Benefits of Multi-Factor Authentication (MFA)

Benefits of Multi-Factor Authentication (MFA)

Ever seen those secret spies’ movies where a super-secret facility has a giant metal door and to get through a worker stops-by, places his hand on a finger print scanner, then gets his face recognized and sometimes even has to speak up a secret code word in the microphone or even swipe an ID badge through the scanner and only then the door opens. Well that’s not just a fictional thing now and in real world, this is what we call a multi-factor authentication (MFA), if a combination of these different methods is being used or two-factor authentication (2FA), if two different modes are being used.

From drawing out cash from an ATM to signing in to your Google or some other social account, one is sure to come across multi-factor (or in some cases two factor) authentication nowadays and it is frankly the need of the hour.

Internet has become stronger and smarter and much more easily accessible for people all over the planet now and this means it’s getting harder and harder for websites and social sites to keep their and clients’ data secure and safe from the prying eyes and dangerous minds of hackers. MFA has played its role in reducing cybercrimes to some extent as it is more secure than a simple password which can easily be cracked by different softwares that are using rainbow tables or some other password generator. This is a detailed topic and might need more than just one blog to explain all the types and how it work and all, so here I’ll just be discussing some of the benefits of MFA:

  • Stronger Security

The most important advantage of MFA is that it gives you a safer system/account that is difficult for a hacker to breach. You can, for example, secure your account by adding an additional factor along with your password such as authenticating your login request through your mobile phone or asking for a fingerprint. Unless the hackers have both the authentication factors, they cannot access the account.

  • Simplified, Faster Login Process

One would think that MFA would mean slow login process because of the need to verify all the enrolled factors firstfor all the different apps you’re using, but fortunately that’s not the case. MFA allows companies to use a much more advance “Single Sign-on” login setup which allows user to login with a single set of credentials, which are validated once before allowing the user to safely access all the different apps and tools connected to it.

  • Increased Productivity

With all the burden of typing in passwords removed and having replaced them by fast and effective authentication factors the companies can increase their productivities in the right environment and situations.

  • Cost Effective

One may think that incorporating MFA to a business requires some fancy technology and loads of cash but that’s far from truth. You can use of the many available free 2FA apps  to be used by your employees and it’s a piece of cake when it comes to learning to use it.

  • Customize Your Own Security

The flexibility of MFA allows one to easily and freely customize their level of authentication, add as many layers of security as they like and even have rapidly upgrading software based authentication to make the system more secure and easily accessible (I mean who knows, you might wanna hand out secret code bearing USB drives to all your employees to add a cool factor and feel like you’re running a top-secret facility)

In short, the MFA is basically what’s keeping you a tad bit secure than those static passwords that used to cost companies lose millions, made people lose important documents and be blackmailed for them and so much more. Although the cybercrimes haven’t completely stopped but MFA has definitely made it harder for hackers to breach the system and access your precious data.

5 simple tricks to protect yourself from Phishing

5 simple tricks to protect yourself from Phishing

Phising is a social engineering technique used to exploit the imperfections of the security systems. With time, there has been a rapid increase in the phishing incidents across the globe ranging from minor data losses to huge thefts and frauds.

In simpler terms, phishing is a form of hacking by misleading users. It can be labeled as a “fraud” because it deals with user exploitation by using impersonation as the means of obtaining sensitive information such as passwords, credit card credentials and other highly sensitive data. It deals with a system based on baiting and getting users to log in with their personal details onto the disguised webpage.

The AnIT-Bridge team decided the need for public awareness due to the rapid increase in phishing rates across the globe. However, it can be concluded that there is no real way to cure phishing as a whole. Phishing is spreading like a virus, from one user to another. There are some tips that we would like to share to keep the general public safe from losing their sensitive data.

i) Be realistic and sensible while opening links
Carefully check the link, note for any misspellings. In the url, check carefully for any suspicious entries that do not match with the real identity of the webpage you are trying to login. It is a fairly common but wise saying “Prevention is better than cure”. It makes a lot of sense here, be wise and avoid being phished rather than having to find measures to retain the stolen data.

