Why You Should Upgrade to a Managed Synology Router

When was the last time you did a security update on your Wi-Fi router? When was the last time you changed its password? Did you know that your Wi-Fi router could be infected with malware that’s monitoring and potentially stealing information from your network, right now?

For many home offices and small businesses, a Wi-Fi router is an essential piece of equipment. As long as it seems to be working, it also tends to be invisible and overlooked. That’s why routers can be very tempting targets for those seeking to break into your network or intercept your data.

To help you protect yourself and your business, Visibil.IT offers our managed Synology router. With a managed Synology router, you get higher security without having to keep up with the latest security threats, updates, and patches yourself. Let us do the work for you!

 

Routers Are Under Threat

In April 2018, the FBI, Department of Homeland Security, and the United Kingdom’s National Cyber Security Center issued a joint Tactical Alert. This alert warns that Russian state-sponsored hackers are carrying out attacks by exploiting network devices, particularly targeting the kinds of routers designed for small office/home office (SOHO) use.

Then in May 2018, DHS and the FBI issued another alert, this one warning about a specific malware called VPNFilter, which targets SOHO routers. Researchers found that this malware had infected over 500,000 devices worldwide, in 54 countries.

Further investigation found that this malware was developed by a Russian hacking group, like the ones warned about in the earlier alert. The malware can infect a wide range of routers, including models made by Netgear, LinkSys, MikroTik, QNAP and TP-Link.

 
Once it has infected a router, VPNFilter can cause a great deal of damage. For one thing, it can collect communications going through the router. The FBI warns that this could lead to the loss of proprietary or sensitive information.

VPNFilter can also take control of the router and use it to launch attacks on others. Plus, the attackers can command the malware to destroy the router itself. For many business, losing their network even for a few hours can cause serious problems.

 

Why Are Routers Being Targeted?

As TechRepublic reports, it appears that targeting routers may be the next big trend in cyberattacks. There are a few main reasons for this.

  1. The FBI’s April alert points out that the security of routers is usually not maintained as well as the security of other devices such as servers and desktop computers. In other words, they tend to be invisible and overlooked, as long as they seem to be working.

  2. The FBI warns that SOHO and residential-type routers in particular don’t generally run anti-virus or other security tools. Plus, owners don’t always remember or know how to change the default passwords and other settings.

  3. Sometimes the issue is that owners don’t regularly perform security patching or that patches aren’t available.

  4. And another reason routers are so vulnerable is that vendors produce an extremely large number of different models. The vendors themselves may have difficulty supporting and providing updates for all those different devices.

  5. Ultimately, routers are also popular targets because once a hacker takes control of a router, they can do a lot with it. As TechRepublic puts it, the thing about routers is that they are both “high value targets” and “low-hanging fruit.” In other words, attacking routers is both easy and potentially very rewarding.

 

Protect Your Router, Protect Your Business

As you can see, defending your router from cyberattacks is necessary and important. That is what makes our managed Synology router so imperative.

 
You may have noticed that the list of routers affected by VPNFilter doesn’t currently include Synology. No router is invulnerable to attack, but Synology has a strong security focus with their routers. Consequently, they also have a good reputation for releasing security patches frequently.

Unlike some other vendors that release dozens of router models, Synology currently only offers two. This allows them to keep up with support and security better, as discussed above.

 
The most important piece of this security puzzle, though, is the Visibil.IT management of the router. When we manage your router or your network, that means we take care of keeping up with security issues for you.

 
We’ll set up your router so that it’s hardened against attacks, and then we’ll keep up that defense by updating it as security patches and firmware upgrades become available. We’ll monitor your router for signs of infection or attacks and take action to remove malware as necessary.


A managed Synology router may cost a little more, but it’s an investment in the security of your business. Let us help you keep your data safe and your business running smoothly!

Email Filtering and Encryption: Why Google’s Filtering Isn’t Enough

Businesses today simply cannot afford to skimp on email security. In fact, email has become the number one path that malicious attackers use to slip past your defenses and infiltrate your network. While Google G Suite offers good, basic security, it does not provide full protection against today’s quickly evolving email threats.

That’s where Symantec Email Security.cloud comes in. Symantec’s cloud-based email security solution provides the full range of protection your business needs to withstand known and emerging threats like business email compromise, ransomware and spear phishing.

 

Why Is Email Targeted?

Email has become the favored target of attacks for several reasons. First, it’s everywhere. These days, nearly every business, large or small, uses email for both external and internal communications.

This also means that email users vary a lot in their awareness of threats. Users who aren’t as aware of security risks may open attachments or click links that download malware or give hackers access to your network.

For instance, as Tripwire.com’s State of Security reports, in 2016 a police department in Dallas, Texas, was infected by ransomware through an email that came from an address that imitated a departmental email address. The ransomware encrypted police files, including documents, photographs and videos. It demanded $4,000 in Bitcoin to decrypt the files.

While the Texas police department chose not to pay the ransom, these attacks can also be very profitable. For instance, according to Symantec’s annual Internet Security Threat Report, in 2016 the average ransomware payout was more than $1,000.

One victim of an email-based ransomware attack that paid significantly more than that was the Hollywood Presbyterian Medical Center. In 2016, their network was infected by ransomware spread by spam phishing emails. Ultimately, the hospital paid a $17,000 ransom to get access to their data back.

Plus, emails themselves often contain sensitive and valuable information about a business. As a result, hackers can steal confidential data directly from the emails themselves, for later sale or other purposes.

Because email is such a tempting target for cybercriminals, it’s particularly important to ensure that your company or organization’s email is secure.

 

How Does Symantec Email Security.cloud Protect Against Threats?

Symantec’s email security solution provides a blanket of protection that addresses three major types of threats. First, Symantec defends against malware and spam using technology such as antivirus engines and reputation analysis to evaluate the links and attachments in emails.

