Technically Easy

Category: Networks

Network security is important in the online world, and many helpful posts can be found here.

  • When Bad Gets Worse: DDoS Attacks on the Rise in Numbers and Complexity

    When Bad Gets Worse: DDoS Attacks on the Rise in Numbers and Complexity

    There may come a time when, without tether to logic or reason, you may begin to think that the number of DDoS attacks can no longer rise because there is no more room on the internet.

    That the DDoS attacks that have already occurred have taken up all the space that could possibly be allotted to such damaging cyber assaults and any new attempts will simply have to be turned away.

    However, websites and businesses across the internet should probably be aware that if it didn’t happen in Q3 2017, it probably isn’t going to. DDoS attacks have hit a major uptick, and even worse? They’re getting more sophisticated.

    By the numbers

    The good news is that from the second quarter of 2017 to the third quarter of 2017, monthly distributed denial of service (DDoS) attacks only rose 35%.

    If you’re thinking that doesn’t sound like good news, well, it will after this next stat: from the first quarter of 2017 to the third quarter of 2017, monthly DDoS attacks rose 91%. Ninety-one percent. Just 9% less than a full 100%. In less than a year.

    That Q3 rate basically translates to eight attack attempts per day per organization for a total of about 237 attempts per month. Yes, that number is still per organization.

    Two-hundred and thirty-seven attempts to make an organization’s website inaccessible to its users and customers, leading to frustration and a long-term loss of loyalty from which it can be impossible to fully recover.

    Placing the blame

    The biggest cause of this increase is easy to point to, literally. Look around the room you’re in and point at the DVR, webcam, router, or any number of Internet of Things (IoT) devices.

    These so-called smart devices aren’t terribly brilliant when it comes to security as they’re generally designed with more of an emphasis on innovation than safeguarding against malware.

    Compounding those issues is the fact that users don’t often think to change the default admin names and passwords, and if they do think to, it often isn’t easy to accomplish.

    These factors combine to great billions of bullseye devices in the IoT for hackers creating DDoS botnets by infecting devices with malware that allows them to be controlled remotely.

    It’s now easier than ever to assemble botnets of a significant size, and since a DDoS attack is a distributed form of a DoS attack, the more infected devices at an attacker’s disposal, the more damage he or she can easily do.

    For many enterprising cybercriminals, that damage is done thanks to DDoS for hire services, another major factor in the increase of incidents.

    Anyone with an internet connection, a bit of money to spare and the willingness to commit a cybercrime can pay as little as a few dollars to rent the use of a botnet and launch a DDoS attack at any website they’d like.

    Whether users are signing on to settle grudges, cause random chaos, enjoy the fallout on social media, or even send a DDoS ransom note demanding payment in exchange for no further attacks, this is a business that’s booming.

    Yet another issue

    While on the one hand, the ease of building a botnet and getting to use one has certainly hugely contributed to the current distributed denial of service epidemic, on the other hand there is an increase in complexity that’s also causing problems.

    Typically, the attacks that come from DDoS for hire services are short-burst and relatively low-volume. The for-hire attacks that aren’t, are massive volumetric bruisers coming from IoT botnets, the ones that grab headlines for their firepower.

    Generally speaking, the more a user is willing to pay, the bigger and longer the attack. These attacks don’t account for the entire increase in monthly assaults, though: in the second quarter a full 20% of attacks were multi-vector, which are sophisticated attacks that use at least two different methods to try and beat site security and get attack traffic to the victim server.

    Worse yet, these sophisticated attacks – undertaken by skilled attackers as opposed to the average spiteful internet user – are often accompanied by malware or used as a distraction for another data extraction attempt, making the potential consequences of a successful DDoS attack even more dire than they already are.

    Piling on

    DDoS is not a new threat. Security experts and even many non-experts have been harping on the risks of failing to adequately protect against these attacks for years.

    It’s at the point now where, for reasons that vary widely, nearly every website is at risk of a serious attack and in need of professional DDoS mitigation services.

