As we continue to rely more on technology, keeping our information safe is becoming increasingly difficult. With Wi-Fi being the standard form of network communication for most business professionals who are on the go, the need for secure data transmission has become even greater. Public Wi-Fi locations like coffee shops, the airport, and even your home and office are not safe when sending and receiving data. According to idtheftcenter.org[i], in 2015 alone there were over 177 million cases of identity theft reported.
The two most popular ways of someone accessing your data over Wi-Fi are sniffing and rogue access points[ii].) Sniffing is when another user nearby captures the data your computer transmits over Wi-Fi, and then reassembles it to look for passwords or other unencrypted account information. The aptly named rogue access point is where someone will create a Wi-Fi hotspot that appears to be legitimate, like “Free Starbucks Wi-Fi,” or “Airport Public Wi-Fi,” and then waits for users to connect to it. Once the user is attached to the hacker’s hotspot, the users’ data transmission is all captured on the hacker’s machine. The hacker can then use specialized programs to reassemble the packet capture to reveal what the user(s) was looking at and if any sensitive information or passwords were used. One of the most effective solutions is to encrypt the traffic going between your infrastructure and your home computer/laptop, which is why VPNs were developed.
One of the fastest and most damaging cyber security threats falls under a category called “ransomware.” Ransomware is malicious code that encrypts all the user’s files and is usually downloaded unknowingly. This type of malware gets its name from what it does when a user tries to open an infected file: it prompts the user to pay a ‘ransom’ within a timeframe to receive a decryption key, which would then allow you to decrypt your files. Even if you choose to pay the ransom, there is no guarantee you will gain access to your data. In this article, we will explain steps you can take to protect and secure your environment.
Ransomware is a real threat to any business that allows user access, as it depends on users to spread it. Different industries also have different risks, with healthcare usually opting to pay the ransom to protect patient data, while the education industry has the highest rate of infection. Other lucrative targets include classified documents, financial documents, and intellectual property. With names like Telecrypt, iRansom, FSociety, and CryptoLuck, the goal of ransomware is all the same for their creators: making money. According to Lavasoft, the CryptoWall 3 ransomware cost users $325 million just in 2015 alone. As ransomware grows and evolves, they become even more costly. At the end of 2016, one of the most harmful ransomware is named “Cerber.” Not only does it lock your files from being accessed, but recent variations have incorporated the stealing of personal information and scripts that cause your machine to target other servers.
Responsible businesses with sensitive data know they need a firewall to control traffic and secure their networks. What seems less well known, however, is the role that complementary technologies play in a comprehensive approach to cybersecurity. An Intrusion Detection System (IDS) enables organizations to take a proactive security stance, which is why Atlantic.Net offers one for its security-conscious customers.
Amid all the headline-grabbing data breaches of the past year, the vulnerability of companies in industries like health care may be overlooked. Data breaches began costing healthcare firms over $5.5 billion annually shortly after HIPAA became law, according to the Ponemon Institute.
Once online criminals have found a profitable target, they tend to return to it with ever more sophisticated attacks. A report recently indicated that over 75 percent of the healthcare industry had been infected with malware in the past year, and noted that a shocking majority of ransomware targets medical treatment centers.
Cliches like the typical hacker being a teenager living in his or her parent’s basement are persistent, and harmful because they misrepresent the situation to the potential victims of hacking. The numbers clearly show that hacking is now predominantly committed by sophisticated criminal organizations. Utilizing an IDS is a proactive approach to meeting that threat.
An Intrusion Detection System, or IDS, is a software application that monitors the network and hosting environment and analyzes activity on it. Any activity which is considered unusual is ranked according to how high risk it is considered based on information from global threat databases.
Like many other top IT executives in the public and private sectors, a CIO at the National Institutes of Health, Alastair Thomson, is guiding his agency’s staff toward the cloud.
Science is ballooning. According to two bibliometric researchers, Ruediger Mutz of the Swiss Federal Institute of Technology and Lutz Bornmann of Germany’s Max Planck Society, the amount of published science is growing at 8-9% per year. “That equates to a doubling of global scientific output roughly every nine years,” explains the British journal Nature. “Bornmann and Mutz find that global scientific output has probably kept up this dizzying rate of increase since the end of World War II.”
Publication is of course not the only way science is growing, as CIOs at science-oriented organizations are reminded on an everyday basis by the scope of their projects. The data used for research used to be discussed in terms of megabytes, then gigabytes. Today, it’s typical for a project to be working at the level of terabytes or petabytes.
Failure to adopt two-factor authentication (2FA) or multifactor authentication (MFA) can be a major and costly mistake for those using cloud services. Adding security can make it less likely that you get hacked. Here are some tips to incorporate 2FA or MFA into your business.
Getting hacked and potentially bankrupted is one of those things that, like a car crash or an illness, can seem to be an unlikely threat until it happens to you. The figures for small business, though, are incredible: one in five small businesses get hacked each year, and 60% of those that do are bankrupt within six months. In other words, a scary percentage of small businesses get hacked each year, and for the majority of those that do, it’s “game over.”
Earlier today, a security vulnerability, CVE-2015-3456 (VENOM), was publicly announced. This vulnerability affects the widely used KVM/QEMU virtualization hypervisor platform that we use to power our SSD cloud hosting servers.
We are rolling out the necessary security patches to address this vulnerability to all applicable infrastructure. In order to ensure that the patches are effective at resolving the vulnerability, you may see a very brief interruption in service (a few seconds) while your Cloud Server is switched to run on the updated version of our infrastructure.
A very small percentage of Cloud Servers may require a reboot to complete this process. If this is necessary for one of your cloud hosting servers, you will be contacted by our support team so this can be done with as little inconvenience as possible.
We will keep you posted on progress.
UPDATE 05/14/15: Atlantic.Net has successfully mitigated the VENOM vulnerability in our USA-West-1 (San Francisco), USA-Central-1 (Dallas), USA-East-2 (New York) and Canada-East-1 (Toronto) Cloud locations. USA-East-1 (Orlando) is almost complete, however, there is a small percentage of Cloud Servers that will need to be manually rebooted. If you are one of the few affected, an email will be sent to you shortly with further instructions.
UPDATE 05/14/15: Atlantic.Net sent notification to the small percentage of cloud server hosting that needed to be manually rebooted in USA-East-1 (Orlando). Those that were notified have until 11:59 pm ET on May 15, 2015 to power cycle their Cloud Servers per the instructions provided in the email. If they have not done so by the previously mentioned time, we will shutdown their Cloud Servers and power them back on.
UPDATE 05/16/15: Atlantic.Net has now successfully mitigated the VENOM vulnerability in USA-East-1 (Orlando), and as previously noted, all other Cloud locations.
You can read more about VENOM here.
If you have any further questions, please contact our Support team.
For a long time, data security has been a major need in the healthcare industry, but as Cloud hosting gains more and more traction, healthcare providers are starting to take advantage of it to keep their data secure. As a whole, the healthcare industry is very conscientious about data privacy and some of these issues can be addressed through cloud encryption and cloud key management.
© 2017 Atlantic.Net, All Rights Reserved.