Category Archives: featured posts

A Chat with Kelvin Murray: Senior Threat Research Analyst

Reading Time: ~4 min.

In a constantly evolving cyber landscape, it’s no simple task to keep up with every new threat that could potentially harm customers. Webroot Senior Threat Research Analyst Kelvin Murray highlighted the volume of threats he and his peers are faced with in our latest conversation. From finding new threats to answering questions from the press, Kelvin has become a trusted voice in the cybersecurity industry.

What is your favorite part of working as a Senior Threat Research Analyst? 

My favorite part about being a threat researcher is both the thrill of learning about new threats and the satisfaction of knowing that our work directly protects our customers. 

What does a week as a Senior Threat Research Analyst look like? 

My week is all about looking at threat information. Combing through this information helps us find meaningful patterns to make informed analysis and predictions, and to initiate customer protections. It roughly breaks down into three categories. The first would be “top down” customer data like metadata. The data we glean from our customers is very important and a big part of what we do. The interlinking of all our data and the assistance of powerful machine learning is a great benefit to us.  

Next would be “whole file” information, or static file analysis and file testing. This is a slow process but there are times when the absolute certainty and granular detail that this kind of file analysis provides is essential. This isn’t usually part of my week, but I work with some great specialists in this regard.  

Last would be news and reports on the threat landscape in general. Risks anywhere are risks everywhere. Keeping up to date with the latest threats is a big part of what I do. I work with a variety of internal teams and try to advise stakeholders, and sometimes media, on current threats and how Webroot fits in. Twitter is a great tool for staying in the know, but without making a list to filter out the useful bits from the other stuff I follow, I wouldn’t get any work done! 

What skills have you built in this role? 

Customer support taught me a lot in terms of the client, company culture, and dealing with customer requests. By the time I was in business support I was learning the newer console system and more corporate terms. Training on the job was very useful for my move to threat, where I also picked up advanced malware removal (AMR), which is the most hands on you can get with malware and the pain it causes customers. All of that knowledge is now useful to me in my public facing role where I prepare webinars, presentations, interviews, blogs, and press answers about threats in general. 

What is your greatest accomplishment in your career at Webroot so far? 

Learning the no-hands trick on the scooter we have in the office. And of course my promotion to Senior Threat Research Analyst. I have had a lot of different roles in my time here, but I’m glad I went down the path I did in terms of employment. There’s never a dull moment when you are researching criminal news and trends, and surprises are always guaranteed. 

What brought you to Webroot? 

I like to say divine providence. But really I had been travelling around Asia for a few months prior to this job. When I got back home I was totally broke and needed a job. A headhunter called me up out of the blue, and the rest is history.   

Are you involved in anything at Webroot outside of your day to day work? 

Listening, singing and (badly) dancing to music. Dublin is a fantastic place for bands and artists to visit given its proximity to the UK and Europe and the general enthusiasm of concert goers. I do worry that a lot of venues, especially nightclubs, are getting shut down and turned into hotels though. I sing in a choir based out of Trinity College.  

Favorite memory on the job? 

Heading to (the now closed) Mabos social events with my team. The Mabos collective ran workshops and social and cultural events in a run-down warehouse that they lovingly (and voluntarily) converted down in Dublin’s docklands. Funnily enough, that building is now Airbnb’s European headquarters. 

What is your favorite thing about working at Webroot? 

The people that I get to work with. I have made many great friendships in the office and still see previous colleagues socially, even those from five or six years ago.  

What is the hardest thing about being a Senior Threat Research Analyst? 

Prioritizing my time. I can try my hand at a few different areas at work, but if I don’t focus enough on any one thing then nothing gets done. I find everything interesting and that curiosity can get in the way sometimes! 

What is your favorite thing to do in Dublin?  

Trying new restaurants and heading out to gigs. I’d be a millionaire if I didn’t eat out at lunchtime so much. Dublin is full of great places. I like all kinds of gigs from dance to soul to traditional. The Button Factory is one of the coolest venues we have. 

How did you get into the technology field? 

I first become interested in technology through messing with my aunt’s Mac back in the early 90s. There were a lot of cool games on her black and white laptop she brought home from a compucentre she worked in, but the one that sticks in my memory was Shufflepuck Café. My dad always had some crazy pre-Windows machines lying around. Things with cartridges or orange text screens running Norton commander. 

