Avosec's new security operations centre ensures users have 360-degree cyber security protection
July 14th, 1:55 AM EDT
London, UK – July 14, 2020 – COVID-19 has brought change to every aspect of life. Businesses are closed, staff are working remotely, and the global economy has slowed significantly. While many business sectors have slowed down, one sector is busier than ever – cyber crimes. In the last week of March alone, Microsoft reported more than 110,000 phishing attacks on businesses and offices. As well as focusing on their core services and products, businesses are being tasked with implementing new health and safety measures, managing remote workforces and navigating government loan programs, it’s no wonder that for many, cyber security has taken a back seat, leaving companies vulnerable to data breaches as well as serious cyber attacks.
Avosec, a European leader in managed IT services, is launching a new security operations centre (SOC) for end user clients. While the company has focused its working relationships on large organizations and businesses in the past, it is now bringing the security and convenience of its premium cyber security protection to small businesses, software resellers and computer support companies. The new service is dedicated to covering all aspects of business security needs including managed anti-virus protection, email and content filtering, and disaster recovery. Clients will have access to leading edge cyber security protection and effortless one-on-one IT helpdesk support when needed.
The online security and IT experts at Avosec encounter a sense of complacency amongst network end users on a daily basis. Perhaps out of a mistaken sense that their business won’t be targeted, or that they are too small to afford professional cyber security, most small businesses will only think about security after a phishing or cyber attack has happened and their network, customer information, and work product have been compromised. Avosec CEO explains why businesses need to be proactive with their cyber security and data recovery planning.
“With businesses suffering so much down time already, being taken offline or having to deal with privacy breaches is the last thing that companies need,” explains James Norris, CEO of Avosec. “The new SOC service being offered by Avosec will provide clients with anti-virus, content filtering and patch management services and will go a step further into fully managed backup and disaster recovery assistance. Clients will have the assurance of knowing their network, online activities and email systems are fully protected, while never having to do any of the technical work themselves.”
Avosec’s new SOC service launches this week. With offices in London, England, Sofia, Bulgaria and Pune, India, Avosec has the resources and staff to provide support and monitor cyber security for its clients around the clock.
For more information or to connect with the IT security experts at Avosec, please visit www.avosecmsp.com
For more information, or to arrange an interview, please contact below.
Company Name: Avosec
Contact Person: James Norris
Email: Send Email
Phone: +44 207 1004509
Country: United Kingdom
The cloud is popular with small businesses for storage and remote data access, but how safe is it?
Whether you’re launching a startup or have been running an SMB for years, you need to understand the technology that you use and the security measures you have in place. All businesses have the ethical and legal responsibility of keeping data secure – from staff’s private information to the data retrieved from clients. That’s why carefully selecting how your data is stored is crucial.
In this article, we will address using the cloud as a small business – from its benefits to how secure it is.
What is cloud storage for small businesses?
The cloud is used as a form of data storage that sees digital information stored in logical pools, rather than on a physical hard drive in your office. While physical servers are used to store cloud data, they are located in data centers that are managed by the host supplying the service to you (if you opt for public cloud). You can access the data server using the internet (on a web-based interface) – retrieving or uploading files in either a manual or automated fashion.
When using cloud storage, you can access your data from anywhere in the world, as long as you have access to the internet, and as many members of your team can access it as needed.
Public and private cloud
There are two options for cloud storage services: public or private cloud. While you access the data in the same way – on the internet – the services are operated by different people.
The public cloud is operated by a third party. You pay for the service, and the host is responsible for storing the data, creating an interface for access, and keeping the network secure.
If you opt for the private cloud, you are responsible for storing and accessing the data, and keeping it safe. You will manage the server that holds the information, but this will still be accessed online.
How do businesses use the cloud?
As a small business, you can use the cloud in multiple ways – whether it’s for data storage, data backup, remote working, or information sharing. The flexible nature of the technology makes it highly adaptable to most business environments and ways of working.
What are the benefits of using the cloud?
