Digital West Blog

KRACK Attack: Wi-Fi Hack Breaks WPA2

Posted by Digital West Inc. on 10/26/17 9:28 AM

KRACK is a Wi-Fi hack that breaks WPA2 (Wi-Fi Protected Access), the security protocol protecting Wi-Fi networks. According to Mathy Vanhoef of KU Leuven, a university in Belgium, hackers have figured how to exploit WPA2, allowing them to eavesdrop on communication from devices connected to the Internet. With KRACK, they are able to slip ransomware into websites and of course, steal private information, usernames and passwords.

KRACK (Key Reinstallation Attack), a systemic vulnerability in wireless devices, attacks the security protocol in a different way than most cyber attacks. Instead of targeting the Wi-Fi access point, it targets the various devices connected to the Wi-Fi source. Popular operating systems such as Apple's iOS, Google's Android and Microsoft's Windows could be affected.

KRACK was discovered fairly quickly and before hackers could exploit it as a large-scale cyber threat. Currently, device manufacturers are expediting security updates for their products; it's advisable to install these patches as soon as they are available. 

Read More

Topics: Digital West News, Security

Getting To Know You: Your ISP Data is Up For Sale

Posted by Digital West Inc. on 4/12/17 10:00 AM

At the end of March 2017, The House of Representatives and the Senate voted to reverse the landmark Federal Communications Commission (FCC) privacy protection regulation that requires Internet Service Providers (ISPs) to get consumers' permission before selling their data. The President is supportive of the roll back bill, meaning it’s unlikely he will veto the measure.

Just to be clear, ISPs (such as Charter, TimeWarner and Verizon) necessarily carry much of your traffic data and this allows them understand what you do online, especially your search data. Although you can switch from Google to Firefox, switching your ISP (many of which are often monopolies) to one that protects your privacy isn’t as easy. As former FCC Chairman Tom Wheeler told the Huffington Post, “…if I don’t like the practice of my network provider, I’m out of luck.”

Read More

Topics: Connectivity, Security

Digital West Passes Rigorous SOC 2 Type 2 Data Center Audit

Posted by Meg McCall on 12/20/16 12:38 PM

For the third consecutive year, Digital West has successfully completed a SOC 2 Type 2 examination of the security and availability of our colocation services. The exam was conducted by the independent firm, 360 Advanced, in accordance with standards put forth by the American Institute of Certified Public Accountants (AICPA). They conducted an evaluation of the controls Digital West has in place to protect our clients’ data security and availability.

Engaging in the SOC 2 exam is a demonstration of Digital West’s commitment to world class data services, and establishes us as the only carrier neutral data center between Santa Clara and Los Angeles Counties to have passed this rigorous evaluation. “Our customers have always had great faith in our ability to securely store and 

Read More

Topics: Colocation, Security

Is it safe to use Facebook credentials to login to other websites?

Posted by Sharon Durant on 11/29/16 11:53 AM

Short answer- No, not really. Here's why:

A recent vulnerability was exposed in the OAuth 2.0 protocol that opened a floodgate of exposed passwords. Chinese researchers examined 600 top U.S. and Chinese Android mobile apps that use OAuth 2.0 APIs from Facebook, Google and Sina and support single sign-on for third-party apps. They found that 41.2 percent of the apps they tested were vulnerable to their attack, including popular dating, travel, shopping, hotel booking, finance, chat, music and news apps. The researchers said the apps they tested were downloaded more than 2.4 billions times in aggregate, meaning that more than one billion are vulnerable!

If you use Facebook or Google+ login credentials to sign in to other websites, your password could be 

Read More

Topics: Security

Secure Your Business with these IT Policies

Posted by Sharon Durant on 9/30/16 12:40 PM

Employees are one of your biggest security holes. There is no foolproof prevention method for human error, and this is why employee mistakes are one of the most common causes of a security breach. So what can you do to prevent it? Well at the very least you need to include policies in your employee handbook, and ensure your employee reads through it and signs off on agreeing to abide by them. Having measures in place drastically reduces the chances of a security breach. Here are four areas to keep in mind when developing your own.

Read More

Topics: Security

Top Ten IT Concerns for CIOs in 2016

Posted by Meg McCall on 9/15/16 1:03 PM

The Society for Information Management (SIM) published a report not too long ago defining the Top 10 concerns that CIOs have in 2016. Not surprisingly, “security and privacy” and “cost reduction” were on the list, but what is notable is the growing understanding that technology and business must work hand-in-hand. A company’s IT investments are key factor in its ability to innovate, to create efficiencies, to create alignment.  This quote from the report summarizes it well:

Read More

Topics: Digital West News, Security

Don't let hackers fool you with these tricks

Posted by Digital West Inc. on 8/29/16 11:00 AM

According to several reports, the volume of malicious cyber attacks have increased since the beginning of the Rio Olympics. And even though our devices have the latest network security systems, hackers have a cunning trick up their sleeves -- social engineering. Unlike malware and other viruses, social engineering tricks people into divulging sensitive data to hackers. Unfortunately, businesses are also vulnerable to various social engineering tactics. As a business owner, you should be vigilant of these common scams used by hackers.

Read More

Topics: Security

Sophisticated new malware, Project Sauron, discovered

Posted by Meg McCall on 8/10/16 10:04 AM

Kaspersky Lab and Symantec, two leading security providers, have discovered a sophisticated form of malware that went undetected for five years. It’s called Project Sauron, a reference to JRR Tolkien’s dark lord.

Read More

Topics: Security

Risks Financial Firms Face

Posted by Sharon Durant on 8/5/16 12:15 PM

TTP’s stands for threats and tactics, techniques and procedures, the number of which has been gradually increasing since 2015. The financial services sector has long been the target for cyber criminals, where they apply a myriad of techniques ranging from social-engineering to credential-stealing malware. This means the time for security professionals to boost cyber situational awareness has never been more fitting. These are the seven latest threats that have recently surfaced:

Read More

Topics: Security

Utility Tech trends for 2016

Posted by Digital West Inc. on 7/7/16 11:00 AM

The Grid is a part of our every day lives, so innovative technology for industries in the business of energy and basic utilities must be extremely reliable and secure. While technology can be testable in some other industries, utility companies cannot afford that flexibility. Technologies that reduce costs, increase efficiency, allow for real-time decision-making and improve performance remain top priorities.

Utility Tech Trends

    • Management Software for Distributed Energy Resources: These platforms enable better management and ensure quicker responses in grid performance. Utilities need robust software to manage microsecond decisions about the variability and demand for electricity sources, for example.
    • Lower LiDAR Costs: “Light” and “Radar” equipment that captures and converts data into 3D imagery will enable utilities to capture 3D data of trees and other vegetation close to wires and lines. They can then plan ahead and trim vegetation and avoid unexpected outage costs.

 

Read More

Topics: Remote Backup, Cloud Computing, Security