ii) Is the sender trustworthy?
It is very important to see if the sender of the email is a trustworthy entity or not. Receiving an email from an anonymous entity means you simply avoid it. Even if you receive an email from someone not in your close circle, avoid it because it’s for the better.

iii) Verify
If the sender of the email is someone from your close circle, look closely to check if the link seems suspicious. At times, the senders themselves are subjected to phishing and the link is infact automatically generated to be spread like a virus. Avoid opening it and verify from the sender whether if he sent it or not.

iv) Stay secure
Staying secure by using a secure website. A secure website can be indicated by the “Https”. When observing the “Http” before the link, it signifies that a webpage is secure and can be trusted. Before handing out sensitive info such as bank data or credit card, make sure you follow these steps.

v) Report
Don’t let suspicious activity go unnoticed. On coming across such a webpage attempting to phish, report directly to the real organization. This way, such scamming pages can be dealt with and security can be ensured.

Simple tips to prevent Data theft

Simple tips to prevent Data theft

Simple tips to prevent Data theft

Imagine having the main door to your home unlocked, it’s a sight that would surely take away your peace of mind. It’s no rocket science, you have a high probability of being subjected to criminal or burglar activity as compared to when the door was locked. An unlocked main door is an open invitation to theft. Similarly, a computer not secured is inviting viruses, malware and hackers. You can consider your hard disk data as personal belongings that are open to theft in case you don’t secure your computer. We will guide you with easy tips to secure your computer and the sensitive data that it contains.

Check your Firewall Status

To begin with, the first thing you must be sure to do is check whether your firewall is switched “on” or “connected”. Firewall works the same way as it sounds, a wall of fire sounds very secure. Passing a burning wall is not an easy task, and even if someone manages to pass it, the damage inflicted will not allow one to live. Now towards the important question, “How do i check if the Firewall is working?”. It is a very simple task, go to control panel and type Firewall in the search box. You can now check the status of your Firewall. If it is “off”, just turn it “on”. If it is “on”, you are good to go.

Install a suitable Anti-virus

Anti-Viruses are softwares that scan your computer and search for the presence of malware or viruses within the hard drive. They can easily detect viruses hidden in your folders and delete the infected files before there is a further spread of infection. The virus scan are carried out time to time to make sure chances of infection are minimal.
Don’t give away sensitive information

The new trend of online purchasing and online transactions has made life easy. However, it has also given rise to cyber crimes. While online shopping, it is a possibility that the credit card information you are giving away is going to be used for theft. Entering your credit card data or accessing your web email, both can lead to disastrous outcomes. We would highly recommend staying away from rogue websites and never giving out information. For online shopping, it would be better to check reviews of a website before ordering.

Data Back up

In case of a computer crash or electrical outage, you can fall a prey to data loss. Securing your computer also means that your data remains safe and sound. However, if not falling to a virus, malware or a hacker, hardware damage can also cause data loss. We recommend backing up important data to websites such as Google Drive or Dropbox that offer a limited free cloud storage space. You could also backup your data in an external hard drive such as a USB.

Avoid giving out Sensitive Information

Keep a check and balance towards the sensitive information you reveal. It is a fairly common knowledge that you give out information such as your mothers birth place or your father date of birth. There is a fine line between giving out this information as a security question and revealing this information on a social networking website. Example, Revealing your mothers date of birth could be a disaster because it could be the secret question that you have to answer to gain access to your email and password. Revealing innocent information can end up leading to identity theft.

Avoid responding to suspicious emails

Scamming also make into the long list of cyber crimes. Receiving an email such as “You have won a lottery…” is a way of gaining interest from the innocent users. The end result is always a scam. Furthermore, certain emails are a method of hacking or phising. Responding to these emails or even clicking on the link they provide can lead to disastrous outcomes. it is important that you delete all such unusual content you receive in your email to stay secure.

Difficult Passwords
Maintaining a difficult and a strong password is the first line of defense. The key here is to utilize special characters and numbers along with the combination of letters to come up with a password that is difficult to guess. Furthermore, using letters from lower and uppercase, mixing up and creating different combinations can help in avoiding chances of your password getting hacked.

