Search Our Site

Our Newsletter

Our Ramblings

Home Network Security

1448644898859For those of us who grew up in the 80’s, we can probably think back to a time when hackers were looked upon as being pretty cool robin hood style outriders who dared to stand up against oppressors. The movie Wargames demonstrated that fascination about the possibilities of connectivity. Drinking terminals, discarded fast food boxes and unfinished cans of flat cola. The reality nowadays is considerably murkier. Hardly a week goes by without a story breaking about the nefarious activities of the hacking ‘community’ which is nowadays better described as organised criminals. As we’ve seen in the past it’s not just security agencies, nuclear launch facilities, or evil dictators that get stiffed by hackers, it’s more often normal folk like us.

In recent years hacking has continued to hit the headlines almost every week. The most well known has to be the UK phone hacking scandal. Ironically, that wasn’t even a true example of hacking as the clueless victims of the “hack” had merely neglected to change the pin on their voicemail from its default setting. It all goes to show that the weakest link in the security chain is usually human stupidity. I suppose calling it “hacking” deflected the glare of publicity away from their own stupidity but thats another discussion for another day. The ones that hit the headlines are usually interesting in some way, but they pale into insignificance when compared to the millions of attempts that occur every day to the rest of us. Cybercrime is big business. We hear it so often that the words threaten to lose their impact.

According to the Trustwave 2016 Global Security Report, there was a recorded 26.6 million victims of hacking and identity theft in a 12 month period during 2015. A number which roughly equates to one person being hacked every second. In 2015, 96% of all hacking attacks were credit card, or payment data theft used in fraudulent online or at the till transactions. Over £24 billion was estimated to be have been lost to identity theft from hackers, with a potential loss averaging £5,061 per household globally.

The checklist of items the hacker tends to go for are usernames, passwords, PINs, National Insurance numbers, phone and utility account numbers, bank and credit card details, employee numbers, driving licence and passport numbers, insurance documentation and account numbers, and any other financial background account details.

How they get this data ranges from acquiring remote access to your computer, SQL injections to a popular website, spoofing a banking or other financial website, remote code execution, exploits in website trust certificates, physical theft, and through social media.

On the subject of social media there are some interesting and worrying facts. According to sources, 18% of people under the age of 19 were the victims of a phishing scam, and 74% were victims when they followed links posted by they know that they believed were legitimate. Furthermore, 74% of all social media users share their birthday information publicly. 69% shared the schools and universities they attended. An amazing 22% of users publicly share their phone numbers, and unsurprisingly, 15% share the names of their furry little friends.

If these numbers aren’t scary enough, there’s the fact that 15% of all Wi-Fi users worldwide are still using WEP encryption for their home WIFI and, 91% of all public Wi-Fi hotspots are unsecured, unmonitored, and available 24x7x365.

And finally, it’s estimated that 11% of all spam contains some kind of code designed to hijack your computer if opened. A further 8% of all spam contains links to websites that have been designed to grab information or download some trojan to gain access behind your firewall.

WHAT CAN WE DO?

We’ve put together a number of measures to help you prevent hackers invading your private domain, whether in the cloud or locally inside your trusted networks.

We don’t suggest you take thing to the extreme but there is a happy medium where you can do everything you reasonably can to protect yourself and educate yourself to spot the signs when they arise.

NETWORK PROTECTION

Starting with the home network there are a number of easy wins we can gain to stop the baddies from getting too close. Most of these steps are surprisingly simple.

CHANGE ROUTER ADMINISTRATOR CREDENTIALS

This is one of the most common points of entry for someone to gain access to your home network. The router you received from your ISP may well be up to date and offer the best possible forms of encryption, but they have a weakness. They usually come with a limited number of preconfigured SSIDs and WIFI keys which can be found on the back of the router on a sticker.

It doesn’t take too much gumption to do a google search and find out the SSIDs and WIFI keys used by the big ISP’s. It doesn’t help that your router is usually advertising itself as a BT, Sky or Virgin Media router and that just makes life easier for the baddies.

A reasonably savvy hacker can therefore gain access to your router, get connected, and even log in using the weak default logins. For this reason we recommend that our customers change the default router usernames and passwords to something more complex.

CHECK WIRELESS ENCRYPTION

Most routers come with a level of encryption already active, but there are some examples where the default state of encryption may be extremely weak, or worse still, completely open.

