Category Archive: Malware

  1. Facial Recognition & Cybersecurity

    Comments Off on Facial Recognition & Cybersecurity

    Human beings are uniquely adept at recognizing faces and interpreting facial expressions. The average person is capable of remembering and recognizing over 5,000 unique faces instantly. We’re so good at it that we can immediately spot a familiar person up to 50 yards away. For a machine to step up to the task of recognizing faces that quickly and reliably would be quite a feat of engineering. But, of course, facial recognition technology (FR) has made some critical leaps forward in recent years.

    For FR to work, it has to go through a process of capturing images, extracting key feature markers, comparing these to a database, and performing a match search. At present, facial recognition security assets require that a would-be entrant present his or her face to the scanner, hold still for a moment, and try not to visibly emote. This kind of tech can help harden an access point against unauthorized entrants- but the limitations of the system make it easy for clever hackers to defeat.

    Here at Integrated Axis Technology Group in Arizona, our goal is to help you get the most out of any security technology you choose to deploy. At present, recognizing the cybersecurity risks of Facial Recognition is critical.

    The Risks of Facial Recognition Technology

    The best FR tech performs Capture, Extraction, Comparison, and Matching very quickly. But for an intruder who understands how the machine works, defeating the system is still possible. There is also a list of known methods to beat FR cameras. They include, but are not limited to;

    • Camera finders: detect FR cameras so they can be avoided
    • NIR LEDs: use bright lights to disrupt FR scans
    • Reflective accessories: blind camera sensors
    • Prosthetic masks: realistic masks that can trick FR cameras
    • Hair and makeup: obscure and alter facial features without looking suspicious

    FR Hacking

    For the time being, all of these methods allow people to escape detection. But only one can actually fool an FR scanner in order to gain access to a restricted location, the prosthetic mask. While these items are expensive, it is possible for a criminal to obtain them, and they easily fool most FR systems. Of course, privacy is always a concern. By making your face your key and password, that means anyone who manages to obtain a prosthetic copy of your face gains access. In a world where FR is ubiquitous, a rise in prosthetic mask crime is a predictable outcome.

    Reliability

    Automakers have begun experimenting with FR tech as a means for drivers to access their vehicles. Models that are currently in testing have a high rate of success, about 97%. But these devices succeed at lower rates recognizing women due to makeup and hair changes, and people with dark skin, which absorbs much of the light FR systems need to work.

    Privacy

    Of course, placing FR cameras anywhere poses a privacy threat to anyone who walks by them. With these concerns on the rise, we can expect to see changes to legislation regulating these devices in the near future.

    Here at Integrated Axis, our goal is to help companies in Tucson and Phoenix, Arizona cope with and overcome these risks. Our integrated It services are designed to keep you ahead of the competition- especially in areas where keeping up with bleeding-edge technology is key to remaining competitive in your industry.

  2. Business Tech: Combating Cybersecurity Risks Associated with Mobile Devices

    Comments Off on Business Tech: Combating Cybersecurity Risks Associated with Mobile Devices

    Cybersecurity is a top priority for most businesses. We recognize that owning a small or medium-sized business doesn’t protect you from hackers. In fact, they increasingly target smaller businesses because the security efforts are often much easier to get past than the larger enterprises. You have to be concerned about the rising instances of ransomware and other cybersecurity attacks. Companies today are finding that securing their own network is only part of the strategy. Unfortunately, their employee’s mobile devices also increase their risk of exposure.

    The Rise of Bring Your Own Device Culture

    Not long ago, companies were widely using a strategy that advised that none of their employees could access the network from private devices. Employees had to be on-site in order to work with documents or access the database. Today, that’s largely impractical. Employees are increasingly mobile. They access their email and log into cloud platforms from their mobile devices regularly. Disallowing this practice might severely hamper your ability to stay competitive. Not allowing personal devices is a mistake. Instead, develop a Mobile Device Policy that your employees need to follow.

    Developing a policy for your employees where cybersecurity and mobile devices are concerned is the best line of defense. This allows your employees to use the latest technology to increase productivity and improve customer service. At the same time, you’re mitigating the risks caused by devices that are not overseen by your IT team.

    Things to Consider in Your Strategy

    When developing a strategy for devices, here are a few things to consider:

    • Mobile Apps. One of the key ways that mobile devices pose a security risk is through apps that are not safe or unvetted. There are a million mobile apps available for every type of task. The best way to make sure that your employees aren’t using apps that pose is risk is by developing a list of acceptable apps.
    • Educate Your Employees. Risks through mobile devices are only getting higher. More attacks are focused on the mobile user because hackers know that people are less vigilant when they use their phone, and they use their phones far more often than other devices.
    • Don’t Use Links in Email. Users are far more likely to fall for phishing scams through mobile devices. It’s easier to detect a scam email on a larger screen.
    • Mandate Authorization. Password or facial recognition authorization should be used on all mobile devices where employees access business documentation. This is a good practice in general.