 To learn more about life at Webroot, visit https://www.webroot.com/blog/category/life-at-webroot/

The post A Chat with Kelvin Murray: Senior Threat Research Analyst appeared first on Webroot Blog.

A Cybersecurity Guide for Digital Nomads

Reading Time: ~3 min.

Technology has unlocked a new type of worker, unlike any we have seen before—the digital nomad. Digital nomads are people who use technologies like WiFi, smart devices, and cloud-based applications to work from wherever they please. For some digital nomads, this means their favorite coffee shop or co-working space. For others, it means an idyllic beach in Bali or countryside public house. One thing remains true wherever a digital nomad may choose to lay down their temporary roots: They are at a higher cybersecurity risk than a traditional worker. So what risks should they look out for? 

Public Wifi

Without a doubt, public WiFi is one of the main cybersecurity hazards many digital nomads face. The massive and unresolved flaw in the WPA2 encryption standard used by modern WiFi networks means that anyone connecting to a public network is putting themselves at risk. All public WiFi options—including WiFi provided by hotels, cafes, and airports—poses the risk of not being secure. How can a digital nomad be digital if their main source of internet connectivity is a cybersecurity minefield?  

When connecting to public WiFi as a digital nomad, it is crucial to keep your web traffic hidden behind a virtual private network (VPN). A quality VPN app is simple to set up on your mobile devices—including laptops and smart phones—and uses a strong encryption protocol to prevent hackers and other snoops from stealing important personal information such as account passwords, banking information, and private messages. VPNs will keep your data encrypted and secure from prying eyes, regardless of locale.

Device Theft

Physical device theft is a very real risk for digital nomads, but one that can largely be avoided. The first and most obvious step to doing so is to never leave your devices unattended, even if your seatmate at the coffee shop seems trustworthy. Always be mindful of your device visibility; keeping your unattended devices and laptop bags locked away or out of sight in your hotel room is often all it takes to prevent theft. Purchasing a carrying case with a secure access passcode or keyed entry can also act as an additional deterrent against thieves looking for an easy mark. 

If your device is stolen, how can you prevent the damage from spiraling? Taking a few defensive measures can save digital nomads major headaches. Keep a device tracker enabled on all of your devices—smartphones, tablets, and laptops. Both Apple and Android have default services that will help you locate your missing device.  

But this will only help you find your property; it won’t prevent anyone from accessing the valuable data within. That’s why all of your devices should have a lock screen enabled, secured with either a pin or a biometric ID, such as your fingerprint. If you believe these efforts have failed and your device is compromised, enabling multi-factor authentication on your most sensitive accounts should help reduce the effect of the breach.  

However, if you cannot recover your device, remotely wiping it will prevent any additional data from being accessed. If you have a device tracker enabled, you will be able to remotely wipe your sensitive data with that software. If you’re using a data backup solution, any lost files will be recoverable once the status of your devices is secure 

Lower Your Risk

Being a digital nomad means that you’re at a higher risk for a breach, but that doesn’t mean you can’t take steps to lower that risk. These best practices could drastically reduce the risk incurred by leading a digitally nomadic lifestyle. 

  • Toggle off. Remember to always turn off WiFi and Bluetooth connectivity after a session. This will prevent accidental or nefarious connections that could compromise your security. 
  • Mindfulness. Be aware of your surroundings and of your devices. Forgetting a device might be an acceptable slip up for most, but for a digital nomad it can bring your lifestyle to a grinding halt. 
  • Be prepared. Secure your devices behind a trusted VPN before beginning any remote adventures. This will encrypt all of your web traffic, regardless of where you connect.  
  • Stop the spread. In case of a device or account breach, strong passwords and multi-factor authentication will help minimize the damage. 

A staggering 4.8 million Americans describe themselves as digital nomads, a number that won’t be going down anytime soon. With remote work becoming as a new norm, it’s more important than ever that we take these cybersecurity measures seriously—to protect not just ourselves, but also our businesses and clients. Are you a digital nomad making their way through the remote work landscape? Let us know your top tips in the comments below! 

The post A Cybersecurity Guide for Digital Nomads appeared first on Webroot Blog.

Cloud Services in the Crosshairs of Cybercrime

Reading Time: ~3 min.

