by Felicien | Jan 3, 2020 | Education
Careful – Your Windows 7 Loses Support in January 2020
If you use Windows 7, you need to be aware that Microsoft will end support for your operating system in January 2020. Now is the time to upgrade to Windows 10.
Windows 7 is an operating system that still has plenty of serious fans – in fact, it was only earlier last year that the market share for Windows 10 moved past Windows 7. Considering that Windows 10 was released in 2015, that is saying something. All good things must come to an end, though, and Windows 7 is no exception. Microsoft is ending support for Windows 7 in January of 2020, which means that it will become much more difficult to keep the OS up and running moving forward. And a recent announcement from Microsoft has let Windows 7 users know that they are going to be seeing bigger, full-screen pop-ups to warn them of the upcoming end of life of the operating system.
Microsoft is Magnifying it’s Warnings about End of Windows 7 Support
All through 2019, Microsoft has been telling Windows 7 users that the support for their operating system was going to end in 2020. Of course, if you are using Windows 7, you may have missed the warnings or just decided to think about them later – after all, a year is a long time. But the end is really around the corner now.
The official end of support for Windows 7 is January 14, 2020. The day after, on the 15th, you will no longer be able to get support from Microsoft if something goes wrong with your operating system. That is why the prompts telling you that Windows 7 support is going to end are getting a lot bigger and more obnoxious. Microsoft is going to push full-screen pop-ups telling you that “your Windows 7 PC is out of support”.
You don’t have to keep looking at the notifications if you don’t want to. You can ask Windows to remind you later or to never remind you again. You can also choose to ‘learn more’, which will take you to an information page about what loss of support means and give you the option to upgrade to Windows 10.
What Does “Loss of Support” Mean?
There are several things that will happen when support ends for your Windows 7 operating system, including:
Loss of tech support. Right now, if something goes wrong with your Windows 7, you can contact Microsoft and get somebody to help you with the problem. They can run you through troubleshooting steps and try to get things going again. But when support ends, you won’t have the option of contacting Microsoft about it. They will tell you that they no longer support your operating system.
No more software updates. Microsoft is always working to improve their operating systems – at least the ones they currently support. But once they stop support, they stop putting resources into improving an OS. That means there will be no more updates to make Windows 7 secure and stable.
Loss of security. There are always people out there looking to compromise Windows operating systems, even ones as old as Windows 7. When you lose support for your OS, it means that Microsoft will no longer be trying to identify threats and upgrade your OS to defend against those threats.
Loss of compatibility. This is the biggest problem for most people with unsupported operating systems. You may be ok with being less secure and not getting the latest and greatest improvements, but you are unlikely to be happy when your favorite software stops working with your version of Windows. Over time, the thing you can use your computer for will become fewer and fewer as software moves beyond your OS.
Fortunately, getting support for your OS is easy enough – you just have to upgrade to Windows 10.
by Felicien | Dec 26, 2019 | Education
Juice Jacking is another creative way that cyber attackers are accessing your data. Learn more about the concept and how to prevent it.
The public must be on guard for any cyberattack that comes their way; however, attackers are creative and are constantly innovating towards the next type of cyber-attack to catch unsuspecting people. Most recently, the concept of “Juice Jacking” has made its way into public attention.
Juice Jacking is a type of attack that uses a charging port, infected cable, or portable battery to access available data on a connected device such as a smartphone or a laptop. Once a device has been infected, attackers can export your data, steal passwords and other personal information, or lock your device entirely making it unusable.
How Juice Jacking works
A conventional USB cable is not only useful for charging your device, but its primary use is to transfer information from one device to another. As soon as a device is connected to a USB outlet, this allows attackers access to devices.
We have all heard of identity thieves putting on card-reading devices, skimmers, or camera on ATMs and other card readers such as at a gas station pump, but attackers are also able to change out USB hardware for another USB port that allows them access to any who connect to the port. Typically, we see threats to our devices in public such as hotels, public kiosks, and airports.
Juice Jacking and Travel
For those people who travel regularly, they rely on the public charging kiosks to keep them connected to family, loved ones, and work while out and about. But USB public charging stations are a prime target for those people seeking to steal and use your personal information.
