Steven Andiloro is the owner of Professional Security Solutions, a security company in North Carolina servicing customers nationwide!

Category: Computer Security Page 1 of 2

Steven-Andiloro---Will-AI-Be-Safe-in-2018--compressor

Will AI Be Safe in 2018?

Artificial intelligence, or AI, has become incredibly popular in the last few years. And current industry standards show that the relatively new technology will only become more popular in the years to come. But how safe will it be? Whenever a new technology takes over and becomes a societal standard, we must always ask ourselves this question. And almost every time that we ask it, we are never really sure of our answer. When the Internet first became relevant, nobody could have predicted how unsafe it is if not properly used. Will AI follow a similar path?

A recent report from Ericsson, a telecommunications company, found that several consumers fully expect their devices to be considered some form of a human being in the near future. Some experts believe that we will no longer need to know our devices, because our devices will know us.

So what does this mean for security? Think of it this way: You want to know the latest showtimes for a movie so you ask your smartphone to find showtimes at local theaters. Your phone then uses your actual location to provide an answer. Or you want to purchase a gift for someone through Amazon and you ask your computer to make the purchase using your credit card and other sensitive information which are already stored on your device. These are real-world activities that will only become more common. And these activities share vast amounts of data. And in order for AI to become more advanced and more lifelike, it will need to send and receive large amounts of sensitive information almost constantly.

This naturally leads to vulnerabilities in sharing information. Areas where users’ personal information can slip through the cracks and fall into the hands of cybercriminals.

So how can we protect ourselves?

Luckily, we may not have to. The very technology that may be putting us at risk could potentially prevent any risk in the first place.

AI can become so advanced that it may, and very likely will, be utilized in cyber security software. And with machine learning, these technologies can become even smarter and prevent attacks and hacks from happening before they even begin.

AI is looking to make big waves this year. While some may fear what it will expose and put at risk, just know that it is capable of doing far more good than harm.

Steven-Andiloro---Greatest-Cyber-Threats-in-2018-compressor

Greatest Cyber Threats in 2018

It’s a new year, full of optimism and potential. If all goes right, 2018 can prove to be a great year for the world. But this year also has tremendous potential to be incredibly dangerous.

 

For those that do not know, 2017 was a landmark year for cybersecurity. The rise of ransomware reached its zenith with the NotPetya and WannaCry worldwide cyber attacks bringing several businesses and governments to a screeching halt; and data breaches became something of the norm, with major corporations, such as Equifax, HBO and Uber, admitting sensitive information was breached. Billions of people around the world were affected in one way or another by 2017’s cyber attacks alone. There’s no reason to believe that this year won’t be any different; in fact, it may be even worse.

 

So what are some threats that we should be aware of this year?

 

The Number of Cyber Criminals Will Rise

With how frequent these cyber attacks have become, it stands to reason that they’ve gained a bit of attention. Multiple high-profile news outlets have reported on the attacks and even claimed that hacking is a billion-dollar industry. Naturally, this makes the “hacking industry” seem too attractive to not partake.

 

It has also become easier than ever to become a hacker. In order to become a hacker in the past, you needed a computer and an in-depth knowledge of programming and coding; today, you simply need a basic understanding of how technology works and a computer (which are far more abundant and common). Expect the number of hackers to rise in 2018.

 

Attacks on Vulnerable Systems

Cybercriminals will continue their malignant campaigns against the systems that are too weak or underfunded to defend themselves. Naturally, this means healthcare and schools. Both schools and healthcare systems have vast amounts of sensitive, private information that can easily get into the hands of criminals, especially considering how popular IoT devices have become.

 

Security Software Must Be Ready

You may be thinking, “I have Internet security software on my computer and phone, I’m perfectly safe.” Well, that may not be the case. Industry professionals also predict that the new year will bring a new focus on security software. Essentially, hackers will be delving into the code of security software and attempting to find holes and weaknesses.

 

While we must enter every year with a slight sense of hope, we must also be prepared for any and all dangers. Cyber security is no longer a possibility; it is a reality. And it is one that we must prepare for.

Steven Andiloro - What is Sfara Guardian-

What is Sfara Guardian?

In today’s world, there are multiple threats lingering around every corner. From digital to physical, we all must work diligently to ensure that we are all safe and protected. While there have been many services, devices and applications over the years that have assisted in providing protection from threats, there hasn’t been an all-encompassing service, a “catch-all” application that offers protection on all fronts. Until now.

 

Sfara, a mobile safety solutions company, has recently launched Sfara Guardian, the company’s new service that offers around-the-clock care and security. The company believes that the service could revolutionize the security industry, and it very well could.