It’s a familiar story in tech: new technologies and shifting preferences raise new security challenges. One of the most pressing challenges today involves monitoring and securing all of the applications and data currently undergoing a mass migration to public and private cloud platforms.

Malicious actors are motivated to compromise and control cloud-hosted resources because they can gain access to significant computing power through this attack vector. These resources can then be exploited for a number of criminal money-making schemes, including cryptomining, DDoS extortion, ransomware and phishing campaigns, spam relay, and for issuing botnet command-and-control instructions. For these reasons—and because so much critical and sensitive data is migrating to cloud platforms—it’s essential that talented and well-resourced security teams focus their efforts on cloud security.

The cybersecurity risks associated with cloud infrastructure generally mirror the risks that have been facing businesses online for years: malware, phishing, etc. A common misconception is that compromised cloud services have a less severe impact than more traditional, on-premise compromises. That misunderstanding leads some administrators and operations teams to cut corners when it comes to the security of their cloud infrastructure. In other cases, there is a naïve belief that cloud hosting providers will provide the necessary security for their cloud-hosted services.

Although many of the leading cloud service providers are beginning to build more comprehensive and advanced security offerings into their platforms (often as extra-cost options), cloud-hosted services still require the same level of risk management, ongoing monitoring, upgrades, backups, and maintenance as traditional infrastructure. For example, in a cloud environment, egress filtering is often neglected. But, when egress filtering is invested in, it can foil a number of attacks on its own, particularly when combined with a proven web classification and reputation service. The same is true of management access controls, two-factor authentication, patch management, backups, and SOC monitoring. Web application firewalls, backed by commercial-grade IP reputation services, are another often overlooked layer of protection for cloud services.

Many midsize and large enterprises are starting to look to the cloud for new wide-area network (WAN) options. Again, here lies a great opportunity to enhance the security of your WAN, whilst also achieving the scalability, flexibility, and cost-saving outcomes that are often the primary goals of such projects.  When selecting these types of solutions, it’s important to look at the integrated security options offered by vendors.

Haste makes waste

Another danger of the cloud is the ease and speed of deployment. This can lead to rapidly prototyped solutions being brought into service without adequate oversight from security teams. It can also lead to complacency, as the knowledge that a compromised host can be replaced in seconds may lead some to invest less in upfront protection. But it’s critical that all infrastructure components are properly protected and maintained because attacks are now so highly automated that significant damage can be done in a very short period of time. This applies both to the target of the attack itself and in the form of collateral damage, as the compromised servers are used to stage further attacks.

Finally, the utilitarian value of the cloud is also what leads to its higher risk exposure, since users are focused on a particular outcome (e.g. storage) and processing of large volumes of data at high speeds. Their solutions-based focus may not accommodate a comprehensive end-to-end security strategy well. The dynamic pressures of business must be supported by newer and more dynamic approaches to security that ensure the speed of deployment for applications can be matched by automated SecOps deployments and engagements.

Time for action

If you haven’t recently had a review of how you are securing your resources in the cloud, perhaps now is a good time. Consider what’s allowed in and out of all your infrastructure and how you retake control. Ensure that the solutions you are considering have integrated, actionable threat intelligence for another layer of defense in this dynamic threat environment.

Have a question about the next steps for securing your cloud infrastructure? Drop a comment below or reach out to me on Twitter at @zerobiscuit.

The post Cloud Services in the Crosshairs of Cybercrime appeared first on Webroot Blog.

Why Simplified Security Awareness Training Matters for MSPs and SMBs

Reading Time: ~3 min.

In a recent report by the firm 451 Research, 62 percent of SMBs reported having a security awareness training program in place for their employees, with half being “homegrown” training courses. The report also found that most complained their programs were difficult to implement, track, and manage.

Like those weights in the garage you’ve been meaning to lift or the foreign language textbook you’ve been meaning to study, even our most well-intentioned efforts flounder if we’re not willing to put to use the tools that can help us achieve our goals.

So it goes with cybersecurity training. If it’s cumbersome to deploy and manage, or isn’t able to clearly display its benefits, it will be cast aside like so many barbells and Spanish-language dictionaries. But unfortunately, until now, centralized management and streamlined workflows across client sites have eluded the security awareness training industry.

