Three things in life are certain: death, taxes and the persistent threat of cyberattacks. There are many layers of defense in the onion of cyber security, but at the helm is your firewall. Traditionally firewalls have always been the piece of hardware acting as a barrier between your office network and the wilds of the internet. Then in 2020 the way we work was transformed forever by the global pandemic. Nearly a third of the workforce transitioned to remote, leaving offices empty. Many employees continue to work in non-traditional spaces to this day. How can we defend them against cyberattacks if they are outside the protective reach of an on premise firewall? A firewall is a network security device or software that monitors and controls incoming and outgoing network traffic based on predetermined security rules. Think of it as a moat with a bridge and a guard shack that surrounds a castle. The guards and the moat are the firewall, acting as a barrier and between a trusted internal network (the castle) and untrusted external networks (random people trying to get in), helping to prevent unauthorized access to and from the castle while allowing legitimate traffic to pass through. The outside forces have to “check in” with the guards before they can cross the moat and access the castle.

You may have heard recently that the FBI and Cyber Security and Infrastructure Security Agency are recommending cell phone users use end to end encryption when sending text messages. Why are they doing this and how does it affect you and your business? In December of 2024 authorities revealed that Chinese hackers have breached at least 8 major telecom network infrastructures, including those of Verizon and AT&T. Known as Salt Typhoon, the nefarious actors used a “back door” that is used by U.S. foreign intelligence surveillance systems (yes that’s legal wiretapping). Senior officials within the US Government have admitted the hackers have had access since summer of 2024. It appears that they focused heavily on users in the Washington DC area.

Imagine a virus infecting over 85 million Android phones without anyone catching on. Believe it or not, this really happened in 2016! How could a virus be so easily distributed without human intervention? The HummingBad virus was a persistence rootkit, which is a very smart and nasty virus. It is difficult to find and even more difficult to remove. They embed themselves within the system without the users knowledge and they are designed to hide themselves and their activities, even from security software. A rootkit will take over an infected system on its own, or if it cannot gain root access, it will push a fake update prompt, tricking the user into installing. Once the malware has control of the device, it begins downloading and installing apps, and the lucrative business of conning users begins. The HummingBad virus was designed to click on the ads within the apps to generate advertising revenue. This inflated ad click and view counts, allowing the attackers to earn more revenue without actual user engagement. The malware also promoted and installed additional malicious

Picture this: You're witnessing the culmination of years of hard work as the first humans are about to land on the moon's surface. Suddenly, the moment is shattered by blaring alarms. This exact scenario unfolded during Apollo 11's momentous moon landing. Luckily, Margaret Hamilton and her accomplished team of NASA engineers had meticulously readied themselves for any imaginable situation. Margaret Hamilton is best known for her work on the Apollo moon missions. In the 1960s, she was the lead software engineer for the Apollo Guidance Computer, which was the specialized computer that was responsible for guiding the Apollo spacecraft to the moon. Her job was to make sure the system was reliable, efficient, and could handle the complex calculations needed for space travel. During the Apollo 11 mission, Margaret Hamilton's team faced a critical situation where the computer system on the lunar module experienced an overload during the landing. This overload was caused by an unexpected increase in processing demands as the computer tried to do numerous tasks at the same time.

In the headquarters of Cloudfare, a California based tech company, there is a most wonderous wall of mystery. Towering over the entrance, lies wall of around 100 brightly colored lava lamps. While they may be enticing to the eye, these lava lamps actually have a very important job in the security department. Cloudflare provides content delivery network services and DDoS mitigation, and they are known for using lava lamps in their offices as part of its encryption process. The concept is based on a method called "entropy source," which helps generate truly random numbers for encryption keys. Entropy sources are used in cryptography to generate randomness for various security-related processes, such as encryption key generation and secure communication protocols. Entropy, in this context, refers to the unpredictability and randomness of data, which is crucial for ensuring security and preventing cryptographic attacks.

