Tag Archives: security

Laptop Data & Identity Theft

The use of laptop computers is great! It gives us the portability and freedom to work and surf the Internet: a true benefit for consumers and corporate users. Unfortunately, laptops expose individuals and organizations to an inherent risk of data theft which may lead to fraud, and identity theft. Although it is also true that smartphones are widely used and deployed, laptop theft is considered the second most common security concern after malware.

According to 224 IT professionals surveyed earlier this year by Check Point, a security company, less than 30 percent use data encryption and only 47 percent of users have access to a VPN that connects to the main office. These numbers are dangerously low: making it easy for data to end up in the wrong hands. IT professionals should make it one of their top goals to prevent data leaks within their company and to brief everyone within their organization some information about the use of corporate machines outside of the organization’s office.

Although this post’s main objective is to pin-point the blame on businesses’ IT departments for not having encryption and contingency policies in place, consumers should also be aware of these issues.

Data Leakage

Data leakage can be defined in multiple ways; i.e., an employee transferring files using a USB device or emailing files home to a personal account. For the purposes of this blog post, I am referring to data leakage as the loss of data through a laptop computer.

Few are aware of how easy it is to extract data from a laptop whose hard drives have been left unencrypted. I’m not talking about photos and videos from your latest trip to Mexico (although some may want to hide those for other reasons).

An unencrypted hard drive gives the ability for a computer user to do some of the following:

  • Extract cookies, Internet history, browser preferences such as auto-login passwords which could lead to access to websites like (Facebook, Gmail),
  • View locally stored email cache,
  • View word and excel documents,
  • Connect to your Virtual Private Network (or VPN),
  • Misc. computer configurations, and
  • Personal information.

It doesn’t take a sophisticated user to do some of these things. However, if your machine were to end up in the hands of a black hat hacker, the amount of data they could harvest from your machine could be extensive.

Most thieves aren’t black hat hackers.

A thief can steal a laptop during a home robbery or when your bag or laptop is left unattended, even for a second. Since laptops are portable, they’re an easy target for thieves to run off with. You are unlikely to see your machine and its data again unless you have some preventive mechanisms installed. Absolute Software’s Lo-jack software offers a subscription based service capable of aiding law enforcement to finding your lost or stolen laptop.

Although it is usually up to the end user to keep his or her device secure, whose responsibility would it be if your laptop had access to civilian tax records that was stored on the network drive of the machine? Surely, you weren’t aware that you had so much confidential information on your machine. What now?

IT’s Responsibility & Data Encryption

It is up to your IT department to help protect you, your company and your customers from having crucial information exposed by a lost or stolen laptop. Tools have been developed for many years which offer ways to hide sensitive data by disk encryption. Disk encryption makes it nearly impossible for a simple computer user or even a black-hat hacker to read the content of the drive. All the data on the drives are encoded with a specific key which is only accessible by authorized users and specific laptops. The key is unique for each laptop and is usually stored on a Trusted Platform Management (TMP) chip which is only extracted once an authorized fingerprint is swiped, or when a special hard-drive boot-password is entered before the computer boots up. This also prevents other portable boot-disk utilities from booting up and running tools such as password crackers or Linux live discs from reading the contents of the drive. Hard–drive encryption would prevent these easy-to-use software which can be downloaded online by anyone.

Historically, setting up hard drive encryption has been a pain. Today, with Windows 7 Ultimate and Enterprise editions, BitLocker is an embedded extension to the operating system. It offers IT professionals a fast and easy way to monitor, manage and deploy drive encryption to their machines, at a low cost too. There is little excuse for not implementing encryption.

Legal Issues

I did some digging for some stats on corporate laptop theft and legal ramifications. According to a report done by the Ponemon Institute [PDF] for Dell Computers in 2008, approximately 12,000 business laptops are lost per week. If 30 percent of IT departments have hard-disk encryption implemented, only 3,600 laptops will be protected. This leaves a staggering 8,400 laptops and their companies vulnerable to data leakage and threats.

During my work-stint with NBC Olympics, I learned some shocking information from one of my full-time NBC colleagues in regards to corporate laptop data. My colleague mentioned that California state law requires companies to notify all parties involved and publically announce exactly what happened when a laptop is stolen or lost. Organizations may also be required to protect stolen or lost identities and compensate victims. The California government can also take your company to court for failing to provide adequate protection of its citizens. It doesn’t matter where your company is based or if your company conducts business in the state, the California government can and will prosecute you as long as you are within the USA.

A website called Privacy Rights Clearinghouse (privacyrights.org) keeps an online database of data breaches and other issues regarding identity theft of US citizens. Ironically, the company is located in San Diego, California. It’s amazing how many instances are reported week.

