The WannaCry ransomware attack was created by hacking amatures who copied from a famous hacker group known as the shadow brokers. While WannaCry is no longer a threat with the latest security update, a recent announcment shows that the hacker group is going to continue to release dangerous security exploits for anyone to use, at the right price. Who are the ShadowBrokers? There are a few theories about who makes up the membership of the ShadowBrokers group. These theories range from official National Security Agency employees to Russian spies. However, all these theories are based on unreliable information, so not much is actually known about the group. The only thing known for certain is that the ShadowBrokers use social media to sell cybersecurity secrets to amatures. What do they sell? The ShadowBrokers? first started to auction off security secrets in August of 2016. They promised the highest bidder would receive cycbersecurity vulnerabilities that work just as well as government cyber weapons. Over the next year, the ShadowBrokers used a variety of different means to sell their secrets: auctions, crowdfunding, and direct sales. In April of 2017, their fifth release of information went public, which included the ETERNALBLUE Windows vulnerability that allowed WannaCry to infect over 300,000 computers in a single day. The Latest Release The ShadowBrokers have recently announced a subscription service that would include access to bi-monthly security exploit releases in early September 2017. The first package they sold included an NSA exploit titled UNITEDRAKE, which allows hackers to remotely monitor or control a computer running any Microsoft OS between Windows XP and Windows 8.The exploit can also discreetly record audio from your microphone, video from your webcam and anything that is typed on the keyboard. It can also remotely remove itself from the target computer, leaving no signs of a breach. How to protect yourself from ShadowBrokers releases Luckily, all the security exploits that the ShadowBrokers have released targeted older, outdated versions of software.The best way to protect your computers is make sure your operating system is properly upgraded and patched. Advanced network monitoring can detect suspicious activity, but that requires a significant amount of time and IT knowledge, making it difficult for small- to medium-sized businesses who usually don?t have the resources to handle around-the-clock maintenance. This is where Info Advantage can help. If you are worried about the ShadowBrokers releases, or have any other cyber security concerns, contact Info Advantage today at (585) 254-8710 today to learn more about how we can help keep your network safe.
Today’s phones aren’t what they used to be, and that’s not a bad thing. Whereas old telephones were constritive and faulty, today’s phones are about internet-based systems such as VoIP. With modern VoIP phones, there are a couple methods of hosting ? via the cloud or on site. But what are the differences between the two options? Installation and Management On site VoIP phone systems are installed and hosted at your company?s office, often managed and maintained by inside personnel. While you can hire a third party to manage the phone system for you, there is no way to avoid hardware cost of setting up your VoIP phones. Cloud-based VoIP, on the other hand, hosts all the software and hardware off site and is maintained by a VoIP provider. Other than the physical phones your employees will use, everything is provided virtually. This means you won?t be bothered with expensive hardware costs, nor will you need an on-site employee to manage the system. Security You might think having an on-site VoIP is the obvious choice when it comes to security, but you’d be surprise to find that’s not often the case. If you have a large amount of accessible IT resources, deploying VoIP on site gives you a better control over your security, since you will know your system?s capabilities without the need to contact a provider. However, cloud-hosted VoIP remains a favorable option for many small to medium sized businesses, since security is taken care of by a the provider, whose reputation rests on maintaining the most stringent security measures. They are well-versed in identifying vulnerabilities, reducing the area of attacks, and protecting all entry points. Control An on-site solution will give you much more control of your VoIP phones, since you can design systems suited to your needs without relying on a third-party to make changes. This makes it a popular choice for larger businesses, often with dedicated IT technicians that can customize and work on the system. With cloud-hosted VoIP, you relinquish certain control to your service provider, which is the price you pay for the convenience of professional deployment and maintenance. This doesn?t give your provider the right to monitor your calls or conduct any activity that breaches your private business conduct. Scalability On site VoIP systems rely on your in-house employees to add or remove features to accommodate your business’ needs as they change and grow. There are various backend processes involved, and each expansion or upgrade often increases the complexity of the processess. With a cloud-hosted solution, you?ll have an entire team of technicians at your back. This means features can be added or removed as things in the company change. If you?re anticipating any future changes or growth, a cloud-hosted VoIP system will be much easier to manage. Whether you?re looking to host your VoIP phone systems on site or in the cloud, Info Advantage can help make the process run smoothly. Call one of our VoIP experts at (585) 254-8710 today to learn more about what VoIP system is right for your business.
