Posts Tagged ‘security’
Apple’s iPhone collection of smartphones remains loved by consumers. Unfortunately, they’re also well-liked by a less savory group, hackers. Business Insider recently documented on a new study that found that the iPhone stands as the most hacked mobile device. And most stunning? It’s not even close – the iPhone is the most hacked by a lot.
The most hacked
Business Insider reported on the latest figures from Web security company SourceFire, which released the report “25 Years of Vulnerabilities.” This report charted the Critical Vulnerabilities and Exposures — better known as CVE — of a host of software and mobile devices. The CVE is the standard that security companies use when charting cyber-exploits. SourceFire found that 210 CVE reports had been filed on the iPhone. For comparison’s sake, Android only had 24 CVE reports.
What’s behind it?
This begs the question: Why have iPhones been hacked so many more times than have Android mobile devices? Just as with so many other big questions, there aren’t any easy answers. Business Insider ponders whether part of the reason could be the iPhone’s popularity. The devices, after all, remain a top seller. But the SourceFire report states that Android has received fewer CVEs in 2012 than it did in 2011. This drop happened even though Android enjoyed a big rise in market share last year.
Going after the king
A recent interview with the SourceFire report author on the ZDNet Web site proposes another excuse for the high number of iPhone hacks: Hacking the iPhone might present a challenge worthy of the most talented hackers. Consider how Android devices work. They make use of an open platform. Consequently developers could create malicious third-party apps that users can download onto their phones. That’s not very much of a challenge for hackers. But hacking the iPhone, which does not boast an open platform? That’s a true test of a hacker’s skill.
How much protection do you think passwords provide today to your company’s Web sites, mobile devices and desktop computers? The right answer? Probably not much. Cyber criminals have perfected the art of cracking passwords. And all too often, employees make use of passwords that are easy to guess. This leaves your business vulnerable to cyber attacks. Fortunately, there is a solution: two-factor authentication. And, based on a recent story by Biztech Magazine, it’s the simplest way to immediately boost your company’s ability to protect itself from cyber crimes.
How it works
As the name suggests, two-factor authentication requires users to take two different steps to log onto a Web site or device. Usually, people will need to still use a password but will also have to rely on a second device to gain access to their computers or important Web sites. As an example, after entering a password, an employee may need to swipe a smart card, insert a token or use a biometric identifier in order to continue. This two-step process instantly upgrades a company’s online security, according to the Biztech story.
The starting point
To be sure that your company’s move to two-factor authentication goes well, you’ll need to do some research. Biztech Magazine suggests studying the choices for your second factor so you choose one that fits best with how your staff members work. For example, if a lot of your staff rely on smartphones while on the job, a smart card is probably not the best choice. That’s because most smart cards do not work with smartphones. Deciding on the best factor can make a huge difference in selling two-factor authentication to your workforce.
Take it slowly
Give your staff time to get accustomed to the concept of two-factor authentication before you officially launch it. You need to give your workers the chance to ask questions about how the procedure works. This also provides you with time to explain just why two-step authentication is necessary and how it can provide better security to the company.
Hackers aren’t shy about targeting small businesses. They know that the majority of businesses are vulnerable to cyber crimes. It’s not overly difficult for smart hackers to break into the credit-card accounts or bank accounts of small businesses. Many have no difficulty accessing employee facts such as their Social Security numbers. Fortunately, small business owners do have a tool to use against cyber criminals: common sense. Entrepreneur Magazine recently ran a feature story providing tips for small business owners who want to protect their businesses from hackers. Below are a few suggestions from the story.
Encrypt your Data
Entrepreneur recommends that you first encrypt all of your significant data, anything from bank routing numbers to credit-card account information to employee Social Security numbers. Hackers want to steal these records. It’s how they ultimately drain money from your small business. Entrepreneur’s advice? Turn on the full-disk encryption tools that are included with your computer’s operating systems. On Windows, this tool is labeled BitLocker. On Macintosh computers, it’s known as FileVault. The tool, once activated, will encrypt every file and program on the drive.