If you scan your WIFI using your phone and you see a padlock beside your network name then you at least know you have some encryption active. If you then look on your router and it tells you that the encryption method is WEP then you’ll need to fix that PDQ. WEP is the older standard of wireless encryption and can be cracked in less than fifteen minutes by using a variety of tools, all of which are freely available on the net. Unfortunately, WPA isn’t great either, but the its generally strong enough to hold back low level hackers.

USE MAC ADDRESS FILTERING

Every network interface has a unique identifier known as a MAC (Media Access Code) address, regardless of whether it’s a computer, tablet, phone, or sky box.

The idea behind MAC address filtering is simple enough. You obtain the MAC addresses of your devices at home and enter them into the router so that only those you know about are able to connect. Obviously, if you have loads of network connected devices this could take a while. But it will improve your chancer against a drive by hacker in a car outside your home with their laptop balanced on their dashboard.

But hey, MAC addresses can be spoofed, so while the junior hacker will likely give up the more determined one will not. Think of MAC address filtering as putting a padlock on the garden gate; it may stop most casual nasties from entering your garden, but those who really want to get in there will just jump over.

DISABLE SSID BROADCAST

There are two schools of thought when it comes to hiding your network SSID. The first recommends hiding your router’s SSID from the public view, with the idea that invisibility to those around you makes you somehow immune to their attempts. But a hidden SSID may seem like a far more juicy target to a determined hacker with an SSID radio grabber. Both sides of the argument have merit. Are you successfully hidden by being invisible, or is the best hiding place in plain sight? Probably invisible on balance.

USE STATIC IP ADDRESSES

By default your router will automatically assign an IP address to any device that connects to it, so the pair, and the rest of the network, can communicate successfully.

DHCP (Dynamic Host Configuration Protocol) is the name for this feature, and it makes perfect sense. After all, who wants to have to add new IP addresses to new devices every time they connect to your network?

On the other hand, anyone who gains access to your router will now have a valid IP address which allows it to communicate with your network. So to some degree it’s worth considering opting out of DHCP controlled IP addresses and instead configuring your devices and computers to use something like 10.10.0.0 as their range of IP addresses.

Like most good anti-hacking attempts though, this will only slow the intruder down.

ROUTER POSITION

This simple network protection act is one of the best, if done correctly.

Believe it or not, by moving your router to the centre of your house, or more to the rear (depending on where your closest neighbours or the road is), you are limiting the range of your wireless broadcast signal.

Most routers are located in the front room where the master phone socket usually is. This means the router can reach most corners of the house, and to some degree beyond the house. If someone was moving down the road, for example, sampling wireless networks then they would come across yours as they passed your house.

If the router is situated in a more central location, away from the front window, then the signal may be too weak to get a successful reading without having to stand on your porch.

SWITCH OFF THE ROUTER WHEN YOU’RE NOT USING IT

Most people will already do this anyway. Since no one is using the router, what’s the point of wasting electricity?

However, a lot of people simply have their router powered on all the time, regardless of whether they are in the house or not. Granted there are those who will be running a server, or downloading something while at work or asleep, but the vast majority just keep it on.

If you’re not using the internet or any other home network resource, it’s a good idea to power off the router. And if you’re away for an extended period, then do the same.

BEYOND THE HOME NETWORK.

cloud-computingHome network security is one thing, and frankly it’s not all that often you’ll get a team of hackers travelling down your street with the intent of gaining access to you and your neighbour’s home networks.

Where most of us fall foul in terms of hacking is when we’re online and surfing happily without a care in the world.

PASSWORDS

Passwords are the single weakest point of entry for the online hacker. Face it, how many of us use the same password for pretty much every website we visit? Some people even use the same password for access to a forum that they use for their online banking, pretty alarming we think you’ll agree.

Using the same password on every site you visit is like giving someone the skeleton key to your digital life. It’s a bloody pain having different passwords for every different site, but when you stop and think logically about it, doing so leaves you incredibly vulnerable to those who have ill intentions with regards to your identity and bank balance. For many a kind of compromise is usually sufficient. Many of the sites we use on the net that require us to use a password are pretty innocuous. Using the same password for this swathe is normally fine but make sure that you use strong passwords for those services that are really sensitive. More about that below.