Now that we understand how the technology works and what it is used for, let’s take a look at the benefits of using the cloud as a small business.
Scalability and flexibility
Scalability is important for small businesses – your company may start to rapidly increase in size as it grows. All of a sudden, you need a much larger storage solution to house the data of new employees, new clients, and new projects.
With the cloud, you can easily upscale your business storage to suit your needs. This works the other way too – downscaling as and when you need it. The solution can flexibly adapt to your changing environment and meeting your capacity.
With the cloud, you can easily control who has access to what data. You can grant certain members of staff with higher access, and everyone can upload or retrieve any required information whenever they want, from wherever they are.
This is perfect for collaborative working and file sharing. Employees can share and co-author computer files, helping teams work together as flexibly and efficiently as possible, even when apart.
When using the cloud, you can either upload data manually or automatically. Automatically backing up your data can help you prepare for unexpected internet downtime or even ransomware attacks. This is crucial when running a small business, as any drawback can have a worse hit on SMBs. It’s always best to be prepared.
Not only does the cloud keep your data secure, but the automatic service can also help you use your time more efficiently – making for a more productive business.
Cloud storage can help you save money in multiple ways – from improving ways of working to ultimately driving revenue, to helping you avoid expensive data breaches.
The cloud can help you run operations more smoothly, with automatic systems helping efficiency and productivity – which can see you save money in the long run. It can also help improve you and your team’s ability to work remotely, saving on overhead like office space and equipment.
Using the public cloud is usually more cost-effective than the private cloud. Although you will have to pay a third-party for the service, this is much cheaper than creating your own infrastructure.
What is the best cloud storage?
There are plenty of companies that offer cloud service solutions, so it’s best to do your research. Look into the history of their security, ensuring you are comfortable with the measures they have in place. Opt for encrypted cloud storage for better security.
There are varying price points, so find an option that works for your budget.
Pros and cons of cloud computing and storage
There are several pros and cons to storing your data on the cloud. Let’s recap on what we’ve discussed:
Scalability – your cloud service solution grows as you do
Remote working – allows you and your team to work together, no matter where you are
Automation – helps you run your business more efficiently
Back up – keeps your files safe, no matter what
Security breaches – public clouds are often the target of cybercriminals
Paying a monthly fee – an additional cost each month, but one that could help you save in the long run
Too many choices – lots of businesses to pick from, which can be overwhelming.
How secure is the cloud?
The security risks associated with using the cloud differ, depending on if you use public or private.
With the public cloud, you rely on the service provider to keep your data secure. This can be both a pro and a con. While relying on someone else to secure your private information – and your company’s wellbeing and reputation – can be a daunting premise, you’re putting your trust in the hands of professionals.
Additionally, if you are not experienced or trained enough to provide your own security, this is the better option.
Running a private cloud may feel like you have more control, but this also places more responsibility on you to keep data secure for your employees, customers, and business partners.
However, because you are relying on a public service and are not the only business doing so, public clouds can become a target for cyberattacks and security breaches – this is one of the disadvantages of cloud computing and storage. Cybercriminals are going to be more interested in a cloud that holds the data of thousands of customers – and their customers’ too – than a private cloud with the information of a sole business. That said, there is no 100% safe option for cloud computing. Regardless of whether you use a private or public cloud, you must protect your business with a cloud-based antivirus solution.
One way that cybercriminals can try to breach the security is through the remote nature of the cloud. For example, cybercriminals exploit ‘bring your own device’ (BYOD) policies, where workers use their personal devices to access, store, or send data. As there are typically fewer security measures in place on home computers or laptops, and these devices may be taken out and used in public spaces – accessing the cloud using public Wi-Fi - your data is more susceptible to security breaches. That’s why your priority should be to keep your network secure and all endpoints (devices) protected.
No matter which cloud service you opt for, it’s crucial to have endpoint security in place for the devices used to access your cloud network. Whether people are working from home, in a shared workspace, or the office, when using their own devices or ones provided by the business, each endpoint must be protected.