To protect against phishing, Symantec checks links in emails before they’re even delivered, following them all the way to their final destination. This way, Symantec’s security can catch brand new phishing attacks, unlike less advanced security systems that can only detect already-known phishing links.

For additional defense against phishing, it also has the ability to identify and block emails that are designed to impersonate actual users or domains belonging to your organization. This could have prevented the ransomware attack against the police department in Dallas.

Finally, Symantec Email Security.cloud also protects against emerging threats—new and targeted attacks that may be designed to evade less sophisticated email security products.

For instance, today some malware is written so that it won’t execute unless it’s on a physical server and detects what appears to be human interaction. When Symantec detects an unknown file, the file gets “sandboxed”—isolated and sent to a physical server that mimics human behavior to see whether it’s actually a threat.

The email threat isolation capabilities offered by Symantec cannot be matched by any other email security solution available today. Suspicious links and websites are made harmless by either preventing the user from accessing them or rendering them in read-only mode so that the user literally cannot enter the sensitive information that the phishing attack is trying to capture—such as passwords.

Advanced machine learning, network traffic analysis, and behavior analysis are also used to analyze code, detect hidden threats, and find new and hidden ransomware that may be lurking inside seemingly harmless attachments.

 

Symantec Email Security.cloud Leads the Way

So how well does Symantec do in actual testing? In 2017, Symantec conducted internal testing of four email security solutions: Symantec, Proofpoint, Mimecast, and Office 365. They sent almost two thousand emails, including both clean emails and those containing malware and phishing attacks.

Symantec easily beat all of the competition. Symantec caught 98.77% of all the malicious email, with zero false positives. By comparison, the second-best security solution was Office 365, which caught only 88.11% of the malicious emails and had 0.06% false positives.

For instance, Symantec’s current Service Level Target for Antispam Efficacy is “Over 99%.” Every month, they report whether this target has been achieved. In June 2018, their actual Antispam Efficacy was 99.999986%!

 

Conclusion

Malicious attacks via email continue to rise, with new threats developing every day. Symantec’s Email Security.cloud can shield your company against both known and emerging threats. And thanks to its education and assessment components, it can even help to train your employees to guard against threats too.

Security Matters!

Imagine this: One morning, you sit down at your laptop with a cup of coffee and log on to your favorite social media site. To your surprise, you find the name of your business is listed as a trending topic. Hundreds, even thousands of posts about your business have been made in the last few hours.

At first, you’re excited. After all, going viral is every social media manager’s goal. But why have you gone viral now? What is everybody talking about?

You click on your business’ name and that’s when you make a terrible discovery. Overnight, someone hacked your network via the cheap security camera you just bought online. The hackers got into your customer files, installed ransomware on your workstations and found the digital sign on your storefront or in your lobby. Instead of showing the daily specials or educational marketing information, that digital sign is broadcasting explicit adult content to everyone who walks by!

So, pictures and videos of your hacked sign, in your business, are spreading across the internet like wildfire. Think that sounds like some far-fetched science fiction story? It happened to a digital sign outside of the Chipotle restaurant in Washington, D.C.’s Union Station during the afternoon rush hour last year.

Similar horror stories are easy to find online, from a digital billboard in Atlanta, whose regular content was replaced with the picture of a man’s naked posterior, to digital road signs in Dallas that were re-programmed to display vulgar messages rather than important safety information.

It’s a nightmare no one ever wants to experience because there really is such a thing as bad publicity. Digital signs can be incredibly useful tools for businesses, but they’re also a point of vulnerability. Malicious hackers seek them out ,not only to play highly visible and potentially destructive pranks, but also in search of backdoors to break into your business’ network.

That’s why the security of digital signage matters—to protect both your business’ reputation and its systems. And that’s why in designing and supporting the Display.Works device, security is our top priority.

Any digital sign, security camera, thermostat, doorbell connected to the internet becomes a part of the Internet of Things. The Internet of Things is the network of millions of “smart” devices that connect to the internet and share data, from televisions to toasters to exercise trackers.

The vast network created by these products is extremely vulnerable and the source of a lot of headaches for people concerned with protecting privacy and security. While nothing can ever be perfectly secure, the Display.Works system includes features that make it more secure than most Internet of Things (IoT) devices available today.

To begin with, Display.Works is a single-purpose device that is designed and hard-coded to do one thing and one thing only: Connect to the Display.Works server and display one specific webpage that you have chosen.

Unlike the laptop or desktop computer you might have used to run your sign before, the Display.Works device cannot be easily redirected to another site with the click of a mouse. And the single-purpose device doesn’t contain anything else, like financial information, that hackers could access through it.

The Display.Works device runs on Linux, an operating system less frequently targeted by malware than Windows. When running a digital sign off of a PC or Mac, one of the major headaches is the need to make sure you’re keeping current on security updates as they come out. If you miss an update, your computer and signage become extremely vulnerable, since the updates themselves act as notifications to malicious hackers of weaknesses that exist.

You can set your system to auto-update, but what if it tries to update in the middle of business hours, when you need your sign working? Display.Works takes care of this issue for you. The monthly subscription fee includes regular security updates done outside of business hours. That way you can feel confident that your system is up to date and protected without the hassle of managing it yourself.

The monthly fee also includes monitoring of your sign and notification if it goes down. That helps to ensure that if there ever is a problem with your digital signage, you’ll find out about it before it hits Facebook!

Ultimately, security matters to every business. Digital signs need to be secured just like any other important system. With the Display.Works device and monthly subscription, you get a highly secure device with the updating and monitoring necessary to keep it secure.

And that will help to ensure that when your business gets a lot of attention, it will be for all the right reasons!