    The odds that DDoS attack numbers will go from a 91% increase over the course of three quarters in 2017 to falling in 2018 are not good, to put it mildly.

    Nor are the odds that attackers will cease assembling those easy IoT botnets and making bank on for-hire services, or launching sophisticated attacks that can worm their way through security defenses and possibly even result in data breaches.

    Further, the odds are truly terrible that the internet will reach a DDoS attack limit, no matter how sharply numbers keep increasing.

  • How Companies Secure Their Networks in 2017

    How Companies Secure Their Networks in 2017

    Those who work in industries — whether it’s in retail advertising, corporate communications, the financial sector, or a healthcare setting such as a hospital — know how critically important it is to ensure that sensitive information remains secure.

    Whether you are going to be dealing with your company’s confidential client information, or you have been trusted with access to an individual’s banking or healthcare records, it is vital that the network your workplace relies on is effective and secure at all times — your organization’s reputation and customers’ trust in you ultimately depends on it.

    A business’ success can entirely depend on a trusted network as well. For instance, in order to remain one step ahead of competitors in a crowded marketplace, it is essential for retail companies to constantly remain vigilant: they must work to safeguard their information and ensure that sales figures and prices remain secure.

    In a retail context, it is particularly important for companies to keep a tight grip on what their prices will be on big shopping days, so competitors don’t price their goods or services similarly and effectively take away customers.

    So in today’s digital world, what can companies do to ensure their network will remain secure? Retail companies are just one example of the type of organization that would benefit from a securely managed network.

    Prominent, large companies that have more than one office will need to make their data available to all employees in as efficient a manner as possible. You might assume that such a problem would fall into the hands of a large company’s pre-existing IT department.

    However, IT departments at large organizations frequently face competing priorities that make it difficult to find the time to regularly manage IT infrastructure. As a result, many companies choose to seek out a third-party organization to securely manage their network, so that their IT department has time to focus on company growth, and can remain available to handle other challenges at hand.

    Today, more and more companies are turning to secure cloud solutions to enhance the way they do business. Modern businesses rely on virtual data centres to ensure that important private information — which their employees will need to be able to access in whichever location they are working — is stored as efficiently as possible.

    This is becoming particularly important in an age of globalization and digitization, when more and more employees are required to travel for business, and continue to work remotely. Of course, depending on what your business does, you will have different needs than others in respects to what and how much information needs to be stored.

    A virtual data centre offers resources such as memory, storage and bandwidth that are able to accommodate what it is you are specifically looking for.

    If you work in a large company, your IT department will have a better understanding about what those specific needs may be — a virtual data centre solution is often designed with the idea that it will be managed by an IT department.

  • The Need for Cyber Security Professionals

    The Need for Cyber Security Professionals

    Many people do not realize that some of the largest cyber attacks in the history of the internet took place in 2014. There has never been a greater need for cyber professionals, especially when the security of business and government locations is on the line. Some of the statistics surrounding these attacks are terrifying to think about, and illustrate the need for properly trained professionals all the further.

    Increases in Threats

    All it takes is one well placed cyber attack to affect everyone. The Heartbleed vulnerability in most OpenSSL encryption could have affected upwards of two-thirds of all websites. Despite how widespread this news was, only forty percent of all users took steps to protect themselves. There has been a ninety-one percent increase in targeted attack campaigns, a sixty-two percent increase in the number of successful breaches, and a twenty-three percent increase in web-based attacks. Almost one in every eight websites has a critical vulnerability.

    Cyber Security Impact

    The cost to recover from a cyber attack has increased twenty-six percent between 2012 and 2013. The current recovery average is eleven and a half million per cyber crime incident. Over seventy-four percent of all cyber security professionals say that their agencies are not ready for an attack, with many other companies admitting the same faults. Over fifty-eight percent of these agencies admitted that some type of data loss would occur.