    Integrated Axis Can Help Your Team with Cyber Threats in 2020

    If you’re looking for additional help with your cybersecurity strategy, contact Integrated Axis today. Our experienced staff can assess your business and help you build the best cybersecurity process to mitigate risks.

  3. 5G and Cybersecurity Implications

    Comments Off on 5G and Cybersecurity Implications

    Cellular service has always been about speed, even from the very beginning. The lower the call drop rate, and the more dependable the connection, the better a carrier fares. As mobile phones have moved away from calling functions to become mobile computers, speed definitely matters. 5G, the common shorthand for “Fifth Generation Cellular Wireless” is the latest breakthrough in cell phone speed, but it’s more complicated than you might think.

    What is 5G?

    Strictly speaking, 5G doesn’t have a clear-cut definition – other than the fact it’s currently the fastest wireless data transmission speed. It refers to a generation of cellular speed, but within that generation, there are various definitions – low, mid, and high-band – for starters. While cellphone companies use “5G” as a sort of catch-all in terms of phone features, this isn’t entirely accurate. Just because a phone is 5G compatible doesn’t necessarily mean that it will operate at 5G speeds – only that it is capable of doing so when they’re available. The practical uses of each wireless generation tend to lag, which means we likely won’t see the apps, programs, and more that use 5G until well into 2021.

    How Can 5G Help My Business?

    One of the most exciting potential uses for 5G is an expansion of the IoT, or Internet of Things. This is the network that allows a business owner to monitor realtime stock movement in their warehouse, or determine things like foot traffic via sensors in their stores. Think of it as Bluetooth-on-steroids: it’s a vast, observable, and controllable network of “smart” devices that help by producing data and, in some cases, controlling automation. 5G connects all of these components and puts a business owner in control of it all via cellular transmission.

    Is 5G Safe?

    Because 5G is so new, serious online threats haven’t made it into the 2020 headlines quite yet. This doesn’t necessarily mean that it’s safe, however. 5G relies mainly on software where its predecessors relied on hardware, this makes it agile but a prime target for hackers. As users rely on 5G to control smart home functions, serve as a biometric or location-based key, or even start up a connected car, cybercriminals are taking notice. When hackers can access your connected lights and cameras, your car’s engine and locks, and your phone itself, “breaking into” your life is as easy as building the right malware.

    This is an exceptionally troubling security risk for businesses, as they keep not only their own data secured but often their customers’ as well. Though each 5G-connected device or module adds flexibility and control to the mix, it’s also a potential “open door” for a breach if a determined hacker wants to get in. For example, in 2017, hackers were able to access a casino’s database through an unlikely weakness: the wi-fi connected thermometer in a large ornamental fish tank.

    Cybersecurity Protections for 5G

    If the business tech your Tucson or Phoenix-area company uses will potentially connect with or use 5G, protect yourself with an assessment from Integrated Axis. Cybercriminals won’t wait for a new year of innovations to start trying to force their way into your data, so don’t wait to protect it. With more than 20 years of experience protecting our customers, our cybersecurity team is ready for the 5G revolution, and we’re looking forward to helping your company navigate it. Contact us today!

  4. Business Tech: Cybersecurity Checklist for 2020

    Comments Off on Business Tech: Cybersecurity Checklist for 2020

    As we enter 2020, the new year is a great time to assess your IT processes and see where your cybersecurity protocol might need to be improved. Whether you’re doing a fantastic job with data protection, or you need to shore things up, it’s always best to know where your company stands in terms of security. There are new scams and malware threats to beware of all the time.

    At Integrated Axis Technology Group, we offer comprehensive assessments to help companies stay up-to-date on the latest cybersecurity best practices. If you’re taking some time to assess your overall performance, this list will give you a good overview of where to start.

    Cybersecurity Checklist for 2020

    A security breach can bring even the most prepared company to a standstill. Making sure that each of these areas of your cybersecurity protocol is strong can help you fend off hackers and mitigate any damages quickly in the event of a breach.