Attackers can use not only a public kiosk as a way to gain access to your devices, but they can also use an infected cable. Beware to not use cables that are found already plugged into charging stations or you could already have one in your possession as a free gift. It is very easy to mask a cable to look like a brand name item, and most people believe that cables are not capable of holding information maliciously.
Another method to get victims to connect to a power source is to infect portable batteries, and with the rise of shared or rented portable batteries that you can purchase in airports, it has become easier for attackers to gain their victim’s data and move on to the next airport, making pinpointing the problem harder for those trying to stop the attacks.
Preventing Juice Jacking
The easiest way to prevent Juice Jacking is to plug your devices in via your power adapter that normally comes with your device. Another option is to carry your own power bank. A personal power bank can hold enough power for several recharges. Finally, a product that has been developed to combat the threat of Juice Jacking is a USB data blocker, a small adapter that you attach to the end of the USB cable you would like to use that prevents the transfer of data.
by Felicien | Dec 21, 2019 | Education
Learn how AI helps businesses analyze customer provided data and IoT implementation important for growth, customer loyalty, and greater profitability.
There is so much data available to your business but getting a proper read on its importance an investment in costly data scientists. Learn ways technological advances, such as AI, helps your business synthesize data and provide your IT team with the information needed to create apps and other solutions at a lower cost.
The Internet of Things (IoT) is at the forefront of the data analysis performed by businesses. According to a recent article appearing in Forbes.com, data centers used to house the billions of bytes of data businesses collect, along with business analytics are growing at a compound annual growth rate of 50 percent between the years 2017 – 2021. The market value of IoT in 2017 was $235 billion and expected to more than double to $520 billion by 2021.
What does this mean for you and your business? All those valuable bits and bytes you collect from your customers is useless if you do not have a team in place that can help you make sense of it and use it to grow your business. This typically means hiring a staff of professional data scientists who, according to the U.S. Bureau of Labor Statistics (BLS), earned a median pay in 2018 of $118,370 or $56.91 an hour. That is a huge investment in labor which may be better spent instead on AI developed approaches to data analysis and app development.
Leveraging AI to Produce Professional Data Analysis
Professional data scientists cost you nearly $60 per hour while computer programmers with less education and the skills necessary to write and test computer code and develop apps based on your data earn about $40 an hour (median pay of $84,280 according to BLS). AI gives you the ability to hire programmers over scientists, who can help you properly analyze and utilize your data. Here’s how: AI has involved in one of the few technological advances capable of passing the Turing test.
If you are not familiar with the Turing test, it is the ability of a machine to demonstrate human-like intelligence and provide responses indistinguishable from human responses. That this phenomenon has finally happened for the first time in 2014 (64 years after the test was developed in 1950 by British mathematician Alan Turing, noted for breaking German code during World War II) means AI has become the leading driver for businesses looking to bring sense and order to data and quickly create consumer-driven apps to further engage customers and increase revenue.
Why AI over Human Analysis?
Without giving away to fears about machines taking over ala Stanley Kubrick’s HAL 9000 in the movie “2001: A Space Odyssey,” business should come to quickly recognize that machine learning and AI are useful technologies, important in reducing human labor costs and providing a way to integrate IoT into your business.
Hiring programmers who can seize upon the results of AI analysis comes at a savings of about $35,000 per scientist needed to perform the role artificial intelligence does. This alone gives you a compelling business reason to consider the advantage of leveraging AI over traditional human analysis performed by professional data scientists. As companies move slowly toward IoT implementation, you have the opportunity to be on the forefront and beat your competitors to the punch, enabling you to chart uncharted territories and seize important market share!
by Felicien | Dec 16, 2019 | Education
Prevent Hackers from Stealing Your VoiP and Costing You Money
Best ways to prevent your business from losing money because of hackers stealing your VoIP service.
In 2017, telecom fraud amounted to $29.2 billion in losses to organizations and carriers, according to No Jitter. One form of telecom fraud is theft of service, which is obtaining service through an individual or company without payment. VoIP is much more prone to theft of service than traditional telephony services. Service can be stolen through hackers stealing user names, passwords, and other account information. Hackers also can introduce malware into the system to more easily enable theft. Unfortunately, the Federal Communications Commission has not issued any regulations on VoIP fraud, which means that businesses are still liable for any hacked calls. Fortunately, businesses can take some precautions to prevent theft.
