Virtualization

What is Zero Trust?

What is Zero TrustZero trust is a security strategy based on the concept “never trust, always verify.” The idea of zero trust was a response to traditional perimeter network security that assumed everything inside the network was safe. A perimeter security network puts all of its defenses at the edge of the network. This means if a criminal gets inside, they are able to move around freely and access any applications or data on the network. Additionally, with remote work and cloud-based data and applications, it’s more difficult to define that perimeter. Zero trust changes the model and requires verification for each user and device accessing each application and element of data.

The zero trust model works generally on three tenets. First, the framework must identify and authorize the user. Users are no longer automatically authorized simply because they are on the office network. Authorization typically includes multi-factor authentication (MFA).

Once a user is authorized, they only have access to the data and applications they need to perform their job. This policy is known as ‘least privilege’ and helps to limit the data accessible to a hacker in the event of a breach. With the least privilege policy, an employee in marketing would not have access to personally identifiable information from human resources. Conversely, human resources would not have access to the latest confidential marketing presentation.

Lastly, the zero trust model sets device requirements that must be met in order to access the data or applications. Device requirements could be as simple as an approved antivirus must be installed, or could be much more complex depending on the business need.

In addition to these three tenets, network segmentation and monitoring are often implemented to further prevent lateral movement and to log unusual activity. Zero trust does not trust any users or applications by default. After a user, application, and device are approved, the zero trust model continues to monitor the criteria and discontinues access if any of the criteria change.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Back to Basics, Cybersecurity, Information Security, Recent Posts, Small Business, Virtualization

A Future Without Passwords

A Future Without PasswordsApple, Google, and Microsoft are on the road to eliminating passwords for all online services. The three tech giants committed to adding or enabling the technology needed to allow users to choose their phone as the main authentication device for websites and digital services. A user would be able to unlock their smartphone, as they do now, with a PIN, face ID, or fingerprint, and that action would take the place of entering a password on a website. The authentication would work through a cryptographic token called a passkey. The new authentication method would also make phishing more difficult because login would require a physical device.

Passwords are an ineffective way to authenticate for a service. Users are bad at password management. About 25% of people re-use passwords, and an equal 25% use weak, easily guessable passwords. But we can relate to these users. Passwords are a pain, and we are expected to remember a different password for every service. There are password managers, but they have  low usage rates because users don’t know what they are, or don’t trust them.

The FIDO (Fast Identity Online) Alliance is the group behind the higher-level authentication technology. To maximize adoption FIDO was looking for something end-users already have and making the process as user-friendly as possible. The FIDO Alliance takes authentication out of the hands of the individual service and moves it to a higher-level security mechanism.

“This shift from letting every service fend for themselves with their own password-based authentication system to relying on the higher security of the platforms’ authentication mechanisms, is how we can meaningfully reduce the Internet’s over-reliance on passwords at a massive scale,” FIDO said.

The FIDO Alliance has been working on a password-free workflow for a decade now. This latest announcement is the largest step we have seen in the quest to zero passwords.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts, Small Business, Virtualization

Hacking and War in Ukraine

Microsoft released a detailed report that showed Russian hackers correlated their attacks with physical military operations. Russia is using three primary attack vectors in the technology space: disinformation campaigns, distributed denial-of-service (DDoS) attacks to knock web services offline, and malware to erase all data from a network or computer. The Microsoft report showed six distinct hacker groups who have been involved in attacking Ukrainian targets since the Russian invasion. Russia favored coordination attacks when they target telecommunication infrastructure. They targeted telecom or internet providers with both, cyber and physical, military attacks at the same time.

Russia has a history of high-profile cyberattacks on Ukraine. In 2014, Russia used cyberattacks to accompany the military war in Eastern Ukraine. In 2015, the cyberattacks knocked out the power grid in Ukraine. However, when Russia ramped up its cyberattacks leading up to the military invasion in February, it did not achieve the same results as in previous years. Ukraine has bolstered its cyber defense since 2015 at the university level. The Ukrainian University cybersecurity has a faculty of 125 trained instructors with more than 700 cybersecurity students. This backbone of cybersecurity professionals is believed to be the reason Ukraine has been able to keep the internet on even in the hardest-hit areas.

At the same time, Russia is being attacked with cyber tools at an unprecedented level. Ukraine is using DDoS attacks to knock government services, aviation companies, and online payment systems offline to disrupt government and citizens’ daily activities. Additionally, hacktivists from around the world are joining the barrage of cyberattacks on Russia in favor of Ukraine. DDoS attacks are the most prevalent vector, but ransomware has also been seen targeting Russian network vulnerabilities. The DDoS attacks against Russia have become markedly longer in duration as well growing from minutes to days, the longest lasting a week.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Charles Wright in Cybersecurity, Information Security, Recent Posts, Virtualization

Don’t Make it Easy for Criminals to Attack You!

Don’t Make it Easy for CriminalsHacker Reconnaissance 101:

Oversharing information is a huge issue for every organization. The oversharing of information can make your organization an easy target to hack.

Hackers are constantly monitoring all forms of social media as part of their mission. To illustrate this problem, I’ll use a “fictitious example”.

Suppose you work for a bank, and you are excited about a new software platform that the bank will soon be installing. You post on your Facebook and LinkedIn page all the great features that the bank will now be able to offer, and how it will benefit the bank’s clients. This type of information is interesting to your friends and clients, however it is very exciting to a criminal.

A hacker with this knowledge will now start stalking you and others in the company. The criminal now has several goals. First, they want to find out who is working on this project and then learn as much as they can about each person. The second step is to learn as much as they can about the project and the details of the installation and migration process.

Next, the criminal will likely reach out to you and some coworkers using a fictitious identity and attempt to join your LinkedIn network and possibly friend you on Facebook. Creating a fictitious identity that would tempt you to accept a friend request is an easy task. The criminal’s goal at this point, is to determine who most likely will fall for a social engineering attack. (Social engineering is getting someone to do something they would not normally do).

With all the acquired information, the criminal is now ready for the attack. The most likely attack vector the criminal will choose, is to call the victim during the installation or data migration phase of the project. They will impersonate a team member of the company performing the project ask for help with getting access to the system. Sometimes to make it appear more legitimate, they may send an email or call ahead of time to schedule an appointment to work on the project.

Companies need to be aware of and have polices that limit the amount of company information that employees are allowed to share on their personal social media sites. Employees also need to understand that by oversharing personal information makes them and the company they work for more likely to a potential attack.

Quanexus IT Support Services for Dayton and Cincinnati

Request your free network assessment today. There is no hassle, or obligation.

If you would like more information, contact us here or call 937.885.7272.

Follow us on FacebookTwitter and LinkedIn and stay up to date on by subscribing to our email list.

Posted by Jack Gerbs in Cybersecurity, Information Security, Small Business, Virtualization