Category Archives: Data Security

The Power and Impact of AES Encryption

In 2011, Ponemon Research released a study that shook the business and hacker community to their digital core. Out of 583 U.S. companies, 90 percent of respondents claimed their computers had been hacked at least once in a year. That’s terrible news for companies, but thrilling news for hackers who continue to find ways to illegally gain access to other people’s data. Unless an Advanced Encryption Standard (AES) is in place.

In 2014, half of American adults had experienced a computer hack. Even more worrisome, the estimated annual cost over global cybercrime is $100 billion, according to go-gulf.com. The number of hackers rising from behind their laptops is astronomical. But many hackers fear AES encryption, a common encryption technology used by the U.S. military that is now used worldwide. Besides the military, e-commerce websites, banks and hospitals use AES encryption to protect consumers and clients from a data breach. So far, there’s been no major or successful cryptanalytic attacks against AES, which protects classified information and encrypts sensitive data. But how did AES this come about?

The history

It all started with two Belgian cryptographers (a fancy word for the study of secret writing techniques) named Joan Daemen and Vincent Rijmen. They used cryptography algorithms, known as ciphers, and mathematic functions. No standards existed to promote a secure encryption algorithm until the Data Encryption Standard was published in 1977. However, the key size proved to be too small, leaving vulnerabilities and a painfully slow process. But the two cryptographers developed a symmetric block cipher (code used to conceal messages) comprised of three block ciphers, AES-128, AES-192 and AES-256.

The AES was adopted as industry standard by the U. S. National Institute of Standards and Technology (NIST) in 2001 after a three-year competition for the best encryption technique. Based off its creators’ names, AES is also called Rijndael.

What set AES apart? AES encrypts data with a secret key, and once decrypted, it uses the same secret key, but the operations are done in reverse. AES allows users to “hide” the relationship between an intended message and an encrypted message. Simply, it creates confusion. Depending on the block ciphers (AES-128, AES-192, AES-256), millions of different possible key combinations occur. Consider this number: AES-128 has more than 300,000,000,000,000,000,000,000,000,000,000 different key combinations.

Why do hackers fear AES encryption?

According to commsnetwork.com, it would one billion years for a “super-computer to crack the AES-128 algorithm using brute force.” To put it simply, AES encryption creates an unintelligible cipher block that leave hackers scratching their heads. Some officials, like Ozzie Diaz, president and CEO of AirPatrol, recognize the minor flaws in AES encryption, but still feel confident in the process.

“Can somebody repurpose and weaken the strength of the AES algorithm? Yes. That’s what cryptographers do,” he told TechNewsWorld in 2009. “But we don’t have to worry about AES being weakened anytime soon. Still, AES in theory has flaws. The bottom line is that AES isn’t broken.”

According to koftu.net, brute-forcing a 128-bit key using even the most advanced supercomputer would take 1.3 quadrillion years. Using a 256-bit key? It’s unfathomable to think how long it would take a cybercriminal to hack that!

Protecting Your Identity from Growing Cyber Crime Threats

In 2015 alone, 13.1 million Americans were victims of identity fraud. Even more shocking, identity fraudsters have stolen approximately $112 billion since 2009, which amounts to $35,600 stolen every minute. Thankfully, there are a wide variety of ways to protect your digital identity from the growing number of cybercrimes. These include shielding your keypad when entering important information, not using public Wi-Fi, using unique and different passwords for each website, and backing up your information in case of a ransomware attack. By following the guidelines in this infographic you can significantly increase your odds of not being a victim of cybercrime! Let us know in the comments how you are protecting your data.

Boston University’s Master of Criminal Justice Online Program

Air gapping: What is it and when is it the right security measure for you?

As more and more organizations commit their sensitive resources to the cloud, and consumers demand faster and easier access to their online data, so the issue of data security has become more important and relevant to users. There are many ways to increase digital security measures, from better passwords and multi-level authentication to encryption and segmentation of data. But one of the most foolproof, and least understood, security concepts is that of air gapping.

What is air gapping? According to reference site Whatis.com, an air-gapped computer “is physically segregated and incapable of connecting wirelessly or physically with other computers or network devices.” In addition to that physical removal from a network, a gap is specified between the computer and the outside walls, as well as between the wires servicing the air-gapped system and all the other systems in the physical space. By observing these rather extreme measures, the possibility of data being stolen or extruded via electromagnetic means is removed.

It stands to reason that when a computer is not connected to the Internet, or to a network that is connected to the Internet, the chances of data theft is extremely remote. That’s why air-gapped computers are often used in military applications, or in retail institutions that process large amounts of money via online transactions, and even in industrial situations that control critical infrastructure.