    • Password Protection. Setting a password protocol for your employees is essential. One of the easiest ways for malicious actors to gain access to your database is through poor password procedures. Make sure all of your employees are using passwords each time they log into devices and platforms housing company data. They should be using strong passwords, and each password should be unique.
    • Secure WiFi Network. It’s common for most companies to use WiFi to some degree, and this means that you have to make sure that your network is adequately secured. You should also make sure employees are not using unsecured or public WiFi networks to log into your database or any email accounts which contain sensitive correspondence.
    • Educate Staff. Yearly cybersecurity training for staff should be mandatory. Your employees can’t follow best practices if they aren’t aware that their actions can be dangerous. You should also make it a practice to update staff if you become aware of a new hacking campaign or threat that they should be guarding against.
    • Use and Update Virus Protection. Virus and malware protection programs should be updated regularly and used to protect your system. When correctly updated, good software will alert you and quarantine any malicious virus before you’ve experienced any real damage.
    • Cloud Computing Cybersecurity. Cloud computing options often include data security. You should be aware of the type of security offered with your cloud computing platforms and whether added protection is advisable. You should also follow best practices when logging into cloud-based platforms.
    • Managed IT Services. Managed IT Services provide you with industry expertise on a constant basis. This means that your IT service will monitor your cybersecurity and mitigate any threat immediately. Another option is to work with a technology company on a project by project basis to help you shore up your own internal IT department.

    Are You Searching for a Managed IT Service to Help with Your Cybersecurity?

    If you’re looking for an experienced company to assess your cybersecurity protocol for the new year, contact Integrated Axis today!

  5. New Orleans & Cybersecurity

    Comments Off on New Orleans & Cybersecurity

    In mid-December, the city of New Orleans suffered a cybersecurity breach so severe the mayor called a state of emergency, demonstrating a significant change in the cybersecurity landscape moving into the New Year.

    The ransomware attack in New Orleans began about 5 a.m. Dec. 13, when “suspicious activity” was detected on the city’s network, according to NOLA Ready, a local emergency preparedness campaign managed by the Office of Homeland Security and Emergency Preparedness. Citing a tweet from NOLA, Forbes magazine reported “activity indicating a cybersecurity incident was detected around 11 a.m.” More than 4,000 city computers were affected.

    Upon detecting the suspicious activity, the city’s IT department ordered all employees to shut down their computers, disconnect from the Wi-Fi, and unplug their devices. The city powered down all its servers.

    Damage Caused by Cybersecurity Breach

    Later that day in a press conference, Mayor Latoy Cantrell confirmed the security breach was due to ransomware, which infects a network or device and encrypts the data, making it unusable until the owner pays a ransom. Cantrell filed a declaration of a state of emergency with the Civil District Court, stating in the document that the city of New Orleans anticipates “various state and city agencies will need to work cooperatively to mitigate any damage, current or future, as a result of the cybersecurity incident.”

    New Orleans Chief Information Officer Kim LaGrue told WWNO, a station affiliated with New Orleans Public Radio, that the city was “prepared for a ransomware attack,” which means they had backups of the targeted data. According to LaGrue, the attack didn’t progress to the point where a ransom was demanded. The city’s strategy is to simply recover the data and return the system to normal.

    However, while IT engineers inspected the affected computers and systems, many city employees – including the police department – were unable to access the technology necessary to perform their jobs. Meanwhile, the cost of rebuilding the city’s computer network was approaching $1 million as of Dec. 16th.

    City officials from New Orleans have not publicly identified what type of ransomware was deployed in the attack. Still, several cybersecurity experts believe the likely weapon was RYUK, which hit state government servers in November, according to NOLA Media Group. RYUK, which is tied to organized crime, is a type of ransomware that infiltrates a computer, encrypts files, and demands payment – often in bitcoin – to decrypt the information.

    Cyber Threats: A Perpetual Problem

    According to Forbes, the FBI on Oct. 2 issued a cyber-attack warning in response to attacks on state and local governments, healthcare organizations, industrial companies, and the transportation sector. While the frequency of attacks remains about the same, the sophistication of the attacks is increasing. They also are more targeted and costly for victims.

    NOLA Media Group cited a study from Emisoft released in mid-December that claimed the U.S. faced an “unprecedented and unrelenting barrage of ransomware attacks” in 2019. Nationwide, approximately 103 state and local governments and agencies, 759 healthcare providers, and 86 school districts, universities, and colleges were hit by cybersecurity attacks.

    Heading into 2020, both public entities and private businesses should ensure they are protected against digital infiltration perpetuated by organized crime groups and individual actors. This means not only implementing safeguards against attacks on business tech but also having a disaster response plan. IT companies such as Integrated Axis Technology Group (IA) provide IT security services to ensure businesses’ networks are protected in the face of evolving cyber threats. From risk assessment and analysis to penetration testing and network monitoring, Integrated Axis can help companies in the Tucson area strengthen their ability to mitigate and recover from cybersecurity attacks in the New Year.

