i-medIT Blog

What would you do if a stranger claimed to have compromising webcam footage of you and threatened to share it with your contacts? A new, very convincing email scam is making some users very nervous.

Thanks to the advent of artificial intelligence, cybersecurity professionals have to reconsider how they approach these threats. Machine learning is one option, as it can help today’s modern solutions learn how to be more effective against advanced threats. On the other hand, what’s stopping the other side from also taking advantage of artificial intelligence? The answer: nothing, nothing at all.

Uh oh. One of your employees sat down at their workstation and was presented with a pop-up telling them that Microsoft has detected a fatal issue with their workstation, and if they don’t let someone remote in to fix it, all of their data will be lost. This could be a serious problem… especially if your employee falls for this scam and lets in a threat.

Businesses have a lot to think about, especially regarding best practices and upcoming trends in technology. Has your business been doing all it can to keep up? We’ve outlined some of the best IT innovations that we expect to see in 2018 as time goes on.

To get the most life out of your smartphone, you’re going to want to properly take care of it. Of course, this is easier said than done for a small device that’s prone to being dropped and subject to the many dangers of being transported. Here are five smartphone practices to avoid if you want your device to last.

Do you know which database management system is used by your company’s servers? Obviously your end users aren’t expected to know the answer to this question, but this is something that you, as a business owner, need to be aware of. If you don’t keep track of which database software you’re using, you might accidentally wait too long and wind up running an unsupported piece of software. For example, you need to move away from SQL Server 2005 (which is now unsupported) as soon as possible.

Hackers have proven to be a crafty and suspicious lot, and can take advantage of even the most benign technology to infiltrate networks. However, we don’t often associate them with objects in the physical world. Now, even something as simple as a decade-old communications device can be used to open the right garage doors.

Malware has traditionally targeted industries that are exceptionally profitable. For example, hackers like to target retailers for their wealth of financial credentials. One of the most profitable industries, entertainment, is also subject to similar torment, including Steam, the PC gamer’s most valuable tool for gaming binges.

Steam is a web-based distribution platform developed by Valve Corporation, which provides multiplayer gaming, among various other services, to gamers. In a way, it can be compared to cloud computing. With over 140 million active users, Steam is one of the most prominent online gaming retailers out there. In October 2013, it was estimated that 75 percent of all games purchased online were through Steam. If nothing else, Steam is a valid online computing outlet that hackers want to take advantage of.

Over time, gamers’ accounts can accrue a “value” of sorts, be it through a collection of purchased game titles, virtual items, or currency, all of which can potentially be stolen by hackers. These items might seem trivial, but they’re giving rise to a new type of hacker on the Steam scene; those who take advantage of Steam Stealer, a new type of malware that helps both experienced hackers and would-be chumps steal in-game items, currency, and other “valuable” assets from other users. This entrance to cybercrime could be seen as a slippery slope. If users find that they can steal in-game items and other valuables, they might one day decide to see if they can exploit other aspects of their rivals’ accounts, like their real-world wallets.

The most dangerous part of Steam Stealer is how easy and affordable it is to take advantage of. People who have no knowledge of malware can easily use Steam Stealer thanks to its included specializations, user manuals, APIs, and its price tag of $15. Other malware-as-a-service offerings are much more expensive and complicated to get involved with, while Steam Stealer makes it exceptionally easy to get a taste of the cyber crime scene. And once they get a taste of the proverbial slice of the Steam-pie, what’s stopping them from eating the whole thing?

In the end, these hackers won’t be satisfied until they hit the real goldmine: the wealth of financial information stored from purchasing games, and other products, through Steam’s online interface. Steam experiences its fair share of account takeovers (around 77 thousand accounts suffer from this every month), so it’s logical to assume that many hackers are after the lucrative information stored within these accounts.

As is to be expected, the best way to keep Steam safe from hackers is to practice a combination of two-factor authentication, and to remain vigilant for potential phishing scams. Changing passwords regularly also helps to keep your security in top order, and keeping a close eye on URLs can prevent potential account compromisation before it occurs.

