Category Archives: VPN

Understanding How Bitcoin Mining Poses Security Risks

The value of Bitcoin has had its ups and downs over the past several years, but continues to attract interest in the midst of a chaotic market. The rapid growth of this alternate currency has dominated headlines and ignited a cryptocurrency boom that left consumers everywhere wondering how to get a slice of the Bitcoin pie. For those that want to join the craze without trading traditional currencies like U.S. dollars, a process called “Bitcoin mining” appears to be a great way to get involved. However, Bitcoin mining introduces a number of security risks.

What is Bitcoin mining?

Mining for Bitcoin is like mining for gold—you put in the work and you get your reward. But instead of back-breaking labor, you earn the currency with your time and computer processing power. “Miners”, as they are called, essentially upkeep and help secure Bitcoin’s decentralized accounting system.

Each time there’s a transaction it’s recorded in a digital ledger called the “blockchain.” Miners help to update the ledger by downloading a special piece of software that allows them to verify and collect new transactions to be added to the blockchain. Then, they must solve a mathematical puzzle to be able to add a block of transactions to the chain. In return, they earn Bitcoins, as well as transaction fees.

What are the security risks?

As the digital currency has matured, Bitcoin mining has become more challenging. In the beginning a user could mine on their home computer and earn a good amount of the digital currency, but these days the math problems have become so complicated that it requires a lot of expensive computing power.

This is where the risks come in. Since miners need an increasing amount of computer power to earn Bitcoin, some have started compromising public Wi-Fi networks so they can access users’ devices to mine for Bitcoin.  Such an event happened at a coffee shop in Buenos Aires, which was infected with malware that caused a 10-second delay when logging in to the cafe’s Wi-Fi network. The malware authors were using this time to access the users’ laptops for mining.

In addition to public Wi-Fi networks, millions of websites are being compromised to access users’ devices for mining. In fact, this has become such a widespread problem, that over 1 billion devices are believed to be slowed down by web-based mining. And slowing your device down is not even the worst thing that could happen. A device that is “cryptojacked” could have 100 percent of its resources used for mining, causing the device to overheat, essentially destroying it.

Now that you know a little about Bitcoin mining and the risks associated with it, here are some tips to keep your devices safe as you monitor the cryptocurrency market:

  • Avoid public Wi-Fi networks—These networks often aren’t secured, opening your device and information up to a number of threats.
  • Use a VPN— If you’re away from your secure home or work network, consider using a virtual private network (VPN). This is a piece of software that gives you a secure connection to the Internet, so that third parties cannot intercept or read your data. A product like McAfee Safe Connect can help safeguard your online privacy no matter where you go.
  • Secure Your Devices—New threats like Bitcoin malware are emerging all of the time. Protect your devices and information with comprehensive security software, and keep informed on the latest threats.

Looking for more mobile security tips and trends? Be sure to follow @McAfee Home on Twitter, and like us on Facebook.

The post Understanding How Bitcoin Mining Poses Security Risks appeared first on McAfee Blogs.

Firewalling and VPN in the Remote Work Era

A cloud firewall vendor recently argued that the U.S. Cybersecurity and Infrastructure Security Agency (CISA) is “sounding the alarm around VPN security.” That scary-sounding statement is incorrect. It may get clicks, but it doesn’t benefit security practitioners protecting data and remote workers.

The U.S. Government is not sounding an alarm about VPNs. Rather, it is acknowledging the importance of security best practices in work-from-home operations. CISA’s recent VPN guidance recommends good security hygiene. Like security patching. And multi-factor authentication, to establish user identity before VPN access is granted. While those recommendations bear repeating, they are not new.

Even prior to the Covid-19 pandemic, global VPN use was rising. Cisco AnyConnect VPN is the world’s most widely used enterprise remote access VPN. AnyConnect supports smartphones, laptops, kiosks, and more. It is proven in both small offices and enterprises with over 100,000 users.

For years, Cisco has provided organizations with innovative solutions for secure connectivity. Only Cisco couples:

  • VPN scalability
  • Firewall reliability
  • Cisco Duo’s multifactor authentication
  • Cisco Umbrella’s DNS-based security that protects users, even when they’re off the VPN.

Additionally, many Cisco AnyConnect customers use its split-tunneling features. By policy, traffic can be split on-or-off VPN by application, or Cisco’s patented, DNS-based, Dynamic Split Tunneling (DST). DST can exclude low-risk browser traffic (like videoconferencing) from the VPN tunnel, maximizing VPN efficiency and network performance while lowering costs. Another AnyConnect differentiator is that it can natively assess endpoint posture (e.g., validating endpoint security software is up-to-date) before granting VPN access.