The Lockdown Approach
Most computers have a Kensington lock port, a small metal loop that users can run a cable through to lock them to their desks. If you wish to truly protect your business, require that your employees take this protection measure. It might sound silly, but the Entrepreneur story said that businesses are often hacked after burglars break in and steal laptops along with other devices. A cable strapping a laptop to a desk won’t stop all thieves. But it might scare away those who want to strike especially quickly.
Often the easiest way for cyber criminals to gain access to your company accounts is through your business’ Wi-Fi network. That’s why Entrepreneur Magazine suggests you do away with Wi-Fi completely and instead install a wired network. If you can’t do that, at least protect your Wi-Fi accounts with passwords which are difficult to compromise. A good bet? Long passwords consisting of a combination of letters, numbers and symbols.
If your business isn’t growing, it’s dying. That’s why it’s important to stay on the lookout for new ways to grow your small business. There is one area, though, where small business owners often fail to look for growth strategies: IT. Yes, you can grow your business’ revenue by investing in IT. Small Business Computing.com provides a roadmap, listing several IT projects to help make your business and employees more efficient and productive.
Bring Wi-Fi to your business
A growing number of businesses permit their staff to bring their own electronic devices – everything from laptops to tablets – to their cubicles. The reasoning driving this movement: When people work on laptops and tablets that they know well, they work more proficiently. But allowing your employees to participate in the bring-your-own-device movement doesn’t mean much if your office isn’t prepared with a reliable Wi-Fi network that allows your workers to access the internet, send e-mail and post to social media sites while at their desks. Make installing a powerful Wi-Fi network in your office a top priority for 2013.
Ultrabooks are outstanding tools. They’re not as cumbersome as traditional laptops and far more powerful than Netbooks. They can also help your salesforce bring in more business: They can take their Ultrabooks home with them or on the road when they’re traveling to work on reports and presentations. They can run multimedia presentations for potential customers. And Ultrabooks are more affordable than ever today. If you want your employees to reach their full potential, equip them with Ultrabooks.
No more Windows XP
Do you still have computers running the Windows XP operating system? That’s a mistake. As Small Business Computing.com highlights, Microsoft will not provide technical support for this operating system as of early April 2014. The company will also no longer distribute regular security updates for the system as of this time. Running Windows XP, then, means that not only will your employees be working on a decade-old operating system, but their computers will also be highly susceptible to virus attacks. Make the smart move and upgrade to a more current Windows operating system.
How susceptible is Java to hackers? Just last year, the U.S. Department of Homeland Security issued a warning to computer users concerning the security holes linked to the applet. And recently, Java security holes left hundreds of millions of Internet users vulnerable to serious malware attacks. It’s no surprise, then, that Slate writer Will Oremus is advising computer users everywhere to disable Java on their machines. If you would like to protect yourself from cyber attacks, you’ll follow Oremus’ advice.
Java, of course, has sent out new security patches to correct its latest security flaws. But Oremus recommends that users ignore this patch. The odds are high that hackers will simply find another vulnerability to take advantage of Java. Oremus instead advises that users disable the application on their machines. The reality is, the number of Web sites powered by Java applets is shrinking every day. If you absolutely need Java to view a site, you can temporarily enable it until you’re done with that site.
The trouble with Java is that it is so vulnerable to hackers. In the most recent attack, hackers used holes in Java to take over the machines of Internet surfers who visited compromised Web sites. The company that owns Java, Oracle, wasted almost no time in putting out a new security patch to fix this problem. Nevertheless, Java is known for a history of security leaks, and there’s no reason to assume that hackers won’t quickly find new ones to take advantage of.
The good news is it is not difficult to disable Java. If you use Firefox, choose “Tools” from the main menu. Next, click “Add-ons” then hit the “Disable” button next to any Java plug-ins. For Chrome, type “Chrome://Plugins” in your browser’s address bar. Then click the “Disable” button below any Java plug-ins. In Safari, click “Safari” in the main menu bar. Next, click “Preferences,” then select the “Security” tab. Uncheck the button next to “Enable Java.” The trickiest disable comes with Internet Explorer. You’ll need to first call up the Java Control Panel, a task that requires different steps according to which operating system you are using. For more information concerning how to disable Java on Internet Explorer, visit this link: http://www.java.com/en/download/help/disable_browser.xml
Stuxnet made big headlines in 2010. That’s when online security experts first discovered this new piece of malware, one strong enough to attack and control the industrial systems used in the nuclear program being developed by Iran. As a newly released story by the MIT Technology Review says, most people today believe the intelligence departments of Israel and the United States collaborated to develop Stuxnet. And that, to many, is troubling news. It’s evidence of a new from of electronic warfare, one in which countries create powerful malevolent software to unleash on their adversaries. And the United States seems to be leading the charge.