These are fairly common techniques you should use to prevent yourself from being vulnerable to cyber crimes. It is highly recommended that these protocols are followed to prevent data theft at all levels.

Are Blockchains secure?

Are Blockchains secure?

Are blockchain really secure?

Blockchain offers data sharing between individuals that don’t know or don’t trust one another. Data sharing is enabled in tamperproof way. Millions of individuals put their trust in Blockchain because it offers data storage in a complicated and sophisticated mathematical language using innovative softwares. These are very difficult for hackers to get to and offer a high standard security to the users.

The intelligence of Humans has surpassed those of machines and similarly the newer generations of hackers are sharp and very well aware with mathematical approaches. When blockchain meets such hackers, things are bound to get out of hand. Even the best-designed Blockchain systems can easily fail when the sharpest of minds are on the job.

The word tamperproof used previously seems unjustified. The major basis of the security in a blockchain is the “fingerprint technology” and the “consensus protocol”. Even these state of the art security modules are no longer considered safe and secure.

All blockchains may differ in certain ways

The type of blockchain you have chosen is entirely based on your requirement. The standard of secuiry is based on whether you have chosen a public blockchain or a private blockchain. Both the types have many differences and vary in numerous ways.

The most notable difference is that a public blockchain allows the any user to join that is connected from the internet. However, a private blockchain only allows known organizations onto the server. Together, the users form a private or a “members only” network that is not accessible by any Third party.

Another difference which is quite clear is that public blockchains work on the principle of anonimity. Users are not aware of the identity of the other users. A private blockchain, on the other hand, requires identity confirmation through membership or login credentials. The members of the private blockchain are well aware of the identity of the users they are dealing with.

 

 

A blockchain is only as secure as the infrastructure that defines it

Blockchain has certain inherent properties that provide security management, but there are usually known holes and vulnerabilities that can allow the infrastructure to be tampered with. There are a certain set of rules that a blockchain infrastructure need to possess.

  • The access of sensitive information is not granted to anyone including root user or administrators.
  • No data change or attempts to change the sensitive data should be allowed within the network.
  • Guarding encryption keys using the highest standard of security levels that are available.

Eventhough, the verdict stands, Blockchain are no longer secure. To add to the additional security levels, the sensitive data can be protected using these protocols. The depth of the infrastructure is the basic behind the levels of security, the better the infrastructure, the more secure the network.

 

Hole In The Great Wall Of China?

Hole In The Great Wall Of China?

A barrier that was considered very difficult to pass, the great Firewall of China is an immense obstruction for the Chinese locals. Google, Youtube, Facebook and other highly rated websites are censored. Alphabet’s latest creation, Outline finally enables the users to bypass the great firewall.

Alphabet is an organization with multiple divisions. Its Cybersecurity division is working on an interesting project called Outline. Basically, It allows a user to create and run a VPN server on digitalocean. It’s pros and cons will be understandable in the article below.

It is available on windows and Linux. It will be launched on the macOS.After tweaking alot with Outline, we managed to understand its working. it is overall an interesting product consisting of two basic components, a managing application and a client. The application recommends that you use digitalocean by default as a cloud hosting service.

The positives of using Outline include the ease of understanding it. You can create your VPN server on another server but Outline helps making it easy for you to manage and run your server. Otherwise, users would prefer other VPN’s.

If you opt to go with the flow, that is select Digitalocean as the default web hosting service, the application opens up a web page in the default browser and opens up a webpage. You are then requested to write you Login credentials as well as password and One-time password. Now that you are done with this, Outline will establish a link with Digitalocean. It will use Digitaloceans API.

DigitalOcean has Data centers in 8 different cities : Amsterdam, Bangalore, Singapore, Frankfurt, San francisco, London, New York and London. It is a well established Web hosting service. Outline after establishing the connection with Digitalocean automatically opts for the cheapest option provided by Digital ocean. It offers $5 per month for 1TB of transfer data. Now your server is being created.

When you are done with selecting the city, the managing app will download a Docker image. The server which is being created is made on the basis of this Docker image. Outline offers continuous software updates. We discovered that these update are brought forward on hourly basis. Security updates are also provided. The software may even reboot the server if necessary.

