Monday, June 12, 2017

Can Artificial Intelligence Help with Cyber Security?

Can Artificial Intelligence Help with Cyber Security
Our security experts at Cadamier Network Security in Denver are often asked: can artificial intelligence help with cyber security? We know cyber attacks are becoming more sophisticated every day. We can see the extensive damage done recently by the WannaCry cyber attack which shows the ongoing problems that governments and companies have not successfully addressed, despite being warned.

The cyber security industry is currently examining the ability of Artificial Intelligence (AI) to give organizations a quick and strong response to a cyber attack. It may have the ability to respond in real time when there is a cyber attack or data breach and could provide big advantages.
According to the Research and Development Branch of the Cooperative Cyber Defense Center of Excellence (CCD COE) and Estonian Academy of Sciences, the speed of processes and the amount of data that is used to defend the cyberspace may be too much to handle without automation. It is a challenge to develop software with conventional fixed algorithms (hardwired logic on decision-making level) to effectively defend against the constantly evolving attacks on networks. But the solution may be to use methods of artificial intelligence that add flexibility and learning capabilities to software. It’s possible to enhance cyber defense capabilities by increasing the intelligence of the defense systems. Some useful applications already exist.
Unfortunately, many businesses today are still using outdated network security techniques. Many people in the security industry are looking toward a new method of security which is based on Artificial Intelligence. Proponents of using Artificial Intelligence believe machines are far better than people at processing vast amounts of data and finding the hidden attacks. It is often pointed out that this need developed from the failure of signature-based techniques to be able to stop current threats, the huge amounts of security threat data; and the challenges of changing the size and scale as we address the security threat data.

Deep learning develops a machine to think more like a human with the ability to make decisions with great accuracy and this AI next-generation security products may be able to identify and kill malware as fast as the attackers can create it. The advantage of deep learning comes from the vast speed and processing power of modern computers. A deep learning algorithm paired with elastic cloud computing resources can consume hundreds of millions of samples of training data in hours. This may be able to create a neural network classifier so accurate and fast that it can outperform even highly trained human experts.

Artificial Intelligence may change security technologies and their design by being able to identify unknown malware from benign programs. This would be accomplished by training the deep learning neural networks on tens of millions of variants of malware, as well as known benign programs. According to a CNBC article, sometimes it takes days for organizations to realize their systems have been breached. This gives the hackers time to look for the crucial information inside the network. Cyber attackers not only steal data but they often alter data without detection. Cyber criminals often change their attacking methods with every target, which may limit the effectiveness of security defenses based on known files and attacks.

Our security experts at Cadamier Network Security in Denver help defend your organizations from network cyber attacks. Can artificial intelligence help with cyber security? As hackers and cyber attackers use more sophisticated weapons to steal information and hold data hostage, there will also be the need to improve responses and defenses. You can rest assured that our team will explore leading-edge AI options to find the best-fit security defenses for our clients.

Tuesday, May 9, 2017

5 Pillars of Network Security

5 Pillars of Network Security
Your business data is constantly under attack, that’s why you need Cadamier Network Security in Denver to implement the 5 pillars of network security to keep your information safe. Designing multiple layers of hardware and software security can prevent internal and external threats from damaging your computer networks and can contain attacks if they get around your defenses.

Today’s network threats include a host of problems including viruses, spyware, malware, adware, Trojan horses, worms, botnets, hacker attacks, data theft, among others. Cyber thieves are always looking for unpatched software and hardware, weak passwords, lost devices, unsecured wireless networks and websites, potentially unwanted applications, malicious users, and much more.

According to an IT Manager Daily article, there are five fundamentals of network security that you should set as a priority to prevent downtime, address compliance with government regulations, protect your company’s reputation, and reduce your liability. 

Inactive accounts
All inactive accounts that once belonged to contractors or ex-employees should be deleted because cyber hackers can use them to gain access and hide their activity. There is software you can use to clean up inactive accounts if you have a large network with lots of users.