Earlier this month a peculiar story began circling the internet: a Denial of Service attack was being implemented at the hands of millions of Smart Toothbrushes. This turned out to be false information, but could it actually happen? During a Distributed Denial of Service (DDoS) attack, a large number of compromised or infected devices, often referred to as bots or zombies, are used to flood a targeted website, server, or network with an overwhelming amount of traffic. This flood of traffic is intended to interrupt the target's normal operation, making it inaccessible to legitimate users. The threat actor can use literally any device with an internet connection – so yes, a smart toothbrush could contribute to taking down the internet! These attacks can take years of effort on the hackers part before they come to fruition. The hacker gains control of hundreds if not thousands of devices over time. They connect them to create a botnet, and use specialized software or scripts to instruct the botnet to send a large volume of fake traffic to the target. This surge in traffic can overpower the target's bandwidth, server capacity, or other resources, causing it to be

It's Time to Say Good Bye to Windows 10

Since the dawn of the digital age, companies have been storing data… and a lot of them are still storing that data 25+ years later. Should you really keep all that information? In some cases, it is legally necessary, and it is always a good idea to have backups for disaster recovery. Companies need to store data for the long haul due to a variety of reasons. It is essential for legal and litigation purposes, such as dispute resolution, investigations, and can be used as evidence. And of course, long-term data storage plays a vital role in disaster recovery, ensuring that companies can quickly recover from data loss, cyber incidents, or natural disasters. Because of this, managing the data lifecycle effectively has become a critical aspect of business. A Data Lifecycle Management plan ensures that data remains secure, accessible, and compliant with regulations. Forming a Data Lifecycle Management plan comes with its own set of challenges. Data is often spread across different systems, such as financial data stored in Quickbooks vs documents in Sharepoint or even email in O365. Stored data can be surmised into 3 categories: hot, warm and cold. Hot storage refers to data that is actively used or accessed frequently. An example would be a database. Warm storage is data that is accessed less frequently but still business critical. Cold storage is data that is saved for compliance or archival purposes. Companies must determine which category the data fits in and then choose the most appropriate and economical way to store it. Companies often use a combination of these storage tiers to optimize data management, meet varying access requirements, and control costs effectively. The next step is determining where to house the data. Each category will have its own costs and options, depending on your budget. The market shift towards subscription-based data storage services over traditional on-premise solutions is significantly impacting business decisions. With subscription models, organizations can access scalable and cost-effective storage solutions without the high upfront costs associated with maintaining on-premise infrastructure. This shift allows companies to allocate their resources more efficiently, as they can pay for storage based on their actual usage, leading to greater flexibility and cost predictability in managing their data storage needs. Lastly, when data has reached its end of life, a company must have a plan for destruction. Having a set policy on when and how to get rid of data is crucial—it helps protect sensitive data and ensures regulations are being met. Use a certified recycler to provide a certificate of destruction for any hard drives. Cloud service providers often offer data disposal such as overwriting data multiple times to prevent recovery and using encryption keys to render data unreadable. Be sure to outline a plan for internally tracking the data destruction process for visibility and accountability. With the rapid growth of data, mastering Data Lifecycle Management is crucial for organizations to safely store their data while managing risks and ensuring compliance. By proactively addressing the challenges and implementing effective strategies, businesses can streamline their operations and enhance data security in today's data-driven world.

In the history of cybersecurity, few events have had as big an impact as the Morris Worm outbreak in November 1988. Known as one of the first major worms to spread widely across the early internet, the Morris Worm highlighted the weaknesses of connected systems and emphasized the need for strong cybersecurity practices that are still important today.  The Morris Worm was created by Robert Tappan Morris, a graduate student at Cornell University. On November 2, 1988, Morris released the worm onto the internet from a computer at the Massachusetts Institute of Technology. His intention, as he later claimed, was to gauge the size of the internet. However, due to a design flaw, the worm replicated much more aggressively than expected.