Protect your workplace today
Avast Business offers Small Office Protection for small businesses, delivering complete next-gen online security to keep devices and data protected against the latest cyberthreats. It provides robust, real-time protection that’s easy to install, cost-effective, and reliable – so you can focus on running your business with confidence and peace of mind.
Exploring voter suppression and voter fraud in the Trump campaign
It's time for another update on election security as we draw closer to the actual November date. Our previous election blogs can be found here:
Technology and the vote
LA and Iowa primary voting issues
Black Hat and DEFCON sessions regarding elections security
NJ and other September updates
Today’s news concerns two themes: voter suppression and supposed voter fraud. First, an analysis of how 3.5 million Black Americans were recently profiled by the Trump campaign, in an article from the UK’s Channel 4 news. The group was targeted for ads to try to convince them to stay home and not vote on election day this November. A second article described how the campaign was targeting white voters with fearful social media messages to encourage them to vote for Trump. These articles are complemented by other research by the Washington Post about a Twitter account @WentDemtoRep that was removed by the platform in late August. The account featured a number of testimonials by Blacks challenging accusations of racism by Trump.
Voter suppression was part of the playbook of the Trump 2016 campaign. This article in TechCrunch describes what Cambridge Analytica did to manipulate private Facebook members’ data when working for the Trump Campaign itself. Back in 2016, many Blacks didn’t vote, thanks to various disinformation ads on Facebook and other social media platforms, according to PolitiFact here. These ads aren’t exclusive to Republicans -- you might recall back in 2012 when the Obama campaign had an app that allowed them to collect private user data and friend networks. More recently, Elizabeth Warren’s experiment with placing a phony Facebook ad back in October 2019, using its example to call for better accountability from the platform. These same targeting methods are still widely in use by many campaigns.
This isn't the first time this is happening
Voter suppression also isn’t new: There was a lot of data collected by Mueller, during his investigation several years ago which showed that more than 3,500 ads on Facebook were placed by the Russian Internet Research Agency to try to convince potential Black voters to stay home during the 2016 elections. The same group also posted a series of anti-Muslim ads and organized concurrent protest rallies in Texas on opposite political sides. (You can view some of these ads in a new PBS program called Us vs. Them at the 20 minute mark, and the Amazon movie All In goes into detail about the long history of voter suppression in the south.)
One thing that doesn’t help voting matters is when the various state-run registration systems crash. This happened over the first week in October in Pennsylvania, followed quickly by systems serving Florida registrations. Service was restored to both by Monday, October 5. The Pennsylavnia outage was caused by equipment failure at an outsourced data center and affected other state agencies. One reason for the outage could be the system was initially constructed nearly 20 years ago and now is overwhelmed by the huge increase in mail-in ballot requests. The weekend outage wasn’t the first time the system had crashed: it also went down the day before the last day to register for the state’s primary. Florida’s registration system was overwhelmed by ballot requests hitting just before the filing deadline. This week also saw system crashes in both Georgia (where early voting has begun) and Virginia (where a construction crew cut a fiber optic cable that brought down their online registration portal). The voting machine failures in Georgia contributed to long waits at various polling stations.
Contrast what is happening in Colorado, where they have been voting by mail for many years. I recently spoke to Trevor Timmons, the CIO for the Colorado Department of State, the agency that supervises its elections. In its June 2020 primary, more than 99% of registered voters submitted mail-in ballots. The state maintains duplicate data centers with active failovers to handle potential outages. “And we do plenty of load and failure tests to ensure we have sufficient capacity,” he said. “We don’t want to create our own denial of service incident if we don’t have sufficient processing capacity.” He mentioned that almost every state should have tested its mail-in processes out during the primary season to learn any weak spots.
The other bit of news is the result from another investigation, this one by the New York Times into voter fraud. Trump has brought up this issue in numerous rallies, including mentioning it several times during his first live debate with Biden in late September. The Times wrote: “Voter fraud is an adaptable fiction, and the president has tailored it to the moment. It is nothing short of a decades-long disinformation campaign — sloppy, cynical and brazen, but often quite effective — carried out by a consistent cast of characters with a consistent story line.”
