How To Use Public Wi-Fi Securely!

Posted on by Martin Quinn in Security Blog Leave a comment

By Samantha Woollard (Internet Security Specialist) 17 April 2017

Do you have frequent coffee meetings with colleagues or clients and need to access company information using the cafés free Wi-Fi?  DON’T! Have you ever used free Wi-Fi to log into your online banking? DON’T! Public Wi-Fi is not safe and hackers love to take full advantage of this.

Wi-Fi hotspots are incredibly practical for us be it for social media scrolling, work and private email checking and other business needs. However, they are a potential risk and are just as handy for attackers to steal your private information.

Below are some tips to secure your information if you need to use free Wi-Fi in public places.

Tips to minimise your risk

1. Be smart – Firstly, be aware that any information you send over Wi-Fi hotspots is up for grabs to anyone who has even a bit of an IT background. Your online banking details, usernames and passwords are all out in the open. Try not to use sensitive information or visit anything private whilst using free hotspots.
2. Check Authenticity – Be careful to which hotspot you are connecting. It is possible for a malicious actor to put their own hotspot in place and perhaps disguise as the cafés Wi-Fi. A popular name is ‘_FreeWi-Fi’ as the punctuation puts the hotspot to the top of the list and we are all guilty of being distracted by the word ‘Free’. If you connect through an attacker’s hotspot then everything you do will be recorded by them. Make sure to verify with the café, restaurant, library etc on the name of their network and the password before connecting to any Wi-Fi.

3. Disable File Sharing – If you are a Windows user, make sure to turn off file sharing and mark the connection as a public network. To do this: Control Panel > Network and Sharing Center > Change Advanced Sharing Settings and uncheck the file sharing option. Another extra precaution is to turn on Windows Firewall by: Control > System and Security > Windows Firewall
4. Over HTTPS – Ensure that the sites you are accessing are over HTTPS by looking at the address bar or for the security lock sign.
5. Patch! Patch! Patch! – Always have software up-to-date so that no current exploit can be used against you. Regarding Wi-Fi, keep your web browser, software, anti-virus and other internet-connected devices are all patched.
6. Two-Factor Authentication – It is always good practice to use two factor authentications where you can. If a hacker could obtain your password then there is another layer of protection in place that they will not be able to get past.
7. Use a VPN – A Virtual Private Network encrypts all traffic and ensures a safe way of using the Internet. It also masks your IP address so that phishing and man-in-the-middle attacks are reduced.
8. Log off and Forget– Once you have finished using the Wi-Fi connection, log off from any services you were using and forget the network. This prevents your phone from automatically connecting to it again when you are within range. Remember to always turn off your Wi-Fi if you are not using it to stop it from connecting to random open hotspots when you are out and about. Another tip that helps with this is to disallow your device to connect automatically within your Wi-Fi settings.

Security for us is not only when you have a strong password. Security for businesses is not only what happens within the company building. Protecting yourself and your business is an ongoing process. The tips above can help everyone reduce their risk of attack and loss of personal information and sensitive data to crafty hackers lurking in public areas.

Relax. Your security is Intact.

Author: Intact Security


Top Security Threats In 2017

Posted on by Martin Quinn in Security Blog Leave a comment

By Samantha Woollard (Internet Security Specialist) 9 January 2017

2016 seen the rise of cyber security attacks, resulting in nearly a third of all computer users experiencing some sort of attack. However, 2017 has been described to be the year of creative malicious hacks. Cyber security is no longer classed as only the IT departments problem, with the increase of smart hacks and evolving threats, every employee should be informed of cyber security and ways to prevent a breach. The more your business anticipates an attack, the better you can be prepared. Below are the most predicted threats of 2017.

Ransomware is growing.
Even though it has been around for years, ransomware rose to be -come a real threat during 2016. It has resulted in hospitals and organisations paying larges ransoms to regain control of their systems, with no other choice for them to make. With the continuing success of these attacks, hackers are only improving and willing to invest more time and money into better and more complicated attacks.

At the end of the year ransomware variants started developing worm-like qualities, where they are able to spread independently, resulting in hundreds of computers being infected in a short space of time. This type of attack will more than likely become more common in the months ahead and with the bitcoin value reaching its highest value this week since 2013, this can only be bad news for businesses. Not only will computer machine’s be vulnerable to ransomware, it is predicted that there will be a large increase on mobile device attacks.

With attackers improving their abilities to design and create new and unique variants, ransomware can only get more dangerous in the coming months.

Increased IoT Attacks.
With the increase of IoT devices in our homes and offices, the global digital attack surface will begin to grow exponentially over the next few years. New devices that have never been connected to the Internet before are collecting information about us and accessing information over our networks; these need to be designed with security in mind. Many small to large organisations are creating new IoT devices at low cost and not taking into account of what information the device will be accessing, what risk arises if someone could obtain this information or what security flaws exist with this device connected to the network.

As the goal is to get these devices created and on the market, the risk and security of them is an after thought. This leaves no time or money for security testing or patch management as with computers and mobile phones, resulting in vulnerable devices that attackers may easily hack into and gain your information. As this is a new area of technology and is known for its lack of security, it is an attractive invitation for hackers this year.

Attacks on Company’s Reputation and Trust
2017 brings around a new attacker’s perspective. In the past, customer details and identity theft were targeted. Attacks on corporate information, top level secrets and critical infrastructure are now trending amongst cyber criminals. With attacks becoming more intelligent, there is a growing risk to businesses. Both the reputation of a business and the trust their clients have can be damaged through a single attack.

Employees can be a strong or a weak link in the chain. If they are ill-prepared for an attack,  it can result in disastrous consequences such as social engineering attacks and data loss. By educating staff on good security practices and behaviours, understanding how they themselves may be used to carrying out an attack and also keeping an eye out for anything unusual on their computer, can all be steps on building better security for your business.

Relax. Your security is Intact.

Author: Intact Security