Your Router Can Host Some Pretty Nasty Malware

Posted May 25, 2018 by

Hundreds of millions of people use wireless Internet connections every day, and as a result, hackers are taking that as a challenge. They are now starting to develop malware that targets people through their routers. Recently, security researchers at Kaspersky Lab have discovered the malware named Slingshot. The code is designed to spy on PCs through a multi-layer attack that targets MikroTik routers. Today we take a look at Slingshot, and other router-based malware and what you can do about it.

Slingshot

Slingshot works by replacing a library file with a malicious version that downloads more malicious components and then eventually launches a two-front attack on the computers connected to it. The first one runs low-level kernel code that gives an intruder free rein of a system, while the other focuses on the user level and includes code to manage the file system and keep the malware alive.

It is a very intricate attack that calls the nefarious code in from an encrypted virtual file system; managing to do so without crashing the host system, a feat not lost on the security experts at Kaspersky Lab, who deemed it a state-sponsored attack because of the quality of the overall attack and the complexity of its components. Reports suggest that the malware can basically steal whatever it wants, including keyboard strokes, passwords, screenshots, and information about network usage and traffic.

MikroTik has announced that they have patched the vulnerability on versions of their routing firmware, but concerns remain as no one is sure if other router manufacturers have been affected. If that were to come to fruition, Slingshot could be a much larger problem than is currently believed.

Other Instances

Slingshot isn’t the first instance of a router turning on its owner. Traditionally, router security is known to be largely unreliable. Much of this is on the manufacturers, which have been known to build many different products without having a strategy in place to keep them working with up-to-date security. It is also up to the user to keep their router’s firmware up-to-date – something that is very easy to not keep top-of-mind. Plus, some routers make firmware updates time-consuming and difficult.

To attack the network, hackers seek to change the DNS server setting on your router. When you try to connect to a secure website, the malicious DNS server tells you to go to an elaborately constructed phishing site instead. By spoofing the domain and rerouting you to a website that is specifically constructed to take advantage of you, you have very little chance of warding off the attack before it’s too late.

Hackers have also been known to inject all types of user hindrances such trying to perform drive-by downloads, or inundating users with advertisements. Many attacks make use of cross-site request forgery attacks where a malicious actor creates a rogue piece of JavaScript that repeatedly tries to load the router’s web-admin page and change the router’s settings.

What to Do If This Happens to You

The first thing you should do is work to ascertain if your router has been compromised. You can do this in several ways, but the most telling is that your DNS server has been changed. You’ll have to access your router’s web-based setup page. Once in, you have to visit the Internet connection screen. If your DNS setting is set to automatic, you are in the clear. If it’s set to “manual”, however, there will be custom DNS servers entered in the space. Many times, this is the first sign of a problem.

If you have been compromised, ensuring your router is set up to your manufacturer’s specifications will help you mitigate damage. To ward against this happening to you, you should always:

  • Install firmware updates: Making sure your router’s firmware is updated to the latest version will definitely help.
  • Disable remote access: Stop remote access to secure against anyone changing settings on your networking equipment.
  • Turn off UPnP: Plug and play can be very convenient, but your router could be affected through UPnP if there is any malware on the network since it is designed to universally trust all requests.
  • Change credentials: Changing your passwords are a simple way of keeping unwanted entities out of your router.

For more information about network and cybersecurity, the expert technicians at Excalibur Technology are accessible and ready to help you keep your network and infrastructure secure. For help, call us at (877) NET – KING.


Know Your Tech: Cache

Posted May 23, 2018 by

Concept Art: Cache / circuit boardIf you hang out around technology professionals for any period of time, chances are that you’ve heard the word “cache” used before. The word, pronounced cash, is usually heard in the phrase, “clear the cache,” but if you don’t know what this phrase means, how can you benefit from it? Since this week’s tech term is “cache,” let’s get into the details.

What is a Cache?

Most words used in computing have meanings outside technology, so it’s natural that cache has appeared elsewhere in language before now. A cache is essentially storage that is hidden away from the general public. Maybe you have a stash of goodies in your desk that are meant for “emergencies,” or perhaps you have a cache of pens hidden away because people keep stealing them from you. Either way, it’s a collection of something that you want to keep out of sight, and it has its uses for computing as well.