    Skill Gaps in Cyber Security

    The demand for cyber professionals has increased over three and a half times faster than the demand for most other IT jobs in the past five years. Over three hundred and thirty thousand positions had opened up out of necessity for these professionals in keeping a variety of industries safe from cyber attacks. The overall field of cyber security has increased in demand over twelve percent faster than all other types of non IT jobs. A variety of industries report a shortage of such professionals, including the healthcare sector and different manufacturing organizations.

    The Future of Cyber Security

    Currently, five thousand cyber security professionals are needed in the United States alone, while the federal government is actively seeking over ten thousand. The Department of Homeland Security itself is actively seeking six hundred such professionals to suit their needs. Studies estimate that there will be an upwards of thirty-seven percent increase in the amount of cyber security graduates in the next ten years. Norwich University’s online master of information assurance program put together a detailed visualization of this growing need in information security. Discover more in the infographic below.

    Why the US Needs More Cyber Professionals

  • How to Create a Secure Wireless Router Setup

    How to Create a Secure Wireless Router Setup

    We live at a time when the “Internet of Things” is starting to gain traction in our life.  It seems every new product sold today can easily connect to the Internet through a wireless connection, which is usually a wireless router. Of course, as with most things created, it may seem like a good idea to be able to get access to your devices remotely, it also means that malicious users may also be able to gain access to your devices.

    I have many devices in my home that connect to my wireless router, and while I am always conscious about security, I am confident in my devices being protected when connected to the Internet. While nothing is ever 100% secured, there are several steps you can take to make sure you do a proper wireless router setup. Ensuring the security of your wireless devices starts with your wireless router.

    (more…)

  • How to Reset the Linksys EA2700 (N600) Wireless Router

    How to Reset the Linksys EA2700 (N600) Wireless Router

    There may be times when you are having issues with your Linksys EA2700 wireless router, such as not being able to connect to the Internet, or even your wireless network. You may even have forgotten the administrator password or the network passphrase, and retrieving such information is impossible without logging into the router.

    If you are having issues with your router, one solution is to reset the router back to factory defaults. When you do such a reset on the router, you will be erasing any custom security and router settings that you have established, so you will need to secure your wireless network after the reset. There are two ways you can reset the Linksys EA2700 wireless router, and both are described below.

    Using the Reset Button

    All routers have at least one physical button that you can press to reset the router back to factory defaults. The Linksys EA2700 wireless router has two reset buttons – on the bottom and one on the back. Using either button will reset the router.

    1. Ensure your router is plugged in and turned on.
    2. Press and hold either the reset button on the bottom for about 15 seconds. You can stop pressing when the power light indicator flashes.
    Linksys EA2700 Reset Button
    The location of the reset button on the Linksys EA2700 wireless router.

    Using the Router’s Setup

    If you remember the password to get access to your router’s setup, then you can reset the router directly from the router’s dashboard. To reset the router from the dashboard, use the following steps:

    1. Open a Web browser and type “http://192.168.1.1” (without quotes) in the address bar. Press ENTER.
    2. When a login windows appears, enter the username and password for your router.
    3. From the top menu, click the “Administration” option.
      4. Linksys EA2700 Administration Option
      The Linksys EA2700 “Administration” option.
    4. From the second-level menu at the top, click the “Factory Defaults” option.
      5. Linksys EA2700 Factory Defaults Option
      Linksys EA2700 “Factory Defaults” option.
    5. On the “Factory Defaults” page, click the “Restore Factory Defaults” button.
      6. Linksys EA2700 Restore Factory Defaults Button
      Linksys EA2700 “Restore Factory Defaults” button.
    6. Click the “OK” button when a warning message is displayed.

    Once you have reset your router back to the factory defaults, you should then follow the steps to properly secure your wireless network. If you are unsure of how to do this, you can follow the instructions in How to Secure the Linksys EA2700 (N600) Wireless Router.

  • How to Secure the Linksys EA2700 (N600) Wireless Router

    How to Secure the Linksys EA2700 (N600) Wireless Router

    When you buy a wireless router – any wireless router – you must make sure you properly secure the router and your wireless network. If you don’t secure both the wireless router and the network, you allow unauthorized users into either your router, your network, and possible any device attached to your wireless network.