Where passwords are concerned, using ‘12345’, ‘password’, or ‘qwerty’ isn’t going to stop someone from gaining access. And passwords such as ‘L3tmeIn’ aren’t much better either. Additionally, as we mentioned earlier, using the names of your pets may seem like a good idea, maybe even mixing their names with the date of your birth as well sounds like a solid plan, but if you then go and plaster Mr Tiggywinles, Rover, or Fido’s name all over public posts on Facebook along with pictures of you blowing out the candles on your birthday cake then you’ve just seriously lowered the strength of your passwords from staying secret.

Security questions and two-phase verification techniques are now being employed by a number of credible sites. What this means is that you basically enter more than one password to log into your account. Most online banking is done this way now, and sometimes includes a visual verification such as a pre-selected thumbnail image from a range that the user can click on to verify who they are.

If you have trouble coming up with passwords yourself, then there are a number of password managers available that can help you create highly secure combinations of letters, numbers, and special symbols unique for every website you visit. Even better they’ll even store them for you in the program itself in case you forget them. They are usually managed by one ultra secret master password. Be sure to keep that one complex and safe. Some examples are as follows.

LastPass – LastPass allows you to create a single username and password while securely entering the correct details.

Kaspersky Password Manager – A fully automated and powerful password manager that can store your username and password details, then enter them into the site for you while remaining encrypted throughout.

Either way, human beings are the weakest link in the secure password chain so any help you can get is to be welcomed.

DON’T TELL THE WORLD EVERYTHING

David Glasser, the MD at Twitter US, recently admitted, “I hate to say it, but in reality, people need to share a little bit less about themselves.”

While there’s nothing wrong with letting your nearest and dearest know what you’re up to on Facebook, you really must consider the fact that they probably aren’t the only ones reading. Facebook and Twitter often come under fire because of their attempts to make users newsfeeds public by default and where you have to jump through hoops to limit the views for your own timeline.

It’s worth taking the time to double-check the security settings on all your social media sites and check back often. Are the things you’re posting on your timeline or feeds viewable by friends only, or friends of friends? Has it mysteriously been reverted back to public viewing? Are you sure you want to display that picture of you sat at your desk with all that information on the screen behind you?

As we said before publicly announcing your private details, like when you’re on your hols and for how long, the names and birthdays of you, your nearest and dearest, children, pets and so on, isn’t particularly smart, but hey we’re all guilty of it.

CLOUD SECURITY

The newsworthy hacking events of Pippa Middleton and many others has rammed home to us the fact that cloud storage isn’t quite as secure as we’d like to think.

Every device, either Android, Microsoft, or Apple, is capable of backing up your photos to its own particular cloud storage solution – sometimes it’s even a default setting. Most of the time the cloud solutions used are so secure that anyone trying to hack into them will have a pretty rough time of it, and no doubt bring down the wrathful vengeance of Google or Apple upon themselves. How the celebrity photos and videos were obtained is something you’ll have to find out for yourselves, but if storing stuff on the cloud is alarming you there are a couple of choices.

The first is to encrypt everything locally on your computer before uploading it to the cloud. This will take time, we’ll grant you, but it means only you’ll be able to decrypt them. Secondly, you could always compress everything first, using Winzip/Winrar etc., then password the compressed file. Breaking a password compressed file takes far longer than it’s actually worth, providing you’re not a celebrity, so most hackers won’t bother.

Finally, there are cloud storage solutions that encrypt the data on the device before uploading it to the also fully encrypted servers e.g. SpiderOak and Tresorit.

CONCLUSION

The very fact that you’re online makes you a potential target. If you’re sitting back and saying “they’ll have no interest in me” you’re sadly mistaken. Lets face it, you’re easy to find, easy to hack, and probably won’t do much about it when you do get hacked. Its in your best interests to stay up to speed with the latest hacking techniques and how to defend yourself against them.

Are Home Firewalls Really That Important?

In the latter stages of the 2nd decade of the 21st century, our homes have not really changed that much from those of our parents. Aside from a new predominance of cheap throwaway furniture, todays house is largely similar to that of the 70’s. Similar, that is, until we change our point of view, examining not the visible spectrum but rather the electromagnetic spectrum. working-from-home_colorThe past 20 years have seen an explosion in our use of the airwaves and that change has not stopped at our front doors. Todays homes are filled with an argosy of gadgets, many of which independently communicate without any intervention from their human hosts. Indeed, whilst the home of the 70’s was equipped with two main communications channels, namely the desktop telephone and the front door, the contemporary home has been unrecognisably changed by the communications revolution. It is the network which has been the real change across the years, allowing us to reach out in countless different ways but also, quietly, allowing the world to reach in.