A cache can also be a hardware or software function that keeps data stored somewhere hidden away for faster processing in the future. This can be anything from a cache allowing your network’s data to travel faster from point A to point B, to a web browser storing information from certain web pages so that they are loaded faster than they otherwise would be. Simply put, the cache makes computing easier and more efficient–or at least, it’s meant to.

What Does “Clear the Cache” Mean?

Clearing the cache in a web browser is easy. All it takes is the keyboard shortcut, Ctrl+F5. What this does for your device is that it allows the website to update any information that it has stored in the cache. This includes cookies and other website data that it may have stored. How this comes into play is when a website is updated and its appearance needs to be updated in the cache. If you fail to clear it, you might not be looking at the most up-to-date version of the website. Caches are most effective when they are small, so it helps to clear it once in a while to keep it that way.

Before clearing a network cache, however, you’ll want to first make sure that any drastic changes are handled by a networking professional. Excalibur Technology would be happy to further explain the process of caching and what it means for your business. To learn more, reach out to us at (877) NET – KING.


Why You’ll Want to Consider Hosted VoIP Telephony

Posted May 21, 2018 by

Concept Art: Hosted VoipToday, communications are an important part of business, and with nearly every organization looking to reduce redundancies, a lot of businesses are starting to take advantage of Voice over Internet Protocol (VoIP) solutions, using the resources they already have in place to avoid paying twice over.

With today’s ISPs delivering faster and faster speeds to businesses, much of the bandwidth a business uses is lost. By choosing to utilize a VoIP telephony solution, your company gets more for less. You are paying for access to massive amounts of bandwidth anyway, why not cut your communications costs while you are at it? Today we will take a look at the various types of VoIP that are available and why the switch may be just the thing your organization needs.

What is VoIP?

Voice over Internet Protocol is just that. It is the ability to make calls and have a feature-rich platform that provides all the services that your traditional phone system offers, for a fraction of the cost per user. If this seems too good to be true, consider that the VoIP market is growing rapidly (over 15 percent per year). It works through your organization’s Internet connection rather than through dedicated phone lines. So, instead of having to pay for a separate system or add expensive hardware, VoIP provides an organization the immediate cost reduction without a discernible shift in functionality.

Hosted VoIP technology can be hosted either onsite or in the cloud, but since you won’t have to pay for and maintain hardware with the cloud-based platform, the cloud-hosted version will save you money. It is still a completely managed and maintained PBX server, but instead of having the system in your office, your organization can access it through web-based applications typically available on both desktops and mobile devices.

Benefits of VoIP

We’ve already outlined the cost reduction that’s possible with VoIP, but there are some other benefits as well. They include:

  • Easier to Manage: If anything, switching to VoIP eliminates a vendor that you have to manage. More than that though, VoIP doesn’t need special hardware, it can use the same wiring and switches as your LAN.
  • Unified Communications: Installing a VoIP platform likely means that you are able to unify your organization’s communications platform, giving your staff the option to communicate multiple ways at the click of a button.
  • Functionality: A VoIP platform can integrate with all types of business-management software to provide easy access to the communication capabilities that often make business run better. VoIP also has innovative features like Voicemail-to-email transcription, interactive voice recognition, and integrated chat.
  • Scalability: When you need another user, it’s as simple as adding a line to your VoIP plan.

VoIP makes a lot of sense for the growing business and the established enterprise, alike. If you would like more information, contact our professional consultants today at (877) NET – KING.


Where You May be Seeing More AI Soon

Posted May 18, 2018 by

Concept Art: AI/ human brainThe notion of artificial intelligence has played out in fiction, on the silver screen, and on the small screen for decades. Instead of having sentient cyborgs that enslave humanity, people are using A.I for our benefit. Today, we take a look at the A.I. of 2018 and how your business can leverage it for your benefit.

What is Artificial Intelligence

Today’s world is filled with data. All the experiences and thoughts humans have produced over centuries have provided somewhat of a record of what is expected from A.I. After all, if humans are going to replace workers with machines, ensuring they can do the jobs as (or more) efficiently is going to be important. For now, however, A.I. is being utilized in conjunction with people–trying to make our world better by making the applications and services we depend on more intuitive and efficient.