  6. Password Management & Cybersecurity

    Comments Off on Password Management & Cybersecurity

    Cybersecurity information is readily available and widely circulated today. So have online hacking incidents decreased substantially? Not exactly. Hackers are still targeting personal credentials because they’re a slam dunk way to gain access to private information. According to Verizon’s 2019 Data Breach Investigations Report, stolen credentials account for 29% of all breaches, with 80% of hacking breaches traced back to weak or stolen passwords.

    We’ve talked at length about email security and the risks of password compromise under the Business Tech topics on our blog. Today, we’d like to give you concrete, actionable steps to protect your email privacy.

    Best Practices for Your Email Security

    Email has become so commonplace that individuals are often desensitized to how much delicate information they may contain. Leaving email accounts unprotected on multiple devices is like leaving your front door open. If you think of your email as your home and envision it in the worst possible neighborhood, you’d use a lock. In fact, you’d probably use several locks and an alarm system. That’s precisely how you should approach email security.

    Here are some best practices for you to mandate for your entire team:

    • Make Unique Passwords Mandatory. A common mistake is that people are using the same password across multiple accounts. If you use the same password for your private email as you do for your work email and other accounts, the hackers only have to compromise one account to have access to all of them.
    • Passwords Should Be Complex. Using personal information or simplistic passwords is another common mistake. You need to stay away from using words or information that can be guessed by knowing you or following you on social media. Ideally, passwords should appear to be a random sequence of numbers, letters, and symbols.
    • Turn Off Auto-Fill. Auto-fill seems like a godsend. It eliminates a lot of time filling out information repeatedly. But it also means that all of that information is stored where malicious actors can get it. There are even phishing attacks targeting this exact technology. Remember, the things that save us time are often the biggest holes in security.
    • Use a Business Password Manager. Keeping passwords written down can be dangerous, but if you’re following best practices, you’ll have a lot of hard to guess passwords to keep track of. Using a good password manager app can help you maintain the highest level of security in choosing passwords and making them safe.
    • Never Leave Devices Unprotected. You should need to use your password every time you check your email on every device. The same goes for other accounts.

    Looking for Expert IT in the Southwest to Manage Your Cyber Security?

    If you’re concerned about cybersecurity, contact Integrated Axis today. Our experienced technicians can assess your process, help you find the best software solutions, and develop a reliable protocol to make sure best practices are followed to protect your company’s privacy.

  7. Business Security: Malware to Watch Out For

    Comments Off on Business Security: Malware to Watch Out For

    The last thing you want to hear is that you have malware on any of your devices. Even worse is finding out you have malware that has infected your business computers.

    Business malware works the same way as other types of malicious software — and its aim is to get into your machines and compromise your data. As far as tech security measures, malware represents a dangerous threat for individuals and business safety.

    Types of Malware to Watch Out For

    Skull and crossbones behind the word "Malware," surrounded by red coding numbers.

    Data breaches must be avoided at all costs. The information held in your company’s computers and devices can leave you open to malware, identity theft, and even the loss of employee or customer records. Malware might seem like a small and easily managed threat, but new malicious software is developed all the time. It’s the most common way that hackers are able to gain access to your systems.

    Staying up-to-date regarding new, trending malware can help you avoid user errors that usually allow these scripts access to your devices.

    Recent malware threats to be aware of:

    – Trojan Word Doc

    This is a newer threat that’s easy to fall for. A word document is corrupted with a Trojan virus that then invades your machine. Because the file is a word document, it’s often downloaded via email. Trojans have become prevalent recently, but they’re relatively easy to guard against if you avoid opening documents that aren’t from a verified sender.

    – Adware

    Most people don’t know that adware is malware. It doesn’t usually steal information or compromise your data; it just gives you a bunch of ads to ignore. It does, however, open the door for hackers to get into your devices, as this article in Wired points out.

    – Ransomware

    A person on the computer trying to defend against a ransomware attack.

    Using new ransomware to hack data has gained momentum over the last few years, often targeting larger organizations. The malware invades your system and locks you out. Often the hackers then have access to your data, at which time they insist you pay them an incredible amount of money to restore your system.

    – Point of Sale Trojan 

    These Trojan viruses infect POS systems, stealing customer financial information. This type of malware can damage your reputation with customers and have a long-lasting impact.

    For most businesses, the best way to guard against malware is to develop a suitable protocol for employees to follow while on the job. Many of these types of breaches occur because best practices aren’t employed. Hackers are getting more sophisticated in their tactics to elicit a response, which makes them harder to guard against.

    Phishing is a common way for computers to get infected. This is where an email is sent with a corrupted link or

    If you’re concerned about your level of security or are interested in an overall document. The malware can only be installed if the recipient clicks on the link or downloads the file.

    Are You Looking for an Experienced Partner in Your Technology?

    IT consultation, contact Integrated Axis today. Our experienced staff can assess your business security strategies or help with any individual technology services you might need.