So how does data get into an air-gapped system in the first place? Very methodically, either by USB or by a removable storage device, which is disconnected as soon as the data is transferred. Until quite recently, air gapping was thought of as being an impenetrable form of security, due to the fact that physical access to a machine was the only way to breach its defenses, and that access could be carefully controlled. But the Stuxnet virus, which was designed to breach Iran’s nuclear program, laid waste to that notion. According to Wired magazine, “Computer systems controlling the centrifuges were air gapped, so the attackers designed Stuxnet to spread surreptitiously via USB flash drives. Outside contractors responsible for programming the systems in Iran were infected first and then became unwitting carriers for the malware when they brought their laptops into the plant and transferred data to the air-gapped systems with a flash drive.”

More recently, Israeli researchers found a way to use radio waves and devices to siphon off data from air-gapped machines, effectively proving that no system is utterly impregnable. Yet it is still a first-class security measure.

Are there cases when air gapping would be appropriate for a small business? Certainly. In an average small business that has 15 to 25 computers connected to the Internet, there is a good chance that the business has some sensitive data which it needs to protect closely. There would be a strong case for air gapping one particular machine which contains that sensitive data, and delegating one person to be in charge of importing and exporting data from that particular machine on a regular basis.

The physical distance between an air-gapped machine and a network, coupled with strict access of who interacts with that machine, is one more way to ensure that sensitive data is protected in this day and age.

Why should I be concerned about ransomware?

Ransomware is not like the neon windbreakers of the early ’90s, which quickly faded, or the popular toy Furbies, which peaked in sales a few years after being introduced in 1998. No, ransomware is here to stay. According to the FBI, “Cyber criminals collected $209 million in the first three months of 2016 by extorting business and institutions to unlock computer servers.” At this rate ransomware is on pace to become a $1-billion-a-year industry. The stakes are high and you must have a proper backup plan in place.

The days of backing up systems to tape and external drives are long gone. Once considered the future of data protection, cloud backup is now an essential part of a comprehensive backup strategy. And the best part about cloud backups is how simple they are. Most offerings have set-it-and–forget-it scheduling, so you or your company’s IT department does not have to spend time backing up your data. These backups are also non-disruptive, meaning they are going on in the background while you are working and will not disturb current workloads.

Not only are cloud backups automatic and non-disruptive, they are very secure. Data security is a hot topic for companies today and will be going forward. Cloud backups are typically encrypted at the source, while in flight to the data centers, and while at rest in the data center. Most cloud backup providers will provide a variety of encryption options, including 256-bit AES encryption and 458-bit Blowfish.

You may be asking yourself, “This all sounds great, but what happens in the event my data gets attacked?” Keep in mind that cloud backups are structured in a way that allows you to roll back to a point in time prior to the attack. For example, let’s say at 12:30 p.m. your laptop locks up and a pop-up appears on the screen informing you that your data has been hijacked and encrypted and demanding a ransom in Bitcoins in exchange for a decryption key.  You would first notify management of what is going on and then go straight to your friends in IT. They will be able to pull the last backup at 12:00 p.m. and restore your data in a matter of minutes.

Cloud backup is a second line of defense to antivirus and threat detection software and was designed with the end user in mind. Providing great data protection and easy restore options makes for a hassle-free backup policy. Just imagine if your system were attacked by ransomware and you did not have a backup policy in place. You could be paying the ransom, and worse, not even receiving an appropriate decryption key. What would that do to your business?

In an interview with The Wall Street Journal, Brian Dye, Symantec’s SVP of information security, says, “Antivirus software only detects 45% of all attacks.” And according to the Global Data Protection Index, 36% of companies have suffered unplanned system downtime and/or data loss due to an external or internal security breach. Clearly, ransomware and other forms of malware are on the rise and are a very real threat to your business. The good news is that Mozy by EMC can help prevent a ransomware data loss disaster with easy-to-deploy and efficient cloud-based backup solutions.

 

Infamous Ransomware Attacks

Ransomware is on the rise. Until recently, ransomware used to be a crime targeted at consumers and small businesses. Cybercriminals who carry out these attacks have become more confident in their abilities and have elevated their game to take down some of the biggest companies in the world. It only takes hackers six minutes to compromise an organization, 60% of the time. Ransomware is not industry specific, meaning no one is safe. Like any other types of crime, ransomware has been responsible for a multitude of high-profile crimes. There are many infamous attacks documented, but I would like to focus on three high-profile cases.

