Category Archives: Security

All thing security!

Are you protecting your network?

More and more, with the growth of the IoT (Internet of things), we are adding to our network. Don’t take me wrong, being able to see who is at your front door, or adjusting your thermostat on the way home is great, but these things need Internet access. Unfortunately, these end-points or nodes aren’t always secure. In fact, there was a case where Ring Doorbell had a vulnerability that if someone had access to the doorbell unit they could get your Wi-Fi password, which would give them access to your whole network. Some brands, like Ring, are on top of it and patch known issues quickly, but some—not so much. My suggested solution is network segregation. This could include using a guest network on your wireless router, or multiple routers and segregated networks via multiple devices. In my case, I went overkill with the latter option—someone commented on the number of routers I have in place. The idea of network segregation is even if someone has access to one of your IoT devices, it should not bounce over to your home network. So if you use IoT devices and want to segregate your network but don’t know how, give me a call.

-Daryl Jiles

How I Protect Myself From Ransomware Theoretically

I have broken down how I have set up a safeguard below, with three steps Prepare, Backup, and Restore.

Prepare: Prepare for when not if you will get ransomware on your device.

Understanding Ransomware is the first step, which is Encryption of your files. And about the only two ways to get that info back is a backup or well a backup. You can just pay the ransom to get the Encryption Key, but then the bad guy has your info and money.

Backup: Backup your data

Now the backup side, so I suggest a good backup. When it comes to backups though all are not equal, so how is the backup done is a big factor. Understanding backups is another subject, but the basic is if you don’t have older backups it is basically like not having a backup at all. Also if your backup is encrypted it will do no good.  My suggestion would be to have a couple of backup chains on a separate drive.

Restore: Restore your data

Now once you can tell you are a victim of Malware (Ransomware) you need to restore the data. Now I have restored a backup with my backup software but some are different. So I can’t give a step by step for yours.

To end this just be prepared, bad guys are wreaking havoc and not just for large systems, you can be hacked also. So do you want to be prepared to get back that picture from your kids or grandkids 1st birthday, or lose it forever?

 

Ransomware – a type of malicious software designed to block access to a computer system until a sum of money is paid.

Encryption – the process of converting information or data into a code, especially to prevent unauthorized access.

Encryption Key – a random string of bits created explicitly for scrambling and unscrambling data.

Malware – software that is intended to damage or disable computers and computer systems.

Time For Your Flu Shot!

So you are told to just go get an Anti-Virus Scan. But you still end up with a Virus. Inconceivable! Well part is you must know how Malware works. See a Virus is Malware but Malware isn’t always a Virus.  I know this sounds funny but look at it as if Malware is an umbrella and Viruses lives under it. So just get a Malware scanner and I am done right? Not so fast Sherlock. Knowing how these differ is needed at this point. Let’s break it down like this, most Malware detection be it Malware Scans, Adware Scan, Spyware Scan, Virus Scans etc. have what is called a definition file. Now I can go into details but that would involve lots of research which for this blog post is not necessary.  So an updated definition file has what is new for the scan. So that is why not having your definition file up-to-date is like not having a scan at all. So now let’s get into how and Anti-Virus definition and a Malware definition are different. So the best way for me to look at it is Anti-Virus Scanners are old school and Malware Scanners are new school. So let’s say you like a band like AC/DC well Anti-Virus Scan would be like “Dude AC/DC is my Jam!” and a Malware Scan would be like “What is this AC/DC you speak of?”  On the other Hand (Showing my age) Let’s say you asked a Malware Scanner about Adele it could say “Dude Adele is my Jam!” but an Anti-Virus might be like “What is this Adele you speak of?”. See how that works? Now to add to the confusion fast forward a year and ask the same question and you might get something like this. Anti-Virus Scan would be like “Dude Adele is my Jam!” and a Malware Scan would be like “What is this Adele you speak of?”  So that said Malware Scan definitions are up-to-date but don’t keep old data. Anti-Virus Scan definitions are not up-to-date with new issues but keep old data. So the best bet is to use both. And luckily an Anti-virus and a Malware Scan can run side by side.  (I need to add this involves a setup that might be hard for some people)  Now does this stop issues no, I typically run about 4 different scans on a PC I think has a Virus. Also I tend to pay attention to PUPs (Potential Unwanted Programs) and PUMs (Potential Unwanted Modifications) that some people don’t. So with that said run both and get help if you need it to set it up, also if you suspect a Virus, get it checked out ASAP. Even with the years I have been working with PCs Viruses can still get past me.

 

DisclaimerVirus removal is not a 100% guarantee and the best solution is a wipe and load of a system to remove them.

 

-Daryl Jiles