You need to create the strongest passwords possible and keep them safe. A strong password is six characters or more, uses both upper and lower case letters, and includes numbers and symbols. To increase password security, you should change your password every 90 days or so. You can set up a lock-out system where after a number of failed log-in attempts the user will be locked out.

If you have an open network connection it is vulnerable to hackers trying to get onto your network, it is important to secure a VPN by the strongest possible protocols for data encryption and identity authentication. Consider using a multi-factor authentication method. This may include a password and a PIN or a random code created by a key fob authenticator. You should also look into having a firewall that separates the VPN network from the rest of your network.

Patches and Updates
It’s important to keep all devices updated regularly, including network hardware and mobile devices because cyber hackers will target operating systems, software applications, web browsers and browser plug-ins if you haven’t kept patches and updates current. In addition, all computers should be updated automatically and should have the most current software versions.

User Access
You should actively manage your employees’ access privileges to your company’s critical data, making sure they do not have access to sensitive or confidential information outside the scope of their job requirements. If your employee’s job changes, make sure your IT manager restricts their access privileges to reflect only the duties of the new job.

In today’s cyber world, where your network and your critical business information is always under attack, you need to take the appropriate steps to address the 5 pillars of network security so your data is safe. Our experts at Cadamier Network Security in Denver can design hardware and software security to stop cyber threats and counter any breaches.

Friday, April 14, 2017

The Darknet Protects Itself by Being More Robust Against Attacks

The Darknet Protects Itself by Being More Robust Against Attacks
How the Darknet protects itself by being more robust against attacks is just one of the many recent issues Cadamier Network Security in Denver is staying up-to-date on. As part of our own efforts to safeguard our clients from threats, we wanted to pass along the latest news.

If you don’t know, the Darknet is a secret network which is often used for illegal purposes to stay hidden from the legal authorities. For example, drug trafficking communications and child pornography exchanges, or exchanging protected intellectual property free of charge often take place on the Darknet. The contents of the Darknet are not accessible through search engines. Basically, it is a part of the internet where both web surfers and website publishers are anonymous.

According to a Science Daily article, recent research by the Universitat Rovira i Virgili (URV) explains how the Darknet can counter large attacks on its own by spontaneously adding more network capacity. Researchers studied why cyber attacks are usually not successful against the Darknet, which guarantees the users' privacy and anonymity and thereby assures more secrecy for illegal activities on the internet. The Darknet’s enhanced privacy allows illegal operations to be conducted without anyone knowing and can defend against cyber attacks under most circumstances.

There are cyber attacks conducted by law enforcement agencies and others against the Darknet but they are usually not very successful. The URV researchers Manlio De Domenico and Alex Arenas from their Department of Computer Engineering and Mathematics have worked to figure out why the Darknet is so difficult to infiltrate.

In their recently published article in Physical Review E, the researchers discussed how the Darknet is almost impenetrable because of its unique topology. They examined the differences between the Darknet and the rest of the internet.

They used data published by the Internet Research Lab of the University of California in Los Angeles and network analysis to quantify the strength and resilience of the Darknet. They talked about the Darknet’s topology and came up with a model that demonstrated how information is transmitted using the onion router, a technique that encrypts messages in multiple layers.

The Science Daily article describes how this information allows the researchers to explain the ways the Darknet would respond to three types of attack:

·        Attacks on a particular node
·        Attacks that make certain nodes to fail randomly, and
·        Attacks that send a wave of errors that are propagated across the network

The study's results show that in order to really affect significant disruption, an attack on the Darknet's various nodes needs to be four times stronger than an attack against the internet's nodes.

In addition, they found the Darknet was able to very easily counter the waves their attacks through its different nodes by just adding more network capacity. They believe the Darknet’s resilience is attributed to a more decentralized topology that emerges spontaneously from the Darknet's onion router protocol. Whereas, the internet's structure is more heterogeneous.

Our computer experts at Cadamier Network Security in Denver specialize in the security of networks and computer information systems. We are on the forefront of network security issues including how the Darknet protects itself by being more robust against attacks. Everything we learn gives us the leading edge to help you. To learn more about our security services, contact us today.

