Category Guidance

Alert (TA18-275A)
HIDDEN COBRA – FASTCash Campaign
Original release date: October 2, 2018

Redirects to the Official website of the Department of Homeland Security
[US-CERT – United States Computer Emergency Readiness Team]

To read article visit: https://www.us-cert.gov/ncas/alerts/TA18-275A

Tip (ST18-004)
Security Tip – Protecting Against Malicious Code
Original release date: September 28, 2018

Redirects to the Official website of the Department of Homeland Security
[US-CERT – United States Computer Emergency Readiness Team]

To read article visit: https://www.us-cert.gov/ncas/tips/ST18-271

Article (PSA-0009)
Submitted by: Billy Joe Long
Company: PSA Computer Services
Titled: Introduction to Virtual Private Network (VPN)
Original release date: July 17, 2018

Introduction to Virtual Private Network (VPN)

A VPN provides a secure way of connecting to a remote network over a public network (the Internet). This remote network is typically a private network, such as your workplace or home network. A “tunnel” is created through the public network to your private network at the other end. All network traffic through this tunnel is encrypted to ensure it is kept secure and private.

What can you do with VPN?

With a VPN you are able to do a number of things you wouldn’t otherwise be able to do with a standard network connection. For example:

 
How does VPN work?

A typical VPN consists of two components: a VPN client and a VPN server.

A VPN client is software that allows you to connect your computer to a VPN server and establish a VPN connection. It is installed on your computer and communicates with the VPN server to create a secure link for your network traffic. The VPN Client is what you use to control the VPN connection. A VPN server is setup at the location you want to connect to, such as at a workplace or at home. A VPN server performs authentication to ensure only registered users can connect to the VPN.

All network traffic through the tunnel created between the VPN client and the VPN server is encrypted to keep it private and secure.

Should you use VPN?

Even if you have no need to be able to access a private network remotely, a VPN is vital to ensure the security and privacy of your network traffic.

Public networks, and in particular public wireless networks, provide an easy way for hackers and malicious users to listen in (“sniff”) on your network usage. This may allow them to see what web pages you are viewing, steal username and passwords, steal session information to be able to log into sites as you, and extract other private data. In addition, skilled hackers may perform a “man in the middle” attack. This allows them to not only monitor in depth your network traffic, but also alter your traffic or inject their own traffic in an attempt to fool a user into revealing important data.

Using a VPN protects you from such attacks.

If you are thinking about utilizing VPN services, I would encourage you to contact your IT guy (or gal) for their input. “There is wisdom in a multitude of counselors”.

Alert (TA18-201A)
Emotet Malware
Original release date: July 20, 2018

Redirects to the Official website of the Department of Homeland Security
[US-CERT – United States Computer Emergency Readiness Team]

To read article visit: https://www.us-cert.gov/ncas/alerts/TA18-201A

Tip (ST18-001)
Security Tip – Securing Network Infrastructure Devices
Original release date: June 21, 2018

Redirects to the Official website of the Department of Homeland Security
[US-CERT – United States Computer Emergency Readiness Team]

To read article visit: https://www.us-cert.gov/ncas/tips/ST18-001

Dear Reader,

2017 was a milestone year for the FBI’s Internet Crime Complaint Center (IC3). On October 12, 2017, at 4:10pm, the IC3 received its 4 millionth consumer internet crime complaint.

As the lead federal agency for investigating cyber-attacks by criminals, overseas adversaries, and terrorists, the FBI’s IC3 provides the public with a trustworthy and convenient reporting mechanism to submit information concerning suspected Internet facilitated criminal activity. The IC3 also strengthens the FBI’s partnerships with our law enforcement and private industry partners. As cyber criminals become more sophisticated in their efforts to target victims, we must continue to transform and develop in order to address the persistent and evolving cyber threats we face.

The 2017 Internet Crime Report emphasizes the IC3’s efforts in monitoring trending scams such as Business Email Compromise (BEC), Ransomware, Tech Support Fraud, and Extortion.
The report also highlights the Elder Justice Initiative promoting justice for the nation’s seniors. In 2017, IC3 received a total of 301,580 complaints with reported losses exceeding $1.4 Billion.

This past year, the most prevalent crime types reported by victims were Non-Payment/NonDelivery, Personal Data Breach, and Phishing. The top three crime types with the highest
reported loss were BEC, Confidence/Romance fraud, and Non-Payment/Non-Delivery.

This year’s report features success stories from two different successful cases initiated from
IC3 complaints. Additionally, the Operation Wellspring (OWS) Initiative continues to build the cyber investigative capability by utilizing Cyber Task Force officers, thus strengthening state
and local law enforcement collaboration.

We hope this report provides additional information of value as we work together to protect our nation against cyber threats.

Scott S. Smith
Assistant Director
Cyber Division
Federal Bureau of Investigation

Read the full report here: https://www.ic3.gov/Media/PDF/AnnualReport/2017_IC3Report.pdf

Article (PSA-0008)
Submitted by: Billy Joe Long
Company: PSA Computer Services
Titled: Introduction to Proxy Servers
Original release date: April 17, 2018

Introduction to Proxy Servers

You may not know it, but every time you visit a website or connect with someone online, your internet connection gives your “computer address” to the site or person you’re connecting with.

