Tag Archives: security

secure socket layer

Securing Your Website With SSL Certificate

The Internet has made sending and receiving information online a breeze. But there is also the threat of unauthorized viewing, data tampering, and phoney messages. Surprisingly, a lot of business owners do not fully understand how to use security tools at their disposal to keep cybercriminals and hackers at bay. It can be a real challenge to know where to start, when you are defending against malicious code that can damage your system and against cyberthieves on the lookout for sensitive data to sell on the black market. One thing every business can do to protect their website and customers is to use Secure Sockets Layer (SSL) certificates, particularly if they run an e-commerce site or collect personal customer information through their site.

What Is SSL?

The Secure Sockets Layer (SSL) is the most widely used Internet security protocol used today. This encryption technology protects your sensitive information as it travels between the visitors’ web browser and the web server of the website they are interacting with. This secure link ensures that all data is transmitted without being intercepted by prying hackers.

SSL encrypts all data before it is sent so that no one besides you and the website you’re submitting the information to, can see and access what you type into your browser. Random characters are inserted into the original information to make it incomprehensible for anyone without the proper encryption key. Therefore, if it does fall into the wrong hands there is nothing to worry about since the information is unreadable.

SSL Certificate Basics

When you visit a website that has an SSL certificate issued by a trustworthy authority, your browser (i.e. Internet Explorer®, Firefox® and Chrome™) will form a connection with the webserver, recognize the SSL certificate, and then connect your browser and the server so that confidential information can be exchanged.

To enable SSL on your site, you need to get an SSL Certificate that identifies you and install it on your web server. The SSL certificate must also be digitally signed by another trusted root certificate to prove that the SSL certificate provider can be trusted. Business owners can get standard and extended certificates along with tools to manage multiple certificates or security challenges.

Steps For Getting A SSL Certificate

Once you have selected Certification Authority vendor, send a request for certification and pay for the certificate.

Every CA will provide a Certification Practice Statement (CPS) with more specific information about their verification process and how long it will take to receive approval, depending on the complexity of your organization and the type of certification applied for. Business owners then have to go through various stages of vetting before they can install the certificate on their site and connect to a secure server on the web.

When the SSL Certificate is installed properly, you can access a site instantly by changing the URL from http:// to https://. The secure connection happens instantly and technically.

How Can Consumers Tell if a Website is Certified?

SSL is a transparent protocol which requires no interaction from the end user. Users can verify whether the web address in their browser displays a padlock, or, in the case of Extended Validation SSL, if there is both a padlock and a green bar. This assures visitors that the site is SSL certified and that your connection is automatically secured.

How Can SSL Be Used For Business?   

The most common applications of SSL are to secure payment transactions, system logins, email, data transfer, and any other sensitive data exchanged online.

If your organization has to comply with regional, national or international regulations, such as Payment Card Industry compliance, on data privacy and security then you will need an SSL certificate with the proper encryption. EV SSL provides advanced security measures to deal with the bigger risks that come with e-commerce today.

SSL is critical for protecting sensitive information such as customer names, phone numbers, addresses and credit card numbers. It also defends your site from malware and prevents malvertising from eating into your resources.

SSL secures webmail and helps establish secure connection between an email client such as Microsoft Outlook and an email server such as Microsoft Exchange.

SSL can also be used to secure intranet based traffic such as internal networks, extranets, and database connections. It also helps transfer of files over https and FTP(s) services safely.

Future-Proof Your Site With SSL Certificate

Online businesses can gain and retain their customer’s trust by getting SSL certification.  Lunarpages offers free dedicated  SSL certificate  and dedicated IP’s with all of our business plans or you can get a Dedicated SSL certificate on your account. Shared SSL certificate will function only with HTML, and cgi/perl based documents/scripts/carts but it will not work with ASP, JSP or PHP pages because of security restrictions on the servers. For that you will need to purchase a Dedicated SSL Certificate and Dedicated IP. If you’re still unsure about how SSL will affect your website, contact Lunarpages at 1-877-586-7207 (US/Canada) to know more.

Ransomware

Protect Your Systems Against the Real Threat of Ransomware

The threat of  ransomware is real businesses and enterprises across multiple industries face daily challenges from external threats such as computer viruses and emerging malware and spyware – any one of which can potentially wreak havoc on their internet-technology systems.

No One Is Safe

Are you aware of the most recent multi-million-dollar crime extortion malware vexing everyone from hospitals to banks, police departments to even Congress?

It is ransomware and it is the latest type of malware developed by hackers to lock the system, compromise sensitive data on hard drives through encryption or prevent the computer from booting up at all.  The hackers do this with one goal in mind.  To extract money from unsuspecting victims. These victims get locked out of their computer making it incredibly difficult to gain access to all the files and other sensitive business data without the encryption key. Usually the ransom has to be paid in newer electronic payment methods such as Bitcoin and Ukash so that it cannot be traced back to the culprits. Moreover, businesses can potentially suffer a full scale data breach from ransomware infections resulting in huge fines and loss of consumer trust.

Evolution of Ransomware

Yesterday’s annoying viruses have now evolved into terminal malwares designed to steal money from its victims.

