09 Feb
09Feb

...scroll down for information on the new personal network protection service starting in April 2021.    

    With remote-work being the new normal for those with jobs that permit such, the number of cyber attacks against businesses and government departments has continued to increase. This rise is not only due to the acidic political environments around the world, but also due to black-hat cyber criminals spending more time at home looking for ways to keep their brains from wasting away. Face it, we'd all love to spend some quality time on the beach listening to the surf roll in, or stand on a river bank in the Rockies with a fly rod in our hands. There's lot of activities we'd rather be doing than sitting at home waiting for vaccines to finally get to our neighborhood.

     Just this week, a cyber attack against a Florida town was reported. The attacker had been able to access the water treatment plant's control systems and increase the amount of chemicals used to treat the water. A hero at the plant, noticing discrepancies, was able to prevent the dangerously treated water from being released to the public. It's long been decried in the Cyber Community that control systems represent the most dangerous vector of attack, which the potential to harm services that use these controls. From nuclear power to water systems, cyber security is being recognized as critical, while governments and companies still don't consider it as highly as they ought. 

     A worker logging into a secure network from home now represents a viable attack vector for cyber attackers. Small home routers (called SOHO routers for Small Office Home Office routers) are dreadfully less secure than enterprise networks. This makes the home office an easy entryway into the corporate network. And since home network security is not near as tight as enterprise security should be, home users won't even know they're being used as a  cyber attack conduit unless they pay attention to network connections or their office is able to trace the malware attack to them.

     Since the popularity of smart phones exploded, there has been an ongoing debate about allowing employee devices to connect to the work network. Covid forced this issue since most companies aren't willing to shell out the big bucks for 'work-only' phones and laptops. Compromising an employee's personal device in order to infiltrate the corporate network has long been recognized as an easy-access door for cyber attacks. 


**Because of demand for personal network security, we're offering a new service starting in April 2021. Keep reading..

     In an effort to help households secure their personal networks, and with the demand for personal network security rising in response to attacks, CyDeR Inc. is starting a new program where we assist in monitoring the security of these networks. For a monthly fee, a plug-and-play small System-on-Chip board (a Pi device) will be sent to our customers that will plug into their network and listen for malware and viruses attempting to spread. When the board notices malware attempting to attack it, the device keeps data on where the attack came from (the IP) and what type of attack was attempted. This is valuable in a LAN network, because if your router's firewall is setup correctly, it should stop many attackers who are trying to get into your network to reach your devices. Those firewalls take an unbeleivable amount of attacks during a day due to malware bots scanning for weaknesses and they are successful at stopping most of them when configured correctly. But if a device has been connected to a public wifi, visited a website infected with malware, or been incorrectly configured itself, the device can bring the malware behind the firewall where it will attempt to contact its control server and attempt to infect other devices on your LAN. Our device will register the attack and from where it came, then send the data to CyDeR Inc. for analysis. CyDeR Inc. will then contact you, alert you to which devices have been infected, and can, at your request, help you remove the malware from your network. 

     If you would like to be notified when these devices are available, please send a request with your email address and the address of the LAN you would like to protect.  Though we are focusing on private networks in order to meet demand, we also will make the service available to business and enterprise networks. Monitoring fees for corporate environments vary depending on size and structure of the network. Email reserverd at cyderinc.com . The tentative start of this program is April, 2021.

https://threatpost.com/nat-pmp-protocol-vulnerability-puts-1-2-million-soho-routers-at-risk/108998/

https://www.ise.io/casestudies/exploiting-soho-routers/

https://www.engadget.com/fbi-cybercrime-complaints-increase-fourfold-covid-19-091946793.html

https://www.securityworldmarket.com/int/News/Business-News/during-covid-19-no-one-is-immune-to-cyber-attacks