The Great Cyber wall of China
China maybe one of the most populated countries in the world, but living there comes with certain drawbacks. China is highly developed but it limits the internet with censorship. Most travellers or business oraganizations tend to purchase a VPN subscription to be able to utilize websites such as Google, Youtube or facebook. Majority of the VPNs are blocked. Alot of the unblocked VPNs suffer frequent disruptions and losses in connection due to the Great Firewall. Another drawback is the fact that the user cannot fully put its faith company managing the servers. Companies will claim that they are not logging user usage data, but you can never be too sure.

How well does Outline perform in China?
Our Team at AnIT-Bridge decided to put Outline to a test. We were able to successfully connect to the Digitalocean server and browse numerous blocked websites including Google, Facebook and youtube. We connected the VPN via the San francisco server and checked for the performance results. Results posted below are from speedtest.net

Ping: 241ms
Download: 9.76 Mbps
Upload: 7.31 Mbps
We found the results extremely positive. We hope to see better results in the future as the software is still under improvements.

PGP (Pretty Good Privacy) no longer secure?

PGP (Pretty Good Privacy) no longer secure?

A world that revolves around emails, what would you possibly do without them. Emails have to be one of the most used forms of communication in the modern day life. Each and every individual, no matter what the social status, has an email and is well aware of the basics of emailing services.
From a normal informal perspective to a very highly sophisticated formal usage, emails are used by almost all organizations and all individuals respectively. Ranging from checking on a friend to sending a curriculum vitae, even the dispensing of highly private documentation.

With such private data on the line, it is important that the network remains safe and secured. You wouldn’t want anyone else going through your private messages would you?

PGP ( Pretty Good Privacy ) is an encryption tool used to sign emails, directories, documents, voice mails etc. It is added to programs that are utilized to send and receive emails. It works under the data encryption phenomena. Sebastian Schninzel of FH Munster, PGP and S/MIME email encryption has a flaw that allows recovery of plain text form to be recovered and reviewed.

Researchers have bought forward a flaw in the encrypted email system. The PGP/GPG and S/MIME email encryption software lets other view sent messages. With the privacy being under threat, your private conversations are no longer secure.

It is a major setback for anyone who uses encryption as a means of security to protect private and sensitive information. The previously encrypted emails may now become available for decryption.
Further updates will be published in a paper on Tuesday at 7:00 AM UTC. Researchers have decided to warn the community who use PGP in their publication.

 

For the time being, It is our advice that you disable or uninstall programs or tools that decrypt PGP. We don’t no in detail as of yet the flaws that will be published on paper on Tuesday. Users are adviced to utilize an alternative till then.

Deep Packet Inspection

Deep Packet Inspection . . . . . . . . . . . . . .

Deep packet inspection is also called information extraction or complete packet inspection. The names themselves explain alot. It is a form of packet filtering that involves a packet being inspected when it passes a certain point in a network called inspection point. The basic principle of an inspection is to filter viruses, spam and intrusion. The filter has the final say on a packet being allowed to pass or not. If not, it may be routed to another destination. There are multiple headers for IP packets but only the first (IP header) is used for core operations. Many ways exist to acquire packets for DPI. But mainly, the port mirroring and optical splitter are used in the modern day market.

DPI is used for security functions and network management. But many controversies exist that defame it. It is feared that DPI may be used competitively.

How does DPI help us?

DPI has the potential to help aid in a great deal of good. It is unique and helps in establishing a strong network security. Let us see the positives that DPI brings us.

(I) Protection against DDoS

DDoS attacks are nearly impossible to achieve. DDoS packets are detected and filtered out.

(II) Stable network security

DPI’s security stabilizing abilities can never be questioned. Packets are viewed at such a detailed level that even the slightest of error never goes unnoticed. Viruses and spam have no way through.

(III) Enforcement of rules

DPI establishes an environment where network access rules are given importance and easily enforced due to deep packet inspection.

(IV) Law abiding

DPI can locate illegal content. It is extremely helpful in making sure that law obedience prevails.

