A Second Look into Chinese Hacking

  Just a couple things come to mind thinking about the NY Times article mentioned in the last post. 

 First of all, how much time do you spend securing your network? Herein lays the problem. American businesses are very busy. To be competitive, we have cut staff, and have very limited budgets. When a new server needs to be put in, it needs to be done quickly. Be it a small business or corporate datacenter, time is money. A corporate server is set up quickly, usually from a checklist and then some sort of security program and anti-virus is installed. The programs are “supposed” to auto update without intervention. Rarely do people go back and make sure that the servers are updating. Anyways, the security program control panel said it sent the updates to the server. On a small business server, many times the server is set up, and locked in a closet. It is set to get security and anti-virus updates automatically, but does it? 

Time is the issue. In the NY Times example, the hacker spent 6 hours a day hacking. 6 HOURS! Hackers do not have time limits or budget constraints. They usually go for easy prey, but if your site has something of interest to the hacker, they will spend weeks, months or in the extreme case years to find a way in. 

This leads me to my second point. Most secure servers by checklists. If A through Z has been done, the server is secure. Server security is structured and precise. Hackers work out of the box. They don’t follow the rules. There is a lot to do in setting up a server. A random Server 2008 book has almost 1500 pages. That is about the same amount of pages as a Bible. Also, with the huge amount of code in a Microsoft operating system, holes are found very frequently. Usually, only the good guys reveal to Microsoft when an exploit has been found. Foreign hackers guard these exploits and as the article states, hope to use them in the future. 

The odds are definitely in the bad guys favor, but with due diligence, we can harden our systems so the casual hacker will bypass our systems and look for easier prey.

Daniel W. Dieterle

Computer Security Tips for Small Businesses – Part 2

Continuation of “Computer Security Tips for Small Businesses – Part 1”

5. Change Server administrator passwords once in a while, especially if an employee leaves who knew the password. User passwords should be a combination of letters, numbers and symbols. These are much harder to crack. Also, do not use the same password everywhere. Some administrators will use one password for their servers and also their online accounts.

6. Have an IT company check your system for common vulnerabilities. Software like SAINT is available to check for exploits in a network system.  

7. When thinking of putting up a web server, if you are just putting up a non-confidential informational site, not tied to an internal database, it is always a good idea to have an external hosting company run it for you. This way if it is hacked, the hackers will not gain access to your internal network.  

8. One less common thing is to use online searches like Google to check for confidential information that may have been placed on a social board regarding your company. Believe it or not, disgruntled employees have placed sensitive company information on blogs before.

This is just a quick list, but hopefully it will give you some ideas in planning the security of your network.

Daniel W. Dieterle

Computer Security Tips for Small Businesses – Part 1

While large companies and government agencies move forward in the battle of cyber security, small businesses have similar, but unique hurdles when it comes to securing their systems. Many small businesses do not have full time IT support and rely on an outside vendor for computer services. If you are a small business owner or manager, you may have several questions on securing your business.  Here are some quick tips for securing your business.

1. Make sure your workstations and server(s) are receiving windows security updates. If you do not have an IT staff and are not comfortable checking your server, have your support company check it and show you that it is receiving these important security patches.

2. Make sure that you have anti-virus/spyware programs running on all your servers and workstations and that they are getting regular updates. Check the status of your anti-virus program and check that the protection is set to “enabled” and that it has received updates recently.  Some viruses will disable your anti-virus, or hinder the update process, so it is good to check on this once in a while. Also, you should run a full virus scan on your systems regularly.  It might be a good idea to do this off hours or weekends, because it will take a while to complete.

3. Check your Wi-Fi and router security settings. Many times, Wi-Fi routers are accessible from outside your building so it is imperative that the security be set to the highest available. If your wireless router is older or is set to WEP security, it needs to be changed. WEP has been cracked awhile ago and is not secure. Change this to WPA or preferably WPA2. Change your SSID from factory default and make sure that the router is set to not broadcast the SSID. And last but not least, change the administrator password on your router; it is set to a standard default password from the factory.

 4. Make sure you have a firewall installed, either one built into your internet router or use the built in Microsoft firewall.

– Continues in next post –