There have been many studies of potential fraud claims, including this recent FBI advisory that didn’t find any direct evidence. “During the 2020 election season, foreign actors and cyber criminals are spreading false and inconsistent information through various online platforms in an attempt to manipulate public opinion, discredit the electoral process, and undermine confidence in U.S. democratic institutions,” the advisory stated. Colorado’s Timmons hears from many of its citizens and advocacy group members about potential fraud cases, “but the reality is that our ballots are mailed to specific people, the registered voter. The return envelope is signed and we then compare the signatures.” Timmons says his goal is to dispel any uncertainty and help people understand how mail-in ballots move through the process.
Facebook attempts to do its part
In anti-fraud efforts, Facebook has announced they will reject ads that wrongly claim victory in the US presidential race prematurely. It will also ban ads that claim widespread voter fraud and will also ban ads the week before the election. Google is also banning ads placed after the polls close too. Given Facebook’s spotty record at protecting its members’ privacy, this is long overdue.
The FBI advisory suggests several strategies for voters to evaluate any potential voting fraud claims, including:
Rely on state and local election officials for information about voter registration databases and voting systems.
Refer to the CISA elections security guidelines that were published last year that documents what state elections officials can do to better protect their elections.
View early, unverified claims with a healthy dose of skepticism.
Verify through multiple reliable sources any reports about compromises of voter information or voting systems.
Advice from teachers on adjusting to the new normal of distance learning and using tech with students
Gabrielle Nelson, sixth grade teacher at Roosevelt Elementary School in Redwood City, California, learned one thing quickly when school came back this fall: Sixth graders know tech. Whether it’s cutting together videos for presentations or even just connecting easily to the virtual classroom, her students continued to blow her away with their almost innate understanding of technology.
Then she got an email from a student that started with “Bruh, I don’t understand how to…,” and she realized she still had a lot of wisdom to impart.
Brushing up on both tech and life skills
Ms. Nelson took that email as an opportunity to hold a mini-lesson on email etiquette and the difference between professional and personal use of tech tools. It was an unexpected teaching moment that required her to be creative and flexible, and also to figure out how to teach an important life skill to her students.
That kind of flexibility is going to be essential as teachers and students across the country head “back to school,” from home, and dive into distance learning. From unexpected teaching moments to technology glitches to entirely new skill sets, students and teachers are adapting to the new normal of online learning.
6 tried-and-true steps for staying safe online when going back to school
Back to (home) school: Preparing for continued distance learning
Teachers now wear multiple hats
Second grade teacher Felicia Tse has had to be flexible as well — especially with tech. Her classroom uses Google Meet, and she’s finding it has a lot of issues, like not letting students join or freezing unexpectedly.
“There have been a couple times already that I have gone into panic mode, unsure of what to do,” Ms. Tse tells Avast. “Now I’ve come to realize these problems are just a bump in the road. Although there will be issues that arise with distance learning, students are still motivated to learn and enjoy being with their class.”
And while Ms. Nelson is working with digital natives who have been using technology for years, Ms. Tse has the added challenge of teaching younger children, who have had less tech exposure up until now. That means that, in addition to being their regular classroom teacher, she’s also their computer literacy teacher.
Distance Learning pic 1
Credit: Felicia Tse
“Learning to type on the Chromebook, using educational apps, and becoming familiar with being online almost all day are skills that my students have had to acquire,” Ms. Tse says. “My students didn’t come to second grade knowing how to use a Chromebook, but they’ve learned how to use it quickly. They’ve also adapted to learning how to navigate different educational apps to do asynchronous school work.”
Students aren't the only ones who slip up using tech
In Monica Volz’ fourth grade class, a major tech mixup gave her deeper insight into her students’ character. In the first week of school, she accidentally assigned a few tasks in Google Classroom on the wrong dates and times. When her students pointed out that their assignment was missing, she quickly posted it. However, in her rush to get it up for them, she didn’t realize that she’d allowed them all edit access on the exact same assignment, instead of assigning individual assignments.