(V) Enforcing SLA

Service providers can use DPI to detect abnormal usage of bandwidth or for locating illegal content. It helps ensure that all accepted policies are enforced.

(VI) Copyright material filtration

DPI can filter copyright content to ensure that illegal distribution of copyrighted material is not a possibility due to immense pressure from official owners.

Dangers of DPI

DPI maybe used for positivity but it is a possibility to use it for malicious purposes. Some of these negative uses will be put forward.

(I) Spying

If in the wrong hands, there is always a possibility of abuse. ISPs and businesses can utilize ISP for purpose of spying. It is a common practice in the US.

(II) Censorship

DPI has the ability to censor certain content. Users are denied access of the content. Governments apply this tactic. Alot of content is blocked for the public. Adult content and peer sharing sites are certain examples of blocked content. Youtube was also blocked in Pakistan in 2008.

(III) Profiting from Content restriction

By the help of content filtering, ISP can filter traffic and impose restriction on content for a certain group. The user has to pay more to access the content.

All You Need To Know about 0-Day Attack and Its prevention.

All You Need To Know about 0-Day Attack and Its prevention. . . . . .

Zero-day attack

Multiple terms are used to describe this attack. It is also known as zero-hour attack while others may call it 0day attack. The principle behind a zero-day attack is to exploit a vulnerability in an application or a program. It is a form of an oppertunistic attack where hackers use the oppertunity as soon as they find one. The oppertunity in this case maybe an error in the software. The error doesn’t stop the operations of the application. It works properly despite an error being there. If a hacker discovers this error and utilizes it for misconduct, the attack is termed as a zero-day attack.

The origin of the zero-day attack is simple to understand. The developers of the application, in case of an attack, have zero time to defend. They can’t react to the attack. Hence, this oppertunistic attack was termed as zero-day attack

HISTORICAL EVENTS

The first ever zero-day attack was launched in 2013 on the month of september. The attack was launched on Microsoft windows. It basically allowed the hackers to remotely access diffrent computers. Microsoft was again subjected to the attacks in the october of 2014, but now the hackers somehow managed to to remotely access the rights. Other notable events occured in 2015 when Adobe along with wordpress websites was attacked.

Prevention and Protection

  • Avoid freeware and never install unncessary softwares. The potential entry for a zero day attack are softwares. It is important to run a software scan and uninstall those softwares that are no longer used.
  • As we told you earlier, vulnerabilities are the key behind a zero day attack. To prevent them from happening, it is important that all your softwares are up to date.
  • An-IT bridge provides you with a reliable firewall. We can help you detect suspicious activity and stop it before it causes damage

Understand Brute-Force and learn its Preventive measures.

Understand Brute-Force and learn its Preventive measures. . . . . . . . . . .

How does a Brute-Force operate?

Brute-force attacks are fairly simple to understand. We can help you understand it. An attacker has an encrypted file to unlock- say your database containing important data. They want to get their hands on your secrets. To decrypt it, they can try out every possible password to see if the can unlock the encrypted file

This is done automatically using a computer application. So this means that the speed at which someone brute-force is quite high. The rate increases as hardware becomes faster. The rate of calculations per second increase when the available computer hardware becomes faster. The brute-force begins from fairly simpler combinations and jumps to more complexed ones.

A “dictionary attack” is similar and tries words in a dictionary — or a list of common passwords — instead of all possible passwords. This can be very effective, as many people use such weak and common passwords.

An-IT bridge has a state of the art firewall that protects against password guessing attempts. Fake browsers and bots are detected, scanned and blocked automatically. The valid users on the network are not effected by the blockages in any way.

Signature Detection

For protection, we employ a solution that uses signature based techniques and scans the incoming traffic before it reaches your network. If any suspicious activity is detected, it is blocked before it can prove to be chaotic.

Limited Login Attempts

With the modern day technology, hackers tend to peruse their target for months or even years to prevent suspicion. By being patient, they limit the number of requests to prevent detection. Limiting login attempts is a good start but certainly not the best solution.

