Month: November 2018

Wi-Fi Security Threats You Should be Aware of

Many employees access their work emails and work networks via public Wi-Fi hotspots, even though there is a risk that sensitive information such as login credentials could be intercepted by hackers. Many employees are unaware of the Wi-Fi security threats that lurk in their favorite coffee shop and fail to take precautions. Even employees who are aware of the Wi-Fi security threats often ignore the risks.

This was highlighted by a 2017 survey by Symantec. 55% of survey participants said they would not hesitate to connect to a free Wi-Fi hotspot if the signal was good and 46% said they would rather connect to a free, open wireless network than to wait to get a password to a secure access point.

60% of survey participants believed public Wi-Fi networks are safe and secure but even though 40% are aware of the Wi-Fi security threats, 87% said that they would access financial information such as their online banking portal or view their emails on public Wi-Fi networks.

The majority of users of public Wi-Fi networks who were aware of the Wi-Fi security threats said they ignored the risks. Millennials were the most likely age group to ignore Wi-Fi security threats: 95% of this age group said they had shared sensitive information over open Wi-Fi connections.

Consumers may be willing to take risks on public Wi-Fi networks, but what about employees? According to a 2018 Spiceworks survey, conducted on 500 IT professionals in the United States, employees are also taking risks.

61% of respondents to the survey said their employees connect to public Wi-Fi hotspots in coffee shops, hotels, and airports to work remotely. Only 64% of respondents said their employees were aware of the security threats on Wi-Fi. A similar percentage said their employees were aware of the risks and connect to their work networks using a VPN, which means that 4 out of 10 workers were unaware of the importance of establishing a secure connection.

Even though 64% of respondents were confident that employees were aware of the risks, only half were confident that data stored on mobile devices was adequately protected against threats from public Wi-Fi hotspots. 12% of respondents said they have had to deal with a public Wi-Fi related security incident, although a further 34% were not sure if there had been a security breach as many incidents are never reported.

WiFi Security Threats Everyone Should be Aware of

All employers should now be providing security awareness training to their employees to make the workforce more security aware. Employees should be trained how to identify phishing attempts, warned of the risk from malware and ransomware, and taught about the risks associated with public Wi-Fi networks.

Five threats associated with open public Wi-Fi hotspots are detailed below:

Evil Twins – Rogue Wi-Fi Hotspots

One of the most common ways of obtaining sensitive information is for a cybercriminal to set up an evil twin hotspot. This is a fake Wi-Fi access point that masquerades as the legitimate access point, such as one offered by a coffee shop or hotel. An SSID could be set up such as “Starbuck Guest Wi-Fi” or even just state the name of the establishment. Any information disclosed while connected to that hotspot can be intercepted.

Packet Sniffers

Using a packet sniffer, a hacker can identify, intercept, and monitor web traffic over unsecured Wi-Fi networks and capture personal information such as login credentials to bank accounts and corporate email accounts. If credentials are obtained, a hacker can gain full control of an account.

File-Sharing

Many people have file-sharing enabled on their devices. This feature is useful at home and in the workplace, but it can easily be abused by hackers. It gives them an easy way to connect to a device that is connected to a Wi-Fi hotspot. A hacker can abuse this feature to drop malware on a device when it connects to a hotspot.

Shoulder Surfing

Not all threats are hi-tec. One of the simplest methods of obtaining sensitive information is to observe someone’s online activities by looking over their shoulder. Information such as passwords may be masked so the information is not visible on a screen, but cybercriminals can look at keyboards and work out the passwords when they are typed.

Malware and Ransomware

When connecting to a home or work network, some form of anti-malware control is likely to have been installed, but those protections are often lacking on public Wi-Fi hotspots. Without the protection of AV software and a web filter, malware can be silently downloaded.

Employers can reduce risk by providing comprehensive training to employees to make sure they are aware of the risks from public Wi-Fi hotspots and make sure that employees are aware they should only connect to public Wi-Fi networks if they use a VPN. Employers can further protect workers with WebTitan Cloud – An enterprise-class web filter that protects workers from online threats, regardless of where they connect.

Hotspot providers can protect their customers by securing their Wi-Fi hotspots with WebTitan Cloud for Wi-Fi. WebTitan Cloud for Wi-Fi is a powerful web filter that protects all users of a hotspot from malware and phishing attacks, and can also be used to control the types of sites that can be accessed. If you offer Wi-Fi access, yet are not securing your hotspot, your customers could be at risk. Contact TitanHQ today to find out how you can protect your customers from online threats, control the content that can be accessed, and create a family-friendly Wi-Fi environment.

