Upgrading a Non-SSD Late 2014 Mac Mini to Fusion Drive. Today I have a little treat for you and hopefully, it will save you a little money in the process, although to be honest if you bought the Hard Disk version of the Late 2014 Mac Mini, you will probably be thinking that the little powerhouse is not really that great.
Mobile workers that enable the business to be flexible in working and allows key Team members to work remotely and provide services that would require on-site work, for certain team members this means that key IT infrastructure issues can be remotely brought back online and the issues resolved without the need to travel to site further delaying the resolution with the potential of loss of business and your ability to trade. For other workers, this enables fewer travels and cost savings on desk space as well as allowing team members to be productive whilst on the road.
Allowing team members to work from remote locations comes with advantages. However, remote working is not without its risks. If Team members work from cafés, on trains, or in airports, they are increasing the risks significantly of becoming victims of cybercrime that has the potential to be damaging to your reputation and ability to trade.
When considering whether to connect to the public Wi-Fi network at your local coffee shop, the airport, etc. The massive flaw discovered in WPA2, the encryption standard that secures all modern Wi-Fi networks. These networks are outside of the control of the Security, and Infrastructure teams. This means that IT teams are unable to guarantee that you are not at risk from Cyber Crime.
One of the biggest threats with free Wi-Fi is the ability for hackers to position themselves between you and the connection point. So, instead of talking directly with the hotspot, you end up sending your information to the hacker. The hacker also has access to every piece of information you send out—emails, phone numbers, credit card information, business data, the list goes on. And once a hacker has that information, you’ve basically given them the keys to the kingdom. While you may think ‘okay, I’m not checking my personal email or logging into my bank account, I’m just checking the sports scores,’ remember anything you do on a public Wi-Fi network is NOT secure. Any information you share or access on these networks is as good as gone.
The mantra of connecting to these Public Free Hotspots should be “Do I REALLY need to connect”.
Risk Matrix Scoring
Risk Probability Ratings:
May only occur in exceptional circumstances, highly unlikely
Is unlikely to occur in normal circumstances, but could occur at some time
Likely to occur in some circumstances or at some time
Is likely to occur at some time in normal circumstances
Is highly likely to occur at some time in normal circumstances
Risk Impact Ratings:
Insignificant disruption to internal business or corporate objectives Little or no loss of front-line service No environmental impact No reputational impact Low financial loss <£100k
Minor disruption to internal business or corporate objectives Minor disruption to front line service Minor environmental impact Minor reputational impact Moderate financial loss >£100k <£500k
Noticeable disruption to internal business and corporate objectives Moderate direct effect on front line services Moderate damage to environment Extensive reputational impact due to press coverage Regulatory criticism High financial impact >£500k < £1m
Major disruption to corporate objectives or front-line services High reputational impact – national press and TV coverage Major detriment to environment Minor regulatory enforcement Major financial impact >£1m <£2.5m
Critical long-term disruption to corporate objectives and front-line services Critical reputational impact Regulatory intervention by Central Govt. Significant damage to the environment Huge financial impact >£2.5m
Risks of Using Public Wi-Fi
There are dozens of online tutorials showing hackers how to compromise public Wi-Fi, some of them with millions of views. The most common method of attack is known as “Man in the Middle.” In this simple technique, traffic is intercepted between a user’s device and the destination by making the victim’s device think the hacker’s machine is the access point to the internet. A similar, albeit more sinister, method is called the “Evil Twin.” Here’s how it works: You log on to the free Wi-Fi in your hotel room, thinking you’re joining the hotel’s network. But somewhere nearby, a hacker is boosting a stronger Wi-Fi signal off of their laptop, tricking you into using it by labelling it with the hotel’s name. Trying to save time and company money, and recognizing the name of the hotel, you innocently connect to the hacker’s network. As you surf the web or do your online banking, all your activity is being monitored by this stranger.
Below is a table of the most common types of cybercrime that your company could be exposed to from using Free Public Wi-Fi along with the risk probability and the Risk Rating scores.
Rogue Wi-Fi networks
Team Members could be tricked into using a Rogue Wi-Fi Network set up by an attacker. That network enticingly called “Free Wi-Fi” may be set up precisely to harvest your business’s valuable data.