Experts are warning Wi-Fi users of a newly discovered vulnerability with the Wi-Fi Protected Access II (WPA2) protocol that can be used against all modern protected Wi-Fi networks. This includes information such as credit card numbers, passwords, emails, photos, chat messages, and more. In addition, a hacker may be able to use the vulnerability to inject ransomware, malware, or other attack methods by injecting and manipulating the data. These are known as key reinstallation attacks, or KRACKs. The weakness can expose any product that uses the Wi-Fi standard protocols, meaning that the vulnerability isn?t only found in a specific product or implementation. During a study by KU Leuven, researchers found that the vulnerability has already affected products from Android, Linux, Apple, Windows, OpenBSD, MediaTek, Linksys, and more. According to ArsTechnica, “it works by exploiting a four-way handshake that’s used to establish a key for encrypting traffic. During the third step, the key can be resent multiple times. When it’s resent in certain ways, a cryptographic nonce can be reused in a way that completely undermines the encryption.” For more information on KRACK attacks, visit https://www.krackattacks.com/ or you can read the in-depth academic paper here: https://papers.mathyvanhoef.com/ccs2017.pdf. You can also contact us at Info Advantage at (585) 257-8710 to learn more about the vulnerabilities that can be threatening your data, and how to protect your business from cybercriminals.
Outdated printers, the lack of a printing workflow, and an over-reliance on hard copies may be contributing to your rising printing expenditures. With some creative problem-solving and fresh ideas, you could drastically reduce your printing budget. Start by following these four tips. Replace outdated printers Depreciated or cheap printers may be still be functional, but they are most likely also taking a huge chunk of your budget than you may realize. Any piece of equipment that is seven years or older will require frequent repairs, and often causes more trouble than it?s worth. Because old printers are most often not under warranty, fixing them is more costly and challenging. It?s also difficult to replace parts for old printers, since manufacturers have likely stopped making them for older models that have been phased out. When you replace outdated equipment with newer, multi-functional printers, you?re investing in hardware that will pay for itself with increases in productivity and efficiency. Don?t Buy Unnecessary Supplies A poorly managed printer environment could result in a stockpile of cartridges, toners, and reams of paper. This happens when, for example, an employee uses a printer that?s about to run out of ink and makes an unnecessary request for a new ink or toner. This is more common than you may think, and can definitely take a big chunk out of your budget. By assigning a dedicated printer manager, you can avoid this situation by automating supply replacement. Choose a specific employee to proactively place orders when supplies are about to run out. Be Strict with Process Workflows Submitting expense reports, filing reimbursement forms, and other administrative tasks require a proper document workflow to be successful. Without a strict guideline, employees and administrative staff can end up printing unnecessary documents trying to follow their workflow. Automate your company?s document-driven processes to reduce or prevent redundant print jobs that result in stacks of abandoned documents. Not only is it a waste of money and resources, it can also be a security and privacy concern. Go Green The best way to save money wasted on printing is to eliminate the use of paper as much as possible. By designing a document management solution, you can reduce paper consumption drastically, which will end up saving you money. It may not be possible to do away with document printing in every department, but those who can do their jobs without printing should be encouraged to do so. Printing lengthy email chains that can be discussed in a meeting is just one example of a wasteful practice that should be avoided. If you are looking for more ways to save on your printing costs, contact Info Advantage today at (585)254-8710 to talk about how we can save money on your IT budget.