 

Sfara Guardian comes in the form of a mobile application that connects users to what Sfara calls “Emergency Managers.” These operators interact with users to assess any calls for assistance. Once a call is placed to one of Sfara’s Emergency Responders, the responder can then contact the appropriate authorities if the situation demands it. Emergency Managers also provide first responders with real-time data on accidents and rescues, directions to the nearest medical facility and can dispatch roadside assistance.

 

So far, Sfara Guardian may sound very pleasant, but nothing about it truly stands out. Everything that I’ve described above can be completed through some other service in some form or another. However, Guardian does have one ace up its sleeve: artificial intelligence.

 

Through the use of AI and a patented algorithm, Sfara Guardian can utilize the sensors found on many of today’s most popular smartphones to determine if an accident has occurred. If a user were to get into a car accident and was unable to pick up his phone to call for help, the app’s sophisticated algorithm can detect the accident and dial for assistance immediately.

 

The application also features other methods of contacting Emergency Managers, such as triple tapping and even setting a check-in timer that will notify a manager if a user doesn’t check-in to a designated location within a certain amount of time.

 

The app features a bevy of robust features, but none more advanced than its patented algorithm. Sfara Guardian has the potential to completely revolutionize personal security with its refreshing blend of traditional and futuristic methods of retrieving help.

 

Will you be downloading Sfara Guardian?

Steven-Andiloro-Ring-compressor (1)

Even More Personal Safety Devices

With all of the technological attacks and threats that have plagued our world in the last few years, it is very easy to forget about protecting yourself in other ways. Personal security is just as important as online security. You must remain vigilant at all times and protect yourselves. Luckily, today’s technologically-driven world has allowed for some fascinating advancements in personal security, as well as online security. Here are a few personal security gadgets and devices that you should look into.

 

Door Stop Alarm

If you’re looking to prevent home burglaries, then look no further than the door stop alarm. An incredibly simple device, the door stop alarm is shaped like a traditional door stop, and features an alarm that will sound if a door is opened. No matter how silently a thief opens a door, they cannot prevent the alarm from going off. It’s a great way to protect your home.

 

Wearable Alarms

When you’re being stalked or even chased by an assailant, reaching for your cell phone and making a call may be next to impossible. That is precisely why wearable alarms have become very popular in recent years. Personal security devices, like the Nimb Ring or the WearSafe are designed for situations like these. Although all of these devices have their own exclusive features and variations, the idea is still the same: a wearable device that connects to your smartphone through an application and can send an alert signal to authorities and personal contacts when pressed. These alarms can be literal lifesavers.

 

Video Doorbell

If you’re home alone and you get a ring at your door, you want to know who it is, right? But what if you weren’t expecting any company or it is very late at night? Who is at your door? Well, with a video doorbell, you can find out in just a few taps. Video doorbells connect to your home wifi and allow you to see who is standing at your door in real-time through a mobile application. You can even communicate with your visitor. It’s an incredibly safe way to answer your door.

 

Make sure to stay safe out there!

Steven Andiloro Bitcoin

How Can Bitcoin Help in Ransomware Attacks?

Unless you’ve been living under a rock in the last few months, you’ve heard of Bitcoin. It’s the latest craze sweeping the nation. Many people want to learn about the mysterious virtual currency and see if it can reap major fiduciary rewards. However, it is now being used for a completely different purpose.

 

Before I go any further, it might help to know what Bitcoin is. In short, Bitcoin is a form of cryptocurrency that is monitored on a peer-to-peer basis. It is not centralized by a governing bank or group and it is completely virtual. It gets a bit more technical and complicated when you really dive into it, but, for the purposes of this article, that’s all you really need to know.

 

So how can Bitcoin help in the fight against ransomware attacks? Well, quite simply, it can be used to pay off those ridiculous ransoms. For those unaware of how ransomware works, it is very simple; a computer that is infected with a ransomware virus is held “hostage” and its information is held for ransom. When the owner of the computer pays the ransom, then he or she gets access to the computer again and can access their information. That is the most broad definition of ransomware.

 

Because of the growing popularity of ransomware in recent years, some companies are considering to stock up on Bitcoin in order to pay off these large ransoms and continue with their business. When an entire network of computers are locked up and held ransom, it can be a headache to fix the system and bypass the virus. So, some companies are looking into simply using Bitcoin to avoid the hassle and pay the hackers.

 

Several British companies are utilizing this tactic. Because ransomware attacks are so commonplace, several British companies are informing employees to maintain a Bitcoin wallet in case of an emergency. Unfortunately, paying hackers can only provide a temporary solution. In fact, in most cases, even if a ransom is paid, the information isn’t guaranteed to be returned. But most companies prefer to stay quiet about online attacks.

 

Can Bitcoin be the ultimate solution to stopping ransomware hackers? Or will paying them off with digital currency be the same as feeding a stray cat? Only time will tell, but my guess is the latter.

Steven Andiloro---Password-Protection--A-Huge-Mistake--compressor

Password Protection: A Huge Mistake?