Bot detection and blocking

When a bot is detected trying to brute force, it is automatically scanned without the the need of outside intervention. Similarly, if our applications detect tools being used to scan your network, they are blocked right away and your website is kept off radar.

White listing certain IPs

This is a technique that enables only a limited users to access the login page of your website. By white listing only certain users, only they can gain access to the admin pages. The white listed IPs are considered safe while the rest can’t access the login pages.

CAPTCHA, or Passcodes

To improve the level of security, you can enable two-factor authentication with the help of google authenticator. The CAPTCHA is a good technique to detect bots and identify suspicious behavior.

Limited access

At times, brute-force comes from countries that are not on your radar. You don’t do business there. By blocking irrelevant location IPs, you can increase protection and only be accessible by a limited audience.

What is DDOS and How to prevent stay safe from DDOS .

What is DDOS and how to prevent it. . . . . . . . . .

DDoS is short a short term used for Distributed Denial of Service. It is a type of Dos attack which targets a single system using multiple compromised systems. Victims consist of end targeted system and all systems maliciously targeted by the hacker. The incoming traffic arises from multiple sources. The number may rise from hundreds to thousands. The magnitude of the attack is hard to hold by simply blocking a single IP address. It is also very difficult to distinguish between a legitimate user from attack traffic.

TYPES OF DDOS ATTACKS

UDP Flood:

The name itself suggests that UDP packets are used to flood the target. The basic goal is to flood the target using random ports on a remote host. This results in the host checking for the application listening at that particular port. When no application is found, the obvious reply is provided with an ICMP ‘Destination unreachable’ packet.

ICMP (Ping) Flood:

It shares many similarities to the UDP flood attack. ICMP Echo Request (Ping) packets flood the target source by sending packets as fast as possible without waiting for replies. Both, outgoing and incoming bandwidth is consumed. This results in an overall system slowdown.

Ping of Death:

It is also known as POD. It involves the attacker sending numerous malicious pings. The maximum length of an Ip packet is about 65,000 bytes. The data link layer poses limits over an Ethernet network. A large IP packet is split into fragments and the recipient host assembles it into a complete packet. Recipient ends up with an IP packet which is larger than the limit and it overflows the allocated memory buffers.

Slowloris:

A targeted attack which enables a web server to take down another server without affecting other services. The attack is made by holding as many connections to target web server for as long as possible. Connections are created to target the server by sending a partial request. Requests are never completed. Targeted servers keep each of these false servers open which eventually leads to an overflow.

NTP Amplification:

As the name suggests, it involves NTP servers to overwhelm a targeted server with UDP traffic. It is often called an amplification assault because query to response ratio is sbout 1:20 to 1:200 or even more. The attacker can easily generate a high bandwidth DDoS attack.

HTTP Flood:

The attacker exploits HTTP GET or POST requests to attack a server or application. This attack requires less bandwidth than other attacks to bring down the target.

DEFENDING AGAINST DDOS ATTACKS

Defense is a hard target to achieve when it comes to DDoS attacks. You can imagine a group of attackers in a football game, you are the last line of defense (the goalkeeper). Attacks will keep on coming until you finally fall. It is not always possible to defend but strategies can help you mitigate the effects of even the most vicious DDoS.

(i) The first line of defense is to identify the problem itself. Best defense mechanism for a DDoS is to recognize it early. It may not be easy to distinguish between a DDos and a normal spike or a sudden slowdown in performance. To ensure easy recognition, you need to depend on the right technology and gain experience for application in such scenarios.

(ii) Talk to the experts and make a DDoS mitigation plan. The plan comes into play in case a disaster strikes. It prevents major loses.

(iii) As soon as you feel the affects of a DDoS, you need to contact your ISP provider. They could detect DDoS and re-route your traffic in the event of an attack. While choosing an ISP, it will be of your best interest if DDoS protective services are provided.

(iv) Mitigation defenses and tools:
The tools need to be considered along with the mainstream firewalls and routers. Certain tools like load balancers that aim to balance traffic across multiple servers to even out the traffic and prevent system slowdown. Another strategic step would be a cloud-based anti-DDoS solution which filters or diverts DDoS traffic.