“The students were trying to complete their task, but struggled because there were too many students working on one task,” Ms. Volz tells Avast. “I handled this by face-palming myself for a quick second and then smiled and told the students that I am proud of how they handled the chaos. It was a teachable moment to demonstrate to them how mistakes will happen this year, even from their teacher, but I will always stay positive and kind with them and work through my mistakes.”
Her students responded in kind — and kindly.
“They learned more about me with this mistake than they would have if everything went smoothly,” she says. “I was truly impressed with their sweetness and empathy, too, so I learned just as much about them. I knew from that moment we were going to have a great year together.”
Credit: Monica Volz
And despite the inevitable tech problems, the teachers all agree that distance learning has its silver linings. The biggest one? School districts have been forced into the 21st century.
“Online learning has caused districts to purchase new online platforms and teachers to learn how to utilize these new online platforms in their instruction,” Ms. Nelson says. “Since we’re teaching a tech-savvy generation, these tools create automatic engagement and students are excited.”
But while new tech, quick thinking, and flexibility are all important, there’s one element that’s essential for every successful distance learning classroom: Patience.
“I have asked students to be patient with themselves, with their classmates, with their families, with their teachers and with their technology,” Ms. Nelson says. “No one has done this before and technology is far from perfect. A quote that deeply resonated with me is we are ‘building the plane while we fly it.’ No one can expect perfection. All we can do is try our best — and be patient.”
Recently a hacker group has devised a clever but sinister Fully UnDetectable (FUD) ransomware attack that is very difficult to detect. By running inside a prepackaged virtual machine (VM) that contains the RagnarLocker ransomware, it can use the VM’s own security isolation features to prevent detection. The compact Micro Windows XP VM is hosted by the Oracle’s VirtualBox with the proper addons to allow it full access to all the files visible by the host. As the hypervisor shields the hostile VM from the host’s security system, the VM can run undetected and encrypt all files on the host.
The knowledge of this ransomware led us on a mission to see if NeuShield Data Sentinel could recover data from this type of attack. To find out, the NeuShield team attempted to replicate the attack in their lab and record the effects of the ransomware on the host data and security system and record the results in a video. The test consists of a copy of the RagnarLocker ransomware, which was obtained from the wild and put inside a Micro XP image. The malware itself is only about 40KB in size, but the Windows XP image is about 250MB and is host by a copy of legitimate Oracle VirtualBox. A fully patched and protected Windows 10 64bit host is used in the test, along with 2.5GB of data spread across multiple local and cloud folders.
After launching from inside the VM, RagnarLocker took about 5 minutes to encrypt 2.5GB of data on the host. It also added an extension ‘.ragnar_XXXXXX’ to all damaged files. As expected, the security software on the host was not able to detect any anomaly. All data on the local and cloud drives that were accessible by the host were damaged by the ransomware. For each folder that the ransomware traversed, it placed a copy of the ransom note. An example of the ransom note is shown below:
Hello VICTIM’S NAME!
If you reading this message, then your network was PENETRATED and all of your files and data has been ENCRYPTED
by RAGNAR_LOCKER !
*********What happens with your system ?************
Your network was penetrated, all your files and backups was locked! So from now there is NO ONE CAN HELP YOU to get your files back, EXCEPT US.
You can google it, there is no CHANCES to decrypt data without our SECRET KEY.
But don't worry ! Your files are NOT DAMAGED or LOST, they are just MODIFIED. You can get it BACK as soon as you PAY.
For this ransomware, it was relatively easy to clean by simply deleting the VM images and uninstalling the unwanted hypervisor. In a real attack scenario, NeuShield recommends that customers use One-Click Restore to undo any changes made to the operating system by the ransomware or an outside attacker. However, for the purposes of this demo, we skipped ahead to the part of using Mirror Shielding™ to recover the data. As depicted in the video, all data was recovered easily and quickly.
