Main Threats and how to protect yourself against them
Now during this period, most of the people have to change their habits and have to work at home and the hackers take advantage of this disorganization to intensify their attacks and they will not stop from one day the other when confinement will end but they will continue to take advantage of people’s fear.
It results from a study published by Check Point just a few days ago that:
- THE MAIN THREATS ARE:
- phishing(by 55% of respondents),
- malicious websitesclaiming to offer information or advice about the pandemic (32%),
- increases in malware(28%) and ransom software (19%).
- Security concerns are increasing
- 61% of respondents are concerned about the security risks associated with the need to make rapid changes to enable teleworking.
- 55% felt that the security of remote access needed to be improved
- 49 per cent are concerned about the need to improve workplace safety.
THERE IS A NEED FOR SECURE REMOTE ACCESS
The concern is that, in order to quickly and inexpensively enable employees to work from home, some organizations have implemented RDP, which can expose confidential systems to the public internet.
Remote Desktop Protocol (RDP) is a protocol developed by Microsoft, which provides users with a graphical interface to connect to another computer over a network connection.
Dr. Johannes Ullrich, SANS fellow and Dean of Research at the SANS Technology Institute, explains:
“The number of source IP addresses attackers used to scan the internet for RDP increased by about 30% during March, from an average of 2,600 attacking IP addresses to around 3,540 each day in March. RDP is not a protocol that is robust enough to be exposed to the internet. Consequently, we are now seeing attackers actively trading weak credentials which they have identified for these RDP servers. A compromised RDP server can lead to a complete compromise of the exposed system and will likely be used to attack and exploit additional systems inside the network.”
Conclusion: RDP is not secure.
- GOOGLE DRIVE, DROP BOX, ZOOM
The security offered by these service providers consists of data encryption between the application and their servers and in their servers.
- Whoever encrypts necessarily has the keys and can access the data.
- GOOGLE DRIVE also explicitly says that they want to be able to see everything that is downloaded and therefore they are not HIPAA compliant.
(This explains in general why the United States is the most advanced country, having access to everything that happens in the world, to all the mail, documents, to all the documents sent, to all the innovations…)
- Moreover, no matter what standards (TLS) or algorithms (128-bit AES) are used, a quantum computer can break an encryption code in a fraction of a second.
Conclusion: These systems are not secure.
HOW TO STRENGTHEN THE SECURITY OF REMOTE ACCESS
To increase the security of remote access, you must necessarily reinforce the security of the usual place of work. Indeed, if this one is not protected, remote access cannot be protected.
Moreover, remote access must be protected against two different kinds of dangers:
- The first danger comes from attacks by hackers seeking immediate gain and,
- The second danger is the loss of confidentiality of data operated by the third party who, on the one hand, creates the cryptographic keys that protect the data in move and the VPN used for vehicle them and who, on the other hand, hosts the data allowing it to be shared online. Their purpose is obviously to profit from this (industrial or political espionage).
What you save by not investing in hardware to back up your data, preferring to leave it in the Cloud, is lost a hundredfold when your data or its confidentiality is lost.
The best way to protect yourself against these two dangers is not to trust any third party and to be the master of your data at rest at the working place and during transport.
And the protection system created by PT SYDECO, ARCHANGEL – SST – SydeCloud, guarantees you this total security:
- Data is protected by SST©(Secure System of Transmission). SST© is a system of protection based on translation of any type of data into Alien Language and whose brain is in your working place (main office). SST© is not using any key and is not based on number theory. Therefore your data is out of reach of attacks even when coming from a quantum computer.
- This data is transported within a VPN also protected by SST.
- Data is stored in your office, SydeCloud©allows you to create your own Cloud, to share your data between authorized people and to backup them.
- ARCHANGEL©, as we will see, protects your workplace as well as the one where you operate remotely.
HOW TO REINFORCE WORKPLACE SAFETY
- Your workplace must be equipped with an advanced detection system that can detect and block any type of attack such as ransomware attacks, banking Trojans or financial phishing, at the network level before they reach employees.
ARCHANGEL© thanks to its advanced system of detection and appropriate response, its 3 firewalls, its intelligent agents, its honeypot and the Artificial Intelligence to which its intelligent agents are connected, stops any type of attack, even unknown malware.
ARCHANGEL© gives your security operation teams full visibility over the network and response automation.
- Equipment used by employees must also be protected.
This protection is also provided by ARCHANGEL© which filters all movements within the workplace: An infected workstation cannot infect any other workstation of the workplace.
- Personal equipment of the employee working at home must also be protected in the same way as the main office.
ARCHANGEL PICCOLO which can protect up to 10 connected devices protects the equipment of the employee working at home, his data being protected by SydeCloud.
Take advantage of PT SYDECO’s special action and order your total protection against hackers NOW. Don’t be a victim of ransomware.
To respect our commitment we offer you the total protection of your offices, your data and Online File Sharing at 50% of the normal price.
This offer is valid until Mai 31st 2020.