And reach in it does.

The latest Government Security Breaches Survey found that nearly three-quarters (74%) of small organisations reported a security breach in the last year; an increase on the 2013 and 2014 survey. SMEs are now being pinpointed by digital attackers. If SMEs are being targeted, rest assured that home networks are too.

So how do we protect our homes? Well, the picture isn’t as bleak as it may seem. Most ISP’s provide equipment which has a built in firewall. Firewalls form your home network’s primary defence against online security risks, and can therefore considerably boost your peace of mind concerning your network security. Without any human intervention, the stock firewall set at its default settings is pretty effective. It basically blocks everything from the outside unless it was requested by something on the inside. So far so good you may think, and you’d be right, however its that sticky part about human intervention that hides the real danger. People feel the need to change their firewall settings. Not only that, they download dodgy code, click dodgy links and generally just circumvent all that good security the firewall was designed to provide. Before long the network security is full of holes and the world starts reaching in.

Home networks are becoming ever more complex and the paucity of good quality consumer grade network equipment speaks volumes about our inevitable prioritisation of cost above just about anything. ocean-digital-home-upnp-dlna-font-b-network-b-font-font-b-device-b-font-newsIn their race to the bottom, home network equipment manufacturers need to keep their costs to the bare minimum. They do this by using free vulnerable operating systems which have no simple mechanism to ever be upgraded or more importantly fixed. Theres no getting around the fact that our homes are full of and will continue for quite some time to be full of network equipment that is of a shockingly low security standard.

This brings us nicely back to the question of the home firewall. Yes, generic router firewalls are great out of the box but they only look outwards and never inwards. It is becoming increasingly apparent that home networks which are basically the same as small business networks require better. Low cost solutions do exist and they are effective. For example for those with a spare PC hanging around, the option exists to install a free software firewall (e.g. Sophos XG Home Edition) but its far from an elegant solution to keep a dedicated PC powered up 24×7 and it is one which few consumers would countenance. Other dedicated hardware solutions exist of course but they can be expensive and are in all likelihood, business solutions. Sadly, for the consumer, the choice to manage a firewall in the home is still the preserve of the nerdy computer enthusiast who, ironically is probably less vulnerable than most.

legislationFor now the discussion remains unresolved. It is unlikely that the consumer will find it in their gift to look beyond cost to something that keeps their online lives secure enough and it will likely therefore fall to some broader agency to act. Whether that agency turns out to be the government, the banks who perhaps have most to lose, or some other combination of private sector collaborators remains to be seen. One thing however is certain. The problem is going to get worse before it gets better and it will probably take some form of paradigm shift in public perception for the motivation to be found.

Lets hope the cause of the paradigm shift isn’t too painful.

The Importance of CCTV Security Systems in Business.

cctv1Security is fundamentally important across all walks of life to ensure the overall safety and possessions of all individuals are comprehensively protected. Commercial and residential properties are constructed to provide homeowners and companies with adequate protection against adverse weather conditions. Both buildings are also fit for purpose and provide the flexibility in which to create a stately household and professional business environment. This can be achieved via the integration of interior design features such as furniture and décor, in addition to any portable appliances and machinery to carry out daily tasks.

Throughout commercial properties such as office buildings and retail outlets, all companies require careful consideration of integrated security solutions. Although security guards provide an element of protection on the ground floor, their eyes are ears are not extensive enough to provide an over watch of the entire premises. This is where cameras within CCTV security systems play a crucial role within the daily running of a business.

Establishing an overview via placements of cameras within key areas within an office environment or retail store is an integral part of CCTV security systems. Although such systems are installed to protect against potential theft or criminal activity, they can play an important role within the productivity levels of employees. While certain individuals may feel their statutory rights are being undermined within a ‘Big Brother’ environment, it is done so to ensure the activities and conduct of all employees is maintained on a daily basis.

Cameras can be either situated within the middle of a room or in the corners. Although their placements affects the images and security angle each camera can pick up, the sheer presence of cameras can act as a deterrent to any criminal. Knowing their actions is likely to be detected by one from a multitude of cameras which can clearly depict their face and appearance can decrease the rate of theft and crime.