Additionally, Cisco has invested heavily in software-defined networking, SD-WAN, and security tools enabling zero-trust frameworks. Cisco is a bridge for organizations evolving their security posture to a zero-trust model. In fact, last year we were named a leader in the Forrester Wave Report for zero-trust.

Seeing a pattern? Cisco security has a depth of capabilities to meet diverse needs. Nowhere is that more evident in Cisco’s security portfolio than firewalling. Years ago, firewall only meant appliance. Today what’s most important is firewalling — intelligent control points everywhere — cloud-delivered Secure Access Service Edge (SASE), physical, virtual, and even workload-centric.

Cisco calls this flexible and comprehensive firewalling vision the future of firewall. Our approach protects multiple environments: traditional, micro-segmented, cloud, and de-perimiterized networks — as well as SaaS-delivered applications and micro services. Firewalling where you need it, unified with consistent policies, visibility, and threat correlation between endpoint and network security tools.

Firewalling is also foundational to Cisco’s recently-announced open platform approach to security. Our platform tools, like Cisco SecureX, integrate with our security products. They are not extra costs. SecureX reduces security complexity and shrinks administration time. For instance, based on load, SecureX can automate virtual firewall provisioning to grow remote access VPN capacity on demand. Additionally, our open platform unifies Cisco security tools and extends integration with third-party capabilities. The result is rapid identification, fencing, and remediation of incidents.

Returning to U.S. Government cyber news, the Trusted Internet Connections (TIC) 3.0 initiative’s Interim Telework Guidance grants government agencies greater flexibility for using SASE, Cloud Access Security Broker (CASB), and SD-WAN technologies. The acceptance of these new capabilities recognizes the rapid growth of roaming users, remote locations, and SaaS applications. It also acknowledges that backhauling all traffic via VPN to a head office is not always relevant, or practical.

It’s fun to read controversial statements about security. But it’s better to thoughtfully manage risk on your terms. For resources regarding security and connectivity using Cisco’s platform approach, please see these references:

Verify and secure your users:

Our firewalling and VPN solutions:

Platform tools included with all our security solutions:

Cisco SD-WAN:

The post Firewalling and VPN in the Remote Work Era appeared first on Cisco Blogs.

Connect With Confidence: Benefits of Using a Personal VPN 

Protect your digital life 

The recent surge in work from home is likely accompanied by a corresponding increase in corporate VPN (virtual private network) usage. More and more employees who would typically be connected at the office are using these protected networks to access confidential documents and sites. To some, these corporate VPNs are simply a tunnel into their work lives. But what about the benefits of a personal VPN? What is a VPN exactly, and why use one 

Encrypt your data 

While a home network with a strong password can help set a good foundation for your digital safety, it is worth considering additional privacy fortifications as more devices connect (and perhaps stay connected for longer periods of time)Whether it’s kids taking their classes and gaming online or parents trying to run errands remotely, we want to help you protect your digital life. 

At their cores, a corporate VPN and personal VPN perform the same functions. They encrypt (or scramble) your data when you connect to the Internet and enable you to browse or bank in confidence with your credentials and history protected. Should there be any malicious actors attempting to intercept your web traffic, they would only be able to see garbled content thanks to your VPN’s encryption functionality.  

Need for VPN 

Constant online connection is becoming the new normal as we limit the time we spend outdoors. And, as the number of devices online increases, so does the number of threats.  

With many retailers reducing their physical footprints or even closing entirely, such services have shifted online – whether you prefer it or not. Learn how to navigate this changing digital landscape with the following VPN tips and tricks below.  

One classic cyberattack is the “maninthemiddle,” especially prevalent in places with public Wi-Fi connections such as cafes or open Wi-Fi connections at an apartment buildingMalicious actors take advantage of weak network security to intercept and read potentially sensitive information such as bank login credentials or even credit card information. strong VPN with bank-grade encryption can render this attack useless and help keep sensitive data away from prying eyes.  

Which VPN should I choose? 

Not all VPNs are created equal! Make sure that the service you select meets your needs:  

Browser vs Desktop/Mobile 

A browser-level VPN acts as an extension and will only help protect web traffic on the specific browser it is installed on. While this degree of privacy may work for some users, a device-level VPN such as McAfee® Safe Connect can generally help protect web traffic regardless of browser or application selected.  

Level of Security 

It is important to review each service’s privacy terms before you decide which one to use as your trusted gateway. Some VPN services, especially free ones, implement trackers that record your demographic, location, and system information. You can sometimes refer to third party security audits to help validate these privacy claims.  

Bandwidth 

Depending on how much you plan to use your VPN, you can consider searching for services that have either limited or unlimited data plans. If you plan to consume multimedia such as streaming video or uploading large files, an unlimited plan may work better for you.  