Given proper IT policies and guidelines, corporate data leakage can be minimized. If only 30 percent of organizations have methods of preventing data leaks from laptop theft, should we be worried about what sort of data companies are storing about us and whose hands this data can be in?

Further Reading:

Some Preventive Techniques for Malware

The dark side of computing….Viruses….Spyware….Rootkits….Trojan horses….etc. Almost everyone has been a victim of this at one time in their life. There’s no avoiding it! These unfortunate things are products of evil people who are trying to steal our information or make money from uninformed and ill-trained users.

I’ve been working the Computing and Communication Services (CCS) HelpCenter/HelpDesk at the University of Guelph (UoG) for the last 4 years. I’ve also been fiddling with computer hardware and software since I was a little kid. I’ve helped hundreds of people with computer malware issues. At CCS, My team of about 30 student consultants are just a small group of people deployed by UoG to help students clean and protect their computers. It is also our job to make sure they are able to connect to Resnet and have full internet connectivity with whatever comes across our desks. Most of us are informally trained but are well experienced and are able to dynamically change our methods to keep up with computers. We’re not geniuses; we’re careful patient ordinary people.

There are many different opinions and methods of preventing, getting, and cleaning malware. I will go through a quick guideline from my perspective on how to keep your computer healthy and malware free. I will also mention some alternatives to pesky paid subscription based antivirus software. Feel free to leave comments or questions below…I’ll answer them when I have time.

So what exactly is malware?

Malware is a term used to describe malicious software such as viruses, trojan horses, spyware, rootkits, worms, adware….etc; Basically anything involving software which is trying to takeover certain aspects of your computer without you realizing exactly it. From experience, most consumers and non-security professionals refer to this as a “computer virus”.

The majority of malware affects Microsoft Windows based systems due to their strong market domination of roughly 90%. Although Microsoft has done a great deal of leg-work at making its most recent version of its Operating system, Windows 7, more secure, there are still millions of users out there with malware on their machines. Those with Apple based products, who claim that there is no such thing as Mac viruses are naïve to think they are automatically free from any malware. Although most of the computers that I help service at the IT Helpdesk are windows based, we do see the occasional Macbook with very odd security or network settings which usually constitute to a virus.

One might wonder, “Why isn’t malware illegal?”…

Well it is! (mainly in Canada, USA, European countries) But because the Internet is a highly world-wide multilingual, multi-platform, multi-cultural, and multi-legal system, it is very hard for legal systems to convict a programmer or hacker from Russia or China. Laws are still being developed in conjunction with countries all over the world to help combat illegal computer activity.

How do you usually get malware?

I hate to be blunt, but I usually determine that if you have malware on your computer, you’ve done something stupid. A streaming video site shouldn’t be asking you to scan your computer for viruses. If it does, it’s usually a fake pop-up requesting you to download something. Don’t expect your favourite websites or a search for your favourite celebrity or artist on Google to be 100% trustworthy either. This past August, hackers tried to fool people by purposely getting their links listed on the first page of search results.

Other common ways of being infected with malware are by using unpatched windows versions without the latest updates or even old virus definitions installed. About 30% of users ignore their Windows Updates or disable it. This is especially dangerous as hackers find holes within the Windows platform and take advantage of them. About 90% of computer users are using Microsoft Windows, and about 30% of them don’t have recent updates. Hackers see a great opportunity to take advantage of the vulnerable and infect these machines as they are an easy target of unsuspecting clients.

Historically, email used to be a vast medium to spread viruses. It was a goldmine for hackers at the start of the 21st century. The ILOVEYOU or Nimda virus are prime examples of viruses which took advantage of email and spread very rapidly due to unpatched security holes in Windows and Microsoft Outlook. Today, email viruses still exist but have less penetration due to better email filtering offered by many web-based email accounts such as Gmail, Hotmail, Yahoo as well as business email security appliances such as Ironport. Nowadays, most hackers try and extract personal information by sending fake emails via spam and trying to impersonate an authority figure such a bank. This is known as phishing and can occasionally lead to malware.

Ways to prevent malware?

My number one method for preventing malware: Smart Browsing…be careful on the internet.

Since our lives revolve around technology, take a few minutes out of your time to think about what you’re actually clicking when you’re on your computer. Read pop-ups and alert messages and think before clicking Yes or No…if you’re unsure, ask someone who you think may know better.

