Posts

Bryley Basics: Getting you informed in 100 words or less

Tips on email attachments

Most folk send attachments with their emails; it is a quick, easy way to share a file with the email recipient.  However, attachments can have a negative impact on your computer-network infrastructure:

  • Emails saved with attachments consume storage.
  • Large attachments slow performance and may be rejected by the provider.
  • Attachments copied to a distribution list (a group of email users) are copied multiple times, once for each user, which can impact network bandwidth.

In addition, emails received with attachments should be treated cautiously, since attachments may become sources of infection.  Basic suggestions when receiving:

  • Do not open if the sender is unknown or suspect.
  • Limit total attachments to under one Gb; zip files greater than one Gb.

 

 

Security concern with popular, home-based, Internet routers

Independent Security Evaluators, a Baltimore-based security firm, stated that 13 Internet routers sold for home use were vulnerable to attack if the hacker had network access and could obtain the username and password of the router.  These routers include:

  • Linksys WRT310v2
  • Netgear’s WNDR4700
  • TP-Link’s WR1043N
  • Verizon’s FiOS Actiontec MI424WR-GEN3I
  • D-Link’s DIR865L
  • Belkin’s N300, N900 and F5D8236-4 v2 models

Basic suggestions:

  • Check to see if your home-based Internet modem/router is named above.  If so, check with the manufacturer to ensure that all security updates have been applied.
  • Change the login credentials using a complex password.  (Please review the article “Simple passwords = disaster” in our January 2013 Bryley Tips and Information.)

 

ComputerWorld.com — Popular Home Routers Contain Critical Security Vulnerabilities has the full story by Jeremy Kirk at ComputerWorld.

How to protect yourself against cyber threats on an ongoing basis

In part five of his interview with The Cleaning Crew, Bryley Systems President, Gavin Livingstone, discusses how to ensure that you remain protected against cyber threats.

 

Why is cyber security important?

In a recent interview with The Cleaning Crew, Bryley Systems President, Gavin Livingstone, explained the importance of cyber security.  Watch the first part of the interview below.

Hackers Hijack Email Contacts

Have you received a rogue email from a friend or acquaintance that seems out of character?  For example:  Why is Aunt Mildred calling me “Friend” in her email?  Or, does neighbor Fred really want me to invest in Nigeria?

Odds are, their email accounts – particularly if located at online services like Gmail, Yahoo! Mail, or Windows Live Hotmail – have been hijacked.  (Visit About.com at About.com:Free Email Review for a review of the top 16 free email services by Heinz Tschabitscher.)

With an online service, the email application is cloud-based; the application does not reside locally on the computer, so it is probably the online account that has been compromised.  (Your PC could also be infected, which is discussed later.) Typically, the password is discovered, providing an easy entry to stored emails (which could contain sensitive information) and a contact list that can be exploited.

If this happens to you, login to your account and take these steps:

  • Change your password – Use a complex password with at least eight upper and lower-case characters, numbers and special characters.  (Please See the January 2013 issue of Bryley Tips and Information for the article “Simple passwords = disaster” at Bryley-Tips-and-Information-January-2013
  • Change your Recovery Information (challenge questions) – If the hacker has account access, he/she can retrieve your challenge questions.  Using these questions, he can then reenter the account after you change the password.
  • Set the highest-possible level of security – Select the highest-possible level, even though it adds complexity to the login process.
  • Check related accounts – You might have put passwords into saved emails that the hacker can now access.  Change your passwords and your Recovery Information on all other accounts that might have been compromised.
  • Contact list – Email the folks in your Contact list and tell them:  “I am having an issue with my email account, which I am addressing.  Please contact me if you receive an unusual email that appears to have come from my email address.  Do not open any links within the email itself.”
  • Backup emails and contacts – Backups allow recovery; backup your contacts whenever you add or change a contact.  Backup your emails as often as necessary to keep from losing stored emails.

As with any account, change your password regularly and change your challenge questions periodically.  Visit the About.com article on how to change your Gmail at About.com: Change Your Gmail Password.

For a related article by Leo Notenboom at Ask Leo, please visit Ask-Leo.com: How to stop someone sending email with my address.

If the email application reside locally and connects to a secure site, your PC would be suspect and should be interrogated by virus and malware scanners.  You should also scrutinize your Microsoft Outlook contacts and rename the Contacts folder.

It is still possible that your computer is infected; your account information might have been recovered through a keyboard logger that records your keystrokes and sends them to the hacker.  If so, you need to clean-up your computer before taking the steps above.

Studies suggest cyber-security overconfidence in small/medium businesses

In a recent survey by Symantec and the National Cyber Security Alliance (NCSA), most small and medium-sized businesses participating felt they were safe from cyber threats, although just 17% of the 1,015 companies had a formal plan for cyber security.  Other contradictory items:

  • Although 77% recognized that strong cyber security was important for their brand, 59% had no plan on how to respond to a data breach.
  • Only 13% had a written Internet policy, but 62% believed that their employees knew the company’s Internet policy and practices.

 

Visit Small biz survey: No cybersecurity plans — no worries. What? for the full CNet article by Charles Cooper.

 

In a separate survey during the fall of 2011, research firm Opinion Matterspolled 200 IT decision makers working in companies of five to 250 employees.  Although almost 88% had web-monitoring/filtering software, over 40% of respondents have had a security breach due to unsafe web browsing.

 

Visit 40% of SMB have had a security breach due to unsafe Web surfingfor the full ConnectIT article by Mark Cox.

 

Both studies suggest that these businesses are not as secure as they think.

October is National Cyber Security Awareness Month (NCSAM)

According to the National Cyber Security Alliance (NCSA), October is the month to promote Cyber Security Awareness, which “…encourages people to do their part to make their online lives safe and secure.”

 

The NCSA’s philosophy is that safe browsing is a shared responsibility: “Everyone has a role in securing their part of cyber space, including the devices and networks they use.”  NCASM provides a focal point for participants to educate others about safe and secure usage.  Its three-part mantra:

  • Stop – Understand the risks and learn how to spot potential problems
  • Think – Consider how your usage of the Internet could impact others
  • Connect – Proceed with confidence now that you know what to expect

 

The official presidential proclamation states that NCASM is the time to “…recommit to ensuring that our information and infrastructure remain secure, reliable, and resilient”.

 

Business users may visit Keep My Business Safe for details on how to secure their businesses.  There are safety tips for individuals and some free security-checkup tools.