    While securing the Linksys EA2700 (N600) wireless router may sound complex, there are only a few setting changes that you need to change to secure both your router and network. Below are the steps that you need to take to secure your wireless network.

    Logging into the Router

    1. Open a Web browser and type “http://192.168.1.1” (without quotes) in the address bar. Press ENTER.
    2. When a login windows appears, enter “admin” (without quotes) in both the username and password boxes.
    3. If a warning windows appears, check the “Do not show me this again” checkbox and click the “OK” button.

    Note:

    If the IP address of the router has changed, or 192.168.1.1 doesn’t work you can look up the IP address of your router by using the steps outlined in How to Get the IP Address or Your Router.

    Note:

    If the username and password have been changed before, and you can’t remember the login credentials, you can reset the router back to factory defaults and then continue with securing the router. To reset the router you can follow the steps outlined here: How to Reset the Linksys EA2700 (N600) Wireless Router.

    Securing the Administrator User

    Before securing your wireless network, you will first need to secure the administrator account to your router’s setup. That is the account you logged into in the previous section.

    All router default username’s and passwords can easily be found online, so it is important to change the login credentials to protect your router and wireless network.

    1. Log into your router, and then click the “Administration” option from the top menu.
    2. In the “Router Access” section, enter a long and strong password in the “Router Password” box.
    3. Enter the same password in the “Re-enter to Confirm” box.
    4. At the bottom, click the “Save Settings” button.
      5. Linksys EA2700 - Administration Management
      Changing the Linksys EA2700 (N600) router’s administrator password.
    5. When prompted, enter “admin” as the username, and then your new password to re-access the setup to your router.

    Securing Your Wireless Network

    Now that your router’s setup is secured with a new administrative password, you can go ahead and secure the network.

    1. If you haven’t done so, log into your wireless router.
    2. Click the “Wireless” menu option at the top.
    3. Click the “Disable” option beside “WPS” and then click the “Manual” option just above it.

      4. Note:

      While Wi-Fi Protected Setup (WPS) may sound like an easy way to secure your router, it is a major security vulnerability (please read Why Your Wireless Network May Not Be As Secure As You Think. While there are more steps to manually securing your router, and then connecting devices to your wireless network, you will have a more secure network.

    4. The Linksys EA2700 has two frequencies – 5 GHz and 2.4 GHz. You can set up a single wireless network on each, but it would be best to have both frequencies used by one wireless network. Beside “Network Name (SSID), give your wireless network a name. Ensure you enter the same name in both the 5 GHz and 2.4 GHz sections.
    5. For “Security Mode”, select the “WPA2 Personal” option. Do the same for both frequency sections.
    6. Beside both “Passphrase” options, enter a long and strong passphrase. This is what you will enter when you connect a device to your wireless network.
    7. Click the “Save Settings” button.

      8. Linksys EA2700 - Wireless Settings
      Wireless settings to secure the Linksys EA2700 (N600) wireless router.

    At this point your wireless network is secured. To connect a device to your network, you simply select your network from the list and then enter the passphrase you created.

    If you forget your passphrase, you can simply connect a computer into the router with an ethernet cable and then re-enter the setup by entering “192.168.1.1” into a Web browser.

    Additional Security Settings

    While the preceding sections are enough to have a secured wireless network, there are a few other settings you may want to look at to fully secure both your network and your router.

    1. Log into the setup of your wireless router using a Web browser.
    2. Click the “Administration” menu option at the top – the “Management” section should be displayed.
    3. In the “Remote Management Access” section, make sure the “Remote Management” option is “Disabled”.
    4. In the “UPnP” section, click the “Disabled” option next to the “UPnP” option
    5. Click the “Save Settings” button.

      6. Linksys EA2700 - Administration Management - Additional Security Settings
      Changing additional security settings on the Linksys EA2700 (N600) wireless router.