A developing industry
What is the long-term impact of malware weapons? The Technology Review story fears that governments, by investing a great deal of research and dollars into creating these virtual weapons, is making an ever-more hazardous Internet. And it appears these fears are justified. Since Stuxnet was unleashed in 2010, it’s clear that governments have invested a lot more money producing malware weapons. No one knows, in fact, how frequently such weapons have been deployed. It’s almost certain many of these weapons have already been unleashed without the public’s knowledge.
A mobile attack?
Even more alarming? Smartphones and tablets are far from safe from this kind of government-created malware. It’s indisputable that consumers are leaving desktop computers and latching onto smartphones, tablets as well as other mobile-computing devices. As this trend gains momentum, governments are focusing their efforts on the mobile market. The Technology Review story says that exploits that focus on mobile software are prized because manufacturers so rarely send updates to their mobile operating systems. As a result these systems are especially susceptible to malware attacks.
An old story?
The Technology Review story ends on this chilling thought: Maybe malware weapons are nothing new. After all, countries are always developing new and more damaging weapons. It ought to come as little surprise, then, that governments are taking to the online world, too, with regards to crafting new weapons. It’s unfortunate, though, that this newest round of arms building is creating a more dangerous Internet.
Are you a user of Web-based e-mail such as Gmail or Yahoo!? Or do you use a desktop e-mail client such as Postbox, Outlook or Sparrow? Each e-mail option features its own pluses and minuses. As a recent story by the Lifehacker Web site says, some users will do better using a desktop e-mail client and others will thrive with a Web-based e-mail system. Are you currently debating over whether to install that latest desktop e-mail client? Or are you contemplating signing up for Gmail? Deciding if Web-based or desktop e-mail is best for you necessitates a close look at your computing habits.
When desktop makes sense
Here’s who ought to be employing a desktop e-mail client, according to Lifehacker: Users who have multiple e-mail addresses with different domains, those who have to access their e-mail messages even when they’re offline and people who filter and block e-mail messages based on subject headers, senders and specific words. Lifehacker also recommends the use of desktop e-mail clients if you like making use of security features like encryption and digital signing.
When Web-based e-mail makes sense
Lifehacker supplies a list, too, that will help you decide if a Web-based e-mail system is the better option for you. First, if you prefer a single inbox for all your e-mail, Web-based e-mail might make more sense in your case. Secondly, if you only maintain a few e-mail addresses, you can choose Web-based e-mail. This kind of e-mail is practical, too, if you do much of your work at the office or at school. Often, your employer or school won’t let you download and install a desktop e-mail client on their computers.
Plenty of choices
No matter if you go with desktop or Web-based e-mail services, the good news is there are more alternatives than ever before when it comes to e-mail. There was a time e-mail was just about ignored by technology companies. Today, though, companies have launched a wide variety of e-mail services, both Web-based and desktop, that can make organizing and managing your e-mail messages a simpler task than ever before.
Cyber criminals have long centered on running their swindles on PC users. And they have been tremendously successful in stealing personal data and stealing funds from countless people. Now these cyber criminals are unleashing their malware attacks on smartphones, tapping into another huge potential market of gullible users. This should come as being a surprise to nobody. Smart phones are booming in popularity. And many users treat their mobile devices as miniature computers. They surf the Web, send e-mail messages and bank online using their smart phones. Fortunately, you can take measures to ward off mobile malware. It mostly requires that you employ good judgment when navigating the internet using your smart phone.
The security firm F-Secure offers rather frightening numbers: According to the firm, the volume of malware attacks directed at mobile Android devices quadrupled from the first quarter of 2011 to the same quarter in 2012. That’s one among the numerous unsettling statistics regarding mobile malware. CNN Money writer David Goldman, for instance, recently cited an article from security firm Lookout Security that four in 10 smart phone users will click or swipe a suspicious Web Link this year. Goldman also writes that mobile phone cyber attacks have spiked by a factor of six, according to numbers revealed from anti-virus company McAfee.
