security patches | GIGE IT Solutions: IT Services Mississauga

Lessons Learned From The Cathay Pacific Data Breach

gigE — Tue, 10 Mar 2020 20:15:09 +0000

Hong Kong airline company Cathay Pacific was fined 500 000 pounds by the UK Information Commissioner’s office due to a data leak where 9.4 million user records were leaked. Of the affected individuals, over 100 000 were from the UK.

The data breach was the result of unauthorized access to Cathay Pacific’s servers that dated back to October of 2018. In a statement on the breach, Cathay Pacific stated that it would like to “sincerely apologize for this incident”.

The UK’s Information Commissioner’s Office discovered that the data breach had resulted in the records between October 2014 and May 2018 to be leaked.

This incident illustrates the importance of applying security patches to protect organization server. Cathay stated that it suspects the data breach occurred due to a known security vulnerability being exploited by cyberattackers. In its investigation, the UK Information Commissioner discovered that the company did not apply the security update fixing the patch, which was released over a decade prior to the attack. The vulnerability, which was not publically named, was in fact discovered in February 2007. It is known that attackers exploiting this vulnerability does not need technical skills and is able to get administrative access to a victim’s computer. Cathay pacific admitted that its regular vulnerability scans, which are used to detect potential security flaws in the company’s network, was not able to detect the vulnerability for over 10 years. It was discovered that one of the systems that was compromised had 16 security updates that were pending.

Another reason that the Cathay Pacific data breach occurred was that one if its servers was running an operating system that was no longer supported by its developer. Operating systems (O.S.), like many other software, requires constant updates to repair new security vulnerabilities that are discovered. After an operating system becomes end-of-life, however, the developer no longer releases software updates for it, leaving computers still running the operating system vulnerable to cyberattack. The most recent instance of this occurring is the Windows 7 End of life, which occurred on January 14^th of 2020. You can read more about operating system patches in our article here.

It is clear from the Cathay Pacific data breach that proper patch management is an important facet of keeping your organization’s IT safe from cyberattack. GIGE IT solutions’ network experts help you organization identify vulnerabilities in your organizations’ network. We audit and provide consultation and remediation strategies to help you stay protected from data leaks and cyberattacks.

The post Lessons Learned From The Cathay Pacific Data Breach first appeared on GIGE IT Solutions: IT Services Mississauga.

The post Lessons Learned From The Cathay Pacific Data Breach appeared first on GIGE IT Solutions: IT Services Mississauga.

Today We Say Goodbye to Windows 7

gigE — Tue, 14 Jan 2020 19:02:37 +0000

Goodbye Windows 7 – today, January 14th 2020, is the day that Microsoft officially ends security support for Windows 7 computers. This means that PCs still running the decade old operating system will no longer be receiving security updates from Microsoft. According to NetMarketShare’s statistics, 1/3 of PCs around the world are still running Windows 7.

Microsoft urges all of these users to update to a newer operating system, either Windows 8.1 or Windows 10 in order to stay protected against malware threats such as ransomware. Sensitive personal information on your home or business PCs are at risk of exposure.

It’s not all bad news – Google has said that it will continue to release updates for its Chrome browser for Windows 7 until 2021. However, this by no means covers all security bases, and migrating to a newer operating system is still the best option in terms of cybersecurity.

If upgrading is not an option, follow these best practices to keep yourself protected:

For businesses still running Windows 7, your employees are the first line of defense against malware. One of the most common methods of infection is through malicious links in fraudulent emails – a strategy known as phishing. By education your employees with frequent seminars on current threats and phishing telltale signs, you can minimize the likelihood that malware can infiltrate your network. If you would like an overview on some of our recommendations against phishing, you can check out our article on the topic here: Phishing Scams – What are they and how can you protect yourself?

For both businesses and consumers, it is important not to store sensitive information such as credit card data on your Windows 7 PC. Furthermore, avoid using online banking apps on Windows 7 PCs.

Don’t fully rely on your Windows 7 PC’s storage. Keep backups of your important data in a separate location – either on an external hard drive, a USB, or on another PC. Some types of malware, such as ransomware, locks user data behind a ransomwall, demanding payment for its release. Once a computer is infected with ransomware and the data is encrypted, it cannot be read unless it is decrypted with a key only known by the attackers.

If you would like to learn more about the dangers of staying on Windows 7, you can visit our page here, or email any questions to info@gige.ca

The post Today We Say Goodbye to Windows 7 first appeared on GIGE IT Solutions: IT Services Mississauga.

The post Today We Say Goodbye to Windows 7 appeared first on GIGE IT Solutions: IT Services Mississauga.

What is a Server OS Update?

gigE — Mon, 10 Jul 2017 14:36:57 +0000

BACK

Why are Server O.S. Updates Important To Your Company?

A server system is the heart of a company’s I.T. life. It often contains many, if not all company files, and acts as the central core that all company computers are connected to. A slowdown of such a system would therefore mean a slowdown of the company as a whole. Often, inefficiencies that begin to occur are caused by an aging operating system (OS), which inhibits the utilization efficiency of a server’s components. Operating systems are like any other software, and require regular maintenance to operate at maximum efficiency. Regular Server O.S. updates are one of the most important parts of IT maintenance.

An OS is the fundamental program of a computer system. It acts as the interface between the components of a computer and its user, and acts as the ground on which other programs operate. However, like any other program, it requires constant updates from its developer to keep up with new components or software. For instance, Windows OS receives periodic updates from Microsoft which improve its stability, efficiency, and security. Common operating systems include Windows 10, Ubuntu, and MacOS.

However, when a developer cuts further support to an end-of-life operating system, it not only becomes a cause of major slowdown due to inefficient use of hardware, but it also becomes a security liability, as hackers would be able to take advantage of vulnerabilities that are no longer being addressed by its programmers. As such, it is imperative to keep the operating systems on company systems updated, to ensure efficient operation, as well as data security.

GIGE IT Solutions can help your organization by providing regular Server O.S. updates to keep your organization protected from cyberattack and operating at peak efficiency. By offloading the worry of keeping your servers up-to-date to our engineers, you can focus your efforts on excellence in your industry.

Call us at +1 888 366 4443 or email info@gige.ca to get started with us immediately.

The post What is a Server OS Update? first appeared on GIGE IT Solutions: IT Services Mississauga.

The post What is a Server OS Update? appeared first on GIGE IT Solutions: IT Services Mississauga.