May 19

Nine mistakes enterprise often commits after data leakage

In the recent International Association of Privacy Professional (IAPP), a data and privacy protection expert from Data Breach Resolution – Michael Bruemmer lists top nine common mistakes that enterprises commit after data leakage.

When the enterprise leak their data owing to being attacked , if the enterprise fails to handle the problem, the situation will become deteriorate, which may result in secondary attack on enterprise brand and performance and even involve the enterprise into legal troubles.

1. There is no external safety management services company to assist

When the severity of data leakage exceeds the company’s processing ability, it’s better for the enterprise to have the assistance of external security services team, which is called the incident response team, such as Verizon Business, Trustwave or IBM all can provide similar service. This kind of service should be considered when making out business continuity / incident response plan.

2. There’s no external legal counsel

Currently laws and regulations are unable to effectively cover all types of sensitive personal information, hence when serious data leak incidents happen, it’s necessary to commission an external data leak related experienced lawyer unless your company’s legal department well knows all data and privacy related laws.

3. There’s no sole decision maker

Data leakage often involves multiple departments in company, and every department has its head, which always leads to low efficiency in execution. Enterprise must assign a similar CISO position, which can play a planning and coordination role in promoting the overall issue response.

4. A lack of transparent communication mechanism

A lack of transparent communication mechanism will lead to troubles, and wrong communication message will cause wrong actions, which will delay the processing speed of the entire incident and make new confusion.

After the incident response team was established, every staff in this team should be definite and provide a complete contact list for external consultants.

5. There is no communication plan

Another problem in enterprise is a lack of communication plan to communicate with the p[ublick or the media.

Enterprise should prepare a detailed and feasible media communication plan for a data leak incident. Rapid and effective media communication can avoid spreading false reports.

6. Think and plan before things happen

Data leakage incident often needs you to make decision when holding incomplete information or information is changing fast, which is somewhat similar to a hospital emergency room. Enterprise must launch contingency processing flow while data leak incident happens. Waiting to grasp the full information and then taking action will miss the best opportunity.

7. A lack of rehabilitation and correction plan after the event happens

After handling the data leakage incident, enterprise should make out a rehabilitation and correction pan to maintain good communication with consumers and stakeholders, while avoiding this kind of events from happening again. It’s helpful for rebuilding the brand and retrieve trust of customers by sharing your investment in information security technology and services with your customers and investors.

8. Provide customers with no remedy

Consumers should always be the core of intrusion response, which means that companies should notify consumers through channels such as call center to take proper measures to protect personal privacy data after the data leakage incidents happen.

9. There’s no plan to execute

Incident response plan must be constantly updated and corrected, and its implementation needs a complete team to continue to advance.

For more information about data security, you can visit: www.kakasoft.com

May 05

The troubles from BYOD and corresponding solutions

When talking about BYOD, the best defense is attack, that is, through setting stratagem in advance to achieve the expected results and to avoid the potential risks. BYOD (Bring Your Own Device) has stirred all walks of business processes. Some enterprises are fully enjoying the convenience brought about by BYOD, while some enterprises are staying away from it. On the bright side, BYOD can potentially help companies save operating cost, help employees maintain happy moods and improve office efficiency. But on the other side, BYOD may also result in a series of problems and pitfalls in security and compatibility and other aspects. However, through education and planning, most of these problems and pitfalls will be avoided. Now let me show you the troubles result from BYOD and the corresponding solutions to the problems.

Data leakage: company’s sensitive data leakage is always one of the most concerned problems for companies. Employees bring their own devices into the company, which makes the concern of data leakage more serious. Employees may lose their smart phones or tablets, what’s more, these devices easily become targets of thieves. Once the mobile devices with company sensitive data get lost, the data may well fall into wrong hands. To avoid this situation, admin of the business should urge employees to encrypt all files relate to company with password, so the files are still under protection even if the device are stolen or missing.