At one time there were the American Titans of Industry. Today we have Titans of Technology, and not one of them isn’t completely fascinated by the practical applications that artificial intelligence (in some fashion) can have for humanity. The thing standing in the way from all this glorious A.I.-fueled innovation, of course, is humanity. It seems every so often there is a report that is written suggesting that millions of workers can now be replaced with machines, and in the interest of shareholder profits, any business that has been able to leverage A.I. and increase its profitability has gone ahead and done so, often against public sentiment.

One study predicted that 47 percent of all jobs could be automated by 2033. That’s only 15 years off. If you’re looking for some current statistics, another report found in 2016 that up to nine percent of all workers are now unnecessary. Yet another suggested that 800+ of the largest businesses in the world, will cut between four and seven percent of their workforce and replace them with more efficient and less costly artificially intelligent machines.

How Your Business Could Use A.I.

You use A.I. every day without even thinking about it. Every time you use Google. Every time you use Uber or Lyft. Every time your email sends an incoming email to spam. Even as people all look forward to an inevitable permanent vacation as a result of A.I., it can be extraordinarily useful for the smaller business. Here are three ways even the smallest of businesses can take advantage of the growing A.I. market.

  • Operations – For small manufacturers or service providers many of the often-redundant parts of the job can now be automated. Since an A.I.-fueled ERP or CRM platform adjusts to the data you enter into it, it increases the level of automation that you can use to make your business more efficient.
  • Marketing – Small businesses rely on very targeted marketing campaigns, and by utilizing A.I.-driven marketing platforms, companies can reduce their marketing costs and target the audience most likely to purchase their products and services.
  • Customer Service– Customer service representatives have a tendency to flame out fairly quickly and actually deteriorate a company’s relationships with its customers. By using A.I. to automate a big portion of the customer service load, customers will get better support, and will tend to become repeat customers.

How has your business been able to utilize artificial intelligence? Do you foresee using A.I. in any capacity going forward? Leave your thoughts below and return to our blog for more great technology-related information.

 


Tip of the Week: Creating Canned Responses in Gmail

Posted May 16, 2018 by

Conecpt Art: Mail envelopes floating above a keyboard.If you’re like most business users, you rely on email quite a bit to stay apprised of what is going on, as do most of the people with whom you are likely in communication. As such, you most likely understand that, while most emails require some kind of response or confirmation of receipt, not all of these messages require a heartfelt message. This is where Gmail’s Canned Responses come in handy.

This week’s tip will go over how to set up your own canned responses to streamline your repetitive, but necessary, communications.

How to Set Up Canned Responses

First, you’ll need to log in to the browser version of Gmail. Once there, click on the Gear icon in the top right under your profile image and select Settings from the menu. From there, you’ll see a horizontal menu that will display Advanced. Click into it. You will see the option to enable Canned Responses. Click the radio button to select enable, and then save your changes. You can now create canned responses to use in your correspondence.

Creating and Using Your Canned Responses

To create a canned response to use, open the message composer and write out what you want your message to say. Once you are satisfied with your return message, access the message window options by clicking the button in the bottom-right corner. That menu should now have a Canned responses option, with a sub-menu that allows you to save a New canned response. You will be prompted to give your new response a name, and then it will be saved for future use in that sub-menu.

What kind of messages would you anticipate using canned responses for? Tell us what you think in the comments!


Technology Addiction is a Very Real, Very Scary Thing

Posted May 14, 2018 by

Concept Art: Phone handcuffed to wristTechnology has become essential to workplace functionality and personal productivity, but while the long hours spent glued to our tech during the workday are a necessity, the time we spend at home with our personal devices is definitely voluntary. However, more and more people – children especially – are finding it harder to let their devices power down.

This is the hallmark of technology addiction, or Internet addiction disorder (IAD). While it isn’t yet officially recognized in the Diagnostic and Statistical Manual of Mental Disorders (DSM), IAD caught the attention of health professionals in the 1990s and 2013 saw the addition of Internet Use Gaming Disorder to the DSM-5.

What Makes IAD a Problem

Many of the features and trends that are widely taken for granted in applications today – autoplay, in-app purchases, and even notifications – are actually undermining our self-control. Instead of being able to set down the device and move on to something else, these tactics have made it so that we feel compelled to compulsively check these devices.

After all, you never know what you may miss if you don’t check right now.