The Good News
There is some very good news, though. In spite of the surge in smartphone malware attacks, such cyber crimes continue to be relatively rare, particularly if when compared to the frequent attacks on PCs. Goldman writes that McAfee by the middle of 2012 had found about 13,000 mobile malware types. That sounds like a lot. But the same company found more than 90 million forms of malware attacks leveled against PCs. The reason for the discrepancy? First, smart phone code is relatively new. Programmers have learned from the many cyber attacks unleashed against PCs. Secondly, cyber criminals have done so well in attacking PCs, they haven’t had as much incentive to target smartphones and other mobile devices.
You can safeguard your phone from mobile malware attacks. Start by getting anti-virus software from reputable companies. Be cautious, though–cyber criminals could create bogus anti-virus software that doesn’t protect your phone but instead sends these criminals your information. Also, make sure to research any app before you download it. You want to be sure that it is offered by a reputable company. Finally, be equally as wary of phishing schemes as you would be while sitting in front of your computer. Never provide your Social Security Number, bank account numbers or other important information in an e-mail. Your bank will not ask for such numbers in e-mail.
What do you actually know about the Internet? Sure, you know that the ‘Net helps you view your favorite TV shows, download the greatest hits collection of that hot new band and play word games with contacts who live on the other side of the planet. But did you know the way the Internet actually works? Probably not. Luckily for us, the editorial staff at Web site Business Insider are ready to help. The Web site recently produced a feature highlighting a number of the more unusual facts about the Internet. Here are some tidbits that will help you raise your Internet IQ.
Facebook is King
We know Facebook is huge. But the social network company is not only big. It rules cyberspace. Business Insider quoted data from Hitwise to discover just how big of a player Facebook has grown to be: Facebook accounts for one in every five page views on the Internet. Facebook also, in September of 2012, reached 1 billion users.
The Biggest Data Center is Rising in Utah
Business Insider also mentioned that the largest data center in the world is now being built in Utah. The National Security Agency is behind this center, and when the data center is finished, it will store a yottabyte of data. You might not know what a yottabyte is. But it’s big. It equals 1,000 zettabytes or 1 million exabytes, according to Business Insider.
Streaming is on the Rise
Do you stream movies or Tv programs to your TV, computer or tablet? Even if you don’t, the odds are high your neighbor probably does. Streaming has become one of the Internet’s most widely used features. According to the Business Insider story, quoting statistics from Harris Interactive, greater than 50 percent of U.S. residents are using the Internet to view TV. Streaming video has become a particularly desired service among the younger customers that are flocking to Web streaming. As stated by Business Insider, streaming is a big hit among consumers younger than 35.
This may come as a shock to you but one of the easiest ways to protect your computer from hackers it to disable Java on your machine. Java is software that enables websites to run interactive software. However, Java has been criticized for being a backdoor for hackers to get into your system. Business Insider pointed out that earlier this year 700,000 Apple computers were infected with the Flashback Trojan malware. One of the things these computers had in common is that they were all running an out-of-date version of Java.
There is a flaw in Oracle’s Java software that hackers have taken advantage of. This permits them to install malware. Quickly after the weakness was discovered, Oracle released a new version of Java that fixed it. However, if an individual has not updated their version of Java they may not know that their computer is vulnerable to hackers. Moreover, there may be other weaknesses in Java that Oracle has not found, so the best way to make sure you are protected is to disable it. Most websites don’t require Java any way.
Turning off Java
Turning off Java requires different steps depending upon what web browser you use. In Firefox users must first select “tools” from their browser’s main menu. They should then click “add-ons” and the disable buttons next to any Java plug-ins.
Safari users must first click “Safari” in the main menu bar and then “Preferences.” Once they’ve done this, they can select the “security” tab and make sure that the button next to “enable Java” is not checked.
Google Chrome users need to type “Chrome://Plugins” in their browser’s address bar. They can then click the “disable” button listed below any Java plug-ins.