Password leakage: just like we usually carry several keys, there will be several passwords that can be used to logon enterprise network or service applications on employees mobile devices. These passwords may be stored on mobile applications or directly on the memory of the mobile devices. Enterprise must establish a strategy to ensure the password won’t be stored on cache or applications on the mobile devices. An alternative strategy is to use special password storing application to properly store passwords if employees hope to save enterprise passwords on mobile devices.

Productivity decline: when employees begin bringing their own devices, they will spend much working time on the social networks, chatting with friends or behaving other things unrelated to work. How to solve this problem? In order to avoid this situation, all employees’ mobile devices should be connected to WiFi network provided by the enterprise. If employees are aware of the network they are connected now is within the enterprise, they will more beware of the online behaviors and don’t spend too much time on things unrelated to work.

Compatibility issues: BYOD will bring a lot of problems about devices and platforms. You hope company’s IT system and business process will support Android, IOS, OS X, Blackberry, Linux, Windows 8 and other mobile systems; while companies wish to support only one or two kinds of platforms, for the limited platform make the support from company to mobile devices easier.

Device Management: many companies are wondering how to manage a large number of mobile devices. Because of various types of devices and different operators, enterprise can hardly centrally manage all mobile devices. But companies can at least establish a set of network access control mechanism (NAC), such as PacketFence, and to control these devices via MAC address for each mobile device. Of course, this requires that employees agreed the enterprise to record the MAC address of their mobile device. But companies need to realize that it takes much time to manage all devices and activities of these devices.

Virus infection: compared with desktop, the risk of virus infection of mobile phone platforms is relatively less. Therefore, users of mobile devices must install anti-virus software for their devices. The enterprise should designate antivirus products for employees, and regularly remind staffs to upgrade software and virus database.

Compare all devices to human beings, the mobile device is like people in adolescence, and there always be many problems. Enterprise makes use of mobile devices to assist the business; it must face various potential problems. The best solution is to prepare in advance and then resolve the problems quickly and timely when they arise.

Apr 21

Computer Password Cracking Methods Conclusion (2)

Thirdly, crack some commonly used software

Currently, more users understand to use computer software to encrypt some information stored on computer, which makes unauthorized people unable to open the files. Now let’s see some commonly used software password cracking methods:

1. Crack Word document password

Microsoft Office is so famous that the password cracking software against it is much. You only need to download software that aims at cracking Microsoft Office password, and then run it on your computer. This kind of software mostly uses “dictionary” brute-force solution to crack password.

2. Crack Excel documents 

You can find a tool called AdvancedExcel197PasswordRecovery online, which is only 614K and is able to quickly crack password of excel documents. AdvancedExcel197PasswordRecovery needs installation after download. Open the main interface after installation, and open the excel documents that need to decrypt via browse button, choose password length, set password type and click on blue start button. After a while, the program will pop up the prompt menu of document password was cracked. 

3. Crack OICQ password

We use a tool called OICQ Terminator”. The using steps are as below: first set the installation directory of OICQ password Terminator; choose the character set used to search, for example choose the lowercase characters shown on the image, or check all the boxes below the basic settings; and then set password length, but you’re not advised to choose too long; finally, click the “Start ” button to crack OICQ password, now what you need is patience. According to people who used it, the exhaustive speed of OICQPASSOVCR can reach thousands of times per second. If you want to crack 4-5 digits password, it can finish within several minutes.

Fourthly, crack network password

Network is quietly and quickly stepping into our daily life. And as an ordinary network user, people all have a similar concern, namely the network security risks. Therefore, we have to take effective protective measures on personal network activities, such as add passwords. But once we forget the password, our works will be obstructed. Now there’re some network passwords cracking skills:

1. Crack IE Content Advisor password

IE browser provides content advisor feature, which can browse the site. If you forget the password of Content Advisor feature, you can not only access the limited sites but also change the existing restriction level, re-installation of IE is useless. In this situation, you can start the Registry Editor, locate the “HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ policies \ Ratings ” to find a key value named ” KEY “, it is the IE content advisor password the user set (encrypted data), the user only need to delete the key value, the content advisor will be canceled, and then reset the IE content advisor password. 