Of course, needing to use technology for work and being addicted to technology are two very different things, but that doesn’t change the fact that children and adults alike have increasingly presented the warning signs of this addiction in their personal lives. That’s right – as much as the attachment to technology has stereotypically been framed as a young person’s problem, it can affect adults just as easily.

In a poll, 66 percent of parents felt that their teens were investing too much time into using their mobile device. No real surprise there, right? However, the same poll measured that 54 percent of children believed that their parents were checking their own devices too frequently as well.

Symptoms of IAD

IAD has a few warning signs and symptoms that present themselves in the behavior and mood of the person affected. Repeatedly checking for incoming text messages or updates and excessive social media use are common behaviors to keep an eye out for in your loved ones, and possibly in yourself.

Those afflicted with IAD also frequently feel euphoric while using their technology, and when they aren’t, often feel restless. IAD sufferers are prone to social withdrawal and experience diminished interest in activities not centered around a gadget. Some schools have even implemented technology fasts, where students have gone without their precious devices for a week. Teachers have noted that these students often exhibit physical symptoms of anxiety while their devices aren’t accessible. Students will reach for a device that isn’t there, all the while shaking and sweating.

How to Reduce Addictive Tactics

Above, we mentioned how many modern applications have features that encourage this kind of pervasive presence and dependence. To avoid these affects, it is probably best that these features are deactivated for non-essential applications.

Notifications are some of the biggest culprits of encouraging persistent use, so if the information isn’t essential to your professional or personal life, you don’t need an app trying to get your attention. Ask yourself: do you really need to be informed that your energy has been refilled in that mobile game you play more than you should? At the very least, using the mute notifications feature will help keep your attention from being pulled away when it shouldn’t be.

Many of the same apps that spam you with notifications are also the ones that encourage users to make those tempting in-app purchases that give the user an edge, or more frequently, extend the amount of time you can use the app before you have to wait again. This is most common in the free versions of these applications, so if you insist on using the app, it is more economical in the long run to just bite the bullet and pay for the app itself.

What piece of technology can you not bear to be without? Share it with us in the comments.


Is Your Cloud Solution Actually a Money Pit?

Posted May 11, 2018 by

Concept Art: CloudThe cloud has proven to be an extremely useful tool for the modern business. Not only does it provide anywhere-anytime access to applications, processing, storage, et al; it also delivers those products as a service, allowing you to budget for recurring costs rather than major upfront ones. This provides your organization with functional, supported, and secure computing environments that eliminate a lot of the support costs that traditional computing environments require. It sounds like a perfect scenario for small and large businesses alike, but things aren’t always what they seem, as a lot of cloud users have found that they have incurred several hidden costs by using cloud platforms. Today, we take a look at these hidden costs.

A study from Research in Action polled 468 CIOs about their cloud usage and the costs associated with them. Many admitted that cloud investment was one of the largest expenses their organization would have from a technology point of view. The study went on to find that while a majority of CIOs considered the “hidden” costs of this technology, much of the concern is alleviated by the reputation of their vendors. Some of the potential problems they considered include:

  • Having to put forth more effort to properly manage vendors, and their corresponding Service Level Agreements (SLAs).
  • Bottlenecking and the impact poor cloud performance could have on brand perception, productivity, and customer support.
  • The increased cost of solving complex problems inside cloud environments.

Are these concerns justified? Sure, but they are hard to measure. Many businesses just haven’t developed a system to properly quantify the perceived loss in revenue tied to cloud inefficiency. In fact, most companies don’t have updated, automated methods in use to track and manage their cloud performance.

Costs of Scalability

Many organizations also run into cloud cost overruns when dealing with the scale of their cloud platforms. Costs associated with over-provisioning (buying too much), under-provisioning (buying too little), management, and administration of cloud hosted environments present costs that may not look significant up front, but over time can have negative effects on the overall profitability of a business. Understanding the amount of space/processing you’ll need to meet your organization’s needs is almost always going to be a fluid situation, but understanding how they affect your business’ bottom line is crucial to mitigate unwanted monetary responsibilities or cost overruns associated with the cloud platforms you utilize.