Steven Andiloro---Password-Protection--A-Huge-Mistake--compressor

Technology has created many wonders in our lives. And because it has become such a large part of our lives, we now often store sensitive and personal information on our technological devices (smartphones, computers, tablets, etc.). And in order to protect that information, we’ve created a password authentication process. For years we have needed to create passwords to protect our documents, photos and other personal information. And in 2003, Bill Burr, a manager at the National Institute of Standards and Technology (NIST), created a guidebook for password creation. But now he regrets it.

 

Essentially, Burr’s guidelines had suggested that we create incredibly complicated passwords in order to prevent any hackers or hacking software from breaking into our accounts or devices. These guidelines suggested that we create a new password regularly (roughly every 90 days or so) and that we use a series of numbers and lowercase and capital letters to fool would-be hackers. Unfortunately, as time has progressed and as new studies are being conducted, Burr has realized the error of his ways. These new studies suggest that the type of passwords that Burr suggested are actually not very safe. The NIST has found that using phrases for passwords is much harder to crack than alphanumeric words. And the suggestion about changing your password every 90 days? Wrong. Those same studies suggest that humans are less likely to drastically change their password each time they are asked to do so.

 

According to a report from Engadget, Burr stated his remorse for creating the guidlines that have plagued humanity for well over a decade stating, “Much of what I did I now regret.”

 

Fortunately, the NIST has finalized a new set of guidelines with the appropriate updates. The new guidelines include the aforementioned updates as well as the suggestion for IT departments to only force password changes in the event of a breach.

 

So, hopefully, for any of you who have gone to painstaking lengths to change your passwords up with a strange series of numbers, letters and symbols, you can now rest assured that soon you will be able to settle for a much less complicated password.

Steven Andiloro - HBO's Hacking Headache

HBO’s Hacking Headache

Steven Andiloro - HBO's Hacking Headache

Large-scale corporations are prone to hackers. Because of their large size and massive amount of money, they are just large targets for hackers. It’s nothing new. In fact, it’s so common that I’ve written a few blogs on some of the largest online hacks on large corporations. Just recently, HBO, the massively popular premium cable television network, was hacked, and a large amount of data was stolen from the company.

 

According to reports, last week saw a major hack of HBO’s servers that resulted in over 1terabyte of data being stolen. This data, which included several scripts for unaired episodes of the popular Game of Thrones television show, as well as full, unaired episodes of Ballers and Room 104, has been leaked online. So far, the amount of content that has been leaked to the public has only amounted to 3.5 gigabytes of data. To put that into perspective, there are 1,000 gigabytes in a terabyte. At the moment, no one is entirely sure of what other data the hackers have a hold of, but there is speculation that they have several episodes of Game of Thrones.

 

And while pirated episodes of Game of Thrones is nothing new, the hackers claim to have accessed much more important information as well. According to a report from The Verge, the hackers have gained access to the phone numbers and addresses of all of the actors from Game of Thrones’ season 7, as well as internal HBO passwords. This makes the situation much more serious, as that information could bring harm upon the actors of the show. While HBO claims that there is little evidence of such personal information being leaked, the threat should still be taken seriously.

 

The network is conducting an investigation and hopes to avoid a repeat of a similar disaster from 2014 when Sony Pictures’ email servers were hacked. Multiple emails were stolen that damaged the reputation of some executive members of the film studio.

 

Although large-scale hacks such as these are not necessarily shocking, they are still an unnecessary headache. It is incredibly important that all businesses, large and small, focus a large amount of attention on their security and IT departments. By strengthening their malware and virus protection, they decrease the risk of incidents such as these from potentially ruining the company or the careers of those involved.

Steven Andiloro Even more of the Worst Online Attacks in History

Even more of the Worst Online Attacks in History

I’ve previously discussed several of the world’s most notorious online hacks. I figured I would continue this series and take you down memory lane with two more of the worst online attacks in history.

 

Jonathan James

This is quite possibly one of the most unique and tragic hacks in the history of cyber crime. In 1999, a young hacker by the name of Jonathan James committed one of the most stunning cybercrimes to that point in time: he was able to hack into the computers of both NASA and the US Department of Defense. At only 15 years old, Jonathan was able to install a backdoor into the US Department of Defense’s servers which gave Jonathan access to over three thousand private messages, which included usernames and passwords. Jonathan also installed a backdoor into NASA’s servers which granted him access to a portion of the aeronautics organization’s software. The attack cost NASA $41,000 to repair. Once caught, Jonathan was sentenced to house arrest and probation, and was required to write letters of apology to both NASA and the Department of Defense. Unfortunately, Jonathan was suspected of being involved in another series of online hacks in 2004, and took his own life in 2008.