The presence of CCTV as integrated security solutions can also be important for the work ethic and efficiency of employees. As their safety and wellbeing can be placed under threat by an individual who carries out violence or a criminal act, it is vital to integrate adequate protection. In doing so, it can play a fundamental role in catching any perpetrators who steal or damage valuable products or machinery, and put employees at risk.

It is crucial to take security seriously in this day and age. It is not just businesses and commercial properties that need good security but it is our homes too. With crime increasing and burglaries very common place, it is very important to consider the available security options and choose one that is the best fit for you.

One of the most popular and cost effective ways of providing security in the home and place of work is with cctv cameras and equipment. CCTV cameras can act as a very successful deterrent to thieves and burglars, certainly making them think twice at the very least. The technology behind security equipment these days is incredibly advanced, and it is even possible to hook the cameras up to an ordinary television or computer to watch the footage.

The following are some of the concerns both home and business have and Top 10 Reasons of Why Install CCTV.

  1. Prevent CrimeIf you’re worried about crime, cameras can not only catch criminals in the act, but the very presence of CCTV systems can make a would-be criminal think twice about any wrong-doing. Think about it, if you planned rob or vandalize a store or office, would you want to do it if you knew you were being recorded?
  2. Prevent Employee TheftIf you suspects one of your employees of wrong-doing but don’t know where to begin to try to get to the bottom of things, a camera can be a very helpful tool. This is especially true if you own an establishment where cash is exchanged. Cameras posted near cash registers or other places where employees are often stationed, not only can show you if an employee is stealing, but may even deter an employee from committing a crime if they know you’re watching.
  3. Be a useful piece of evidenceIf a crime is committed in or around your business and the person accused of committing the crime was caught on camera, you’ve got an extra piece of evidence for a court case. Jurors and judges can watch footage or view photos from your security cameras and establish that the person on trial did indeed commit the crime. Not only will you be preventing the same person from causing you more trouble in the future, you’ll be helping out your entire community.
  4. Help law enforcement solve crimeWhen someone commits a crime and is caught on camera, police and other law enforcement officials can use the footage to release video or photos to the public via various media outlets. Having a picture of the suspect can make a world of difference when it comes to making an arrest and getting dangerous criminal off the street.
  5. Keep an eye on children and elderly folksWith a CCTV system at home, you can monitor the safety of your children and elderly folks while you are away. Besides, you can keep an eye on your maid and make sure nothing out of the ordinary is going on.
  6. Keep an eye on thingsIf you can’t be at the office all the time but like to know what’s going on, a security camera can help do just that. You can keep an eye on things from your home computer with a few quick clicks of your mouse and make sure your business is running smoothly and nothing out of the ordinary is going on.
  7. Protecting your staffCCTV can protect your staff physically against violence from customers. At the same time, it can also protect them against false accusations – perhaps coming from colleagues or even from client and customers.
  8. Encourage good behaviourHaving a CCTV camera inside offices may help in creating discipline among the employees. For bosses, who want their presence felt so that efficiency at work is optimized, a camera hovering the employees will give the same effect.
  9. Monitoring high-risk areaCameras may be placed in high-risk areas inside a factory. Such areas may include those in which fires can possibly break out. A camera in place there will lessen potential damages because emergency measures can be made immediately. Cameras may also be placed in areas where accidents can happen. This is important so that life-saving measures can be employed promptly.
  10. Increase customer’s confidenceBanks and shops equipped with CCTV cameras give the customers a sense of security and safety. The customers feel secure and this enhances the customers’ confidence.

Cabling

data-cabling1Structured Cabling… is defined as building or campus telecommunications cabling infrastructure that consists of a number of standardized smaller elements (structured).

A properly designed and installed structured cabling system provides a cabling infrastructure that delivers predictable performance as well as has the flexibility to accommodate moves, adds and changes; maximizes system availability, provides redundancy; and future proofs the usability of the cabling system.

With an unorganized messy cabling infrastructure, mistakes are commonly made. Incorrect ports are unplugged. Even worse is the messy cabling that gets in the way. Trying to remove a single cable from a large tangled mess can cause stress on the other cables. This stress can lead to network and channel errors in the hardware that are very difficult to trace.

Airflow: If a point to point method is used, the front and potentially the sides of the switch are congested with cabling bulk. This impedes the airflow that the switch needs to operate. This also translates to underfloor cooling; cabling congestion in this space hinders the airflow of the CRAC unit and can cause cooling issues.