Though ransomware first came into circulation on a widespread scale in Russia between 2005 and2006, it has begun making regular headlines since 2013 with the arrival of CryptoLocker and its many variants like CryptoWall and TorrentLocker. This type of ransomware was created to encrypt files on the infected machine and to identify the country from its IP address so that the extortion message to buy the decryption key could be delivered in the local language.
With technological advances and the rise of ‘Ransomware as a Service’, hackers have progressed from targeting home users to much more sophisticated attacks on SMB’s and enterprise networks. Cyber attackers have built robust platform infrastructures using Domain Generated Algorithms and assets in Top Level Domains, Generic Top Level Domains and Country Code Top Level Domains. According to a recent report by Intel Security, the ransomware industry has grown exponentially by over 3,000% since 2012, with new threats being discovered every year.

Some of the new varieties of ransomware holding businesses to financial ransom over their data, such as Petya, Dogspectus, Ransom.Win32.Xpan and Princess Locker, display potency across infection vectors and have selective encryption and target-awareness capabilities.

Before learning how to protect your business from these dangers, you must first understand how ransomware infects computers as well as the mode of infection.  Also, become familiar with what steps your company must take to prevent, track and respond to ransomware attacks.

How Can Ransomware Get on My Computer?

Ransomware attackers utilize a number of techniques to infect users, from spear-phishing campaigns, email lures, and exploit kits, and other infections such as Angler.
Users can accidently infect their own computers with Ransomware through one of many seemingly-innocuous actions, such as inadvertently opening an infected email attachment, clicking on a malicious link or malvertisement or even visiting a compromised site.

Attackers find it much easier to gain entrance through existing browser or OS program vulnerabilities – caused by irregular updates – or weaknesses caused by previous machine malware infections.
Malware can also spread through infected removable drives including USBs and portable hard drives, and by application downloads with infected software bundles such as browser toolbars, instant messenger apps, third-party .exe files or software key generators.

Defensive Strategies to Protect Against Ransomware

No company should be without a strategy to prevent, detect, and respond to ransomware attacks as they can make your data inaccessible and grind your business to a jarring halt. While there may be no magic bullet to keep your organization’s data safe from ransomware, there are a number of steps every business should take to drastically reduce their chances of infection.

  • Educate end users about ransomware: As they say, the best offense is a good defense.  And, the first line of defense against ransomware is user awareness and education. You can block malware considerably by training employees through a variety of security awareness programs. Employees can be taught to recognize the potential dangers of opening attachments from unknown people, or clicking on suspicious links.
  • Learn about social engineering: Understanding how resourceful hackers use social engineering and clickbait techniques to spread infection can help end-users avoid those pitfalls. Periodic training sessions through interactive discussions can help employees remain alert to potential security threats they may encounter in cyberspace.
  • Authenticate incoming mail through scanning and enable filtering on your mail servers: All inbound emails should be scanned for known threats to block any suspicious attachments. Most email servers enable flagging of incoming mail that does not pass tests such as reverse IP lookup, SPF and DKIM records to filter potentially dangerous emails. Email servers can also be configured to automatically disallow any executable file with an EXE, COM or SCR extension. These preventative measures work well to stop ransomware distribution through emails.
  • Protect your system using mitigation strategies: It is possible for SMBs to protect against ransomware through controls such as application whitelisting, ensuring proper patch management for applications and operating systems (OSes), and by minimizing administrative privileges. Knowledgeable administrators can enlist whitelisting techniques to allow only secure and legitimate applications to run on your machine, thus preventing download and installation of any other executable malware on it.
  • Desktop security: With such high stakes, businesses should not skimp on the deployment of a proper, commercial desktop security suite. Further, they should layer that security with managed endpoint solutions.
  • Patch management: Because there are no infallible security products, companies should adopt an aggressive patch management on all programs to drastically increase AV effectiveness. As mentioned, malware developers try to exploit vulnerabilities in the OS, applications and even web browsers. That is why it is important to plug security holes once they have been discovered by regularly patching software and installing critical updates as soon as they become available.
  • Limit system permissions: Ransomware usually run the execution chain from temp folder so restricting program execution from temp folders can stop malware infections from spreading further. Network administrators should also limit systems’ permissions to prevent the unauthorized installation of malware on systems without an administrator’s password. The spread of malware infection can also be limited by segmenting sharing and access rights to critical data using redundant servers.
  • Be prepared with a comprehensive data backup strategy: It is absolutely vital to establish a robust backup regime in preparation for a ransomware attack. Comprehensive backup solutions for all critical business data assets can ensure the continuity of your business in case of a successful ransomware attack by restoring local and server apps and data to its pre-infection status.
  • Get to the Cloud: Ransomware works by causing disruption to your business. You can take steps to ensure business continuity by moving to the cloud, which offers a greater level of protection and overall security to a SMB. Cloud providers bundle multiple security controls like malware scanning, enhanced authentication, data loss prevention strategies and various other protections into the service to minimize the chance of a ransomware attack.  Cloud services also offer additional protection as add-ons, such as traffic scanning and site reputation checks to counter the threat of ransomware. With your data in the cloud, it should not be a major headache if your local machine becomes infected with a ransomware.

As you can see, ransomware is a very real threat. If you do not want your business to fall victim to this menace, simply follow the best practices outlined here to prepare and to protect against your well-prepared adversaries.