The Importance of Effective Security Awareness Training

The effectiveness of end user cybersecurity training in preventing data breaches and downtime has been demonstrated repeatedly. Webroot’s own research found security awareness training cut clicks on phishing links by 70 percent, when delivered with regularity. And according to the 2018 Data Breach Investigation Report by Verizon, 93 percent of all breaches were the result of social engineering attacks like phishing.

With the average cost of a breach at around $3.62 million, low-overhead and effective solutions should be in high demand. But while 76 percent of MSPs reported using some type of security awareness tool, many still rely on in-house solutions that are siloed from the rest of their cybersecurity monitoring and reporting.

“MSPs should consider security awareness training from vendors with cybersecurity focus and expertise, and who have deep visibility and insights into the changing threat landscape,” says 451 Research Senior Analyst Aaron Sherrill.

“Ideally, training should be integrated into the overall security services delivery platform to provide a unified and cohesive approach for greater efficacy.”

Simple Security Training is Effective Security Training

Security awareness training that integrates with other cybersecurity solutions—like DNS and endpoint protection—is a good first step in making sure the material isn’t brushed aside like other implements of our best intentions.

Global management of security awareness training—the ability to initiate, monitor, and report on the effectiveness of these programs from a single pane of glass across all of your customers —is the next.

When MSPs can save time by say, rolling out a simulated phishing campaign or training course to one, many or allclient’s sites across the globe with only a few clicks, they both save time and money in management overhead, and are more likely to offer it as a service to their clients. Everyone wins.

With a console that delivers intuitive monitoring of click-through rates for phishing campaigns or completion rates for courses like compliance training, across all client sites, management is simplified. And easily exportable phishing and campaign reports help drive home a client’s progress.

“Automation and orchestration are the force multipliers MSPs need to keep up with today’s threats and provide the best service possible to their clients,” says Webroot SVP of Product Strategy and Technology Alliances Chad Bacher.”

So as a growing number of MSPs begin to offer security awareness training as a part of their bundled services, and more small and medium-sized businesses are convinced of its necessity, choosing a product that’s easy to implement and manage becomes key.

Otherwise, the tool that could save a business from a breach becomes just another cob-webbed weight bench waiting for its day.

To learn about security training that’s effective, efficient, and easy to use, read about our new Webroot® Security Awareness Training release.

The post Why Simplified Security Awareness Training Matters for MSPs and SMBs appeared first on Webroot Blog.

A False Sense of Cybersecurity: The Riskiest States in America

Reading Time: ~5 min.

Like many Americans, you might think your online habits are safe enough—or, at least, not so risky as to put you in danger for cybercrime. As it happens, most of us in the U.S. are nowhere near as secure as we think we are.

As part of our recent survey to better understand people’s attitudes, perspectives, and behaviors relating to online cyber-safety (or “cyber-hygiene”), we calculated each state’s cyber-hygiene score, which you can think of like a test score on people’s understanding and practice of good online habits. I’ve repaired computers and worked in the cybersecurity business for almost 15 years now, and I was shocked by some of the results.

Cut to the chase: just how bad were the results?

Bad. The average across all 50 states was only 60% (that’s a D in letter grades) on our scale. In fact, only 10% of Americans got a 90% or higher (i.e. an A). The riskiest states—Mississippi, Louisiana, California, Alaska, and Connecticut— combined for an average score of 56%. So what made their scores so low?

  • In Mississippi, almost 1 in 4 people don’t use any kind of antivirus and don’t know if they’ve ever been infected by malware.
  • Only 44% of Louisiana residents take any precautions before clicking links in emails leaving themselves vulnerable. (This is a great way to get scammed by a phishing email and end up with a nasty infection on your computer.)
  • Over 43% of Californians and Alaskans share their passwords with friends or family.

What does people’s perception vs. reality look like?

Americans in every state were overconfident. An astounding 88% feel they take the right steps to protect themselves. But remember, only 10% of people scored an A on our test, and the highest scoring state (New Hampshire) still only got an average of 65% (that’s still only a D).

While the average American has a surface level understanding of common cyber threats, there’s a lot of room for education. Many of those interviewed have heard of malware (79%), phishing (70%), and ransomware (49%), but few could explain them. Defending against the most common online threats in today’s landscape requires a basic understanding of how they work. After all, the more cyber aware you are of an attack such as phishing, the greater chance you have to spot and avoid it.