This is done so the site or person knows how to get the requested information back to your computer. This “computer address” is technically known as your public Internet Protocol address or simply your “public IP address”.

Without a public IP address, you wouldn’t be able to do any online activity and other people and services online wouldn’t be able to reach you either. IP addresses are how the online world connects to one another.

Where does your IP address come from?

Your public IP address comes from your Internet Service Provider or ISP. In our area the most common ISP’s are Suddenlink, AT&T, 101Netlink, or Frontiernet. Whoever you pay for Internet service is responsible for assigning your public IP address, as well as for your Internet connection. Your smart device also uses an IP address when you’re browsing the web or using an app.

Most of us are happy to ignore the details of how all of this Internet stuff works, but there are a few concepts and security concerns about public IP addresses that we should be aware of as responsible Internet citizens. For example:

Many people are not comfortable with their personal information being so readily available on the Internet. If it bothers you as well, there are a few things you can do to make it more difficult to directly link your public IP to your other personal information. A solid first step is to use a proxy service or proxy server.

So what is a “proxy server”?

The word proxy means “substitute.” In computer networks, a proxy server is a server that acts as an intermediary for requests from clients seeking resources from other servers. It works like this: a client (you) are using a web browser to visit the psa-2.com support website, and your browser is setup to use a proxy server. After you type psa-2.com into your browser address bar, the request is sent to the proxy server. The proxy server then sends the request on to my server where psa-2.com is hosted. The homepage of my website is returned to the proxy server which then returns my homepage to your browser for viewing. This results in my website seeing the proxy server as the visitor, not you.

What Are The Benefits?

Now that you know the basics of how a proxy service or proxy server works, let’s see what the benefits are for you.

Proxy servers can hide your IP address (if they are set to do this), can send a different user agent so that your browser is not identified and can block cookies or accept them but not pass them to your PC or device. Therefore, when using a proxy server, you can be a lot more anonymous than when using a direct connection to the Internet.

Proxy servers may also have a role in improving security, especially when used in business networks. They can be set to block access to malicious websites that distribute malware and they can also provide encryption services so that your data is not easily mined by third-parties.

Fair Warning

Using proxy servers is not all about benefits and good stuff. They can pose problems as well, such as:

Conclusion

As you can see, proxy servers can be very beneficial, but if not careful, they can also be problematic. It all depends on how they are configured, how they are secured and by whom they are administered. A proxy server may provide all the benefits mentioned above or none of them. It all depends on how it was set up and why it was set up.

If you are thinking about utilizing a proxy service or proxy server, I would encourage you to contact your IT guy (or gal) for their input. “There is wisdom in a multitude of counselors”.

Article (PSA-0007)
Submitted by: Billy Joe Long
Company: PSA Computer Services
Titled: What Are Managed Services?
Original release date: January 15, 2018

What Are Managed Services?

Managed services allow business managers/owners to offload specific IT operations to a service provider. This service provider is known as a Managed Services Provider. The managed service provider assumes ongoing responsibility for monitoring and managing designated equipment and resolving technical problems for selected IT systems and equipment on your behalf.

Managed services providers can offer services such as alerts, security, patch management, data backup and recovery for different client devices: desktops, notebooks, servers, storage systems, networks and applications. Offloading routine infrastructure management to an experienced managed services professional lets you concentrate on running your business, with fewer interruptions due to IT issues.

Managed services providers usually price their services on a subscription basis. Depending on the services they provide, pricing is usually based on the number of devices, with different packages priced at different levels. Some provide customer support onsite when required.

Basic services often start with a monitoring service, which notifies you of problems, which you resolve on your own. At the upper end of the spectrum, service providers offer fully managed services that cover everything from alerts through problem resolution.

Typically they perform an initial assessment of your current IT environment and management requirements to help you decide what services and service levels you need.

Does My Small Business Need Managed Services?

Just like larger companies, small businesses need technology to operate efficiently and to compete effectively. But as reliance on IT grows, the resources to support an increasingly complex IT environment may not. In many small businesses, IT resources are scarce, and can be quickly overwhelmed with the day-to-day responsibilities of keeping the IT infrastructure that the business depends on up and running.

If you fall behind in keeping up with things such as backups, patches and security, the odds are that you’ll face an IT outage or another problem down the road that will negatively impact your business. For instance, if your e-mail server, customer relationship management system, financial application or network goes down unexpectedly, you face substantial productivity and revenue losses as a result.

MSPs act as an extension of your IT department, taking care of routine IT infrastructure monitoring and management around the clock—freeing up your IT staff to focus on higher-value projects. By proactively monitoring and maintaining your systems, an MSP can help you avoid many technology problems in the first place. Should an issue occur, an experienced MSP can troubleshoot and resolve it more efficiently.

Unlike traditional outsourcing situations, where you surrender complete control of your IT assets, you decide what you want the service provider to take care of, and what you want to handle. You retain full visibility into the process and management of your systems. In addition, the MSP subscription model gives you more expense predictability than a consultant-type time and billing model.

MSP Considerations?

