“The Travelers Guide To Wi-Fi Hacking”

  • 0

“The Travelers Guide To Wi-Fi Hacking”

Dear Blast Reader,

Do you stay at hotels when you travel? Do you ever use the hotel internet? Did you know that there may be someone spying on you while you are in your hotel? Did you know that hackers target hotel Wi-fi? Did you know that the hackers that target hotel wi-fi also target traveling business professionals?

 

Hotel wi-fi is targeted and compromised to assist in the delivering of the malicious payload to the selected victims. A ­payload is the part of the malware that performs the malicious action. Those behind the attack continually evolve the malware’s tactics and payload. It is believed that the attackers are exploiting the vulnerabilities in the server software, either by:

  • Gaining remote access.
  • Physically gaining access to the hotel and the hotel’s servers.

 

Now, attackers are using a new form of malware known as the “Inexsmar Attack”. This attack starts with a phishing email.  To make the email look real, the message is tailored to you. This email address you by name, and has real looking documents attached.

 

But, looks can be deceiving. Within this email there is a self-extracting archive package. This is a package that begins the trojan downloader process. A trojan downloader process is a malicious program, usually installed through an exploit or some other deceptive means. Using email attachments the malware is installed onto your computer. Once you are convinced to open the attachment, hackers will then initiate their malware attack.

 

How does the malware go un-detected?

To prevent being detected, the malware is downloaded in stages. These stages include:

  1. Hiding malicious codes and strings by linking malicious code to otherwise unrelated code.
  2. The malware then runs an operation to download the second part of the payload, the trojan malware.

 

So, as your defences improve, it is believed that the multi-stage download for the trojan malware is an evolutionary way to keep the trojan viable.

So, how do you protect yourself?

To protect yourself against this new form of advanced and evolutionary trojan malware, here are a few tips:

  1. Use public wi-fi as little as possible. Hackers exploit public wi-fi in places like coffee shops, restaurants, and hotels.
  2. Use a Virtual Private Network, also known as a VPN. VPNs are encrypted web browsers that hide your IP addresses & your location.

 

If you have any questions about Hacking, Malware, Cyber Security, or Computer Forensics contact FDS Global. You can reach us at our office at (954) 727-1957 or by email at RMoody@FDS.Global. Please feel free to visit out website at www.FDS.Global.




  • 13

“Printers Beware”

Dear Blast Readers,

 

Did you know that 54% of employee’s say that they do not always follow the security policies put into place by their company’s Information Technology departments? * Did you know that about 51% of employees who have a printer, copier, or a multi functioning printer (MFP) at their work place say that they have copied, printed, and/or scanned confidential documents at work before? *

 

With cyber threats on the rise, it is not a shock that even printers are not safe from cyber attacks and data breaches. If a printer is connected to a wireless network and is unsecure, then it is open to hacking. Once compromised, other devices connected to the same network are left vulnerable.

 

How can a hacker gain access to a network using an unsecure printer?

 

One way a hacker can gain access to your unsecured printer is if the firmware is out-of-date. This allows the system to accept malicious lines of code. The hacker can then use the code to gain access to:

  • Print Jobs.
  • The user’s computer.

 

Another way a hacker can gain access to your unsecured printer is using a drone. Along with a drone the hacker would need a mobile phone and two applications. The two applications would do the following:

  • The first application identifies all wireless printers
  • The second application deploys malware into the printers.

 

So how does this type of drone attack occur?

 

Firstly, the hacker would fly a drone using a smart phone into position outside of an office building. Once into position, the hacker activates the two applications. Once the first application scans for open Wi-Fi printers, the second application establishes a fake access point (one that mimics the real device). Once established, the fake access point is then able to intercept documents that have been sent to the real device. With network access gained, the hacker can then in-bed malware into the company’s network.

 

When malware is installed within the network, hackers can gain access to your servers and documents by:

  • Accessing sensitive and/or confidential information.
  • Changing the printer’s settings or LCD readout.
  • Launching DoS attacks (Denial-of-service attacks).
  • Using the printer to receive and transmit faxes.
  • To send unauthorized print jobs.
  • Retrieving saved copies of documents.
  • Eavesdropping on network printer traffic.

 

To take preventative measures against attacks on your printers Some typical prevention procedures include, but are not imited to:

  • Educating Employees on the importance of security
  • Defining what constitutes a secure password
  • User identification (with PINs and other verification) for printer usage.
  • Data encryption protocols (to prevent interception of data across the network).

 

If you any questions relating to Firmware, Network Security, Printer Security, Cyber Security or Computer Forensics contact FDS Global. You can reach us at our office at (954) 727-1957 or by email at RMoody@FDS.Global. Please feel free to visit our website at www.FDS.Global.

 

 

*(The statistics represented in this blast were identified from: Network, C. (2013, February 07). The Hidden IT Security Threat: Multifunction Printers. Retrieved April 25, 2017, from https://www.forbes.com/sites/ciocentral/2013/02/07/the-hidden-it-security-threat-multifunction-printers/#b615affb615a )*


  • 0

“Is Your Next Lawyer Going To Be A Person or A Computer?”

Dear Blast Readers,

Every day, Technology is becoming increasingly smarter, and a more integrated part of our everyday life. Our refrigerators can now tell us when we are running low on eggs. We live in an age that some refer to as “The Fourth Industrial Revolution” or “Technological Revolution”. This fourth industrial revolution has brought the following to fruition:

  • Effectively unlimited computer power
  • Artificial Intelligence that is gaining more knowledge every day.
  • Artificial Intelligence communicating with unaware people on social media.

A combination of these aspects will challenge the definition of being a worker, as well as what it means to be a human.

Warnings have been coming for centuries about this revolution and what it will bring our society. Albert Einstein once said, “I fear the day that technology will surpass our human interaction. The world will have a generation of idiots.”

Albert Einstein’s quote should give most of you an uneasy feeling. In Japan there is a phenomenon in which cyber-girlfriends are replacing many human-to-human relationships.

This revolution has promised that Artificial Intelligence (AI) and Automation will indeed remove the need to work, and/or (a less favorable option) take away people’s jobs.

There is currently AI that is starting to replace Lawyers. Currently this AI is filling out some of the more mundane and simple forms, but it’s developers are committed to add more advanced functionalities.

There are two categories of skills in which most everyday actives both professionally and personally fall into. Those are hard skills and soft skills.

Hard Skills, include: Cognitive and Mathematical reasoning and are things that machine learning and AI technology will find easy to do.

Soft skills, such as: motivation, teamwork and social skills are much more difficult for a machine to recreate. These are the type of skills that play a vital role in the economy (they are not skills that are just “nice to have”).

If you have any questions on anything mentioned in this week’s Blast please, feel free to contact us by email at rmoody@fds.global or give our office a call at (954) 727-1957. Please visit our website at www.FDS.Global.