rmsource spent the end of 2016 at CIO conferences and several charity golf events with customers. We also celebrated with our employee family with picnic's, team building events, and various after work activities. We closed the year with new employees, new relationships, and new vendor partnerships. We are looking forward to 2017!
For more information visit rmsource.com and follow us on Twitter @rmsourceinc!
Weaponized IoT (Internet of Things) - Mirai Botnet
Last year, the "Mirai Botnet" was used (in part) to mount a large-scale, multiple wave attack on DNS Service Provider Dyn, resulting in many high-profile sites such as Twitter, Amazon, Reddit and Paypal becoming inaccessible during the attack.
In a statement by Dyn's Chief Strategy Office, Kyle York, "This was a sophisticated, highly distributed attack involving 10s of millions of IP addresses."
This is believed to be the same botnet used in a record-breaking 620 Gbps attack on Krebsonsecurity.com in September.
Mirai source code was released by Anna-senpai (online pseudonym) on Hackforums (a hacker community site) this past September. Mirai works by using Mirai-infected devices to scan for IoT devices using default credentials. Once discovered and accessed using known default credentials, the Mirai code infects the device and creates a connection to a command and control server to then be utilized in large-scale DDOS attacks.
According to Dyn, a distributed denial-of-service (DDoS) attack began at 7:00 a.m. (EDT) and was resolved by 9:20 a.m. A second attack was reported at 11:52 a.m. and Internet users began reporting difficulties accessing websites. A third attack began in the afternoon, after 4:00 p.m. At 6:11 p.m., Dyn reported that they had resolved the issue.
The following map shows the affected areas and outage scope of the Oct 24 attack on Dyn. Source: Downdetector.com
While there is currently no definitive list detailing which specific device makes and models are vulnerable, Allison Nixon of Flashpoint stated that the botnet is "mainly comprised of IP Cameras and DVRs with components made by Xiongmai Technologies."
While many of the username and passwords within the botnet source code are generic and can be applied to multiple devices, Krebsonsecurity.com compiled the following table by reviewing the Mirai source-code for username and password combinations that could be linked to specific manufacturers and device type.
The Mirai code is loaded into memory, therefore infected devices can be temporarily cleaned by rebooting, however as the botnet is constantly scanning for vulnerable devices, re-infection can occur within minutes. Users of IoT devices should be advised to set strong usernames and passwords, however many devices that allow credentials to be changed by a web-based interface still contain telnet or SSH accessible passwords that are hard-coded into firmware, according to Flashpoints Zach Wikhom.
"The issue with these particular devices is that a user cannot feasibly change this password," Flashpoint's Zach Wikholm told KrebsOnSecurity. "The password is hardcoded into the firmware, and the tools necessary to disable it are not present. Even worse, the web interface is not aware that these credentials even exist."
Flashpoint's researchers said they scanned the Internet on Oct. 6 for systems that showed signs of running the vulnerable hardware, and found more than 515,000 of them were vulnerable to the flaws they discovered."
While electronics company Xiongmai denies that the majority of the attack came from its devices, and has even threatened legal action against various publications for tarnishing the company's reputation, the electronics firm has vowed to recall affected devices.
"The company confirmed that it will recall some of its older products sold in the US made before April 2015 in an effort to improve its password functionality."
Unfortunately, while there are many current suggestions and strategies to resolve this issue, ranging from ISPs detection and client notification, to a defensive counter-hack of infected devices, no clear long-term strategy exists.
What should you do if you believe your device is infected or vulnerable? While the following steps do not guarantee complete safety from the Mirai or other botnet infections, they are basic security steps that should be applied when using any network-connected devices:
Tech-Support Scammers Targeting a Younger Generation
At one point or another, most of us have received an unsolicited call by someone claiming to be from "tech support," informing us that they have detected a virus on our PC. While their delivery and tactics vary, their end goal is usually the same:
A recent Spiceworks report on the 2016 state of IT says that nearly 60% of IT pros surveyed don't expect their IT staff to increase in 2016.
In addition, the report states that despite rising average annual company revenue, IT budgets remain relatively flat. So in turn, IT departments will be tasked with doing more with less. This IT crossroads between fewer resources and growing demands is a perfect avenue for C-Suite leaders to bring in managed resources.
By utilizing one of our managed service offerings, we are able to provide our clients with access to certified engineers and software developers for a fraction of hiring full time employees.