Along with understanding common cyberattacks, it’s also important to recognize threats to your online privacy. An alarming amount of Americans don’t keep their social media accounts private (64%) and reuse their passwords across multiple accounts (63%).

Given the number of news reports involving major companies getting breached, huge worldwide ransomware attacks, etc., we were pretty surprised by these numbers. As you’re reading these, you might be checking off a mental list of all the things you do and don’t know, the actions you do and don’t take when it comes to cybersecurity. What’s important here is that this report should act as a reminder that understanding what kinds of threats are out there will help you take the proper precautions. And, following a few simple steps can make a huge difference in your online safety.

How about some good news?

There is good news. There are some who scored a 90% or above on our test. We call them Cyber-Hygiene Superstars, because they not only take all the basic steps to protect themselves and their data online, but they go above and beyond. Cyber-Hygiene Superstars are evenly spread across the entirety of the U.S., and they help demonstrate to the rest of us that it’s easy to raise our own cyber-hygiene scores.  

Some of the standout behavior of superstars included regularly backing up their data in multiple ways always using antivirus, and using a VPN when connecting to public WiFi Hotspots.

Superstars can also explain common attacks and are less likely to fall victim of phishing attacks and identity theft. They frequently monitor their bank and credit card statements and regularly check their credit scores.

What can you do to improve your cyber-hygiene score?

All in all, it’d be pretty easy for the average American to take their score from a D to at least a B, if not higher. You won’t have to do anything drastic. But just making a few small tweaks to your regular online behavior could work wonders to keep you and your family safe from cybercrime.

  1. Use antivirus/antimalware software.
    There are a lot of free solutions out there. While you typically get what you pay for in terms of internet security, even a free solution is better than no protection at all.
  2. Keep all your software and your operating system up to date.
    This one’s super easy. Most applications and operating systems will tell you when they need an update. All you have to do is click OK instead of delaying the update to a later date.
  3. Don’t share or reuse passwords, and make sure to use strong ones.
    You might think password sharing is no big deal, especially when it comes to streaming or gaming sites, but the more you share, the more likely it is that your passwords could end up being misused. And if the password to just one of your accounts is compromised, then any of your other accounts that use that password could also become compromised. If you’re concerned about having to create and remember a lot of unique passwords, use a secure password manager.
  4. Lock down your social media profiles.
    Making your posts and personal details public and searchable means scammers can find your details and increase their chances of successfully stealing your identity or tricking you into handing over money or sensitive personal information.
  5. If you connect to public WiFi, use a VPN.
    Antivirus software protects the device, but a VPN protects your actual connection to the internet, so what you do and information you send online stays private.
  6. Back up your data.
    Cloud storage is a great solution. But it’s a good idea to do a regular physical backup to an external drive, too, particularly for important files like tax documents.
  7. Don’t enable macros in Microsoft® Office documents.
    If you’re ever trying to open a document and it tells you to enable macros, don’t do it. This is a common tactic for infections.
  8. Use caution when opening email attachments.
    Only open attachments from people you know and trust, and, even then, be extra careful. If you’re really not sure, call the person and confirm that they really sent the file.

Want to see where your state ranks? See the full list or read more about our study and findings here.

Test your knowledge and see where the Webroot Community stacks up against the rest of America: Join our daily contest for a chance to win prizes! Contest ends at 4:00pm MT on May 21, 2019.

Methodology
Webroot partnered with Wakefield Research to survey 10,000 Americans, ages 18 and up, with 200 interviews in each of the 50 states. This survey was conducted between February 11 and February 25, 2019, using an email invitation and an online survey instrument. The margin of error is +/- 0.98 percentage points for the total audience of this study and +/- 6.9 percentage points for each state at the 95% confidence level.

The post A False Sense of Cybersecurity: The Riskiest States in America appeared first on Webroot Blog.

Webroot Culture: Serena Peruzzi Shares Her Side

Reading Time: ~4 min.

Today we chat with Web Analyst Manager Serena Peruzzi. Serena constantly filters through the web to analyze content. Sometimes her position requires looking through difficult material, but other times you can find her traveling, organizing company events, and even gardening!  

See how Serena helps build Webroot’s company culture in this Employee Spotlight.

How did you get into the technology field? 