2. Crack OE password

There are three types of passwords in OE program: email password, newsgroups password and user identification code. Here we take the “password interception” program as an example. This software can be used to crack Web email password, POP3 reception password, FTP login password, and display, save or send the password to specified mailbox. Password interception process: password interception software can save the password (such as dial-up connection, OICQ, IE the password) in password input box into user-defined file in form of clear text; if it fails to intercept passwords, the password file will not exist. 

3. Crack Foxmail password

There are quite a number of users using a simple but powerful tool Foxmail to receive mail. However, due to Foxmail’s own security risks, some people simply create a new account, enter the Foxmail default installation directory, copy the “account.stg” under the new account directory and cover your account file and then the password of the original account will be removed.

Some solutions above may not work with you, as the vulnerabilities of the software and network are repaired when the time goes by. But anyway, the methods of password cracking can only be used to solve administrators’ urgent problems but not to breach other people’s account.

For more information about data security, please visit: www.kakasoft.com

Apr 08

Computer Password Cracking Methods Conclusion (1)

The administrator always confront with problems about password forget or password missing, the followings are the collection of some methods of password cracking. Power-on password is the first one we’ll meet, so let’s star from CMOS password cracking.  

1.       CMOS cracking

Even though the types of CMOS are various, their encryption methods are basically the same. The general cracking methods start from “hard” and “soft” aspects.

1) “Hard” remove method

The principle of this method is to process the CMOSRAM on the motherboard with electro discharge treatment, which makes the contents lost owing to lack of normal power supply parameters stored in CMOSRAM lacks normal power supply, and thus to remove CMOS password. Some newspaper or sites make much introduction about how to crack CMOS password, and the operation is very easy. But we will introduce an alternative technique, which is the method that a number of computer users like to use. This method is also simple: open the case, and pull off the hard drive or CD-ROM, floppy drive data cable from the motherboard, and then start the computer, BIOS will report an error during self-test and then automatically enter CMOS, at this time you can reset the BIOS content.

2) “Soft” remove method

Strictly speaking, the “soft” remove method is not as thorough as hard remove method, but it’s also very effective. CMOS password according to need can be divided into common user password and super user level password. The former simply restrict the changes to the BIOS, but it allows to normal start computer and run other software; but the latter completely ban access to a computer and BIOS.

1> crack common user password

First of all, boost a computer with DOS, input debug and then press enter in dos command line, and then use the data of listed methods to remove the CMOS password, restart the computer, the system will tell you the CMOS parameter is missing and require you to reset CMOS parameters. After testing, this is a very effective method.

2> crack the super user password

Here we need to resort to external tools. We choose the most classic BiosPwds, a freeware, which is suitable for computer users who are not familiar with dos.

2.       Crack system password

System password is the password you use to log on the operating system, it provides protection for your computer and protect your computer from unauthorized users’ accesses, so as to ensure computer and confidential data security.

1. Windows98/ME system login password

1> cancel

The easiest way is to enter nothing when logging on the password, directly click on “cancel” to enter the operating system. But this way makes you can only access resources in local computer but can’t access the network resources if your computer is a part of LAN.

2> add users

When you are blocked from the system owing to the password, you may as well add a user for the system, and then log in. Click “Start”->”Settings”->”Control Panel”, and then double click on “user”, open the “User Properties” dialog box. Then, input user name, password and customized settings following the prompts, and then click on “Finish”.

3> delete “PWL” file

Delete the .PWL file under the Windows installation directory and all personal information files under Profiles subdirectory, and then re-boost Windows, the system will pop up a password setting box without user name. You don’t need to input any content, just click on “Ok” and tehn Windows password will be deleted.

4> modify the registry

Run the Registry Editor, open the registry database “HKEY_LOCAL_MACHINE \ Network \ Logon” and change “username” to “0″, then restart the system, which also allows you to remove the password.