Think about using different web browsers. In my opinion, the three mainstream browsers, listed in order of the most secure to the least, are

  1. Google Chrome
  2. Mozilla Firefox
  3. Internet Explorer (IE)

If you’re browsing the internet to stream movies/tv shows, downloading torrents, or general surfing, think about using Google Chrome. It’s fast, convenient and  the most secure. If you find that certain websites render or display funny, then maybe think about falling back on Mozilla Firefox. If all else fails, use Internet Explorer as the last resort. Although the latest versions of Internet Explorer are far more secure than its predecessors, IE, like Windows, is the most popular web client used around the world. Hackers target it for that reason.

Everyone knows they should have antivirus software installed. There are tons of free ones out there as well as some with paid subscriptions. I recommend using Microsoft Security Essentials as it is free, easy to download and install, and has been rated highly by many professionals. Keep in mind, contrary to popular belief, just because your computer has an antivirus program installed, your computer is not 100% protected from malware. Antivirus software only prevent approximately 70% of threats, the rest is up to you to be careful and diligent. Lastly, is it not recommended to install more than one antivirus software on your machine. It will greatly reduce performance and may lead to frustration as both software fight for power.

As mentioned before, keep your computer up-to-date! Download latest patches when alerted by your software or operating system. At the University of Guelph, CCS employs the Cisco NAC agent to enforce computers on the network to update their windows with the latest patches. Although this can be a pain for many, this is a great way of preaching and making people aware to always keep their computer up to date.

What to do if you have malware?

I find that the majority of users who are infected with malware know where they got it from. They usually say, “I knew doing __fill-in-the-blank__ wasn’t right, since then, my computer’s been doing weird things”.

This is great! It shows that the user is aware of their actions and will learn from their mistakes. Cleaning computers infected with malware is a pain and sometimes it’s faster and easier to reformat the machine instead of spending hours trying to remove it.

If you do have malware though, be careful when using Google to find solutions. On occasion, the malware provider publishes fake removal instructions by asking you to download a program to help clean your computer. This consequently infects your computer with more malware making it more frustrating to clean. Removing and cleaning out malware can sometimes lead to file corruption on your computer which would prevent it from booting up and performing regular functions. I would recommend that you backup any files on your machine that you value on a weekly basis in case this were to happen. It’s good practice to back up your data in case your computer gets stolen.

My favourite tool for removing malware is Malwarebytes. It is, for the most part free and you may find it here. I also recommend cleaning out temporary files before doing any scans in order to free your computer of excess files. This helps lower the time it takes for antivirus and malwarebytes to scan your computer. A great software for this is CCleaner.

I recommend the following steps for scanning and removing malware from your computer:
Please read through them carefully first before attempting instructions

1.      Restart your computer into Safe Mode with Networking Support (hit F8 while the computer is booting)

2.      Download CCleaner (portable or slim edition) and Malwarebytes

3.      Run CCleaner and clean out as many temporary files that it can

4.      Install Malwarebytes and make sure its updated to the latest file definitions

5.      Run a quick or full scan.

6.      After the scan, click Show Results and Remove Selected

7.      Restart your computer and see if it got rid of the malware

8.      If you still have malware, repeat all instructions until you find no more objects infected

9.      If you still have malware, seek professional help and think about reformatting.

Hopefully you now have a better understanding of malware and some preventive tactics to keep it off your computer. Feel free to leave messages or suggest for other users and if you know anyone who gets affected by this, feel free to forward them to this page. Remember, be smart when you’re on the computer and being proactive while using the computer is the best approach for preventing malware.

Further Reading:
PC World – How did my protected PC Get Infected?
PC World – Microsoft Security Essentials – Whats the catch?

A much more in-depth article about many types of malware and some popular real-life examples. The article is a bit out of date as it aims for Windows XP and was published in 2004, however you may have been exposed to some of these back in the day.
Ars Technica – Malware & How to prevent it

How to prevent Wi-Fi Piggybacking?

In any form of Internet communications, there is always a possibility for your information or data to be intercepted by people (or machines) you’re not suspecting. This article will provide you with some basic information about wireless networks (Wi-Fi), discuss some possible ways your data can be intercepted over Wi-Fi and simple methods of preventing these risks on Wi-Fi.

Some background info about Wi-Fi

Wireless networks began popping up in homes about 10 years or so. They have vastly changed the way we work as it allows portability and convenience around the house and the workplace. It prevents us from having to fully wire our houses, whether old or new, vastly reducing labour and integration costs. Service providers are now implementing wireless into their modems and routers. Universities offer campus-wide wireless in their campuses, and there are millions of hot-spots all over the world in libraries and coffee shops.

Beyond the scope of this article are the types of wireless network protocols. Some of the more tech-savvy would know this as 802.11a/b/g/n type wireless standards. Although it is important to know that there are differences between them, for the most part, it doesn’t change how privacy can affect you by using the different protocols. We can assume however, that the most predominant protocol being used, at the time of this blog post, is 802.11g which was standardized in 2003.

