In our numerous interactions with the industry and our customers, one problem that we have found ever prevalent is the use of removable storage on company computers. Organizations are always vary of insiders stealing information on USB devices. Since mobile phones can also act as data carrying mechanisms, files can be taken from a company PC not just using a Pen Drive or an external disk storage, but by also connecting a phone using the USB cable and using the smartphone in MTP(Media Transfer) mode.
To solve this problem, we have spent months in developing a solution that we feel will put you at ease regarding data theft in your enterprise. USB Scout
USB Scout is a one of a kind software package that works in the background on a machine, silent observing and scouting for file exchanges that occur between the computer and any external medium. When a file is copied to a Pen Drive or a Smart phone, USB Scout records the activity and reports it to a central database that helps you to know all file movement in your organization via a Dashboard
You can also block USB usage on an endpoint using the dashboard and monitor all file exchanges
Once the sign-up process is complete, a download link and license key will be sent to you. A single license key can be installed in a maximum of 10 endpoints
The license confirmation email will also contain a username and password for you to login into https://scout.informantnetworks.com and manage your endpoints. All USB activity will also be shown to you once register all the endpoints and login into the personal dashboard provided to you
Since March 2017, Informant Networks has been noticing a combination of a cyber and physical social engineering attack at 3 different companies in the Udyambag Industrial Area in Belgaum. The modus operandi of the criminal group is to hijack email conversations between two businesses and intervene at the point at which financial transactions are supposed to take place.
The attack starts by compromising the email account of one of the two business entities that are normally known to do business, the attacker at this stage just observes the email exchanges between the representatives of the two companies being attacked, once the conversation has come to a finish or when matters of payments are being discussed, the attacker starts impersonating the receving party in the financial transaction and provides a new account number for the funds to be transferred.
The attackers here take advantage of previously established trust between the two companies and requests for payments to be done to a new account and not to the previous account which would be the account of the legitimate business.
Once the funds are transferred to the attackers account. the money is withdrawn almost immediately and all trails are cold. This combination of a cyber and physical attack is lethal since it takes advantage of a previously established trust.
In these situations it is advisable to reach out to a previously known contact over a previously used phone number and cross check for the correspondence by a new individual claiming to be from the same company.
This word brings excitement to some and worry to some. When people ask me what i think. I tend to have mixed responses. Although i like the idea of blockchain and the guarantees it provides. There is a lot of discussions around ethical use of bitcoin and where trust lies in the system.
We believe in everyone having a safe environment to browse the internet and be protected against all malicious activity on the internet. In this journey, we constantly struggle in providing the best knowledge and education about the internet and its dark side to everyone associated with us. There are certain guidelines that we encourage people to follow. These guidelines are the culmination of personal experiences and general practices that the security community suggests to everyone out there. This is going to be a long article. but it’s necessary Continue reading →
In the current market scenario, it is of utmost importance to maintain a sustained image to your brand. In view of the same,organizations need to maintain an unceasing online presence to attract potential customers. Since September 2016, we have responded to incidents at 3 separate web development and web hosting provider companies in Belgaum and Bangalore due to their infrastructure being compromised. The compromise of these servers resulted in the defacement of some websites hosted on those servers, which led to redirection of website visitors to other sites with adult content, pharmaceutical products etc..
Informant Networks has recently observed and responded to Ransomware attacks affecting the manufacturing sector based out of the Udyambag Industrial region. While the most affected companies are those which possess Intellectual Property(CAD drawings, designs of products, blue prints, business process related documents, etc..) others have lost data due to inadequate protection and ineffective defensive mechanisms. Most of these attacks are orchestrated via use of infected pen drives, by attachments sent via E-mail and by using of an infected version of the popular remote desktop tool ‘Ammyy Admin’
We take this as an opportunity to educate the general populace about Ransomware.
Up until year 2000, Industries were not so much prone to cyber-attacks. With rapid increase in digitisation, Cyber-attacks in industries become increasingly more and more daunting. To understand the devastating effects of a cyber-attack, below are world’s top brutal cyber security attacks on Industries. This is a definite wake up call for all kind of industries to build digital wall which can safeguard their digital property. Continue reading →
Each day that passes by, more and more business value and personal information (worldwide) are rapidly migrating into digital space on open and globally interconnected technology platforms. As it happens, cyber-attacks and breach in data security don’t look like they’re going to slow down.
Today, computer viruses and other malicious software are no longer written by hobbyist hackers – to seek fame and glory among peers. Most of them are written by professional criminals who are making millions with their attacks. ebay – the ecommerce and world biggest auction site famously fell prey to hackers in year 2014. Continue reading →
Internet is the large network of computers. What threats lie out there in the open? Nobody can tell. The best we can do is protect ourselves by closing all doors of entry. A firewall does just that plus a little bit more to safeguard your network. Let us see how.
Where does a Firewall fit in your network?
The best location of a firewall is right next to the modem which connects to the Internet. The figure below shows a typical network (LAN) connected to the internet via the modem.
The same network when fitted with a Firewall product looks as shown in the figure below. All traffic getting into your LAN and getting out of your LAN to the Internet will pass through this Firewall. Thus, allowing it to filter in real-time and allow/block certain content based on specified rules.
How does it protect from Internet Hackers?
In networking terms, every incoming connection from the Internet has to have a PORT of entry. This PORT is nothing but a specific number using which a Hacker gains entry into the network. A typical Firewall would block all PORTs of entry for all traffic so that the doors are closed for the hacker to gain entry. It creates a fireproof wall around the LAN so that no unknown connection is given an entry.
How does it protect against Viruses?
Files downloaded from the Internet act as the transport medium for Viruses/Malware. A Firewall with inbuilt Antivirus scans for viruses each and every file that is being downloaded from the Internet. The file if infected is straight away rejected at the Firewall itself thereby protecting the LAN PC from infection. Since the infected file never reaches the network computer there is no need of curing the file off the virus. Since the files are scanned in real-time, this feature, depending on the firewall hardware, may slow down Internet speed to a certain extent. Compared to the cost of getting the Virus out and cleaning your network once its already in, the resulting slow down (if any) due to virus scan is negligible and more than welcome.