2. Crack WindowsNT password

If you have normal user account, there’s a simple way to get NTAdministrator account: first rename the logon.scr under c: \ logon.scr winntsystem32 as logon.old for backup, and tehn rename usrm gr.exe as logon.scr and restart. logon.scr is a loaded program when starting system, after restarting, the computer won’t appear logon password interface, but the user manager, at this time you can add yourself into admin group.

3. Windows2000 password

Use boot disk to boot computer or enter another operating system (eg Windows98), find the folder “X:\DocumentsandSettings\Administrator” (X is the disk where Windows2000 is placed), delete “Cookies” folder under this folder and then restart the computer, so you can quickly logon Windows2000 without password.

The above methods are used by admin to cope with problems of forgetting password or missing password, they shouldn’t be used to break other people’s computer. And the computer users who are afraid other people will invade computers without authority and steal personal information should take extra protection for the confidential and sensitive files and documents, such as using file encryption solution to protect files and folders.

Apr 01

How to avoid failure of network security equipments deployment? (1)

The enterprise network is rapidly developing! Some of the groups began to clean up phone and tablet and refuse the internet connections from coffee shops and train connections (as a WAN link).

The concept of the extended enterprise brings about more and more severe problems to IT security portfolio, because their sensitive data and valuable data frequently flow out of the traditional network boundaries. In order to protect enterprise from the persistent threats of diverse and low-end low-speed adaptability, IT enterprises are deploying various new network security devices: the next generation of firewalls, IDS and IPS devices, security information event management (SIEM) systems and advanced threat detection system. Ideally, these systems will focus on management, following a centralized security policy, as a part of a universal protection strategy.

However, when deploying these devices, some common mistakes in enterprise will seriously affect their ability of universal protection. This article will introduce some problems which should be noted in the planning and deployment of new network security equipment, and how to avoid related problems that may lead to the failure of defense in depth.

A maximum error is assuming that the security device itself is secure. It’s apparently easy to understand, but we must insist on this footing. How secure is the so-called “enhanced” operating system? What’s its latest status? And how secure is hyper stable “Web server”?

Before starting any job, you must create a testing plan to verify all network security devices are really secure. The first is to start from some basic tests: do you timely upgrade, install patches and fix bugs on each device and their supporting network, server and storage infrastructure? In accordance with the currently known vulnerability information clearing-house you must be sure to regularly upgrade and install equipment patch.

Then, turn to aspects that are more difficult to handle: periodically assess potential weaknesses on multiple device configurations. The inappropriate dement sequence of encryption system and application delivery optimization (ADO) will also cause data leakage, even if various devices can operate properly. This process can be carried out in conjunction with penetration test.

For any safety equipment, management/control channel is most prone to have vulnerabilities. Therefore, the most important thing to note is how you need to configure and modify secure devices and who are allowed to carry out these configurations. If you are ready to access the secure system via a Web browser, the security device will run a Web server and allows Web traffic in and out. Are these flows encrypted? Whether it needs to use a standard port? Whether all the devices need to use the same port (so the intruder can easily guess)? Is it accessed by a common network or a separate management network connection? If it belongs to compile the connection, then any host that send traffics through this port may attack this device. If it’s on a managed network, you only need to worry about other devices on the network.

Best scenario is that if you can’t directly access the device, you need to ensure that all configuration changes must use encryption and multi-factor authentication. Moreover, it’s necessary to closely track and control identity information of equipment management to ensure that only authorized users can gain administrative privileges.

For more information about network and computer security information, please visit: www.kakasoft.com

Mar 11

The Global Economical Loss Caused by Cyber Crime Increased by 78%

Ponemon Institute recently released a research report entitled “2013 Cybercrime Cost”. The sponsoring companies for four consecutive years by the HP study estimated the economic impact caused by cybercrime. The report notes that the economic impacts caused by cybercrime in 2013 increased by 78% compared with the past four years, while in the past four years, in order to solve the problem the time cost increased by 130%. Average cost paid for per network attack is over $ 1 million.