What are the dangers

If your Wi-Fi is unencrypted, then this it is important that you pay attention to this!

Like any other form of radio communications, Wi-Fi travels over the air and there is no way to control who else can listen to the basic signal. Therefore it has no way to prevent piggybacking or snooping of its basic unencrypted signal, which is the term used when an unauthorized user is able to listen in on your conversation.

For an example, think of your local FM radio station. FM signals do not care who is tuning into its channel, whoever does, will inherently be able to listen to the signal it is broadcasting as long as it’s within range. Since FM radio is usually designated as a public system intended to reach the general population, it is not a great example to demonstrate “Piggybacking” or snooping. However, if you were to designate a FM radio station as private where the intended purpose is for only you and a select number of authorized people were supposed to be able to tune into a specific channel, the moment an unauthorized person tunes into the station, he is then to piggybacking on your station and listen to everything that is to be heard over the specific FM radio channel.

Thankfully, unlike FM radio stations, Wi-Fi does not operate at extreme power levels, so the area of penetration that your computer and wireless router operate at is very low. Although this does lowers the amount of area that people can intercept your data, it does not eliminate the risk.

The ability to intercept Wi-Fi communications is very easy and nowadays, can be done even be done from a netbook or a simple kit. The software can be easily downloaded online and run by the click of a button. Its soo easy that you don’t need to know a lot about computers in order to intercept the data. These softwares are capable of handing the decryption of WEP, which, unfortunately is still used widely today on uninformed users.

Some of you may be asking, “Why does it matter/I don’t care? I have nothing to hide!”

If someone were to capture your entire Internet conversation, they would probably be able to access your passwords to your favourite websites (Facebook, Youtube, etc), your email, your online banking information, and also reconstruct what you’re doing online on your computer. They could then resell or use the information to impersonate you or steal your identity. Although this may seem a bit far fetched, why give them easy access to all this interesting data when we have the technologies to prevent most of it?

How to fix the dangers

In order to prevent “Piggybacking” a number of methods were produced by various organizations. If you simply Google or Wikipedia “Wireless Security”, you will discover many different methods of securing your wireless network.

The act of securing your network prevents Piggybacking by adding level of encryption on all the information travelling on your configured wireless network. If we look back at the FM radio example again, the unauthorized user, tuning into your designated channel or radio station, would now only hear garbled noise and have no clue how to read it.

For the basic home user/consumer, I recommend using the currently most secure
WPA2-PSK with AES encryption. If your router or computers are unable to acheive this level of encryption, I would then recommend downgrading to WPA-PSK with TKIP encryption.

Simply pick a key that is at least 10 characters long and make sure it uses a variety of different characters including special characters.

Save the key securely and only give it to people you want to have access to your network.

I would not recommend hiding your SSID or implementing a MAC address filter as it is essentially useless and makes configuration a bigger administrative pain for you and your users.

Taking these simple steps into action could prevent you from becoming a victim of data piggybacking and preventing data snoopers from accessing your personal life.

Lastly, stay on top of technology. Check for firmware updates and re-evaluate you hardware every few years to see if there are newer wireless security standards to re-enforce your network security. Something that maybe secure today, may not be secure tomorrow.

What to do if you’re on a Wireless Hotspot?

Many of you may ask…what can you do if you’re at Starbucks or at University where you need internet access via Wi-Fi and they only offer a free unencrypted version?

There’s not a whole lot you can do. Unless you’re accessing online services via a specified encryption method (encrypted browsing session, VPN), you could be susceptible to Piggybacking. Generally speaking, with wireless hotspots, there are usually tons of users. A piggybacking snooper, looking for your information would have a bit more trouble sifting through all the information he’s capturing. But don’t feel to safe.

Make sure you’re accessing your email with an encrypted protocol. Popular free email providers such as Gmail defaults to this and I believe Microsoft’s hotmail is slowly following suit. If you have a different provider, visit or call your local IT administrator to see if they can give you some further information. Lastly, try and prevent doing online banking or other personal things you wouldn’t want anyone else seeing while you’re on a hotspot.

For the average user, simple steps in securing your Wi-Fi and being more aware of the dangers of using a unencrypted wireless network should hopefully prevent you from having your data snooped unexpectedly.

Enjoy a more safe and secure web browsing life.

Further reading:
Wi-Fi cracking kits sold in China for $24
Wikipedia – Wireless Security
Wikipedia – Piggybacking
Network News – Wi-Fi security in Transition
Note: Although Wikipedia isn’t always a viable source, I do enjoy linking to them as their articles can be updated overtime to offer more current and precise information