(Editor’s note, Oct. 29, 2020: With the FBI and US Department of Homeland Security recently warning of credible cyberthreats to healthcare facilities including ransomware, it’s a good time to review the steps outlined in this article that enterprises can take to guard against such attacks.)

Ransomware attacks are becoming more rampant now that criminals have learned they are an effective way to make money in a short amount of time.

Attackers do not even need any programming skills to launch an attack because they can obtain code that is shared among the many hacker communities. There are even services that will collect the ransom via Bitcoin on behalf of the attackers and just require them to pay a commission.

To read this article in full, please click here

As the number of cyber attacks increases, the demand for penetration tests – to determine the strength of a company’s defense – is also going up. People are worried about their companies’ networks and computer systems being hacked and data being stolen. Plus, many regulatory standards such PCI and HITRUST require these tests to be performed on at least an annual basis.

The demand for these tests is only going to increase as attackers get more sophisticated. And it’s essential these tests catch all possible vulnerabilities.

Benefits and gaps of penetration tests

Penetration tests involve live tests of computer networks, systems, or web applications to find potential vulnerabilities. The tester actually attempts to exploit the vulnerabilities and documents the details of the results to their client. They document how severe the vulnerabilities are and recommend the steps that should be taken in order to resolve them.

To read this article in full, please click here

The U.S. Supreme Court has officially ended the court fight over the repealed net neutrality rules that required internet providers to treat all online traffic equally.

On Nov. 5, 2018, the court rejected appeals from the telecommunications industry seeking to throw out a lower court ruling in favor of the net neutrality rules. The Federal Communications Commission (FCC) under President Donald Trump has rolled back the rules, but the industry also wanted to completely remove the lower court’s ruling off the books.

The Supreme Court's decision is a victory for advocates of net neutrality rules, as supporters hope this will push Congress to enact new net neutrality laws or encourage other states to follow California’s lead by instituting their own requirements.

To read this article in full, please click here

Domain Name System (DNS) is our root of trust and is one of the most critical components of the internet. It is a mission-critical service because if it goes down, a business’s web presence goes down.

DNS is a virtual database of names and numbers. It serves as the backbone for other services critical to organizations. This includes email, internet site access, voice over internet protocol (VoIP), and the management of files.

You hope that when you type a domain name that you are really going where you are supposed to go. DNS vulnerabilities do not get much attention until an actual attack occurs and makes the news. For example, in April 2018, public DNS servers that managed the domain for Myetherwallet were hijacked and customers were redirected to a phishing site. Many users reported losing funds out of their account, and this brought a lot of public attention to DNS vulnerabilities.

To read this article in full, please click here

Net neutrality officially ended on June 11, 2018, and many people are concerned that this is the end of an open internet. Many supporters of it believe the internet should be regulated no different than the phone system or power utility and that this change will decrease the performance of it. Opponents of net neutrality, argue that the end of it will now increase competition among the various internet service providers (ISPs) and increase coverage, improve performance, and lower costs.

What is net neutrality?

Net neutrality became effective by the Federal Communication Commission (FCC) under President Barack Obama in 2015. It is a set of rules that ensured ISPs treated all data transmissions, irrespective to content, that flowed through their infrastructure equally. Net neutrality protections prevented ISPs from slowing web services, blocking access to sites, or charging content organizations for faster delivery of streaming movies or videos. It is believed that antitrust laws did not go far enough in ensuring that all content received equal treatment.

To read this article in full, please click here

What would your organization do if your cloud provider were to go out of business? What happens if your cloud provider suddenly stops offering critical services that your organization requires for its business to function properly? Businesses need to start asking these important questions and develop plans to address these scenarios.

The cloud is a new market that continues to grow, and there are more small players offering their services. According to Gartner, Cloud System Infrastructure Services (IaaS) are expected to grow from $45.8 billion in revenue in 2018 to $72.4 billion in 2020. As the market matures, it's only natural that some of these organizations will disappear or stop offering certain services. In 2013, Nirvanix stopped offering it cloud services and gave customers only two weeks’ notice to move their data off of their platform.

To read this article in full, please click here

Managing networks has become increasingly complex, and it will remain a challenge as the use of Internet of Things devices continues to grow. This complexity makes it difficult to reconfigure a traditional network in a timely manner to respond to malicious events or fix configuration errors.

A software-defined network (SDN) can help by giving network engineers the flexibility to dynamically change the behavior of a network on a node-by-node basis — something not typically available in a traditional network. An SDN uses virtualization to simplify the management of network resources and offers a solution for increased capacity without significantly increasing costs.