In 2013, the frequency of attacks and damage has increased. Based on the sample of U.S. companies and the government, the loss caused by the network attacks is $ 11.56 million every year, which increased by 78% compared with that of the beginning of the study four years ago.

Although the network defense level is increasingly improving, while the cyber crime groups are also showing their strong ability of adapt and adjust facing the continuously improving network defense level.

Some important data in this report are summarized as below:

1) Every enterprise (organization) loss average $ 11.56 million owing to cyber crime every year, the loss range is from $ 1,300,000 to $ 58,000,000. Compared with the average level in 2012, it increases by $ 2.6 million, an increase of 26 %.

2) The fields of military, financial, energy, power industry suffered the largest loss caused by cyber attacks.

3) Data theft is a major factor causing the loss of cybercrime, which accounted for 43% of the total loss, loss of business caused by the shutdown accounted for 36 %.

4) The business or organization suffered 122 times successful network attacks weekly. In 2012 the figure was 102 times

5) The average time to resolve a cyber attack is 32 days; the average cost during this period was $ 1,035,000, which is about U.S. $ 30,002 thousand a day. And in 2012, the average time of solving every network attack is 24 days, the average cost’s $ 591,000.

6) The loss caused by DoS attacks, Web attacks and damage caused by the internal staffs accounted for 55% of enterprises cyber attacks losses.

7) For small businesses, the loss caused by network attacks in accordance with the average figure to every employee is much higher than that of large businesses.

8) For business, finding network attacks and recovery after the attacks was the most expensive two items.

This report also revealed the importance of necessary network defense mechanism and building network security awareness. Researchers also found that adopting security information and event management and Big Data Analytics can help mitigate the loss of network attacks.

For businesses especially the small business, enhancing employees’ data and information protection awareness and company’s data security system is imperative. In order to prevent unethical staffs stealing data and information, administrators can encrypt important folders in computer. For the important files shared with some employees, admin can password protect the shared folders and assign permissions to different users.

Mar 03

How Does NSA Almost Kill the Internet? (2)

The Silicon Valley is shaking, just like collated damage in the anti-terrorism war. But the things will get worse.

Technology companies don’t know the Prism project until June, they just know there’s a project with several-year history, namely for the national security, providing specific data and information to the government in the case of the absence of an official document. The legal justification of this project comes from a series of legal provisions and expanded addition. The “Foreign Intelligence Security Act” in 1978, referred to as FISA, created a secret court so as to obtain the requested information. Amendment of FISA in 2008 amendments a new part of the law, namely section 702. This amendment gives President Bush the monitoring plan that can be launched completely secretly without written permission. NSA cited the FISA admendment as specific legal basis of prism project. (Except Prism) more secretive surveillance operations are all based on the Executive Order 12333 of Reagan era, this order authorize NSA to collect the various information and data of foreigners who should be focused on.

Some companies seem to thinks that it’s properly to collect customers’ information to the NSA. Verizon has never refused to provide its tens of millions of users’ critical billing information, telephone numbers, call duration and other information for NSA. Because the telecom companies don’t need to promote itself to customers based on trust, customers rarely expect to get something from the monopoly. On catering to consumers and the government, telecom companies seem to give priority to their government regulators.

Compared to telecommunications companies, technology companies are in another situation. Technology Companies’ CEOs have been repeatedly claimed that without customers’ trust, they have no business. They rely on users’ willingness to share information. On the contrary, these users can get better services, while at the same time the customers expect technology companies will ensure their personal information security and safety. Users have no reason to think that their information can be given to the government without the written permission.

At least one company challenged the unconstitutional information request. Yahoo launched a secret battle on FIFA court to resist handing over users’ information. But the fight failed. In August 22, 2008, the court decided to support government means for national security and give procedural safeguards, achieving consistency with the law in some form and exclude user privacy concerns, therewith Yahoo has no place to appeal.