 

The TJX Attacks

Going off of Jonathan’s story, the attack that he was suspected of being a part of turned out to be quite a large attack. Jonathan was suspected of being a part of a group of hackers named the “Shadowcrew.” The crew, led by Albert Gonzalez, managed to steal over 45 million credit and debit card numbers from shoppers of the TJX company, which owns the TJ Maxx and Marshalls retail stores. Gonzalez, the mastermind behind the operation, supposedly took on an expensive lifestyle and spent millions of dollars. And this wasn’t Gonzalez’s only series of attacks. He also led attacks on Dave & Busters and Heartland Payment. Gonzalez was put on trial in 2010 for his TJX hacks and was sentenced to 20 years in prison. He was incredibly remorseful for his actions, and hopefully, once he is released he will be a changed man.

 

Cybercrime has been going on for years, and it shows no signs of stopping. Hopefully we can learn from history and, as a society, boost our respective network security systems and prevent situations like this from ever happening.

 

Be sure to check back in for even more of the worst online hacks in history!

Steven Andiloro - Phishing For Trouble

Phishing For Trouble

Steven Andiloro - Phishing For Trouble

 

On May 3, Google shut down one of the most sophisticated phishing attacks of all time, which infiltrated approximately one million Gmail accounts in just under an hour.

 

How is this possible, you might ask?

 

This particular phish impersonated a Google Docs request from a trusted contact, such as a family member, coworker, or spouse. By clicking on the request, users were redirected to a legitimate Google login page, where they were asked to provide their username and password, as well as authorize the use of the infected third-party extension, “Google Apps.”

 

By giving permission to this extension, it was feared that users had unwittingly given scammers access to their inboxes, passwords, and other personal information. However, Google concluded that, in spite of this lack of “thinking before clicking,” only users’ contact lists were made accessible to this phishing campaign — hence the rapid distribution of these faux Google Docs requests.

 

Aaron Higbee, chief technology officer at the phishing research company that analyzed data from the scam, commented, “The importance of this phish is not how it spread, but rather how it didn’t use malware or fake websites tricking users to give up their passwords. This phish worked because it tricked the user into granting permissions to a third-party application. This is the future of phishing, and every security technology vendor is ill-equipped to deal with it.”

 

Google took immediate action in resolving the scam. The company said in a statement that they have “disabled offending accounts. We’ve removed the fake pages, pushed updates through Safe Browsing, and our abuse team is working to prevent this kind of spoofing from happening again.”

 

In spite of these extensive and preventative security measures, users should remain vigilant and keep their eyes peeled for any copycat attacks — which they should immediately report as phishing within Gmail.

 

Those who have fallen victim to this scam are advised to log into their accounts, go to their Permissions page and revoke any access to fake Google services, such as “Google Docs” or the aforementioned “Google Apps.” From there, users ought to change their passwords and cleanse their Gmail accounts of any spam or phishing emails.

 

Steven Andiloro- Two More of the Worst Online Hacks in History

Two More of the Worst Online Hacks in History

 

As a continuation of last month’s blog, I took a look at some more detrimental online hacks that have rocked our nation. Although preventive cyber security measures have increased, so have the capabilities of hackers. A lot of our personal information is exposed when we utilize online resources. Many of us know someone who has been affected by cyber attacks and may even know people involved in some of these larger scale incidents. Here are a few more noteworthy security breaches to hopefully remind you to stay safe online.

 

Target:

In 2014, retail mogul, Target, faced one of the worst data hacks our country has seen. The attack led to 70 million names, mailing addresses, emails, and phone numbers being stolen. Additionally, 40 million credit and debit card number, expiration dates, and CV codes were obtained by the hackers. The unique scenario of the hack made it a national news story. The breach in security took place over a three-week time period, which is why so many accounts were infiltrated. Many customers lost a great deal of trust in the company, and stocks did take a hit for a few months. From a security standpoint, Target had all of the right preventative measures in place. Yet, they neglected to react to the warnings they were provided. Many lawsuits filed against the company due to damages were dropped once damages were returned to customers. After discovering the breach, Target offered a year of free credit monitoring and identity theft protection to U.S. based customers.  A few customers received settlement funds from Target and the security measures have increased drastically. I’d be willing to bet that they won’t be ignoring any more warning signs in the future.

 

Sony Pictures

Those working in the entertainment industry already have a significant amount of their dirty laundry aired. You can imagine their emotions when they found out that Sony Pictures had fallen victim to a cyber attack. The attack was orchestrated by a North Korean based group self-titled “Guardians of Peace.” The group claimed their motive was the release of the film “The Interview,” a comedy portraying an assassination attempt on Kim Jong-Un. The breach consisted of the group receiving access to Sony employee’s personal information, emails within the company, and copies of then-unreleased films. As a result of the attack, Sony has heightened their cyber security efforts including the use of new software to house all company information.

Page 1 of 2

Powered by WordPress & Theme by Anders Norén