WiFi Filtering and Brand Protection

In this post we explain the importance of WiFi filtering and brand protection. It can take years of hard work for businesses to develop trust in their brand. That trust can easily be lost if customers are not protected while connected to business WiFi networks and come to harm or suffer losses.

If Trust is Lost in a Brand it Can Take Years to Recover

Trust is a cornerstone of all successful brands, but it is not something that can be developed overnight. Developing trust in a brand takes an extraordinary amount of time and money, but once established, companies will be rewarded by customer loyalty.

While trust can be difficult to earn, it is certainly not difficult to lose. One of the easiest ways for consumers to lose trust in a brand is through privacy breaches and cyberattacks. If the personal data of customers is exposed or stolen, customers will lose faith in the brand and are likely to take their business elsewhere.

A 2017 study by Gemalto revealed 70% of customers would stop doing business with a company that failed to protect their personal data and suffered a data breach. Regaining customers trust after a data breach can take years. Protecting customer data is therefore essential if a business is to succeed and continue to enjoy success.

Wi-Fi Security and Brand Protection

One aspect of security that is often overlooked is protecting customers who connect to Wi-Fi networks. Many businesses offer free Wi-Fi access to their customers yet fail to implement controls over what customers can do while connected. Consequently, customers may be exposed to malware, phishing, and other harmful content.

Even businesses that claim to be family friendly often do not always filter the Internet and block access to adult and other age-inappropriate web content. It was only relatively recently that McDonald’s started filtering its WiFi networks to protect customers. Starbucks has also agreed to implement WiFi filters to block porn next year.

How are Wi-Fi filtering and brand protection related? Imagine someone uses your WiFi network to access pornography and a child views their screen? Or a parent finds out their child has been viewing adult content on the establishment’s Wi-Fi network? It only takes one person to complain via a social media network for the story to go viral and for the company’s reputation to be tarnished. The same goes for a malware infection as a result of an establishment failing to implement anti-malware controls on its WiFi network.

Implementing a WiFi filter shows customers that you are doing all you can to protect them from online threats and harmful content. WiFi security is therefore important for brand protection.

There have also been cases of businesses temporarily losing Internet access over illegal Internet activity – Employees who have used a corporate WiFi network to engage in illegal activities such as downloading pirated content. ISPs can terminate internet access if complaints are received and loss of Internet access can cripple a business. Legal action can also be taken by the copyright holder against the business.

WebTitan Cloud for WiFi: The Easy Way to Secure Wi-Fi Networks

TitanHQ has been protecting SMBs from cyber threats for more than 20 years and has expanded its portfolio of solutions to cover WiFi security and brand protection solutions.

TitanHQ has developed WebTitan Cloud for WiFi to make it easy for businesses to secure their WiFi networks and for MSPs to offer WiFi filtering to their clients.

WebTitan Cloud for WiFi is a 100% cloud based WiFi filtering solution that is quick and easy to implement and requires no hardware purchases or software downloads. The solution blocks malware downloads, access to malicious websites, lets businesses carefully control the content that can be accessed via their Wi-Fi networks and control bandwidth use by employees and customers. In short, WebTitan Cloud for WiFi lets businesses create a safe environment to access the Internet.

Benefits of WebTitan Cloud for WiFi

  • Create a family-friendly, safe and secure web browsing environment.
  • Block malicious websites and malware downloads
  • Block material contained in the child abuse image content URL list (CAIC List) and other third-party blacklists.
  • Accurately filter web content through 53 pre-set categories and up to 10 custom categories.
  • Filter by keyword and keyword score.
  • Inspect encrypted websites.
  • Filter content in 200 languages.
  • Apply time-based filtering controls.
  • Filter the Internet across multiple WiFi hotspots.
  • Manage access points through a single web-based administration panel.
  • Delegate management of access points.
  • Schedule and run reports on demand with real time-views of Internet activity and extensive drill down reporting.

WebTitan Cloud for WiFi for Service Providers

Managed Service Providers, ISPs, and resellers can join the TitanShield Program which allows them to easily use TitanHQ’s multi-tenant cloud-based platform, proven technology, and accessible APIs to allow them to sell, onboard, manage and deliver our advanced network security solutions directly to their client base. Benefits of TitanShield Program include:

  • Multiple hosting options, including within your own data center.
  • Easy integration into existing billing, auto provisioning and monitoring system through a suite of APIs.
  • Multi-tenant dashboard allowing client separation and bulk or individual application of settings.
  • WebTitan as a white label ready to take your own branding.
  • Highly competitive pricing and a fully transparent pricing policy.
  • Flexible pricing, including monthly billing.
  • World class customer service with dedicated account managers.