Going Too Far

Cloud platforms are nice, but you don’t have to look much further than your personal situation to see how the ease of use these platforms provide can get expensive pretty quick. For the individual, costs add up quick thanks to cloud-based streaming media and other platforms that come in a subscription model. You’ve got Netflix, Spotify, Hulu, and many, many more that are relatively cheap. Microsoft Office 365 is exceptionally useful and affordable, providing unparalleled value for about any computer user. The more you subscribe to, the more costs add up, which is why you’ll want to design, and stick to a dedicated plan to avoid overextending yourself, or your organization.

Utility computing in the cloud, whether it be applications, storage, processing, or some other form, is extraordinarily valuable, but only if you understand how to avoid paying more than you should for your cloud assets. The knowledgeable technicians at Excalibur Technology can help you come up with cloud deployment strategy, while also helping you avoid cost overruns typically associated with these assets. Call us today at (877) NET – KING to learn more.

 


What Kind of Insurance Can Your Business Get for Potential Data Loss?

Posted May 10, 2018 by

Concept Art - A shield icon inside a gear.We want to talk a little bit about cyber liability insurance and why it’s important that your business understands what is covered and what isn’t. It’s something that no business actually wants to talk about as the worst-case scenario is often a bit too unnerving to consider.

If you’ve never heard of cyber liability insurance, it’s insurance that allows you to pay a company for protection against events that might cause data loss or other similar damage to your computing infrastructure. We know what you’re thinking–”That’s why I pay for security software, like antivirus and firewalls.” While it’s true that the two are somewhat conceptually similar, it’s not always so simple.

Let’s say that a hacker has stolen data from a company. That company then becomes liable for the data that’s been stolen, whether it’s personally identifiable information, medical, or financial data. A perfect example of this is the Equifax breach, which exposed the credit information of over 100 million consumers. Equifax was able to stay in business after one of the worst data breaches in history, although it is still relatively early in the process. Sources have stated that their cyber liability insurance would have covered up to $150 million worth of restitution, but with over 140 million people’s personally identifiable information being exposed, the liability should easily blow past that.

Chances are that your business doesn’t deal with 14,000 customers, let alone 140 million, but cyber liability insurance is an effective backup plan if your network or infrastructure is breached, and your customer’s sensitive data is stolen. Responsible businesses will have defensive tactics installed to protect the data from direct assault. One such solution is an antivirus. Depending on the product that you use, or who offers it, any damage done by a data breach or virus on your network might only be covered under incredibly specific circumstances. If the antivirus crashes, or if it’s not up to date, the insurance provider may not be liable, and will roundly refuse to reimburse your organization in the event that it is inundated with malware, or is the victim of a data breach. As true with any insurance, if the situation doesn’t line up with the language in the agreement, they are not beholden to honor a claim.

Of course, we’re not insurance professionals, nor do we pretend to be. We just want to make sure that you know where your business stands on cyber liability insurance, and what you can do to increase your awareness. There are many reasons why your business would decide that they need cyber liability insurance. With data now being viewed as more of a commodity than ever, we are seeing organizations invest more in the protection of their data. Since any situation in which cyber liability insurance would trigger would have resulted in data being stolen of lost, companies need to manage all the negative aspects associated with losing customer data, which outside of the obvious data loss, includes ensuring that their organizational reputation isn’t completely toxic to new and existing customers.

You can start by making sure that your business’ antivirus is always up-to-date for the latest security threats. Excalibur Technology can be counted on to keep your antivirus ready to tackle all of the latest threats your organization faces. We can remotely patch and secure your company servers, workstations, and network components so that they’ll be secure against all manners of viruses, malware, and other threats.

Remember, we’re not insurance experts, but we do know our way around technology, and are experts in protecting organizations against the cyber threats they face. To learn more about how we can help you keep your technology from being a pain in the neck, reach out to us at (877) NET – KING.


Tech Term: Computer Forensics, Defined

Posted May 09, 2018 by

Concept Art: Tech SupportPop culture gives us an impression of what cyber investigations look like. Official-looking people, in impeccable suits, typing away at terminals and analyzing the data scrolling past them on their heads-up displays. In reality, computer forensics (as they are actually called) are a little less dramatic, and much more serious. For today’s tech term, we’ll dig into the field of computer forensics.

What are Computer Forensics, and What Are They Used For?