These queries may have violated a number of large technology companies, but it’s not enough to pose a challenge on its business. They weren’t forced to make obvious modification on infrastructure in order to deal with data query. Usually, they passed the data and information to government-owned special equipment.

For some small companies, compliance is not always easy. For example, Lavabit mailbox is a safe start-up company, which allows users including Snowden to encrypt e-mail messages, the government had asked them to hand over the important information that’s involved in Snowden event to government. Lavabit cannot do this, because if it obedient, all the users’ information will be fully exposed to the government which will lead the company closed.

Twitter’s legal counsel Vijaya Gadde said:”The government can request information, but they cannot force you to give information. You can make things easier or simpler.” Google also said that when a request is “very broad”, Google will push it back. These small things indicate a subtle resistance to government inquiries. FISA requires the government to compensate the enterprises that have been retrieved information. Google said they did not want to bother the government to ask for money. But one company said that it used this clause, in the hope of limiting the extent of government requests. The company’s executives said: “Initially, we thought we should not do this for money, but we recognize that this is a good thing, it could force the government to stop and think about it.”

But finally, the financial motivation of cooperation with the government exists.  A senior director of the company said: “Large companies have business with the government, these companies cannot tell government officials: ‘we are fighting against you – can we get the 400 million dollar contract?’ ”

After the shocks of Prism project, individuals and groups begin to enhance the awareness of information and data security, and the data and information protection has been paid more attention. For more information about data security and information protection, you can click here.

Feb 24

How Does NSA Almost Kill the Internet? (1)

《WIRED》 published a long article that tells the story that after the exposure of NSA massive surveillance activities, the Internet giants Google, Facebook, Microsoft and other technology giants have to confront with the government for their survive.

This is just a start of the chain reaction that will threaten the Internet industry basis. This topic has occupied headlines for months, and has become a hot topic of technology circles discussion. Over the years, technology companies’ privacy policies adopt subtle balance between maintaining the users’ privacy and providing personal data to government agencies. This field is new and is in controversy, sometimes it will erode the existing laws, while in the past, and these companies have made a difficult balance in the progress of promoting the policies. Technology companies suddenly find themselves caught into a fight which’s bigger than a battle involved in over share on Facebook or ads issues on Gmail. Over the past few months, they find that they have to fight with their governments for the future of the Internet.

Joe Sullivan, the Facebook’s security chief said, “We spent ninety minutes to respond.” Nobody’s heard of Prism project. And the worst is that Facebook and other technology companies are claiming to authorize the NSA to directly access to their server to get a huge amount of information, which seems completely wrong. CEO Mark Zuckerberg was shocked by the claim, and asked his executives whether this issue is true. They answered: NO.

Similar panic dialogue also occurs in Apple, Google and Microsoft. Google’s legal counsel Kent Walker said: “We are asked by the people around us: Is there any secret way to get information?” We said: NO.

Nevertheless, the Washington Post launched and described the Prism project. Technology Company quickly issued a statement to deny that they authorized the U.S. government directly into their user database. Because sometimes the secret court will order technology companies to participate in government projects, these projects require them to share data, but they are often reluctant to participate in, and the fact makes the technology’s statement complicated. Google and their partners did not talk about all the details of this issue, this is partly because the laws prevent them from full disclosure, and on the other hand, they don’t understand the government’s actual operational details of this project.

Before President Obama stepped in the issue, they have little time to plan out how to respond to Gellman’s allegations. President implied the Prism project when he responded to the leak problem, he said: “In terms of the Internet and e-mail, the matter did not involve U.S. citizens, nor people live in the United States.” The answer might alleviate some of the public outrage, but it did not play a helpful role for the IT industry. Most users of Apple, Facebook, Microsoft and Yahoo are non-US citizens. Now these users as well as regulatory agencies are directed to believe that using the services based on the United States means that their data will be directly sent to the NSA.

