Thursday, June 27, 2024

The risk of inactive/off-line systems

 The risk of inactive/off-line systems if just turned on and used

In our fast-paced world with cyber warfare going on, from nation states jockeying for the secrets of other nations with zero day hacks, to the many criminals looking for every way to get value out of everyone they can, software is constantly being patched to try and keep ahead. With so many people and businesses not patching, even old bugs are being probed all the time, and getting attacked. Using unpatched systems is a huge risk, sometimes even if just a few weeks, or sometimes days, out of date.

There are many reasons why a system might be unused for a while. They aren't just sitting there for no reason, but generally in one of the following paths

  • Primary user on extended vacation or other extended leave.
  • Pending deployment, with an active plan to do so.
  • In reserve, with not active plan, other than to be available if needed. Perhaps on an eventual path to be decommissioned.
  • On the way to being decommissioned and disposed.

If there is any intention of bringing a system into active use with little warning, they must be kept up to date, otherwise they represent a security risk as breachable/hackable defects are found but not patched. These machines would need to be regularly (every week or two) brought online and the full patch process run (Not just the few obvious ones, but the whole patch management process). This does not mean for all the system in reserve inventory, just enough for quick deployments (loaner or replacement) and the next ones are brought up to ready from extended off-line status.

Or

Any system that has been off-line for an extended time, is a huge safety risk to us if it is just deployed, until it has been through a few restarts, with time in between for the patch process to see what is needed and deployed. After the OS has gotten its patches, open the primary apps, and go to their ‘Help’ ‘About’ menu to check for any updates there. Browsers and email clients are a big target and the front lines of many cyberattacks.

If a system is on the path to likely being decommissioned, but we are just keeping it around "Just in case" then pull it out of any active monitoring systems it might be a part of, as those usually have a licensing cost you can free up, and they usually alarm/bug someone when they haven’t “called home”. Essentially some effort to ‘Mothballing’ the device, just like the Navy does with their ships, Air-forces often do with planes, or even clothes kept in the attic for that ‘maybe some day we might need this again’

There is a very active cyberwar going on, nation states juggling for control to avoid bullets, through all the criminals trying to get at what every they can grab. This has been accelerating at a rapid pace, and we can not rest on "it won't hit us" as we are all being actively probed all the time.

To be safe or as safe as possible, it is important that you keep your systems (both personal and business) as up to date as possible before and when actively using them.

Thursday, June 13, 2024

A messy computer desktop is a slow computer

How many icons do you have on your desktop? Is it just a few icons (like 15 or so) or it is so populated you cannot see your background?

The reason we ask is that each of the icons takes a finite amount of time to load and display. The further away the information that each icon represents, the longer it will take to update/load the icon. It may be just milliseconds per icon, but that does add up. This applies to folders on your desktop as well. We've seen systems with thousands of files in folders on their desktop, but after moving them to a regular documents folder off the Desktop, they noticed how responsive their system got.

Recently I was able to see a desktop on a monitor, and you couldn’t see very much of the background because of all the different icons that were there. This person was also complaining that his computer was no good because it just took way too long to start up.

Here are some questions that I asked this person about their computer.

  • How often do you reboot your computer?
  • Are all these icons on your desktop necessary?

Now these are the answers that I got.

  • I don’t reboot my system very often because it just takes way too long to start up again.
  • All of these icons are necessary so that I can do my job, and he immediately pulls up a photo that has nothing to do with work.

What is very important to understand is that a lot of the icons on the desktop were for files that he felt he needed to access quickly. Of course, these files were located on a server and not on his computer, so each took longer to load. I tried to explain to him that having all these file icons on his desktop was a major reason why his system took so long to startup. When you have icons on your desktop, what happens when the system starts up is it must look up each of these files so that it can draw it on the desktop. The more files you have on your desktop, the longer it is going to take for your system to start up and refreshes during the day. If you need access to these files quickly, it is better to have them in a folder elsewhere and then just the link to the folder on the desktop. Then the only time the files will be searched for is when you open the folder.

So, the best thing you can do to ensure that your computer starts up at a reasonable speed is to limit the number of icons that you have on your desktop, especially icons that are to remote files. Shortcuts can be useful but remember that they can also impact how you work. The convenience of all these icons has it's cost in time.

 

Thursday, June 6, 2024

Scams, scams and more scams

There seems to be more and more scams out there, and probably because people are falling for them. We recently heard that a student lost quite a bit of money from their bank account as they fell for one of these scams. Nowadays, it just seems that every day you either get a phone call, email or text message that doesn’t look like. Businesses get similar scam emails, so don’t think you are alone. Below are some of the scams that we have received in the last little while, that is not including our favourite “Duct Cleaning” phone calls.

Scams:

Netflix: Your payment cannot be completed. To keep access to the service, please visit (factious website)

  • If you don’t have Netflix never click on the link and even if you do have Netflix DO NOT click on this lick. To see if there is an issue with your Netflix account, go to where you would normally log in into your account and check the status of it.

RBC Your client card starting with 4519** has been flagged due to unusual activity. To reactivate your online access, please visit: (Factitious website)

  • All RBC credit cards start with this, so that isn’t any information that is helpful. Also, most banks have other means of letting you know that there is an issue with your card. I know that when our card had some unusual activity, we received a phone call. If you think there might be something wrong with your card, DO NOT click on the link. You can sign in to your account the normal way and check your account.

[Canada-post]Your package has been put on hold because the street number is missing from the package. Please check and submit the correct address. (Factitious website)

  • If you aren’t expecting a package to be delivered, just ignore this text message. If you are, contact the sender to see if they may have missed addressing it correctly. DO NOT click on the link no matter what.

Amazon: This is to inform you that today your account will be charged for Amazon Prime (funny the phone number you are calling isn’t linked to an Amazon account)

  • This is a phone scam that they want you to click a number on your phone and provide them with your credit card and other personal information. DO NOT click on that number.

Email: your e-mail account has been disabled and some features might be restricted or may not work. It seems there has been a violation of the terms and conditions with your email account xx@xx.ca. If the account has been already access from unusual or suspicious locations or devices, Google might have disabled it to prevent potential unauthorized access. (now the interesting thing about this one is the account that they showed had nothing to do with Google at all and the website in the form also had nothing to do with Google)

  • If you receive an email like this from a company that has nothing to do with where your email is hosted, DO NOT click on the link. Now, the other thing about this message is it contradicts itself. First it says the account has been disabled, and then it says some features might be restricted or not working. Well, if the account has been disabled, all the features won’t work.

Invoice email: Good afternoon! I am quite disappointed! Obtained the complaint from our contractor, and I have a large amount of questions. Please resolve this problem, or I shall apply legal penalties! It is very important! Copy of the complaint you’ll find via the Invoice Link lower (well we don’t do business with the company that is sending the complaint and when you read the actually working it doesn’t make sense)

  • This is something that some accounts payables or receivables may receive. Again, DO NOT click on the link that is provided. Check with others to make sure that this company is real and if not block the sending.

Summary

What we have been trying to show you is there are a lot of different methods of text, phone, and email scams that are out there. We have left the messages just as we received them to show you some of the things you can see when you take the time to really read a message. We all must be extremely careful and try and black as many of these accounts as we can. I know that it is hard to control all these scams because when one is caught, at least one more starts up, so we just must be as careful as we can.

It is very important that we start educating our kids and family members about what not to click on when they are on social media or on their email. Being able to increase the awareness of SCAMS may help fewer people become victims of them. If you have any Cyber Security Awareness available, take it as it applies everywhere. Our biggest piece of advice is if a message, whether text, call, email or any other path, doesn’t make sense, it’s best to ignore it.