Monday, March 27, 2017

Malware Turns PCs into Eavesdropping Devices

Malware Turns PCs into Eavesdropping Devices
Cadamier Network Security in Denver has recently learned that malware turns PCs into eavesdropping devices even without a microphone according to researchers at Ben-Gurion University of the Negev (BGU). If you’re concerned about this news (and you should be), our experts can make sure this is not happening to you. We are committed to network security protection, detection, and enforcement. We’ve been in business since 2001 and our job is to help business, governments, and organizations keep their information network safe and that includes protecting you from malware. 

According to Science Daily, which reports on research news, the new research paper titled, SPEAKE(a)R: Turn Speakers to Microphones for Fun and Profit, details and demonstrates how most PCs and laptops are vulnerable to this type of malware attack, which lets hackers change your headphones into a microphone and listen to your conversations.

An article in Daily Mail explains researchers have designed a code called 'Speake(a)r, which retasks a computer's outputs to inputs. This means it allows them without your knowledge to record audio even when your headphones are in the output-only jack.

Amazingly, the Ben Guiron University research team used a pair of headphones to capture vibrations in the air and convert them to electromagnetic signals in order to record audio from 20 feet across the room.

With malware, the research team used a common feature in most computers—RealTek audio codec chips. This allows them to get inside the computer and reverse its output function to input, which lets them to secretly hear your conversations.

According to an article at Cornell University Library, the malware can use a computer as an eavesdropping device, even when a microphone is not present, muted, taped, or turned off. A typical computer chassis has a number of audio jacks, in the front panel or in the rear panel or both. The jack is used for input, or for output. The audio chipsets in today’s motherboards and sound cards have an option for changing the function of an audio port with software, sort of like an audio port programming which is called jack retasking or jack remapping.

Professor Yuval Elovici is the director of the BGU Cyber Security Research Center (CSRC) and he is a member of BGU's Department of Information Systems Engineering. Elovici points out that since headphones, earphones, and speakers are physically built like microphones, the audio port in the PC and laptops can be reprogrammed from output to input allowing hackers to gain access to private information without your knowledge.

Several software countermeasures have been suggested, including disabling the audio hardware, using an HD audio driver to let the user know when microphones are being secretly accessed, and creating a rejacking policy within the industry. Another consideration is developing anti-malware and intrusion detection systems to monitor and detect unauthorized speaker-to-mic retasking operations and the block them.

In just another example of how malware can create dangerous information leaks and privacy invasion, researchers at Ben-Gurion University of the Negev (BGU) have shown how malware turns PCs into eavesdropping devices even without a microphone. Cadamier Network Security in Denver can help protect you and your business. Cadamier has provided Security Services for a wide range of clients including the DOD and the FBI and have been instrumental in providing network security reviews to organizations of all sizes. Cadamier continues to work closely with both state and federal regulatory authorities including the NCUA, FFIEC, and the DHHS in order to ensure that our clients are implementing the latest technologies and services to best protect their interests. 

Tuesday, February 14, 2017

All About Adware and the Dangers it Poses to Your Business

All About Adware and the Dangers it Poses to Your Business
We all know what adware is. But at Cadamier Security Network in Denver, we believe you should know all about adware and the dangers it poses to your business. Many don’t realize that his software that displays advertising online has become very aggressive. Now, adware companies add more applications and often install whatever they want onto your system.

If you’re like many of our customers, you may just tolerate it instead of fighting it. Here’s the problem. Adware can install additional software without a user’s knowledge or consent and often is a risk for causing information leakage.

So, what type of information is leaked and how is privacy is being compromised? The main adware categories are ad-injectors, browser hijackers, and utilities that can change your system settings and lead to insecure configurations.

Sometimes it’s in-browser ad-injection, pop-ups, word highlights, or offering fake services with the goal of redirecting users traffic to their own websites for profit. They are distributed through software bundles. What happens is the user installs what they think is a legitimate application, but other applications are installed as well. Often the user can’t refuse the installation.

Let’s break these down a bit further.

Browser Hijackers
This kind of adware makes more modifications to the system than traditional ad-injectors, highlighting words, changing the default search engine, showing pop-ups outside the browser.