Connecting to free, public Wi-Fi Brings business risks from having your company data intercepted by third parties. This is because hackers have the ability to position themselves between your Team Members who are using the Wi-Fi and the connection point.
Distribution of malware over unsecured Wi-Fi.
Hackers can also use an unsecured Wi-Fi connection to distribute malware. Having infected software on your computers and devices can be financially crippling to your business.
Snooping and sniffing
Another public Wi-Fi risk is hackers using special software kits enabling them to eavesdrop on Wi-Fi signals. This allows cybercriminals to access everything your remote workers are doing online, potentially enabling them to capture login credentials and even hijack your accounts.
Malicious attacks through ad-hocs
Ad hocs are peer-to-peer networks which connect two computers directly. When remote workers use a public Wi-Fi network, their devices are likely to be set to discover new networks, making it possible for hackers to connect directly to them.
Password and username vulnerability
Using a public Wi-Fi makes Team Members vulnerable to having passwords and usernames stolen when you log on. Websites utilizing secure socket layer or HTTPs provide a needed level of security, however this would still not stop the computer being directly Attacked
Exposure to worm attacks.
Worms act much like viruses, with one key difference. Viruses must have a program to attack in order to successfully compromise a system, while worms can wreak havoc all by themselves. When connected to a public Wi-Fi, you run the risk of a worm travelling from another device that’s connected to the network to your computer.
Installation of IMRATs
IMRATs are malicious in nature and are Remote Control and command pieces of the software that can give an attacker direct access to the computer and remove view both the documents stored, keyboard presses and direct access to the Hard drive and other computer functions, this can even be executed when the computer leaves the Public Wi-Fi and can be undetectable even by firewall and anti malware solutions.
Not all security is related to protecting Company network and devices but also that of Team members, loss or stolen laptops and devices can be used to gain access to internal network and may put the user at risk of harm or serious physical injury by using high value assets in a public place
Using unsecured public Wi-Fi can allow others to see important emails, encrypted messages and unsecured logins. Of course, it would be possible for a cybercriminal to use the access to hack The Corporate device as well. Here are important steps to take before using public Wi-Fi:
Convert to the more secure HTTPS for your website and applications, if you haven’t already done so. HTTPS-enabled websites provide critical security and protect users’ personal information such as login credentials.
Set up a virtual private network (VPN) for your company network. This should be an always-on VPN connection to your network, shielding their activity from cybercriminals on public Wi-Fi.
Advise remote users to turn off Wi-Fi auto-connect settings and Bluetooth discoverability settings. This helps prevent hackers from gaining direct peer-to-peer access to user devices without them realizing it.
Ensure that all remote workers have a firewall enabled on devices at all times.
Make sure your network and all worker devices are covered by good anti-malware software–including anti-sniffing protection.
Use a mobile hotspot provided through your mobile carrier, or tether laptops to a mobile device, and avoid using public Wi-Fi altogether.
Set up policies regarding the above, and periodically educate workers so they understand the risks and the importance of taking protective steps.
Turn off file sharing and utilise the Windows and macOS features to enable Public Hotspot mode that will add an extra hurdle to potential hackers to overcome
Ensure that you are not shoulder surfed and ensure that you are aware of your surroundings if you feel uncomfortable then pack the laptop away and move to a new more populated area.
To ensure that your business and Team members remain safe both in a cyber and personal way the following recommendations are implemented in addition to providing further information to remote workers on how to remain safe and protect the business from undue risks the following should be put into place
An always-on VPN Solution that does not allow split tunnelling
This means that the VPN will always be on and active without the user needing to remember
Block all internet traffic that is not sent over the VPN
Ensure that Windows updates can be sent over the VPN line
Remove the Split tunnel to remove the possibility of connecting to home networked servers or other computers
This will ensure that all traffic is secure
No data is to be transmitted outside of the VPN
Ensure that all Domain GPO’s are trimmed and one for remote workers is set up to direct the End-User Device to the internal update and SCCM servers
This will ensure that DNS issues can be picked it
Creates a central GPO that can be quickly edited and audited to resolve any issues
Ensure the software firewall is enabled
This is a last line of defence but one that should be incorporated
Ensure this drops pings so that the EUD is almost invisible to the network
Ensure the AV server can push latest DAT’s and other updates to the EUD’s
This is going to require good management of the AV server
Use GPO’s to stop the EUD’s being file servers
This ensures that the risk of being infected with an IMRAT is lessened
Adds to the stealth protections of the EUD
Enable GPO to not search and connect to Public or insecure hotspots
This takes out the human factor and would require a conscious action
Provide all remote workers with privacy screens to protect them from passive “shoulder surfing”
With the above it is also good practice to educate the remote working team members of the dangers not only to the IT infrastructure but to themselves and ensure that they are always conscious of surroundings and what they are doing and to make the decision if the work they are doing is really required to be performed in a public place.