For example, we recently provided a managed solution that offered 24/7 support for a client's call center sites, LAN, WAN and security infrastructure. It also gave the client access to our security, networking, and application engineers for a fixed monthly cost with guaranteed SLA's. By outsourcing these resource-intensive pieces of their security, networking, and specific applications, the client was able to lower costs and capitalize on the skilled expertise of our professional services teams – without the cost or extended timeline involved with hiring each specialized resource individually.
In addition, we also created a Private Cloud Solution for a client in the healthcare field, which allowed them to expand their physicians care network quickly while reducing the IT organization's workload and cutting infrastructure costs. The technologies utilized enabled scalability with a high level of dedicated support for the practitioners and office staff, which were also HIPAA and PCI compliant.
What IT needs are you finding squeezed? Contact us for information on how our solutions can help -- 877-319-3051.
It's no secret that mobile apps are the fastest growing segment of software development. Our custom application development team is experiencing a measurable uptick in requests for mobile apps designed to help businesses increase productivity by keeping employees connected across all devices.
The mobile app development space is also evolving quickly. One of the latest announcements came from Microsoft, who is continuing to deepen its developer resources through the acquisition of leading platform provider Xamarin.
The February 24th announcement describes the acquisition this way,
"In conjunction with Visual Studio, Xamarin provides a rich mobile development offering that enables developers to build mobile apps using C# and deliver fully native mobile app experiences to all major devices – including iOS, Android, and Windows. Xamarin's approach enables developers to take advantage of the productivity and power of .NET to build mobile apps, and to use C# to write to the full set of native APIs and mobile capabilities provided by each device platform. This enables developers to easily share common app code across their iOS, Android and Windows apps while still delivering fully native experiences for each of the platforms. Xamarin's unique solution has fueled amazing growth for more than four years."
"Through Xamarin Test Cloud, all types of mobile developers (C#, Objective-C, Java and hybrid app builders) can also test and improve the quality of apps using thousands of cloud-hosted phones and devices."
What does this mean for your business? With Xamarin integrated natively into the Microsoft stack, our development team can build and test native apps more efficiently and effectively than ever before. That translates to more robust options for you.
A major challenge facing IT leaders today is the cloud. These environments offer scalability, efficiency gains, and measurable ROI. But, they are not a one-size-fits-all solution. With public, private, and hosted options, most organizations end up with a hybrid cloud configuration. Buying the right cloud solution requires more than just server access. End-to-end support for the migrations, apps and business systems residing in that cloud are critical to success.
Here are three questions we recommend asking before moving apps and business systems to the cloud.
1. What apps are good candidates to be moved to a cloud?
The answer is most, if not all of them. Business applications are moving to the cloud at lightening speed, in fact the major players among software companies are forcing customers to move. Microsoft Office 365 made this move a few years ago. Application providers may provide some on-premise support however the trend has moved towards cloud hosted versions of their products.
The bottom line is that visionary business leaders are looking at how some or maybe all of their applications will move to a cloud in the coming years. Likely this is a hybrid environment that includes a mix of private, public, and some on-premise solutions depending on application or vendor requirements for support.
2. To which cloud option should we migrate?
Each type of cloud has its place in the mix. Some businesses require highly secure dedicated infrastructures integrated to their on-premise environments for regulatory requirements. These types of clouds require custom or specific policies and procedures to be met which might be unique to that business and their customers. In this case, a hosted private or hybrid cloud configuration works best.
Working with experts to evaluate the full needs of your business and then planning a cloud architecture that works for your business is key to a successful cloud strategy. Most businesses will use a mix of public, private, and on-premise solutions.
3. Should we invest in infrastructure or managed services?
This is a question business leaders are facing in organizations of all sizes. Companies generally have two areas they evaluate when making this decision.
The first is related to budgeting -- moving IT from a capital expense model (CapEX) to an operating expense model (OpEx). This shift carries tax savings opportunities and does not require the long-term planning for investments in infrastructure and other resources.
The second is related to hiring a Managed Service Provider (MSP) -- moving from internal hires and benefits to on call 24/7 certified experts for montioring and management of systems. This frees up your internal resources to work on mission critical and other projects while the MSP fills in the gaps.
Ready to hire the right partner for your cloud needs? We'll take responsibility and support for your cloud architecture end-to-end. Give us a call to learn about the rmsource difference.