Another kind of adware, utilities applications are shown as system optimizers and software removal tools. They trick you by showing fake problems on the system, such as an infection or poor system performance, in order to get you to subscribe to their service. But the problems simply do not exist.

This type of adware modifies the content of the browser in order to display advertising that wouldn’t be there if you visited the website. The majority of ad-injectors are browser-based infections in the form of malicious browser extensions.

What happens is that once an ad-injector is installed on your system it will start injecting code in the visited websites which will load and display the desired advertising.

They will try to inject advertising into all the pages opened in your browser and the malicious browser extensions will monitor every page you visit. The applications will put many pieces of advertising on every page you visit. Critical information may be leaked about the user, such as visited news sites, intranet sites of an organization, username, activities, personal preferences, location, political ideology, and even more.

Leaked information can create many problems. There are three main problems associated with this information leakage that makes it even more critical:

Historical Visibility 
If you don’t stop adware, their servers are able to store your leaked browsing information for a long time. This can give them an accurate profile of your online behavior and activities.

No Encryption 
Your leaked information is sent through plain HTTP to the ad-injector servers. This not only exposes your information to them but to anyone that is watching your traffic.

Multiple ad-injection servers are storing your information in multiple malicious locations and that increases the opportunity for misuse by malicious actors.

The objections to ad-injector adware aren’t just about the advertising, although that’s annoying enough. More importantly, ad-injectors can leak information about the online behavior of your business activities and your company's personal preferences. The concern is these third parties receiving this information can misuse it and put your business’ security in danger.

If you use an ad-blocker or a script blocker it might help prevent the advertising to load and will protect users from the risks of the injected advertising. But here’s the problem – if you don’t see the advertising, you won’t know the infection is even there. You need to remove it, not hide it.

We believe you should know all about adware and the dangers it poses to your business. At Cadamier Network Security Corporation in Denver, we’ve been in business since 2001 and we are committed to network security protection, detection, and enforcement. If you have or suspect adware issues in any or all of your company’s computers or network, give us a call and let us help you protect your business. 

Thursday, January 19, 2017

Affordable 10 Gigabit Ethernet for Small and Midsize Business

Affordable 10 Gigabit Ethernet for Small and Midsize Business
When it comes to your business, it’s important that your network keeps up. Luckily, an affordable 10 Gigabit Ethernet for small and midsize business is now available and our experts at Cadamier Network Security in Denver can get you all setup. With this development and our help, migrating to 10 gigabits is easy on you and your budget. Soon, you’ll be on the fast track to growing your business!

To get you up to speed, let’s start with a quick definition that will provide deeper insight into 10 Gigabit Ethernet. This is information that you can also check out over at PC Magazine.

In simpler terms, we’re talking about an Ethernet standard that transmits 10 gigabits per second (10 Gbps). It was introduced in 2002 and is also be known as 10 GbE, 10GE or 10G Ethernet. This standard extended Gigabit Ethernet ten times for enterprise backbones, high-speed storage networks (SANs), as well as wide area, and metropolitan area networks.

Ten Gigabit Ethernet only works in full-duplex mode and does not support CSMA/CD, the usual Ethernet collision method utilized to gain access to the physical medium. A WAN interface sublayer (WIS) makes 10G Ethernet compatible with the SONET transport at 10 Gbps (OC-192). The 10GBASE-LX4 carries four wavelengths of light on one pair of fibers. Ten Gigabit Ethernet over copper wire was introduced in 2004 for short distances between data center switches and storage devices.

No matter what your business is, it requires a fast and reliable network. Your digital network needs to keep increasing from technologies like 802.11ac wireless, server virtualization, IP convergence, Cloud, and the Internet.

The key to taking advantage of affordable 10 Gigabit Ethernet for small and midsize business is to anticipate your growing network needs. A 10G network core will help improve employee productivity, allow faster customer response time, avoid network congestion, and introduce new products and services to the market faster.

According to a Computer Weekly article, if you have lots of gigabit connects to your desktops and laptops on your network, then you probably need something larger than a gigabit core backbone and server connections.