To read this article in full, please click here

Have you ever wondered how a hacker breaks into a live system? Would you like to keep any potential attacker occupied so you can gather information about him without the use of a production system? Would you like to immediately detect when an attacker attempts to log into your system or retrieve data? 

One way to see and do those things is to deploy a honeypot. It’s a system on your network that acts as a decoy and lures potential hackers like bears get lured to honey. Honeypots do not contain any live data or information, but they can contain false information. Also, a honeypot should prevent the intruder from accessing protected areas of your network.

To read this article in full, please click here

Many organizations deploy new applications for their remote site users without testing it on a WAN. Not testing these applications across a simulated WAN increases the possibility of performance issues during the early stages of usage because you have no idea how the application will perform once latency or jitter come in between the communication path of the client and server. 

If the application uses large amounts of bandwidth that causes congestion, then it can negatively affect the performance of other applications that share the bandwidth. A WAN emulator can enable you to measure the average bandwidth that an application may use before you deploy it. 

To read this article in full, please click here

With the depletion of IPv4 addresses, more organizations are encouraged to transition over to using IPv6 addresses. Many organizations are noticing the benefits of the built-in security features of IPv6. Also, enterprise IT managers are observing that their service providers are successfully using IPv6, and this encourages them to move forward with it.

To continue to ignore IPv6 could cause any number of potential problems, including an inability to immediately migrate to IPv6 when there is no longer a choice, loss of internet connectivity, and not being able to compete with organizations whose systems are configured for IPv6.

To read this article in full, please click here

Organizations should consider migrating their network infrastructure and devices over to IPv6. It may be a challenge to persuade leadership to prioritize it over other projects such as cloud computing or big data migrations, but it is essential to start planning for a migration.

Many service providers, such as Comcast, Verizon and AT&T, have already started using IPv6 addresses and are presently encouraging other organizations across the United States to do the same. The Internet Engineering Task Force (IETF) has encouraged organizations to move forward with these migrations for over a decade, and with more devices connecting to the internet, the need has increased. 

To read this article in full, please click here

Many healthcare providers face the decision on if they should store protected health information (PHI) in the cloud. There are benefits and concerns to storing PHI in the cloud, and the decision to do so should be analyzed.

PHI is any health-related or insurance payment information that is stored or managed by a healthcare provider that can identify a specific individual. Examples of PHI are patient names, addresses, Social Security numbers, X-ray images, lab results, insurance payment information and medical records. Even information about a patient’s planned future procedures is PHI. Government regulation of PHI is covered in the HIPPA Privacy Rule, and all healthcare providers in the United States must adhere to it or face fines.

To read this article in full, please click here

Many people are not aware of this, but Wi-Fi hotspots at Starbucks, Barnes & Noble or your local hotel that offers it as a complimentary service are not safe for confidential browsing, performing financial transactions or for viewing your emails.

Public Wi-Fi does not offer encryption for individuals using the same password and hotspot. Also, your signals are broadcast across the immediate area. It is easy for someone else within your vicinity to eavesdrop on your communication. An unskilled hacker can intercept your signal using a phony hotspot or a tampering software that can be found on a search engine.

+ Also on Network World: 4 lesser-known Wi-Fi security threats and how to defend against them +

The first task of a hacker is to get on the same network as the potential victim, then they can carry out that task with a public Wi-Fi network because they have the password. It does not matter if a network password is given out by the cashier or printed in your hotel room's welcome packet, once public, your security is compromised.

To read this article in full, please click here

Cross-site request forgery (CSRF) attacks are becoming a more common attack method used by hackers. These attacks take advantage of the trust a website has for a user’s input and browser. The victim is tricked into performing a specific action they were not intending to do on a legitimate website; where they are authenticated to.

CSRF attacks will use the identity and privileges that the victim has on the website to impersonate them and perform malicious activity or transactions. Attackers will attempt to take advantage of users who have login cookies stored in their browsers. Ecommerce sites that send cookies to store user authentication data are vulnerable to this attack.

To read this article in full, please click here

Many businesses with branch offices that have IP-enabled phones must decide what type of circuit medium to use for their communication to the corporate headquarters site.

Two of the most selected choices are a MPLS circuit or internet VPN. Both solutions have their pros and cons, and what is best can depend on your business requirements. Speed, quality of service (QoS), security and cost are the key factors you should consider when making this decision.

Pros and cons of an internet VPN

A significant advantage of using an internet VPN for communication is the cost. Most times, a branch site can use its existing internet connection for communication back to its headquarters. Usually, a 10 Mbps internet circuit costs much less than a 10 Mbps MPLS circuit. This can encourage a business to purchase more bandwidth for their branch site.

To read this article in full, please click here