Protect Passwords
When businesses buy a new phone, they should always change the password from the factory settings. Some phones use different passwords for the phone interface and web interface. In this case, unique passwords should be used for each interface. Passwords should be made secure by changing them every six months and requiring at least 12 characters including upper and lower case letters, symbols and numbers. Businesses also should regularly update the admin portal password for the VoIP provider.
Limit Physical Access
VoiP phones and other instruments should be kept in a locked space to prevent unauthorized access. The environment of the space should be maintained within the limits set by the equipment manufacturer. Secure access panels to the air conditioning and power.
Build Security in Layers
To prevent attacks and service theft, an organization should plan its VoIP system as carefully as it does its data network. One way is to plan security in layers.
The first layer of security is preventing intrusions on the network. To secure the network, use VoIP-aware firewalls and shut down ports at any sign of malicious behavior, according to Tech Target.
The second layer of security is phone authentication. The phone will not be authorized to the network or to the IP PBX unless a mutual certificate exchange or a certificate and dongle architecture have authenticated it, according to Tech Target.
The third layer involves encryption or authentication between the media and various channels. This means media gateways, ALGs, firewalls and NAT devices, and SBCs, according to Tech Target.
Finally, the fourth layer is user authentication. Only users authenticated via a user name and password or token device or mutual swap should be allowed to make or receive phone calls, according to Tech Target.
Disable International Calling
Most hackers go after the more expensive international phone numbers. Businesses that don’t need to regularly make international calls can disable international calling, using an international calling card when necessary. If regular international calling is required, businesses should carefully check invoices to be sure all calls made are legitimate.
by Felicien | Dec 14, 2019 | Education
BEC Scam Helps Hackers Steal Over $46M from Company
How fast could your company lose $46M? BEC Scams do it in minutes. Find out how criminals hack CEO emails to earn themselves a huge payday at your expense.
Sometimes criminals hide in the shadows and sometimes they hide behind technology, waiting, ready to strike at the most vulnerable. You know this, so you’ve invested in employee education. Employees are aware of common cybersecurity threats and email scams. But the BEC scam turns everything on its head.
It does so by hijacking the CEO’s most important business communication tool, email.
What Is a BEC Scam?
A cybersecurity-aware employee would always check to see where an email is coming from if that email asks them to do something like send millions to a strange account. But what if that email looks like it comes from you?
A Business Email Compromise (BEC) scam is conducted via your CEO’s own business email account. The hackers monitor your email for days or months undetected before sending an email from you to one or more of your employees, asking them to do something like:
Wire money from the company accounts
Share their login to company programs
If an employee got an email from you, would they question it? In a modern workplace, you’ve built a team around you who would ask “why”. But what if the person receiving the email is not in your trusted circle?
Scammers often target those who report to them, and don’t know you as well, instead.
Hackers take it a step further. They use automation tools found on your email account to instantly identify and delete any emails questioning your instructions or warning you that you’ve been hacked.
Real World BEC Attacks
This attack isn’t uncommon and the results are costly. Here are just a few medium-sized businesses that paid the price.
Xoom Corporation – BEC scammers emailed an employee from the CEO’s account and convinced them to wire $30M to a business overseas under the disguise of a business deal
Scoular Corporation – Employees wired an undisclosed amount to China for a fake acquisition deal. The email said, “We need the company to be funded properly and to show sufficient strength to the Chinese… I will not forget your professionalism in this deal, and I will show you my appreciation very shortly.”
Ubiquiti Networks – This San Jose company’s employee wired $46M at the “CEO’s” instruction. They were only able to recover $8M.
How to Protect Your Company from BEC Cybersecurity Threats
First of all, know that the CEO may not be the only target. It could be the CFO, CMO or even middle management.
They often attack companies using Office 365, which is relatively easy to breach if extra precautions aren’t taken. They gain access to your email via simple tricks like getting you to share your password on a spoofed 365 website.
Deploy education and technology to both prevent someone hacking a CEO email and to quickly identify when you or someone in the company has been compromised. This might include:
Powerful spam filters
Monitoring software
Malware protection and firewall
Security awareness training
Other customized solutions to maximize security
Above all, stay informed. Follow our blog to learn more about keeping your company safe from very real and sneaky cybersecurity threats like these.