There are three components needed to upgrade your network to a 10G network. Those are access switches with 10G uplinks, 10G core switches, and 10G network interface cards for servers and storage devices. You can start by upgrading the core switches that you use to connect all your access switches together and connect your servers and storage devices. You may want two core switches stacked together to give redundancy and improve performance.

Now that your core switches are upgraded to 10G, you can migrate your key access switches and servers to 10G and connect to your new core switches. You should see an immediate performance gain in your network. You can upgrade the rest of your network to 10G whenever you’re ready or in step-up phases.

An affordable 10 Gigabit Ethernet for a small and midsize business network can be yours. Your company’s growing, why shouldn’t your network? Of course, if some of this technical jargon was a bit too much to digest, you can trust that our network experts at Cadamier Network Security in Denver are ready to upgrade your network to 10 Gigabit Ethernet. Contact us today to get started.

Friday, December 23, 2016

Russian Hackers Exploit a Windows Flaw

Russian Hackers Exploit a Windows Flaw
We’ve heard a lot lately about Russian hackers. The CIA and the FBI said they were responsible for many of the election hacks. But how are they doing it? It’s suspected that the Russian hackers exploit a Windows flaw, as well as one in Adobe Flash. Our security experts at Cadamier Network Security in Denver stay on top of these concerns so we can protect our clients against hacking.

According to a CIO-Today article, Microsoft reported that a group they call Stronium has been linked to the Russian state-sponsored hacking and specifically the theft of Democratic National Committee emails during the election, and was behind recent cyberattacks targeting Windows users.

Microsoft security researchers didn’t directly connect Stronium to Russian state hacking, but the hacking group is also known in the security community as Fancy Bear or APT 28 and has been linked by others to Russian state hacking.

The Redmond company has identified a hacking campaign that exploited previously unknown vulnerabilities in Microsoft's Windows operating system and Adobe's Flash in a bold attempt to gain control of computers. The group behind the attacks are thought to have targeted a specific set of customers, according to Microsoft who would not identify the victims of the hack.

Microsoft has been relatively quiet, releasing only a blog post detailing the attacks. In November, Microsoft hustled to fix the Windows vulnerability in a patch. Adobe patched its flaw in Flash in October.

U.S. intelligence agencies are accusing Russia of hacking American political sites to try to interfere with the U.S. presidential election. After the DNC was hacked and 20,000 emails were stolen and released by WikiLeaks, they hired CrowdStrike, a cybersecurity firm. CrowdStrike confirmed Stronium was among the intruders into the DNC's computer systems. The group's cyber theft was thought to fit the pattern of Russian state-sponsored hacking, according to CrowdStrike.

Microsoft reported Stronium aims primarily at government bodies, diplomatic institutions, and military forces in NATO-member nations and Eastern European countries. Microsoft hasn't named Russia for the hacking attacks, but the listed targets line up with Russian state hacking.

Google disclosed the software flaws under attack. Their security researchers contacted Adobe and Microsoft in October to inform them of the flaws in their software. According to a Google blog post from security researchers, they stated that this vulnerability is particularly serious because it is being actively exploited. Their policy is to publicly disclose critical security flaws if there is no fix a week after informing the company that makes the software.

Window and Devices Executive Vice President Terry Myerson was mad at Google for disclosing the Windows flaws. He said, "We believe responsible technology industry participation puts the customer first and requires coordinated vulnerability disclosure. Google's decision to disclose these vulnerabilities before patches are broadly available and tested is disappointing and puts customers at increased risk.”

Myerson explained that Windows users running the latest version of Windows 10 and Microsoft's Edge browser were protected from versions of the attacks Google had observed. Microsoft said the flaws disclosed recently were targeted in spear-phishing attacks which are designed to fool an email user into clicking on a malicious link or opening an attachment that grants the attacker access to the computer's functions.

Your company or organization might not be a target when Russian hackers exploit a Windows flaw, but other hackers may want to steal your information. Our security experts at Cadamier Network Security in Denver know what’s going on so we can protect our clients from cyber attacks. You need to make sure you can defend against all intrusions.