–braaaains! Hostile Aliens are RansomwareWhat Ransomware Does: A computer that?s infected with ransomware will have its data compromised and taken over by a hacker, who will then hold the information ransom and demand payment from the PC?s owner. The most well-known form of ransomware is CryptoLocker, which encrypts a user?s computer and locks them out of their system. If the ransom is not paid by a stated deadline, then the user?s data will be deleted. Why Ransomware is Aliens: What makes ransomware so […]

Tip of the Week: How to Make Sure Your Meetings are Productive

Blue Jeans Network is a cloud-based video conferencing company. For this study, they crunched the numbers of more than five million video meetings that took place in 177 countries, of which more than a third had an in-person component. For Blue Jeans Network, this is an annual exercise, and when they compared their latest study to studies of previous years, some pretty interesting trends begin to emerge. The Majority of Meetings Take Place at the Most Unproductive TimeAt what time of the day are you most alert and at your very best? If you?re like most of us, it?s not during the middle of the afternoon–which is the world?s most popular time for meetings (somewhere around 3 p.m.). This time of the day happens to be after the coffee has worn off and people feel the most dull-brained. Solution: Schedule your meetings in the morning when alertness is at a peak so that everyone will be engaged. Late Meetings are the NormMeetings wouldn?t be so bad if everyone showed up on time. Yet, at almost every meeting, there seems to be that one late person who causes everyone else to sit around and twiddle their thumbs–and get paid for it! In fact, according to the study, 81 percent of meetings start late, up 30 percent from the previous year. When you multiply every person?s time wasted while waiting for Johnny-come-lately, you might conclude that the benefits of the meetings are offset by everyone?s downtime. Inc. describes how starting meetings late is a self-perpetuating problem: If you arrive five minutes late to a meeting and it hasn’t started yet, you’ll figure you haven’t missed anything, so you’ll likely do the same next time, or maybe show up even later. Meanwhile, the punctual people who’ve sat around waiting for you will figure they have better uses for their time, and next time they’ll come five minutes late as well, or maybe even later. Solution: Be strict about your meeting?s start time and have consequences for latecomers. Miserable Weather Means More MeetingsOne revealing trend from the study shows that, when the weather?s bad outside, you?re twice as likely to find yourself in a meeting inside. This shouldn?t be too surprising; after all, few people want to be indoors when the weather is gorgeous outside–much less sit in a meeting. However, what?s surprising is that, according to the study, more meetings take place when the weather is really bad. ?Meetings were up by as much as 26 percent during the recent Texas flooding, and an impressive 35 percent during the Boston blizzards last winter.? Solution: Apparently, if scheduling meetings are left up to feelings, more meetings than perhaps are necessary will take place when the weather is poor. Instead, make sure to have regularly-scheduled meetings and resist the urge to have extra meetings, simply because it?s cold outside. Workers spend so much time in meetings that it?s in your company?s best interest to manage how they?re run and how often they take place. Otherwise, you?ll end up having ?meeting for the sake of meetings,? and nobody wants that. By taking advantage of technologies like VoIP, video conferencing, and cloud-based collaboration tools, you can run your meetings as efficiently as possible. Schedule a meeting today with White Mountain IT Services to learn more.