Tuesday, 5 March 2013

What the hack?

The past few months have been characterised by a number of high-profile hack attacks. What the hack is going on? (Pardon the pun!) Quite a few things actually:

1Facebook and Apple®

Two of the most recent high profile hacks were those targeting Facebook and Apple employees. Although it has been reported as a hack, it looks more like a malware attack.

The result? Those computers that had Java plugins with vulnerabilities were infected.

The lesson to be learned? Do yourself a favour and disable the Java plugin in your browser. Trust me, you probably don’t need that plugin anyway. Tools such as GFI WebMonitor® (used to block malware) and GFI LanGuard® (which patches vulnerabilities in OSs and software) help mitigate the risk of these types of attacks.

Vulnerability exploits are among the most prolific forms of attack on the web right now, and if you, as an IT Administrator, haven’t included them as part of your plan, you should – now. Don’t wait until your company becomes the next victim. After all, if Facebook and Apple employees’ machines were infected…

2. The New York Times (and other cyber attacks)

Cyber-espionage and state-sponsored cyber attacks appear to be on the increase lately. Various nations have dedicated experts whose role is to find weaknesses in other countries’ systems or company networks and launch attacks to gain access and/or steal information.

These attacks are far more sophisticated than those attacks on Facebook and Apple. They are known as Advanced Persistent Threats and are a concerted effort to get to a company’s data. These attacks can be passive, that is they are silent attacks and just reside on the system, and “listen” to information which they then use to their advantage. Or they can be active, whereby attempts are made to disrupt the infrastructure, communications, power-generation and distribution.

3. Twitter Accounts

On many occasions, Twitter accounts are hacked because a weak password is compromised. Celebrities are the usual target because they typically have millions of followers, giving hackers far greater benefits when they obtain access to the account. Burger King® was the victim of this type of hack just for the “lulz” (a harmless prank with no malicious intent). In this case, the hack resulted in the rival Big Mac being advertised on Burger King’s Twitter account. The reason their account was hacked was likely due to the fact that the password was “whopper123”.

Well known TV presenter and journalist, Jeremy Clarkson also fell victim to an attack by a spammer. His account was used to market a diet website. Reacting in typical Clarkson style, he tweeted “I have been hacked by spammers. Luckily I have acquired a special set of skills over many years. I will find them. And I will kill them”. On a more practical level, choosing a strong password and ensuring applications are not allowed to connect to a Twitter account, would have prevented this from happening in the first place.

So how can you counter these attacks? Simple, make sure all your teams are using complex passwords for their social media accounts.

4. Leaked user data

This hack can lead to some seriously bad damage to a company’s brand. Do you remember the PlayStation® hack and the harm it did to the brand? It certainly won’t be forgotten anytime soon.

Protecting a company or network against these attacks requires a strategy, not just a quick fix. Start with basic spot checks to determine if you are encrypting user data, credit cards and passwords. Then check if your content management system is up-to-date. Have you had someone perform penetration testing of your system to see if they can gain access to your precious data?

Even if your company is relatively “small” it doesn’t make it less attractive to attackers. There is a growing black market which thrives on attacking small businesses because these businesses cannot provide the same level of network security as larger businesses can.

The Harlem Shake and the effects on your organization

The latest craze to go viral on the web is the dance song Harlem Shake, with hundreds, if not thousands of people, gathering in costume to do ‘the shake’ in every conceivable space.

Harlem Shake follows hot on the heels of another Internet ‘sensation’ – Gangnam Style; a song and dance routine that racked up over one billion hits on YouTube.

Although Gangnam Style has spawned hundreds of similar video clips, Harlem Shake seems to be a different animal altogether with people across the world organizing their own Harlem Shake events and videos and then uploading to YouTube and other social media sites like Facebook, Twitter and Instagram. According to the Globe and Mail in Australia, up to 4,000 videos of Harlem Shake variations are uploaded to the Internet daily.
The Harlem Shake continues to grab headlines and although for many it is harmless fun, you do not want to run afoul of any law or policy, especially in the workplace. The hilarious performance by a group of miners in Australia brought a smile to many, but their bosses didn’t find it funny at all. They were fired from their high-paying jobs after the performance was deemed a safety hazard. Ouch!