    At this point your wireless router is secured and you can feel confident that only authorized devices can connect to your network.

  • Advantages of a VPN Server: How to Set It Up

    Advantages of a VPN Server: How to Set It Up

    Virtual Private Network, or a VPN server, is an Internet-based private network that is set up between several computers. With recent news that the NSA monitors a great deal of Internet-based communication, setting up a private network to give an extra layer of privacy between yourself and government agencies overstepping their bounds can’t hurt. A VPN might sound complicated to set up at first, but the advantages are well worth the effort you put into the server search and configuration.

    (more…)

  • How to Secure the Linksys EA4500 Wireless Router

    How to Secure the Linksys EA4500 Wireless Router

    Wireless routers, by default, are unsecured when you connect a router for the first time. This is important to know as you will need to take the necessary steps to secure any wireless router that you have just purchased.

    With regards to Linksys routers, the steps to secure the router are very similar, so if you have trouble finding proper steps to secure your Linksys router, you can usually follow steps for another Linksys router.

    To make it easier for owners of the Linksys EA4500 wireless router, I will provide the steps to secure the router below.

    Steps to Secure the Linksys EA4500 Wireless Router

    If you have owned a Linksys router in the past, the steps I outline below make look familiar, that is because the firmware that is included with the various Linksys routers look very similar.

    I have divided the steps into several sections to make it easier to follow, and to indicate what tasks each group of steps perform.

    Loading the Router’s Web Interface

    Before securing your Linksys EA4500 you will need to access the Web interface. This is done by opening a Web browser and navigating to the router’s Web interface.

    Note:

    I suggest that you use Internet Explorer, if available, to access the Web interface. Many users have reported problems with accessing the Web interface for a router with other Web browsers.

    1. Open you Web browser and then enter 192.168.1.1 in the address bar.
    2. The router will then prompt for a user name and password. Leave the user name field blank, and type “admin” (without the quotes) in the password field.

    Change the Router Password

    Once you have access to the Web interface, the first steps you should perform are to reset the password needed to access the Web interface. Unfortunately, you can’t change the user name with the stock firmware, buy making the password long and complex should provide enough protection.

    1. Click the “Administration” tab from the menu at the top.
    2. Next, if the “Management” page isn’t display, then click the “Management” link at the top.
    3. In the “Router Access” section, enter a new password for the router, and then enter the same password in the second field to confirm.
    4. Click the “Save Settings” button at the bottom.
    5. The router will then save the new password, and you will be required to re-login again with the new password. The user name will still be blank.

    Setup the Wireless Network

    The steps outlined in this section are probably the most important steps to follow. These steps will secure your wireless networks from unauthorized users. Failure to perform these steps will allow anyone access to your wireless network.

    The Linksys EA4500 allows devices to connect to it on either the 2.4 GHz or 5 GHz frequency. In order to make a device connect to either frequency without having to change networks, we will be making both frequencies use the same network name (SSID).

    1. Log into the router, if you haven’t already done so, and then click the “Wireless” tab at the top.
    2. By default, Wi-Fi Protected Setup (WPS) is selected, which is unfortunate because WPS is not secure. Click the “Manual” option to switch from WPS.
    3. For both the 5 GHz and 2.4 GHz sections use the following settings:
      • Network Name (SSID): The name for your network. This is the name that will appear in the list of wireless networks that can be detected by wireless devices.
      • Security Mode: WPA2 Personal or WPA Personal.
      • Passphrase: Enter a long and complex string of characters, numbers and symbols. This is the most important element to secure your wireless network.
    4. Click the “Save Settings” button at the bottom to save your security settings.

    After you perform the steps outlined in “Setup the Wireless Network”, you can then select you wireless network from the list of available networks and then enter the passphrase that you have created. Anyone that connects to the wireless router will need to enter this passphrase – unless you setup guest access within the router.

    At this point your Linksys EA4500 wireless router is secured, and no unauthorized users should be able to gain access to your network or router.