Technology giants spent years to establish trust which is now at the risk of bursting; however, they seem powerless to do anything for this. Legal restrictions makes them are not at liberty to provide complete documentation of their cooperation with the government, so they can only deny. However, even the most resolute denial – from Google CEO Larry Page and chief legal counsel David Drummond – cannot suppress the query for them. In the Q & A Drummond anticipates in on the Guardian website later this month, his questioner become more hostile:

“Whether this quiz is just a superficial after you are found the collusion with NSA?”

“If Google lies to us, then how can we say?”

“Google, you lost the trust we have given you for ten years.”

“I will stop using Google mail.”

Other companies are also facing such a siege. A company executive said:”Every time we talk about it, it seems that the things will be worse. We are more than not being trusted.”

Facebook’s global communications director Michael Buckley said:”The fact is that the government failed to turn the monsters back into the bottle, we can come up with any statement or statistics, like the government’s weekly routine disclosure, but the problem is that who will believe us? ”

In September last year, Facebook’s Zuckerberg expressed his disgust when attending a technology conference. He said “the government screwed up.” But the government’s actions, and after the world knew the wider information leakage, Zuckerberg, Page, Tim Cook, Marissa Mayer, Steve Ballmer and the other supervisors that have stored user information on their server are in trouble.

More than the revenue is at stake. The concept of maintaining the technology world is also at stake.  The Internet once came from a U.S. Department of Defense project, now it turned into World Wide Web that inspires a new era of civilization. Snowden’s leak questioned the Internet position that is characterized by free expression and authorization. If the network is regarded as an extension of the monitoring means, then the paranoid behavior brought about by it will affect the way people use the Internet. The countries that are angry for the U.S. intelligence agencies gathering information behavior have more reasons to use Snowden’s disclosed information to require U.S. government to stop collecting information, while the U.S. intelligence agencies will not easily give up collecting the information of these countries. Enterprises in the implementation of business activities will make the network Balkanization, destroy its open nature, and thus significantly improve operating costs.

For more information of data security and information protection, you can visit: www.kakasoft.com

Feb 17

Anti-Monitoring Battle is A Protracted War

The outbreak of the American “Prism” makes us know that we are living in a “monitored” era, and this monitoring action is s desecration of free network and absolute violation of the public information security. Monitoring of the information age is different from the traditional monitoring; the traditional monitoring refers to the fact that for some purpose, someone monitors somebody else through video surveillance or other camera recording methods, while the monitoring activity of the information age is equal to data theft, data monitoring or even data control.

Traditional monitoring is mainly caused by the distrust of individuals, businesses, and even government to some certain persons or groups. For the interests of certain groups, this behavior is understandable. But today’s network is a free world, there’s no individual, enterprise or even country that’s allowed to imprison its freedom. Anti-monitoring is the first step to confrontation.

The anti-monitoring battle at information age is actually a protracted war on information security, which needs people to know more about information defend technology, or even take measures to deal with the deteriorating International information security situation.

On the network, a serious network security error people most likely to commit is: Connect the public Wi-Fi and log on to your e –mail, bank account and other sensitive account information. If this situation is unavoidable – after all, you are in most of time in cafes, hotels, airports. You can consider buying a virtual private network; hence you can significantly improve the privacy protection when accessing the public network.

VPN, as an encrypted tunnel, can prevent bad guys from stealing your login information and other sensitive information.

Don’t put personal information in the cloud, and it should be encrypted even you must. The online file synchronization service like Dropbox, Google Drive and SkyDrive can be described as the best innovation of the Internet. However, when you conveniently view the latest photos stored on Dropbox, or easily find relevant text files on iCloud, you need to know that the data you stored on the server’s data is not encrypted.

This means that the relevant government law enforcement officials can readily obtain these data you stored. The hackers can also find security vulnerabilities on server suppliers.

For some sensitive data and information you need to synchronize across devices, the better choice is to use an encrypted cloud storage services. Of course, there is a more simple way- to find a file synchronization service with built-in storage encryption.