Horry County Schools

Horry County Schools in South Carolina was brought to a screeching halt due to ransomware. Earlier this year hackers gained access to the school district’s network through an outdated server. The attack locked computers that contained sensitive intellectual property and lesson plans. Teachers in the school district had to create new lesson plans and Wi-Fi was shut off at some of the schools as a precaution. At first, the school district stated they would not pay the ransom for the decryption key. This decision was later reversed and the school district paid out nearly US$10K in Bitcoins. The attackers are believed to be from a country outside the United States. Currently, the FBI is investigating this crime.

Hollywood Presbyterian Medical Center

Ransomware can even bring a hospital to its knees. This past February the Hollywood Presbyterian Medical Center in Los Angeles found this out the hard way. The attack locked computers and encrypted patient information. Routine medical practices such as CT scans were unavailable, and patients were sent to other medical centers for their scans. Doctors and nurses resorted to pen and paper to keep track of what was going on because no computer access was allowed. The stakes were particularly high in this attack because critical (and sensitive) patient data was hijacked. The hackers used this to their advantage and demanded a US$3.6 million ransom. The cybercriminals eventually reduced the ransom and Hollywood Presbyterian Medical Center ended up paying US$17,000 in Bitcoins in exchange for the decryption key. The FBI is investigating this attack as well.

Sony Pictures Entertainment

Perhaps the most infamous cyberattack was the hack on Sony Pictures over the film “The Interview,” a comedy centering around two American spies trying to assassinate the leader of North Korea. Sony Pictures received an email threatening terrorist attacks at cinemas if the film was screened. This attack also included the leaking of unreleased Sony films, portions of films scripts, 47,000 Social Security numbers, and employee emails discussing anything from Angelina Jolie to the James Bond film script “Spectre.”

Is your data backed up and is it restorable?

The FBI has estimated that cybercriminals have collected US$209 million in Q1 2016 alone, on pace for a $1 billion year and up from US$23 million in all of 2015.That said, if a business, or its users, have an appropriate data backup plan in place the consequences of these attacks can be minimized. Organizations need to be asking themselves, “In the event of a ransomware attack, is our data restorable?” Threat detections and anti-virus software are not going to protect you from these sophisticated cyberattacks. Your data must be backed up and it must be restorable to a point in time prior to the ransomware attack! Learn how Mozy can help.

What is Ransomware?

Maybe you haven’t been a victim of ransomware, but you’ve certainly heard of it. Ransomware hacks are in the news daily. According to a recent study published by McAfee Labs, ransomware growth increased by 58 percent for Q2 of 2015. But whether you’re a consumer, business owner, or government entity, the question is not “Will I be a victim of ransomware?” Instead, the question everyone should be asking is “When will I be a victim of a ransomware disaster?” Fortunately, falling victim to a ransomware attack doesn’t have to result in a disaster—if you have a proper backup policy in place.

Ransomware first arrived on the scene in 2005. The first known ransomware strain was Trojan.Gpcoder, which affected Windows operating systems. Although ransomware attacks still use screen pop-ups that notify users of the attack and the amount of money required to unlock a computer, other ransomware attacks are more sophisticated and use “unbreakable encryption.” That usually means if your data is not backed up you will not be seeing it again unless you pay the ransom. And, unfortunately, just because you pay the ransom in return for a decryption key does not guarantee that the key will work and that you will get your data back.

Ransomware can infiltrate and spread throughout your systems in a matter of minutes; all it takes is one wrong click. This type of malware typically enters a network through its weakest link—social media or an email with an infected link or attachment. The bad news is that ransomware is easy to create and deploy. The good news is that you can fight ransomware with a solid backup plan.

Have you ever asked yourself: “What would happen to my business if I lost all of my data?” Having a backup plan in place is not just a sound operational practice, it’s often required by law or regulation. For example, HIPAA requires healthcare organizations to have and test a viable data backup and disaster recovery plan. The same holds true in the financial services industry; both the OCIE and FFIEC have made this a priority in their enforcement and audit practices.

If you do not have a backup plan in place, today is the best day to develop one—and EMC is a great place to start. Mozy and Spanning (both by EMC) offer data protection and data restore no matter where your important files reside. Mozy is an endpoint solution that backs up files on your computers to the EMC cloud. Spanning protects your born-in-the-cloud data for Salesforce, Office 365 (including One Drive), and Google Apps (including Google Drive).

Make no mistake about it—ransomware is a growing threat to all businesses and consumers. In 2014 alone, there were 2,122 confirmed data breaches! Fortunately, there are steps you can take in order to harden security against these types of cyberattacks. First and foremost, businesses must have a legitimate backup plan in place. In addition, we strongly recommend testing your backups periodically to make sure they’re intact and up to par. Equally critical is the ability to restore your data to a specific point in time before the ransomware attack occurred.