Computer forensics can be defined as the application of certain specialized techniques to locate and analyze the information on a computer or computer system, protecting it for use as evidence in a trial. Once the requisite warrants have been acquired, a forensic technician is tasked with isolating the device from outside influence by disconnecting it from the Internet before copying every file and poring over their contents for evidence.

The investigator must make a copy of these files so as to preserve the original evidence. Accessing a file can be enough to change it slightly, potentially rendering their evidence inadmissible.

Computer forensics can be leveraged in a wide variety of cases, as any given device may contain evidence of a crime to be, or that was, perpetrated, as well as effectively be the scene of the crime itself. An investigation dives deep, not only focusing on the presence of files, emails, or other documents pertinent to the case on the device, but also on an analysis of these items’ metadata, as it reveals when data appeared on a computer, when it was edited and saved last, and who the user was that carried out these actions.

These methods have been used to crack cases involving a dirty laundry list of crimes, as this sample of their uses suggests:

  • Intellectual Property Theft and Industrial Espionage
  • Employment Disputes
  • Bankruptcy Investigations
  • Inappropriate Email and Internet Usage in the Workplace
  • Regulatory Compliance
  • Forgeries and Fraud Investigations

Alternative Sources of Analysts

Of course, law enforcement are not the only bodies that maintain and utilize computer forensics labs. Six major companies, including Walmart, American Express, and Target, have accredited laboratories, and there are countless other independent labs that have not been accredited. These in-house labs can often outperform traditional law enforcement groups, as they are better able to keep their solutions on the cutting edge.

In fact, these labs are often recruited by law enforcement to assist in solving crimes. Target’s labs have announced in the past that they have assisted with “felony, homicide, and special-circumstances cases” on a volunteer basis for years, a spokesperson claiming in 2008 that a full quarter of cases worked by Target’s laboratory had nothing to do with the company.

How Does Your Technology Compare?

If you want a team on your side that will take as much care to protect your solutions as a computer forensics team does to track down cybercrime, give Excalibur Technology a call at (877) NET – KING.


Big Data is Making Its Way to Small Business

Posted May 08, 2018 by

Concept Art - A person looking up at a wave represented by binary code.You may have noticed that there has been a lot of discussion about data recently; specifically, how it has become a driving force in organizational decision making. This month we will take a look at the data revolution, how the data (created by the analysis of other data) has become a commodity, and what the real value of an individual’s data is.

What is Big Data?

The data revolution we refer to is often referred to as big data. Big data is more about the analysis of all the data an organization takes in than it is about the data itself. As technology evolves, business practices have to as well. With every part of a business transforming somewhat, organizations are looking hard at the data to get the most out of their budgets, their staff, and their strategies.

Small businesses are just now starting to understand how data analytics can work, albeit in a much simpler manner than larger companies. This is largely because an efficient small business still doesn’t have the strategies put in place to quantify and analyze the data they take in, despite their increased usage of many of the same software resources that enterprises use. This presents two major questions:

  • Why haven’t many small businesses started with big data initiatives?
  • What would it take to make your company’s data work for you?

Small Business, Big Data

Traditionally small businesses have been at the forefront of championing technologies designed at keeping them competitive. With innovative data analytics, however, the opposite seems to be true. Look at the market for these systems, and it quickly becomes evident that because smaller businesses perceive they cannot legitimately afford analytics platforms, they plan their technology investments by practicality, not value.

In leveraging the right kind of technology, small businesses can aggressively take advantage of their inherent lack of rigidity. This provides ways to simplify their production processes while completely overhauling their customer experience. Data, when analyzed properly, tells very poignant truths. By accepting that they don’t need to be a Fortune 500 company to utilize business analytics, small businesses can take the steps necessary to start using their data in innovative ways.

You Have to Make Investments

It’s one thing to plan on implementing a full-scale business intelligence platform for your business, and another to actually do it. To get today’s most predictive and prescriptive analytics, there has to be some time and capital invested. If you would like to know when to run a promotion, how your customer base reacts to your marketing, or how your investments are categorically improving your business’ output and revenue growth, the numbers will tell you.

By consulting with the technology professionals at Excalibur Technology and committing to using the data your organization collects, you are committing to making your business better. For more information about Big Data and how you can make it work for your business, call us today at (877) NET – KING.



Excalibur Technology
Excalibur Technology
Excalibur Technology
Excalibur Technology
Excalibur Technology
Excalibur Technology