In 2014 experts from Kaspersky Lab uncovered a very sophisticated hacking campaign called “Dark Hotel.” Operating for more than seven years and believed to be a sophisticated economic espionage campaign by an unknown country, Dark Hotel targeted CEOs, government agencies, U.S. executives, NGOs, and other high-value targets while they were in Asia. When executives connected to their luxury hotel’s Wi-Fi network and downloaded what they believed were regular software updates, their devices were infected with malware. This malware could sit inactive and undetected for several months before being remotely accessed to obtain sensitive information on the device.
What is the best way to protect yourself against these kinds of Wi-Fi threats? Although antivirus protection and firewalls are essential methods of cyber defence, they are useless against hackers on unsecured Wi-Fi networks. The best defence against this is to not risk using something that is inherently insecure in the first place, especially where your IT Team does not have control over what is on and goes in and out of the network to protect its team members and its business interests.
Ok, guys as per the previous posts, over here in Sunny Lincolnshire we have a new network, its actually been through a few iterations from the last x6 Airport devices and the Cisco SOHO switch but I thought I would share the new network as it has been asked about since I mentioned it.
Awesome so we have made it this far in the current series of posts, it’s not an easy one to write and I know it’s not easy to read, now that we are at the last steps of the installation stage, I am even getting a little tired of doing it. So as a quick overview of what will be coming up in the next few months:
Well Part 1 was pretty brutal and it only gets worse for you from here when installing SCCM, I may be a little cynical but I enjoy the configuration of SCCM more that the act of installing everything, I am far too impatient and it has never been an easy task to get SCCM ready for install.
Something that I have been doing a lot more of for the last year or so and I have really gotten back into it. I dipped out when SMS 2.0 went over to SCCM 2003 (yes I am that old :o). I went off and did the RIS (Remote Installation Service) and later WDS (Windows Deployment Service) for which I have done blogs on in the past and I really enjoyed those technologies and playing with the automation, not obvious to the casual observer is that a good grounding in WSUS (Windows Update Services) and WDS makes life a lot easier when it comes to SCCM, a lot of the batch scripting and PowerShell Scripting comes in handy.
Wow, so it has been a hell of a long time between the blog posts and so much has changed and I have so much to share with the world, I would love to have an excuse as to why I have not written a post but I have been from London to Glasgow and everywhere in-between since my last post and I have worked with some very talented individuals and some amazing companies. So I thought I would quickly write this to kind of set a schedule for myself and try and get back into the blogging for the website.
Firstly sorry for the long delay in posting it has been nearly a year since my last blog post and I am assuming this is going to be written for the pure benefit of myself and google analytics. Its been so long because I have been kept busy by Serco and the Lincolnshire CC account.
P2V Deployments – This is a brief outline of the steps required to perform a successful P2V (Physical to Virtual) migration. Whilst this is generally for the use of VMWare converter using a VMWare ESX host. The following steps for Hyper-V and other Server or non-server virtualisation products. I will not go into the full details of how the converter works as this can be found readily on the internet.
After yesterday’s post, it really fired me up to do a few more of the old projects, even though my old formatting and typing as well as the information being somewhat out of date I thought I would still go over it and publish it rather than it sitting on the deepest depths of the NAS in a folder labelled “OLD PROJECTS”. Whilst WDS is one of the longest documents I have ever written its still a fascinating piece of underused and unloved technology that has matured over time and is great for deploying Windows Servers and Desktops.
Windows Deployment Server – With all the talk of the Brexit and the unfortunate conclusion, the fear of the new beginnings I thought I would take a break from reading the news and listening to the political ramblings of the masses, and have a throwback Thursday and rehash some of my projects, this to re-write them so that they no longer look like the original and to anonymise the project paperwork so that the original client cannot be discovered.
Privacy & Cookies Policy
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.