To find out more about WebTitan Cloud for WiFi, including details on pricing, contact TitanHQ today. All businesses can book a product demonstration and sign up for a free WebTitan Cloud for WiFi trial to evaluate the solution in their own environment.

GDPR Opportunities for MSPs

On May 25, 2018, the EU’s General Data Protection Regulation came into effect. While all businesses should now be compliant, there are still GDPR opportunities for MSPs. Smart MSPs saw GDPR as an opportunity for profit and are winning business by helping companies streamline their data management processes. The compliance deadline may have already passed, but there are still many GDPR opportunities for MSPs. MSPs can help companies stay compliant, reduce the time their clients have to spend on compliance-related tasks, help them improve security, and save their clients money.

Key GDPR Opportunities for MSPs

GDPR compliance and security services are a potential gold mine for MSPs. MSPs will have had to go through the GDPR compliance process themselves, so they should already be well versed in what is required. They will have gained valuable insights into GDPR through that process, which can be passed on to their clients.

The GDPR compliance solutions that MSPs use on a day-to-day basis could be offered to clients as compliance-as-a-service. GDPR also provides an opportunity to sell clients additional security services to ensure the data of their customers are properly protected. With fines up to €20 million or 4% of global income possible, there is a major incentive for ensuring continuing compliance with the GDPR.

There are security opportunities such as data encryption, spam filtering, and web filtering, which can be grouped together and sold as a GDPR security package. MSPs can also offer auditing services to ensure their clients are fully compliant with GDPR.

It is a requirement of GDPR for companies to appoint a Data Protection Officer (DPO), but many SMBs lack the internal talent. While a DPO may have been assigned, the time spent on that role could be put to better use. Another of the GDPR opportunities for MSPs is offering a DPO-as-a-service to fulfill that aspect of GDPR compliance for their clients.

Email Archiving for MS Exchange – An Easy Win for MSPs

Any business that collects or processes the data of EU citizens must have mechanisms in place that allows data related to an individual to be quickly found. An EU citizen can contact a company and request a copy of the information that is held on them and, if they so wish, can request that the processing of their data is stopped and have their data deleted.

When individuals exercise their right to erasure – or right to be forgotten – a company is required to honor that request within 30 days. In order to be able to process those requests efficiently, a company must know the location of all its data. Companies should therefore have conducted an audit of their systems to identify all locations where personal data are stored. When a request is received, the individual’s data can then be quickly produced (and deleted if necessary).

Personal data are likely to be included in emails and email attachments and locating those emails can be a major challenge. Any company that does not use an email archive is likely to face problems finding emails in backups. Since an email archive is searchable, it is a quick and easy process to locate all emails related to a specific individual. The introduction of GDPR creates a compelling case for purchasing an email archiving solution – which is another of the key GDPR opportunities for MSPs.

By offering email archiving for MS Exchange or other mail services, MSPs can help their clients comply with the GDPR requirements for security, data retention, auditing, and the right to erasure.

ArcTitan: An Easy Email Archiving Service for MSPs

ArcTitan is an easy to use and easy to manage email archiving service that has been developed to meet the needs of businesses and managed service providers.

ArcTitan is a cloud-based secure archive deployed on AWS that is compliant with the GDPR for email retention and auditing, as well and all major regulatory standards. ArcTitan is compatible with all major mail servers and email services and will meet the requirements of the most demanding clients.

The solution provides almost instant access to data, gives instant search results, and allows instant archiving. A search of 30 million emails takes less than a second and messages are archived at a rate of more than 200 per second. The archive is encrypted and email data are stored securely in the cloud on Replicated Persistent Storage on AWS S3. The solution is also scalable to more than 60,000 users and customers only pay for active users.

To meet the needs of MSPs, ArcTitan is available with a range of hosting options – In the TitanHQ Cloud, a dedicated private cloud, or ArcTitan can be deployed in an MSP’s own data center.  API integration allows MSPs to provision customers through their own centralized management system, there is a growth-enabling licensing program, and usage-based pricing and monthly billing. ArcTitan is also rebrandable and can be supplied as a white label ready to take an MSP’s logos and corporate colors.

If you have yet to offer email archiving to your clients or you are unhappy with your current provider’s service or the margin, contact the TitanHQ team today.