Variety of locations 

For general use, it is advisable to let your VPN connect to the nearest and fastest server location. But, having a diverse list of countries to choose from will allow you greater flexibility if the server is slow in one location.  

Ease of Use 

Ultimately, you should choose a VPN that’s easy to use and understand. We are all embarking on digital journeys from different places of technical comfort, but consider starting with products that offer a streamlined and simplified experience.  

If you’d like to learn more about VPNs, read more here, or dive into VPNs for Android and iOS

The post Connect With Confidence: Benefits of Using a Personal VPN  appeared first on McAfee Blogs.

Internet Safety for Kids: A Refresher for Homebound Families

internet safety for kids

Editor’s Note: This is part II of our internet safety for kids series. Part I focuses on younger children and can be read here.

Parents have always been concerned about keeping their kids safe online — especially their tweens and teens. That conversation is even more critical with parents and kids now working and learning at home. But as the days turn into weeks, the line between safe and risky digital behavior may get a little blurry. Maybe we can help by refreshing some basics.

Why is internet safety for kids important?

There’s no way around it. Young and old, over time, we’ve tethered nearly every aspect of our lives to the digital realm. If we want to work, bank, shop, pay bills, or connect with family and friends, we have to plugin. A wired life makes internet safety not just important, but mission-critical for parents.

Kids go online for school, to be entertained, and to connect with friends; only they don’t have the emotional maturity or critical thinking skills to process everything they will encounter on the other side of their screens.

That’s where proactive digital parenting comes in.

If our parenting goal is to raise wise, responsible, caring adults, equipped for real life, that goal must also include helping them safeguard their emotional and physical health from online risk. There’s no such thing as a digital platform or product that is 100% safe. So, our best strategy is to learn and pass on skills that mitigate that risk.

What are the dangers of the internet?

Any danger that exists offline is potentially multiplied when we log online due to the vast access the web affords each one of us. In a few clicks, we can unlock a world of possibilities. The flip side? There’s an ever-present battalion of crooks and bullies out to exploit that access. Online we will encounter the best and the worst of humankind. The daily threats to children include bullying, inappropriate content, predators, and the loss of privacy. Add to that list, digital viruses and malware, phishing scams, sharing regrettable content, and gaming addiction.

How can homebound kids avoid digital risk?

So what can we do to ensure the weeks ahead don’t bring more digital risk into our homes? We start by having consistent, candid conversations with our kids about online safety (even if eye-rolling begins). Truth: Your family’s cybersecurity is as strong as the weakest security link in your family. If one family member is lax about internet safety, your entire family’s security is compromised.

So let’s get started with some internet safety basics to share with your tweens and teens. To read internet safety guidelines for younger children, click here.

11 Internet Safety Basics for Homebound Teens

internet safety for kids

  1. Get candid about content. Your tweens and teens have likely come across inappropriate material online. You can minimize further exposure by discussing expectations and family values around acceptable content — both sharing it and receiving it. Reminder: “Vanishing” Snapchats and deleted content can be easily captured in a screenshot — nothing shared online is private. For extra monitoring muscle, consider adding a parental control software to your family’s internet safety plan.
  2. Keep passwords, software, apps updated. Being homebound gives us all extra time for details. Go through personal and family devices and update all passwords. Keeping device software and apps updated also protects kids from outside risk.
  3. Balance life and tech. Kids can lose their entire day surfing, scrolling, and watching YouTube or TikTok videos. Establish screen limits help kids grow healthy tech habits. Consider scheduling device breaks, no phone zones (dinner table, movie time, bedtime), and installing software that features time limits.
  4. Be a leader online. Yoda was on target — with much power comes much responsibility. Many online dangers can be diminished by consistently teaching kids to be upstanders online. Practicing empathy, respect, tolerance, and compassion makes the digital world safer for everyone.
  5. Address peer pressure. Kids with devices can share unwise, personal photos with friends they trust. When friendships end, however, those photos can be shared or used for bullying or extortion. Discuss digital peer pressure with your child and how to respond.
  6. Look out for scams. Talk frequently about the many forms scams can take, such as phishing, malware, catfishing, fake news, and clickbait.
  7. Don’t friend strangers. Sexual predators create fake social media accounts specifically to befriend kids. In turn, kids share personal info, daily plans, location, and may even agree to meet in person with online friends. Discuss these risky scenarios and other manipulation tactics of predators with your child. Be aware of his or her friend circles, and look for chat apps such as WhatsApp or Kik.
  8. Maximize privacy on social profiles. Help kids maximize privacy settings on social profiles and delete any profile or post information that unintentionally gives away personal data. Consider removing the names of family members, pets, school, hometown, and birthdays. Hackers can piece together this information to crack passwords or create authentic-looking phishing scams.
  9. Consider a family VPN. Virtual Private Networks are becoming the most popular way to conduct business, shop, and safeguard a family’s online activity from outsiders. VPN encryption can protect a child against several virtual threats.
  10. Review gaming safety. If your kids spend a lot of time on games like Fortnite and Call of Duty, they can encounter strangers, bullying, and scams that target gamers. Teen gamers should use a firewall to help block would-be attackers from gaining access to their PC and home networks and as well as a comprehensive security solution to protect devices from malware and other threats.
  11. Monitor devices. Consider spot-checking all devices routinely. Review privacy settings on social networks (kids change them), look for new apps, review browsing history, chats, and texts. Need to go a step farther? Keep your child’s phone for a few hours to check notifications that pop up. You may find activity that wasn’t necessarily visible otherwise.

