Archive for the ‘Advisories’ Category

Flashdrives, they are a tremendous improvement over it’s predecessor, the floppy disk. Their capacity is thousands of times larger than a floppy, their convenience is remarkable and they work in all systems currently in use, and thats where they become a problem.

As more and more people are becoming familiar with flash drives more and more people are using them every where. From the simple single person operation to the large scale network enterprise, flash drives are everywhere. They are also largely uncontrolled. That basically means that anyone can do anything, copying data to and fro with no controls and no real worry about that data being tracked.

Now here is a real life scenario that actually happened to one of our clients. She was a small time successful operation, selling products that were not easily obtained and the clients hard to get. She ran her business for years building up this client base and working exceptionaly hard at keeping them happy. Her competition knew this and wanted to know what she was doing. Normally, in this situation the competition would saturate an area with advertising, marketing materials, ask for meetings, drop prices etc. That would work for most but a competitor decided he didnt want to go the slow route and decided to take all of her information by force. He hired a fake person with fake id and when she went to hire, gave her a history she couldnt ignore, all being fake. She hired her and she started working well. Well weeks went by and suddenly she stopped showing up for work. The owner called and called her house number, cell phone, etc and all were shut off. The employee vanished.

Weeks went by and a 250K check arrived in the mail with a letter from an attorney about acquiring her business. She was stunned as most people would be! She instantly grew suspicious. That is where we come in.

When we were called in, she informed us of the whole story and wanted to know if anything was taken or copied. As for the copier, we couldn’t tell, but as for the computer, it gave us a treasure trove of information. After analyzing the event logs, Quickbooks logs and so forth, we determined the now ghost employee had copied all her quickbooks files and vendor agreements.

After a protracted legal battle, the client was able to sue the competitor for corporate espionage and didn’t press criminal charges in exchange for payments for expenses incurred. When we got the evidence and the medium in which the data was copied, it was a simple 512 meg flash drive that could be found at any number of retail outlets in the world.

How do you protect yourself? Call us, we have plenty of packages available to get you protected today.

In the last few years admittingly Microsoft has been improving their products overall to prevent hackers and software vulnerabilities. Now you might say, that is great and it is, but one of the new problems that we are currently facing is a change in tactics. In recent months hackers have been targeting Adobe products.

Now you might say, how can adobe be a target?

Simple, Adobe develops products for all platforms, Macs, PC’s, Linux, Sco, Ubuntu, Suse, all have Adobe products in one form or another in them to make them for user friendly, such as Flash, Acrobat Reader, and so forth as used widely.

Now you might say, “I have a Mac, we don’t get viruses!” WRONG! As of September 4, 2009 with the release of Snow Leopard from Apple, apple is making great strides in trying to reduce the number of viruses and malware that enters in their systems. Yes, Mac’s get viruses but since the money is in the enterprise and Apples are not universally accepted in enterprise environments, attacking Mac based systems would not yield the kinds of results that a hacker who has spent months sometimes years working on hack would expect to get unless they target larger networks, i.e. pc based networks.

Now you say, “Well, I only read PDF documents, I don’t create them.” That’s all well and good but the actual Adobe Acrobat Reader program executes commands in the background that a compromised PDF document can access, sometimes if the settings are right, the virus or malware can have total control over the entire machine, compromising all the data within it. That is why Adobe is recommending that all users of all operating systems preform daily checks for updates to prevent zero day viruses and zero day intrusions.

At Triton Technologies we recommend checking your computers everyday if you a free standing PC or have a policy in place to do the updates at night.