In summary, NeuShield predicts that attacks of this nature may become more common, especially against high value targets, because it is relatively easy to evade detection using the tools hackers already have access to. In addition, the latest Windows ecosystem comes with a built-in hypervisor, called Hyper-V, that can be easily enabled, which makes it even more convenient to launch this type of attack. As such, it is important for business to be ready. Having a good and active endpoint security system to block attacks is crucial, but it may be even more imperative to have a good recovery plan and effective tools to prepare for the inevitable.
Avosec have been providing the Antivirus to the UK with Avast antivirus for over 18yrs. Avast partners know that the service they receive from Avosec is unmatched. Avast Business Antivirus, UK distributor partner Avosec is the leading partner in the UK and Avast resellers can be sure to receive excellent discounts, pre-sales and post sales support for Avast Antivirus, Avast patch management and secure gateway products.
UK companies see a 13 percent increase in the number of cyberattacks
The majority of attacks originate from China and Taiwan
File-sharing applications were the main targets
The COVID-19 lockdown in the UK had an unwanted side effect on businesses, as cybercriminals stepped up their attacks and breach attempts to one every 45 seconds, according to a report from ISP Beaming.
In the UK, like in the rest of the world, governments enforced lockdowns to stop the spread of the COVID-19 virus. The measure directly affected the number of cyberattacks against businesses, as Beaming found out. Between April and June 2020, the company served as witness as UK businesses suffered almost 177,000 separate attempts to breach their systems. That’s a 13 percent increase from the first quarter of 2020.
“Beaming’s analysts identified 341,000 unique IP addresses used to attack UK businesses in the second quarter of 2020,” states the report. “Thirty-seven thousand of these were traced to locations in China. The ISP identified increasing numbers of attacking IP addresses located in Taiwan (up 32% to 32,000 in the quarter) and the USA (up 13% to 17,000).”
File-sharing applications were one of the main targets, registering a 27 percent increase in the second quarter, for an average of 5,900 per company. The IoT ecosystems were the most affected, by far, with attackers mainly preferring building control systems and networked security cameras, with 14,000 online attacks per company.
With so many people working from home, the increase in attacks is not all that surprising. A survey from NetMotion revealed that two-thirds of employees use software tools not vetted by the IT department, such as Google Docs, Doodle, WhatsApp and Zoom.
Another study showed that only 37 percent of small and medium businesses believed they might fall victim to a cyberattack, a problem made worse by more than half of business owners who wrongly believe they are equipped to deal with a security incident
Bitdefender, a leading global cybersecurity company protecting over 500 million systems worldwide, is excited to announce Human Risk Analytics, an innovative addition to GravityZone that bolsters the weakest link in any organization’s defense – the human element.
People are the most valuable resource of an organization, but people are also prone to mistakes that create vulnerabilities. The global pandemic showed that attackers will not hesitate to use people’s fears and need for information and craft attacks that target the human element of digital ecosystems.
GravityZone now leverages Human Risk Analytics to analyze user actions and identify behaviors that pose a security risk to the organization and to the user himself. This enhances the Risk Analytics Engine and enables a comprehensive view of an organization’s real security posture – including the users themselves, a traditional blind spot for cyberdefense. The Risk Scores allow security administrators to pinpoint systems and users with higher risk exposure, and take precise actions to mitigate risks without imposing indiscriminate restrictions across the environment.
In the latest evolution, GravityZone also gains in the areas of Security Controls, with a Ransomware Mitigation module that acts as a new layer to help customers dodge the impact of advanced ransomware attacks through real-time file backups.
Also, to address advanced security needs constrained by regulations to operate on-premises security solutions, the cloud-native Endpoint Detection and Response are ported as a module for GravityZone on-premises.
“With these newest additions, GravityZone has grown into a platform fully capable of looking after the entire enterprise cyber space,” said Andrei Pisau, Sr. Director of Product Management, Bitdefender Enterprise Solutions. “We give organizations the tools to thoroughly understand risk exposure and to stop advanced threats that might affect them at any level: endpoint, network, cloud – and human.”