During my undergrad in Translation and Interpreting 10 years ago, I came to realize how big a role automation and machine translation were going to play in my field. Thus, I decided to beat the trend to the punch and focus my research on Google Translate for my thesis; further on, I completed a master’s degree in Translation Technology, which mixed together traditional translation with state-of-the art localization technologies, and included leveraging on Machine Learning and language pattern recognitions to build automated translation engines. Google Translate pretty much rules the multilingual content scene for the general public, making content in more than 100 languages immediately accessible to the global audience with just one click. Also, a lot of crowdsourced content, for example travel or business reviews on the web, is also localized using machine translation technologies to maximize international reach. Additionally, many large corporations already leverage on customized enterprise machine translation engines to translate manuals and other documentation. There are already technologies allowing to converse in multiple languages in real-time, so there’s virtually no language barriers than cannot be overcome anymore; of course, provided you have an internet connection 

What does a week as a Web Analyst Manager look like? 

I typically have a few one-on-one calls with all remote Web Analysts on a weekly or bi-weekly basis, and two team meetings per week, one with the US and one with Sydney. We discuss top issues, upcoming tool updates and feature releases, and use the wisdom of the crowd to find a solution to difficult cases. We use a collaborative Kanban board to track the topics we discuss, so that we can always go back to them or track progress on resolutions. Finally, I work on a number of projects related to training, quality assessments, classification approvals, new implementations, case escalations from the team, and documentation. I also have a few gardening tasks to take care of, keeping the Webroot Threat plants alive is quite an arduous task!  

What have you learned / what skills have you built in this role? 

Customer care, URL threat analysis, and all aspects of people management are among the key skills I learned in the role. It also helped me keep up my passion for foreign languages, especially Spanish and Japanese, since I need to analyze web content from all over the world. 

What is the hardest thing about being a Web Analyst Manager? 

Explaining what a Web Analyst does is quite an arduous task, partially because it is a very complex and multi-faceted role involving analyzing large amounts of online content, but also because it involves, to some extent, evaluating content that may be disturbing or violent in nature, and it can be a difficult sell at times. 

What is your greatest accomplishment in your career at Webroot so far? 

Having helped build a global team of brilliant and enthusiastic minds is perhaps what makes me most proud of being a part of Webroot. The Web Analysts are first and foremost masters of languages and cultures; collectively we speak 12 different languages. The more languages you know, the more confidence you have in analyzing online content from all over the world, bringing different perspectives to the mix. Also, we have another element in common: we all want to make the internet a little safer for our user base. Because of that, building the team has always been an incredibly fun experience. It allows candidates to bring up their unique backgrounds and passions for different cultures and the IT security world in their interviews. 

Does your work allow you to travel a lot? Where are some of the coolest places you have travelled?  

I’ve travelled to San Diego, Colorado and Sydney with Webroot. While I enjoyed all my trips, I do have a weak spot for Australia. I am a big fan of water sports, and Australia offers the best sceneries for surfing and diving. It also hosts some of the most amazing animals I’ve ever seen. I’ll admit that my encounter with a group of Huntsmen in Sydney, despite being harmless spiders, had me run away fast. But when I first met Quokkas (smiling furry animals), they literally melted my heart 

Best career advice you’ve received? 

There’s a saying in Ireland which can be used as an antidote when things don’t go your way, “What’s for you won’t pass you.” I felt particularly close to it when I couldn’t attain a role in the past, as it ultimately led me to a different, extremely satisfactory role surrounded by amazing people. 

Are you involved in anything at Webroot outside of your day to day work? 

Aside from gardening, I’ve given a hand with organizing team-building and social events for Dublin in the past, including Christmas parties, Health Day, mini-golf and bubble football tournaments, and escape room challenges. Since the team is spread across three offices, team events vary based on group size and local amenities. In Ireland, we typically go out for a nice meal once a month, and order in food for celebrations; additionally, there are regular pub sessions with other Webroot teams. We also have office-wide team building activities on a quarterly basis, and/or when we have visitors on-site.  

Favorite memory on the job? 

St Patrick’s Day in the office, when I was in Support, was also a truly fun day. On our lunch break we went to Temple Bar, the very core of St Patrick’s celebrations, hid amongst the mayhem of thousands of party-goers celebrating, and then pinged the US team to spot us on the live street camera, just like in a game of “Where’s Waldo.” 

To learn more about life at Webroot, visit https://www.webroot.com/blog/category/life-at-webroot/

The post Webroot Culture: Serena Peruzzi Shares Her Side appeared first on Webroot Blog.