New Phishing Campaign Bypasses Office 365 Anti-Phishing Defenses

A new phishing campaign is bypassing Office 365 anti-phishing defenses and arriving in employees’ inboxes; one of several recent campaigns to slip through the net and test end users’ security awareness knowledge.

The aim of this campaign is not to obtain login credentials or install malware. It is a sextortion scam that aims to get email recipients to make a payment to the scammers.

Sophisticated Sextortion Scam Bypasses Office 365 Anti-Phishing Controls

The scam itself is straightforward. The sender of the email claims to be a hacker who has gained access to the victim’s computer and has installed malware. That malware allowed full access to the user’s device, including control of the webcam. The email claims that the webcam was used to record the victim while he/she was accessing adult web content. The attacker claims to have spliced the webcam recording with the images/videos that were being viewed at the time. The attacker claims the video will be sent to the user’s contacts on social media and via email.

Several similar sextortion scams have been conducted in the past few months, but what makes this campaign different is the extent of the deception. In this campaign, the attacker includes the user’s password in the email body.

“Hello!
I’m a hacker who cracked your email and device a few months ago.
You entered a password on one of the sites you visited, and I intercepted it.
This is your password from [user’s email] on moment of hack: [user’s password]

The password may not be the one currently used, but it is likely to be recognized as it has been taken from a previous data breach. However, its inclusion will be especially worrying for any user who does not regularly change their password and for users that share passwords across multiple sites or reuse old passwords. Changing the password will not block access, according to the email

“Of course, you can and will change it, or already have changed it.
But it doesn’t matter, my malware updated it every time.”

For anyone who has viewed adult content on a laptop or other device with a webcam, this message will no doubt be extremely concerning. Especially, as the email contains ‘evidence’ of email compromise. The From field of the email displays the user’s own email address, indicating that the attacker has sent it from the user’s email account.

The attacker notes in the email, “Do not try to contact me or find me, it is impossible, since I sent you an email from your account.”

While scary, the attacker does not have access to the user’s email account. The From field has been spoofed. This is actually straightforward with a Unix computer set up with mail services. Mass emails can be sent out using the same email address in the From field as the Address field, giving the impression that the messages have been sent from the users’ accounts.

The hacker notes that this is not his/her usual modus operandi. “You are not my only victim, I usually lock computers and ask for a ransom. But I was struck by the sites of intimate content that you often visit.” That will be a particular worry for some users.

To prevent distribution of the video, the user must pay $892 in Bitcoin to the specified address and many email recipients have chosen to pay to avoid exposure. The Bitcoin wallet used for the scam has received 450 payments totaling 6.31131431 BTC – around $27,980. Multiple Bitcoin wallets are often used by scammers, so the actual total is likely to be far higher.

Bypassing of Office 365 Anti-Phishing Defenses a Cause for Concern

This scam may not have any direct impact on a business, as no credentials are compromised, and malware is not installed; however, what is of concern is how the messages have bypassed Office 365 phishing defenses and are arriving in inboxes. The scam was first identified in late September and the messages continued to be delivered to Office 365 inboxes, even those with Advanced Threat Protection that companies pay extra for to provide greater protection against spam and phishing emails.

This is of course just one scam. Others have similarly breached Office 365 anti-phishing defenses, many of which are much more malicious in nature and pose a very real and direct threat to businesses. Office 365 anti-phishing protections do block a lot of threats, and protection is improved with Advanced Threat Protection, but the controls are not particularly effective at blocking sophisticated phishing attempts and zero-day attacks.

The volume of phishing attacks on businesses that are now being conducted, the sophisticated nature of those attacks, and the high cost of mitigating a phishing attack and data breach mean businesses need to improve Office 365 anti-phishing defenses further. That requires a third-party spam solution.

For more than 20 years, TitanHQ has been developing security solutions to protect inboxes and block web-based attacks. During that time, our spam filtering solution, SpamTitan, has been gathering threat intelligence, analyzing spamming and phishing tactics, and protecting end users. Over the years, SpamTitan has receive many updates to improve protection against new threats and phishing tactics. Independent tests have shown SpamTitan now has a catch rate in excess of 99.9%.

The incorporation of a range of predictive techniques ensure SpamTitan is not reliant on signatures and can detect never-before seen phishing attempts and zero-day attacks, and provide superior protection against spam, phishing, malware, viruses, ransomware, and botnets for Office 365 users.

To better protect your email channel and keep your Office 365 inboxes threat free, contact TitanHQ today to schedule a full personalized demo of SpamTitan and to find out just how cost effective the solution is for SMBs and enterprises.