To ensure your online service security, you need to set a unique, random, tem or more-character password for every account. Don’t forget store them in a good password manager. For better security, please use the double-factor authentication provided by Google, Facebook and all the other services.

Double-factor authentication requests you in addition to enter the password, also need to enter a short numeric code. This code is usually from a physical FOB or smart phone app.

Dropbox, Evernote, Google, LastPass and Microsoft accounts adopt validators automatic work. And Facebook provides it owm code generator on its social network app, meanwhile, you can add Facebook code validator through Facebook account settings. In Facebook news feed page, click on the gear-shaped setting button on the top-right, and select account settings.

For the files stored in own computer or external storage devices, you mustn’t ignorance their security. They may be stolen or leaked to others even though you set boot password for your computer. To prevent the data stored in local computer and flash drives, you’d better lock files with password so unauthorized users can’t access without permissions.

At Information age, the value of the data will still be rising. As long as the mainstream of this era is still information and the Internet, the scramble for information resource won’t stop, the monitoring and the anti-monitoring won’t stop. In order not to damage their data security, it’s necessary to adopt targeted encryption software to guard the security bottom line.

Feb 10

Encryption Software Becomes Essential Factor for Future Information Security

In the day with rapid development, predicting the future based on the data analysis has become one of important reference for individuals and enterprises or even countries to formulate development plans. But there’s one thing that we cannot ignore. As the subject of this action, we need to pay attention to information protection. Once the information itself is wrong, the prediction definitely can’t be correct.

Security Situation – threats are increasingly targeted

In this informationization society, there’s no doubt that the most effective way to pry corporate secrets, to destruct the business’s normal operation or to steal enterprises’ funds is to invade the enterprise IT system. In order to avoid ulterior attacks and business confidential information stealing, more and more companies buy and install anti-virus, firewall and other information security protection products. Despite so, the security incidents are emerging endlessly.

In 2010, the U.S. Securities and Exchange organizations Nasdaq were repeatedly attacked; In 2011, RSA, Sony, U.S. digital certificate authority Comodo were hacked; In 2012, hackers used SQL injection to obtain 453400 users’ authentication information from Yahoo; In 2013, some banks and TV stations of Korea and some TV stations were attacked by hackers.

Do these companies not emphasize on information security? Nope. The companies listed above include not only the veteran IT enterprises and famous organizations but also the vedors that engaged in information security and financial organizations that highly valued information security.

For this reason, we can only conclude that information is now more and more targeted- Where there is value data, would be easy to burst a crisis.

What to do – informationization enterprises face unprecedented challenges

The development history of IT is accompanied by information security. After years of defense battles, current hackers have more specific target, more subtle method, and last longer, and there is a lot of means that can bypass conventional protective measures. Hackers cliques and ambushes the enterprise, they organized and premeditated to implement collaborative attacks. Moreover, with the improvement of the cost of crime, more and more attacks aimed at financial, securities, telecommunications and other industries that can bring high profits.

In 2013, some South Korean television stations and a number of banks were under attack, the cause is that hackers invaded anti-virus software vendors’ LANs and updated the virus database server, and then use the update mechanism to distribute malicious software to users’ computers.  The industry generally believed that in order to get these banks and television information, and to implement attack, the hacker is likely to have been dormant for a few months.

More frightening is that anti-virus software, as a corporate security “bodyguard”, has become hackers’ accomplice in this event. Traditional anti-virus, firewall and other security products are too dependent on the virus database to deal with unknown threats, various security products cannot coordinate with each other, etc. This is why so many large enterprises and security vendors will suffer hackers.

Whether for individuals or work groups, data security needs more attention. Effective precaution will be more useful than remedy measures, precaution of data and information security can reduce possibility of potential data leakage and data loss so as to decrease the financial and reputational loss caused by data loss.

For more information and data security solution, please visit: www.kakasoft.com