Connecticut's IT Managed Services Blog

Microsoft Office 365 Security concerns?  You are not alone.  I recently attended a networking event where the guest speaker gave a talk about Software in the Cloud.  He touched on Microsoft Office 365, but his main topic for the evening was focused on Adobe’s recent move to cloud-only subscription based software, as the majority of attendees were Adobe users.  As the presentation moved along, questions erupted from the audience, and not surprisingly, the major concern among cloud software subscription users (or soon to be users) was SECURITY.  Runner up:  The potential that you would “Pay Forever”.  Several people wondered why anyone would pay for software that you could get for free, i.e.:  Google or GIMP.

We have to admit; we were not immediately sold on MS Office 365, but during the last couple of years we have noticed that Microsoft has listened to consumers and the product is clearly a contender, especially for small businesses looking for a solid cloud-based productivity suite.  Any company who is willing to admit that the START BUTTON is important, and humble enough to resurrect our long lost friend, can’t be all bad.

Smartphone Security:  The single, easiest portal into your professional and personal life is also the last thing you would think of protecting.  Take a look at the list below, and take action – Do it today:

Microsoft phone scam – It can happen to anyone.  If you found this article because you received a strange call from “Microsoft”,  let us offer you some background and then we’ll provide insight, and answers.

NSI provides IT Support and Computer Services to literally thousands of businesses throughout New England and we often hear from our customers regarding scams and attempts to capture personal information through pop-ups, emails, and sometimes even phone calls. 

NSI's IT Support Team has reviewed the data:  After a 6 month study that consisted of over 630,000 samples has found that when it comes rootkits, Windows XP has 74% off all the infections, followed by Vista with 17% and Windows 7 with 12%.  Microsoft even admits that Windows 7 is over 5 times more secure than XP in there last quarterly security rate. Although AVAST, an anti-virus software company, has pointed out that Windows XP infection rates might not be all Microsoft’s fault, as many of the machines running Windows XP are running pirated versions which aren’t allowed to be updated through Microsoft leaving the OS vulnerable to various types of virus’s and rootkits.

A rogue hacking organization, LulzSec, has been terrorizing different internet sites as a way of protesting certain corporations and governments that they find to be corrupt, and then adding in their own random hijinks into the mix taking down legitimate sites also which they state that they do it for the Lulz. LulzSec has “hacked” the various sites to different degrees, sometimes with the intent to hurt the company by stealing customer data and forcing them to update and fix their security flaws, other sites they do it to prove that there are security holes with no malicious intentions, and finally some sites are hit with DDoS attacks, (Distributed Denial of Service) which is overloading the server with requests so it becomes unavailable for its intended users.

Some of the high profile attacks the group LulzSec has attacked have been:

• PBS (Stole user data and posted a fake news story)
• Sony (Stole user data of up to 1 million users causing Sony to take down the Playstation network for over a month
• Nintendo (Stole a Config file and apologized to Nintendo, stating they love the N64 too much to hurt them)
• Black & Berg Cybersecurity Consulting (Who had posted a hacking challenge that was completed by LulzSec)
• Pron.com (A pornographic website in which 26,000 of its user’s emails and passwords were posted online with encouragement from LulzSec to try them on Facebook and other sites)
• Bethesda Game Studios (Posted information taken from their site, but did not post the 200,000 account information that they had stolen from the site also)
• Minecraft (DDoS attack from their “Titanic Take-down Tuesday”)
• League of Legends (DDoS attack from their “Titanic Take-down Tuesday”)
• The Escapist (DDoS attack from their “Titanic Take-down Tuesday”)
• FinFisher (An IT security company that was also hit with a DDoS attack from their “Titanic Take-down Tuesday”)
• EVE Online (DDoS attack from their “Titanic Take-down Tuesday”)
• Writerspace.com (62,000 User emails and passwords were posted, later it was revealed it was from Writerspace.com)
• InfraGard (a Company that works the FBI for botnet detection, they hacked and leaked some user accounts from their data base)
• British National Health Service (They emailed the administratiors letting them know they found a security hole, and did not intend on exploiting it)
• Senate.gov (Released emails and passwords of users of senate.gov)
• Cia.gov ( Used a DDoS attack to take down the site after the Pentagon said that cyberattacks could be considered an act of war)