Change from Umbrella to WebTitan and Save Time, Money, and Improve Security

If you are using Umbrella and are finding the web filtering solution to be a drain of your time or your budget, consider making the switch from Umbrella to WebTitan.

Web Filtering Doesn’t Have to be Complicated

There are many factors that need to be considered when choosing a web filtering solution. Aside from allowing you to identify and block threats and control the content that can be accessed by network users, a web filter should be easy to configure and maintain.

To get the most benefit from your chosen solution, you will need to have all the information you need at your fingertips. You should be able to tweak settings, block/unblock sites, and get the reports you need on users that are attempting to, or succeeding in, accessing dangerous web content.

All too often, it is only when the solution is set up that the discovery is made that it is a pig to use. The information you need is not easily accessible and maintaining and managing the solution is headache inducing. However, it needn’t be that way.

Usability is one area where WebTitan excels. WebTitan is powerful, feature rich, yet simple to use. WebTitan can be used by anyone, regardless of their level of IT knowhow. The user interface is crisp, clean, and provides all the important information in one place.

Complex interfaces mean more time is spent making minor changes and accessing reports, which takes time away from more important tasks. Further, if Your IT team hates using a solution, they will spend as little time as possible using it, and that could jeopardize security.

That is exactly what was happening with Saint Joseph Seminary College, which, after experiencing problems, made the switch from Cisco Umbrella to WebTitan.

Benefits of Switching from Umbrella to WebTitan: A Case Study

Web filter usability was a key issue for Saint Joseph Seminary College, which had been using Cisco Umbrella to control the web content staff and students could access. While Umbrella did allow content controls to be applied, using the solution was time consuming and difficult. Finding information, generating reports, and changing settings was just taking too much time. So much time that IT department avoided using the solution as far as possible. Hardly an ideal situation for such an important college cybersecurity control.

“I prefer an interface to be simple while giving me as much information as possible in one place. I don’t need rounded corners and elegant fonts when I am trying to see who has been visiting dangerous websites.  I need to clearly see domain names and internal IPs,” explained Saint Joseph’s IT Director, Todd Russell. Russell went on to explain that it wasn’t always that way. “In my opinion, after Cisco bought OpenDNS, they made some major changes to the UI which made it virtually useless for quickly looking through blocked traffic for signs of particular types of usage.”

This is sadly a common problem. In an attempt to cram in as many features as possible into a user interface, too little consideration is given to the people that have to use and manage the solution. For busy IT departments, it is important to make things as simple as possible. Sysadmins have more than their fair share of complexity as it is.

It was the complexity of Umbrella – and the cost – that led Saint Joseph’s to see an Umbrella alternative.

An Easy to Use, More Cost-Effective Alternative to Umbrella

When looking for an Umbrella alternative, several solutions were considered; however, TitanHQ’s feature-rich web filter, WebTitan, stood out from the crowd and warranted closer inspection.

“It didn’t take long to realize that WebTitan was the best alternative for an efficient, cost-effective, and easy to use filtering solution to replace Cisco Umbrella,” explained Russell.

WebTitan has been developed with usability at the heart of the design process. Before UI changes are made, they are extensively tested to make sure they do not negatively impact the user experience.

After switching from Umbrella to WebTitan, the benefit was immediately gained. The IT department had easy access to actionable insights into threat traffic and web activity. Reports could be generated and viewed with two clicks of the mouse, The IT department liked using the solution, and further, an enormous amount of time was saved, and costs were slashed.

“WebTitan immediately gave us visibility into our users’ traffic. Within days, the UI allowed us to see clear signals of dangerous activity. Thanks to the easily accessible and understandable data available on the WebTitan UI, we have been able to launch investigations more quickly and work on remediation.” Said Russell. “The whole experience with WebTitan has been terrific.”

Benefits Gained from the Switch from Umbrella to WebTitan

By changing from Umbrella to WebTitan, Saint Joseph’s was able to:

  • Have easy access to actionable insights on threats and web activity
  • Remediate issues far more quickly
  • Quickly generate basic and advanced reports
  • Secure data and users more effectively
  • Slash administration and remediation time
  • Reduce the cost of web security by 50%
  • Block thousands more threats per hour

Time to Change from Umbrella to WebTitan?

If you want to gain the above benefits, it could not be simpler. Contact the TitanHQ team to schedule a product demonstration to see just how easier WebTitan is to use. You can also trial WebTitan before you make a decision to confirm the benefits for yourself.  You will get access to the full product in the trial, assistance will be provided to get you up and running, and full support is available through out the trial period.