With so many different types of MSPs and offerings, the MSP label can be a confusing one. So, when considering managed services, think first about your requirements. How satisfied you are with the level and quality of support that you have today? Where are the gaps, pain points and inefficiencies in IT infrastructure management? How do downtime, outages and other problems impact your business?

With these requirements top of mind, evaluate MSPs that map to your IT, business and budget requirements and provide a flexible, proactive approach that can adapt with you as your needs evolve.

If you need a Managed Service Provider or need more information on the subject – call PSA Computer Services at (707) 601-1408 to set up an appointment to get a quote.

Article (PSA-0006)
Submitted by: Billy Joe Long
Company: PSA Computer Services
Titled: What Is A Firewall?
Original release date: October 15, 2017

What Is A Firewall?

The word firewall was borrowed from firefighting and fire prevention, where the word was used to indicate a barrier used to prevent the spread of fire. In network and computer security the “firewall” serves a similar purpose by providing a barrier between “trusted” and “untrusted” networks. A “trusted” network can be described as a controlled internal network, such as your home or business network. An “untrusted” network is an outside network which you do not control, such as the Internet.

A firewall can be hardware, software, or both.

How Does A Firewall Work?

A firewall monitors incoming and outgoing traffic and allows or blocks specific traffic based on a defined set of security rules. A firewall is used to help screen out hackers, viruses, and worms that try to reach your computer over the Internet.

At their most basic, firewalls work as a filter between your network and the Internet. You can configure your firewall so it knows what you want to allow in and what you want to allow out. Everything else is blocked.

There are several different methods firewalls use to filter out information, and some are used in combination. These methods work at different layers of a network, which determines how specific the filtering options can be.

Firewalls use one or more of three methods to control traffic flowing in and out of a network:

1. Packet filtering – Packets (small chunks of data) are analyzed against a set of filters. Packets that make it through the filters are sent to the requesting system and all others are discarded.
2. Proxy service – Information from the Internet is retrieved by the firewall and then sent to the requesting system and vice versa.
3. Stateful inspection – A newer method that doesn’t examine the contents of each packet but instead compares certain key parts of the packet to a database of trusted information. Information traveling from inside the firewall to the outside is monitored for specific defining characteristics, then incoming information is compared to these characteristics. If the comparison yields a reasonable match, the information is allowed through. Otherwise it is discarded.

Do I Need A Firewall?

Yes. If you are using a computer and connecting to the internet with it, then you should have an active, up-to-date, firewall. If you are using a Microsoft Operating System you have a firewall already. It is called “Windows Firewall”, and can be configured to protect your computer. In most instances, the modem/gateway/router provided by your Internet Service Provider also functions as a hardware firewall, and can be configured by utilizing the provided web access interface.

If you are unsure if you have a firewall, or whether it is configured correctly – give us a call to set up an appointment to have a technician come out and make sure you do!

Article (PSA-0005)
Submitted by: Billy Joe Long
Company: PSA Computer Services
Titled: High availability – following the backup rule
Original release date: September 23, 2017
Updated date: August 16, 2019

[High Availability is a characteristic of a system, which aims to ensure an agreed level of operational performance, usually uptime, for a higher than normal period. Modernization has resulted in an increased reliance on these systems. For example, hospitals and data centers require high availability of their systems to perform routine daily activities. Availability refers to the ability of the user community to obtain a service or good, access the system, whether to submit new work, update or alter existing work, or collect the results of previous work. If a user cannot access the system, it is – from the users point of view – unavailable. Generally, the term downtime is used to refer to periods when a system is unavailable.] – Wikipedia.org

Reliable backups are one of the foundations of “high availability”. Catastrophe can hit any business, no-matter how small or big you are, and catastrophe can come in many forms such as: hardware failure or “ransomware”. The more data lost, the greater the impact on your business. Part of getting your business back up and running after a disaster, is being able to restore operations to where they were before the problem occurred. Businesses who have learned the value of backups employ the 3-2-1-0 rule.

3: Maintain at least three copies of your data and applications. That’s the one copy you’re using and two backups. This way, if one of your backups is unavailable for any reason, you can still recover what you need in a reasonable amount of time.

2: Store your backups on at least two different types of media. One reason for this is each type of media has its own vulnerabilities, and you don’t want both of our backups susceptible to the same problem. By utilizing different media, you can reduce your exposure to the same incident preventing access to both of your backups.

1: Keep one of the backups in a different location. Consider a catastrophe at your business, such as a break-in, fire or natural disaster. If all of your backups are at the same location, they will all be affected. This can result in total data loss for your business.

0: Verify your recovery plan has zero errors. It is not uncommon for businesses to implement a backup plan but fail to verify it is performing as expected. Regular testing is critical to ensuring you can recover your business data and applications in the event of disaster.

It doesn’t matter if you are a business or home computer user, if you have anything on your computer that matters to you, it is your responsibility to make sure you have a backup plan in place. In my 20+ years of experience in the IT industry I have seen brand new hard drives fail within 90 days of purchase. I have seen years of family pictures vanish by accidental deletion and I have seen “un-tested” backups fail to restore important business files – files which everybody “thought” were being backed up.