Partial Resourcing Model™ Allows Businesses To Pay For Only What They Need
Recognizing the evolving challenges faced by IT and business leaders, rmsource, Inc. is adapting their service model to include an al a carte fee structure, much like cloud providers offer. The service is called the Partial Resourcing Model™ and it gives rmsource clients access to specialty IT resources when they need them.
Under a single monthly fee, organizations have access to highly-skilled professionals who specialize in almost every aspect of the IT spectrum -- Private/Hybrid Clouds, networking, security, Microsoft servers, app development, SharePoint, Office 365, and much more. This replaces the need to hire full-time or long-term contract employees and includes a suite of project management tools and resources.
“We believe this is an innovative support structure that better addresses the challenges IT leaders face every day,” says Robb Hultin, rmsource, Inc. president and co-founder. “Our model offers a customizable and actionable option for our clients to fill in IT skill and resource gaps in order to get projects completed on time and under budget.”
Hultin and the leadership team at rmsource, Inc. are focused on acquiring the best resources in order to support this model. The company relocated to downtown Raleigh, NC in September of 2015 to be in the midst of one of the most desirable U.S. cities to live and work. Competitive compensation packages and a new location offer comforts that improve the work environment and encourage employee retention.
More information about the Partial Resourcing Model™ can be found in this infographic or by calling 877-319-3051.
About rmsource, Inc.
rmsource, Inc. is a leading provider of IT solutions. As a sole source vendor, their Datacenters, Managed Solutions, Developers and IT Engineers work collectively to execute and solve IT challenges. They effectively reduce both management and infrastructure costs by fully managing clients' IT infrastructures, whether in their Data Centers via a Private or Hybrid Cloud or on-premise.
We believe finding and utilizing the best IT talent should be simple. Many organizations are enlisting the help of an MSP to support their core IT capabilities.
We're taking it to the next level. We've created a program that gives you on-demand access to the best talent in all areas of IT. Our team of highly-skilled professionals are available to plug in and become an extension of your team. We call it the Partial Resourcing ModelTM, which gives you access to all the skills you need, when you need them, with just one contract.
Check out our infographic to see how it works and why it's a better option than traditional hiring and staffing solutions.
Is it time to revamp the light switch using the Internet of Things (IoT)?
Derek Smith, a SharePoint architect and developer here at rmsource, decided to do just that. He recently shed light on the IoT for a community of software developers at the 2015 Raleigh Code Camp. His talk included asking Cortana to set the mood by controlling a set of Phillips Hue Lights using an IoT mash up with Windows 10, Azure, and the Hue API. Check out his video below to learn a little about the evolution of the modern light bulb — and a lot about coding.
In support of our team and the developer community here in the Raleigh, NC region, we sponsored Code Camp 2015, a free event for software developers to learn from their peers. It’s part of our effort to support the growth in our local developer and coding community.
With an estimated 2.6 billion smartphone subscriptions globally today and 6.1 billion by 2020, mobile attacks are on the rise. For enterprise organizations, these mobile hacks offer malicious users an often easy avenue into the network.
Recently, security provider CheckPoint announced Certifi-gate, a security vulnerability on nearly every Android device that allows malicious applications to gain unrestricted access. Hackers can gain access to a mobile device through remote support tools, which can be downloaded or installed from a variety of sources.
Most organizations lock-down company assets such as servers, workstations, and laptops, but many have been slow to incorporate a mobile threat solution.
If your employees have the freedom to download software onto a corporate phone or tablet, you've got a potential entry point to your infrastructures. Here's what you should do to protect your network.
1. Limit users abilities to download content from untrusted or 3rd party sources. Most often this means only allowing downloaded content from approved sources such as the Google Play Store and the Apple App Store.
2. Beef-up security by requiring login or security credentials to gain access to devices with passkeys or passcodes. This should go beyond the simple passwords by including multiple levels of authentication.
3. Stay up to date on mobile security threats and install the latest security patches and updates from the manufacturers. Then, push them to devices regularly.
4. Set best practices and bring your own device (BYOD) parameters for your mobile users such as required VPN use, on-device security, MDM (mobile device management) systems.
5. Hire an MSP to help manage your SOC programs and monitor for threats from all angles, including mobile devices. With a strong team on your side combating threats for a range of organizations, your team benefits from enhanced knowledge and up-to-date resources for fighting malicious attacks.
For more information on mobile attacks get in touch with our experts at 877-319-3051.
Toll Free: 877-319-3051