Taming all the moving parts of internet safety isn’t easy, and balancing your relationship with your child and parental monitoring can get turbulent at times. While kids can experience more drama and anxiety by going online, social networks remain critical channels for affirmation, self-expression, and connection. In the weeks to come, take time to listen, learn, and get to know your child’s digital passions and patterns. Identify safety gaps and reinforce those areas. Good luck, parents, you’ve got this!

The post Internet Safety for Kids: A Refresher for Homebound Families appeared first on McAfee Blogs.

Working from Home Cybersecurity Guidance


Working from home comes with a range of security risks, but employees need to be educated too – human behaviour is invariably the weakest link in a company’s cybersecurity posture. In the current environment, with many more employees working at home, cybercriminals are actively looking for opportunities to launch phishing attacks and compromise the IT infrastructure of businesses, large and small. 

Guidance on Working from Home All companies should start by reviewing the home working guidance available at the UK Government’s National Cyber Security Centre (NCSC). This resource helps companies prepare their employees and think about the best way to protect their systems. Crossword has been advising a number of its FTSE clients in a range of sectors, and below is a summary of the guidance given, in addition to that from the NCSC.

Run Audio and Video calls Securely

What is visible in the background of your screen during video calls and is someone monitoring who is on the call? The same is true for audio only calls. A team member should be responsible for ensuring only invited guests are present, and calls should be locked once started, so other participants cannot join.

Educate Employees on Phishing attacks
The NCSC mentions COVID-19 related Phishing attacks which use the current crisis to trick employees into clicking on fake links, downloading malware, and revealing passwords – so educate them. These could be fake HR notifications or corporate communications; fake tax credits; fake emails from mortgage providers; free meals and mechanisms for registering for them. The list is endless and cyber criminals are very news savvy and quick to adapt. Employees are likely to be more vulnerable to phishing attacks due to people rushing, fear, panic, and urgency; all the behavioural traits that result in successful phishing attacks.

Automate Virtual Personal Network configurations (VPNs) 
IT and Security teams may have a backlog of users to set up on VPNs, to provide secure connections to corporate networks. Do not allow employees to send data insecurely, use automation to make accelerated deployments and guarantee correct configuration. Even IT staff are fallible, and the combination of pressure of work volume and working fast, may leave a gaping hole in your infrastructure.

Control the use of Personal Devices for Corporate Work
Due to the rapid increase in home workers, many employees may be using their own devices to access emails and data, which may not be covered by Bring Your Own Device (BYOD) policies. What this means in practicality, is that employee’s personal devices may not be securely configured, nor managed properly and be more vulnerable. IT and Security teams again, may need to retrospectively ensure that employees are complying with BYOD policies, have appropriate endpoint security software installed etc.

Stop Personal Email and Unauthorised Cloud Storage Use
When companies are experiencing IT difficulties in setting up employees working from home, people may be tempted to use personal emails or their personal cloud to send and store data, as a work around. These are a risk and can be easy for cyber criminals to target to gain company information or distribute malware, as they are not protected by the corporate security infrastructure.

Keep Collaboration Tools Up-to-date
Tools such as Microsoft Teams, Zoom and Google Hangouts are great, but it is important to ensure all call participants are using the latest versions of the software, and that includes partners and customers that may be on calls. Employees should also only use the corporate approved tools and versions as they will have been tested by security teams for vulnerabilities, that could be exploited by cybercriminals. 

Stuart Jubb, Consulting Director at Crossword commented: “Throughout the UK, companies are doing everything they can to ensure business continues as normally as possible as the COVID-19 situation develops. The guidance we are issuing today is a summary of the key points we have been discussing with our clients across a wide range of vertical markets. Good IT security measures are arguably more important than ever as companies become a largely distributed workforce, almost overnight. As ever though, it is not just about the technology, but good behaviour and education amongst employees as cybercriminals work to exploit any vulnerability they can find, whether that be a person, mis-configured tech, or unpatched software.”