Antivirus vs. VPN: Do You Need Both?

Reading Time: ~3 min.

Public concern about online privacy and security is rising, and not without reason. High-profile data breaches make headlines almost daily and tax season predictably increases instances of one of the most common types of identity theft, the fraudulent filings for tax returns known as tax-related identity theft

As a result, more than half of global internet users are more concerned about their safety than they were a year ago. Over 80% in that same survey, conducted annually by the Center for International Governance Innovation, believe cybercriminals are to blame for their unease.  

Individuals are right to wonder how much of their personally identifiable data (PII) has already leaked onto the dark web. Are their enough pieces of the puzzle to reconstruct their entire online identity?  

Questions like these are leading those with a healthy amount of concern to evaluate their options for enhancing their cybersecurity. And one of the most common questions Webroot receives concerns the use of antivirus vs. a VPN.  

Here we’ll explain what each does and why they work as compliments to each other. Essentially, antivirus solutions keep malware and other cyber threats at bay from your devices, while VPNs cloak your data by encrypting it on its journey to and from your device and the network it’s communicating with. One works at the device level and the other at the network level.  

Why You Need Device-Level Antivirus Security 

Antiviruses bear the primary responsibility for keeping your devices free from infection. By definition, malware is any software written for the purpose of doing damage. This is the category of threats attempting to undermine the antivirus (hopefully) installed on your PC, Mac, and yes, even smartphones like Apple and Android devices, too.  

In an ever-shifting threat landscape, cybercriminals are constantly tweaking their approached to getting your money and data. Banking Trojans designed specifically for lifting your financial details were among the most common examples we saw last year. Spyware known as keyloggers can surreptitiously surveil your keystrokes and use the data to steal passwords and PII. A new category of malware, known as cryptojackers, can even remotely hijack your computing power for its own purposes.  

But the right anti-malware tool guarding your devices can protect against these changing threats. This means that a single errant click or downloaded file doesn’t spell disaster. 

“The amazing thing about cloud-based antivirus solutions,” says Webroot threat analyst Tyler Moffit, “is that even if we’ve never seen a threat before, we can categorize it in real time based on the way it behaves. If it’s determined to be malicious on any single device, we can alert our entire network of users almost instantaneously. From detection to protection in only a few minutes.” 

Why You Need Network-Level VPN Security 

We’ve covered devices, but what about that invisible beam of data traveling between your computer and the network it’s speaking to? That’s where the network-level protection offered by a VPN comes into play.  

While convenient, public networks offering “free” WiFi can be a hotbed for criminal activity, precisely because they’re as easy for bad actors to access as they are for you and me. Packet sniffers, for instance, can be benign tools for helping network admins troubleshoot issues. In the wrong hands, however, they can easily be used to monitor network traffic on wireless networks. It’s also fairly easy, given the right technical abilities, for cybercriminals to compromise routers with man-in-the-middle attacks. Using this strategy, they’re able to commandeer routers for the purpose of seeing and copying all traffic traveling between a device and the network they now control.  

Even on home WiFi networks, where you might expect the protection of the internet service provider (ISP) you pay monthly, that same ISP may be snooping on your traffic with the intent to sell your data.  

With a VPN protecting your connection, though, data including instant messages, login information, social media, and the rest is encrypted. Even were a cybercriminal able to peek at your traffic, it would be unintelligible.  

“For things like checking account balances or paying bills online, an encrypted connection should be considered essential,” says Moffit. “Without a VPN, I wouldn’t even consider playing with such sensitive information on public networks.”  

How Webroot Can Help 

Comprehensive cybersecurity involves protecting both data and devices. Antivirus solutions to protect against known and unknown malware—like the kinds that can ruin a laptop, empty a bank account, or do a cybercriminals bidding from afar—are generally recognized as essential. But for complete protection, it’s best to pair your antivirus with a VPN—one that can shield your data from intrusions like ISP snooping, packet sniffers, and compromised routers.  

Click the links for more information about Webroot SecureAnywhere® antivirus solutions and the Webroot® WiFi Security VPN app.  

The post Antivirus vs. VPN: Do You Need Both? appeared first on Webroot Blog.

Notice: What Happens on Public Computers, Stays on Public Computers

Reading Time: ~4 min.

