Monday 23 May 2016

What's your network good for?

perfectcobalt

More to cyber-security than protecting data

Information security isn't just about your customer data, or even your own business data. Even if you store no information about your customers or anything else (perhaps you use The Cloud, but that's a whole different story in any case), you still need to worry about Cyber Security.

 Or to put it another way, even if you're not a target, you might still be a stooge.

 Some while ago, Brian Krebs published a striking image of what a compromised PC might be used for: http://krebsonsecurity.com/2012/10/the-scrap-value-of-a-hacked-pc-revisited/

It's far from a complete list, of course. New ways to use computers seem to come round every day, but even off the top of my head, I could add Crypto-currency "mining" and password-hash cracking. Your hacked PC might just be a single node in a whole network - a Dark Cloud if you like.

Hidden risks

The threat posed to you by having someone else use your computers and network shouldn't be underestimated. What is your legal position if you are found to have been used to launder money obtained by fraud? What about hosting pirated music, software, or other media? 

 Some of the risks are less obvious. If your PC is used as a source for sending Spam emails, your network address may end up getting blacklisted in some databases used to identify such things. This might mean your newsletters, legitimate marketing emails, even queries or invoices getting lost straight into your customers' spam buckets. 

 In a really bad scenario, it might be your domain name that gets blacklisted, possibly making your website un-searchable, or even unobtainable.

As ever, straightforward vigilance can make all the difference. Regular anti-virus and anti-malware scans are vital, because they can spot if a device is already being used. Attackers use a variety of means to retain "back doors" to compromised networks, but regular anti-malware scanning means they have to work much harder to remain undetected.

Prevention requires different tools and is all about having regular vulnerability scans, to ensure you're not leaving doors open that an attacker can use to get access.

 perfectcobalt.com
info@perfectcobalt.com
@PerfectCobalt


Posted by at No comments:
Subscribe to: Posts (Atom)