Do these tips sound familiar? They are all, more or less, valuable tips to help you stay safe online, whether at work or at play. Just because Steam is a gaming platform doesn’t mean that there aren’t valuable lessons in cybersecurity that can be learned from it. Gamers see their precious inventories as valuable assets that cannot be replaced, much in the same way that a business owner must protect their organization’s network infrastructure and the data stored within.

If you’re concerned about the status of your data security, reach out to us at 630-549-6199. While we might not be able to help secure your Steam library, we can most certainly help with your business’s data security practices.

Consumer technology continues to grow more versatile and connected, allowing users to perform functions previously unheard of. One such piece of consumer tech is the latest in rolling security bots, the LG Rolling Bot. Basically, what you see is what you get; it’s a rolling security robot that can be controlled remotely through a smartphone.

With approximately 5.5 million new devices being connected to the Internet everyday, the Internet of Things presents the biggest security challenge to date for IT professionals. Essentially, an IoT device that’s not secured can easily fall prey to hackers, and with so many different devices being connected, it’s easy to overlook a device or two, like your security cameras.

Modern ransomware is exceptionally dangerous, even by malware standards. Ransomware is capable of locking down important files on a victim’s computer, displaying a massive threat to both business professionals and their networks, as well as the average PC user. While other types of ransomware like CryptoLocker and CryptoWall are somewhat manageable, a new variant called CryptoJoker makes it borderline impossible to recover your files.

2015 saw a significant increase in high-profile hacking attacks in organizations of all disciplines: healthcare, government, and even large entertainment companies all fell victim to data breaches. In light of these attacks, valuable lessons can be learned through analyzing the types of records that were stolen. In 2015, over half of all records exposed to hackers were passwords and email addresses.

It’s clear that your IT department should have administrator privileges with your business’s technology, but the average employee is another story altogether. Administrator privileges provide users with the ability to do many things, such as install programs and access admin settings. Administrator privileges are exactly what you want to keep users away from, and it turns out that the majority of flaws in the Windows operating system depend on these privileges.

Bad news for users still running outdated versions of Internet Explorer - Microsoft has ended support for its legacy web browser. What this means is that Internet Explorer 8, 9, and 10, will no longer be issued critical patches and security updates, making its continued use a security risk.

The average small and medium-sized business has trouble with the implementation of comprehensive IT solutions, mainly due to these organizations having fewer resources to allocate towards these solutions. This often leads to end-users implementing their own solutions, which can be dangerous under the wrong circumstances. By allowing this “shadow IT” to run rampant in your office, you’re putting business continuity, data storage compliance, and security on the line.

Direct denial of service attacks are a major problem for businesses. On one hand, they’re difficult to prevent entirely, incredibly annoying, and costly. Hackers are realizing just how annoying DDoS attacks can be, and are capitalizing on them in order to both make a quick buck, and to take jabs at organizations that aren’t necessarily doing anything wrong.

Email is (and has been) a prime method of communication for businesses of all sizes. With email comes a whole slew of issues that are essentially synonymous with the technology; spam, information overload, phishing, and information privacy. Even Chicagoland small businesses that only do business locally are at risk of these issues. Personal email accounts are equally at risk. Employing proper precautions and practices whenever communicating via email is very important to prevent the risk of security compromises, monetary loss, and even legality issues.

Your identity has quite a lot of value, especially in the wrong hands. Security firm ZoneAlarm put together some numbers in 2011 concerning identity fraud, and it even shocked us. Let's talk about a few of these statistics and what it means.

IT can be like baseball. When a team is up to bat in a game of baseball, the team at bat is allowed to keep two coaches on the field. They are called the first base coach and the third base coach. While both coaches’ responsibilities mostly have to do with baserunning, the third base coach also takes on the responsibility of relaying “signs” from the manager in the dugout to the batter at the plate.