These viral videos are a big headache for IT administrators. Everyone loves a good laugh and respite during work but when you have a few hundred employees watching Gangnam and Harlem clips throughout the day, you have a problem on your hands.

Bandwidth is a very a precious and expensive resource for a company and streaming media has a huge impact on the corporate network. Let’s look at the figures and calculate the impact on bandwidth streamed for a single viral video.

The first hit on YouTube is a 5:30 compilation video of Harlem Shakes. An average one minute of video stream from YouTube is approximately 10Mb of data. At one point, you have 25 employees who are watching it:

25users * 10MB * 5.5minutes = 1,375MB in five minutes!

Employees take Internet access and browsing for granted and they often forget the multiplier effect when using bandwidth heavy websites at the office. YouTube, for example, with its artist playlists covering every musical taste, encourages its use as a personalized radio. Online radio is also commonly used by employees for their daily dose of favourite radio shows and music.

Recalculating the amount of bandwidth consumed:

25users * 10MB * 60minutes * 5 hours = 75,000MB

75GB! And you wonder why your Internet is somewhat slow? The reality is most people forget to turn off the stream when they leave their desks.

Email, video and teleconferencing, VoIP, instant messaging, VPNs, apart from browsing, are part and parcel of our daily lives – so much so that we simply expect things to work. Employees in a company are of the same mindset. They expect a fast Internet connection and anything slower than what they are used to, at home, for example, is totally unacceptable and results in a constant flow of complaints when the connection is slow or not working well. It’s then up to the administrator to figure out a solution to a problem that employees are the cause of themselves.

If you are an IT admin or senior executive with your eye on the expenses sheet, what can you do?

Bandwidth quotas – A GFI® success story 

Many web filters today allows admins to set bandwidth quotas. In the example given above, we don’t need to enforce a percentage quota of, say 10% of available bandwidth at any given moment, because this won’t have any effect (streaming media won’t consume 10% of available bandwidth by any single person). The problem is the cumulative effect of the stream. You would need to introduce bandwidth quotas by volume.
The introduction of a 100MB quota per day in our offices, using the standard functionality of GFI WebMonitor®, reduced the bandwidth consumed by streaming media by 66%. The screenshots below show downloads from “Streaming Media” totalled 131GB in January but only 45GB for the month of February when quotas were introduced. The great thing about quotas is that with reasonable usage of YouTube for office related purposes, an employee is unlikely to hit the quota in a day. If they do, an exception can be applied to give them a higher quota.

If your bandwidth costs are calculated based on usage, you can quickly see how quotas can save you quite a lot of money too!

January Streaming Media Usage:
February Streaming Media Usage:

Streaming of viral videos like the Harlem Shake, Gangnam Style, and other streaming media can have a negative impact on the corporate network. IT admins should not forget the threat of a malware infection because these trends are picked up on by hackers who entice users to visit their infected sites.

With a web filter in place, along with quotas, IT admins can improve the quality of their Internet connection, keep the workforce happy and malware at bay. If you have seen a drastic change in bandwidth consumption over the past month or so, it pays to have the tools to check what is going on and take action to solve the problem before it gets worse.

If you’re interested in bandwidth quotas and web filtering, take a look at GFI WebMonitor.

You can download a free trial for 30 days. It’s worth a try!

Monday, 4 March 2013

The geek that I am ...

Just in case you were wondering ... if you try to put  <david></david> in your blog title, it's not going to work. To fix that just put in the HTML equivalent :) i.e. & g t ; and  & l t ;

Also, if you planned to post XML in your blog, think again,  you'll have to switch to HTML and replace all your less thans and greater thans to their HTML equivalents. I find it strange that in my 3 year absence, blogger has changed very very little!

So that's my first real return blog :)

Guess who's back?

Hello there, it's been awhile. A while back I had changed jobs and never actually updated this blog any longer. Going to repurpose this blog to my current tech interests, i.e. web security, product management, android stuff and whatever the heck else I stumble upon ...