These are the places your digital tracks can be dug up. With a little sleuthing.

Experts have warned for years of the risks of using public computers such as those found in libraries, hotels, and airline lounges. 

Many warnings focused on the potential for hackers to plant keystroke loggers, or intercept data as it flows across the internet. Indeed, in 2014, the National Cybersecurity and Communications Integration Center of the U.S. Secret Service issued an advisory for “owners, managers, and stakeholders in the hospitality industry” concerning data breaches. The text of the advisory claimed, “The attacks were not sophisticated, requiring little technical skill, and did not involve the exploit of vulnerabilities in browsers, operating systems or other software.” A 2014 announcement may seem to be an outdated reference, except that the recent Marriott data breach of over 300 million records was attributed to an attack in…wait for it…2014.)

But spyware and keyloggers aren’t the most common threat to the users of business center and other public computers. Forgetfulness, operating systems, applications, and temporary files are high up on the list. For several years I have searched public computers, mostly at hotels, to see what kinds of information people have left behind. It’s been an interesting passion project, to say the least.  

Uncovering a Very Public Digital Paper Trail

The first places I look are the documents, downloads, desktop, and pictures folders. The pictures folder typically yields the least interesting information, usually pictures of groups of drunken people, group gatherings at restaurants, weddings, or cats.

The desktop, document, and occasionally downloads folders are where most documents are inadvertently left behind. Some interesting samples I’ve discovered include a spreadsheet of faculty merit raises at a university in Texas, including the names of professors, their departments, their current salaries, and their projected raises. Another was the assignment of a chief officer to a ship belonging to one of the largest shipping companies in the world. It included the officer’s name, address, phone number, vessel name, date of assignment, and contact information.

I have come across corporate audits and strategic business plans. Recently, I discovered a document called “closing arguments” created by a district attorney. When possible, I contact the owners of the information to help them understand the risks of using public computers for sensitive work. I rarely hear back, however the DA did thank and assure me the document was a training example.

The biggest menace, however, has been the temporary files folders, which include auto-saved documents and spreadsheets, as well as attachments. It is in the Temporary Internet Files folder that I have uncovered complete emails, and even a webpage including a bank statement detailing a large balance, the account holder’s name, sources of income, and the names and addresses of places he had done business. Of all of the temporary files I have discovered, documents belonging to businesses’ employees have been the most unsettling. 

If you must, take precautions

There is some good news concerning the safety of public computers. Due to technology changes, I no longer find the contents of emails in the Temporary Internet Files folder. But we’re far from out of the woods. I have found my inbox cached, including pictures within emails and even a PDF that had not yet opened.

Although I could not open emails in the temoprary copy of my inbox shown above, subject lines and return email addresses may reveal more information than desired. 

Deleting temporary internet files is a good habit, but there are multiple locations that temporary files are stored. Documents edited on public computers remain of particular concern. Due to auto-save features, it’s possible to open a document on a thumb drive and leave auto-saved documents behind on the computer. Now in normal operating circumstances and with current operating systems and Office applications, this is not likely to happen. But errors like OS and application crashes will leave these copies behind. Microsoft Word and Excel will even proactively offer these auto-saved documents to the next user of these applications

The PDF file shown above was left behind when I read an email using my ISP’s webmail interface. 

Other than finding and deleting information left behind, my use of public computers is limited to reading online articles, checking the weather, and performing internet searches. What personal information you are willing to leave behind on a public computer depends on your risk tolerance. But it’s important to note that accessing corporate data on public computers could result in an inadvertent violation of company policies involving confidential data.

Although I still find public computers running Windows XP, there is a growing shift in the hospitality industry to use Kiosk applications. These provide limited functionality combined with locked-down security configurations. Access to the start menu is not possible and functionality is limited to desktop applications. Printing of boarding passes is a common allowed application. Reading web email is sometimes allowed, though I don’t recommend it because it requires entering a password. The risk of password compromise may be low, but the value of practicing quality security habits leads me to advise against it. If you must, consider changing your email password the next time you log onto a private computer.

If you happen to be using a public computer without a Kiosk interface, would you be so kind as to copy this blog, paste it into a Word document, and save it on the public computer to help inform the next user? They may end up paying it forward.

The post Notice: What Happens on Public Computers, Stays on Public Computers appeared first on Webroot Blog.