May 2016 Newsletter – Page 2

Previous Page

Can I Prevent Hacking?

bottomlineThe Bottom Line: No. If there is enough computing power and enough time any individual could be hacked.

 

DID YOU KNOW: There is a massive commercial market in the buying and selling of exploits and vulnerabilities.

 

The true answer to the question is – it depends who is attacking you, what they want, how determined they are to hack you.

 

Can I prevent hacking?

It depends on who attacks you.

 

Country

prevent_toastcountryYou are toast

 

Corporation

prevent_toastcorpYou are toast

 

Hacker

prevent_hackerYou are in with a chance

 

Expert

prevent_expertYou can be decently safe

 

You or me

prevent_youmeYou can be safe

 

The crudest type of attack is brute force. Brute force refers to attempts that use every combination of letters, numbers, special characters or other computational procedures such as factorization of large prime numbers. These attacks take substantial computing power but once applied you can be sure they can crack your authentication and encryption. Countries have access to super computers.

 

So do some corporations – e.g. Amazon, IBM. That is why we say you are task if you are attacked by a large corporation with deep pockets and lots of computing power.

 

fingerPractical Advice: You can probably prevent any hacker attack if you adopt extreme ‘good practices’. E.g. You always log out of your google account when not using it, you always use VPN, etc.

 

TOP TIPS TO PREVENT BEING HACKED

 

fingerIncrease user understanding of social technological innovation.

 

Mysteriously sent e-mails from the compromised account to a network systems administrator requesting key information and facts as if the administrator himself were asking.
Risking to respond to such emails, ha ha.
Private data and sensitive information may get compromised. Take caution! Only respond to what you confidentially know under such occasions.

 

prevent_remember
Remember: Most cyber-attacks are automated. Therefore, it is paramount to use automated tools for protection and detecting the attacks. Key security goal is to obstruct unwanted scripts from causing you vulnerability checking out and to hamper the hackers from getting access to your site.

 

Code scanning- This is a first caution!! Install a system that operates in the background at a defined frequency lets you identify the new codes are introduced or modifications to your system without your authorization and act before you are seriously attacked.

 

Use strong security passwords and don’t re-use them: Passwords with a mix of many characters are difficult to guess and break into. This becomes difficult to create similar through the keyboard strokes if spywares were installed remotely to monitor your ways. Changing them regularly makes it safer than repeating a similar password frequently.

 

Never, ever try to click a Suspicious Link: Email links sent via emails may contain malwares and these can be detrimental in the long run. It can be a gateway to hacker’s access to your accounts and get the sorts of information about you. So, take caution on the links you just visit on your devices and networks.

 

Use 2-Factor Authentication: Remember all communication devices and personal accounts require identity to enable you sign in (To authenticate implies to verify who you are). Using strong authentication systems requiring biometric information can be hard to crack unlike mere keyboard characters and passwords. By demanding additional verification aspect, you can ensure it is MUCH more complicated for me to gain access into your system.

 

Avoid P2P Computer file sharing network Systems: Uploading and downloading of songs, video clips, TV shows, films, records, and more from one computer to another without using a central server.

 

This is the recommended method of sharing stolen or pirated content. Enormous amounts of information are distributed this way every year.Music, films, records, and other information are very simple to include viruses in. This means that when you obtain information from P2P systems, you are giving me quick access to your system. In reality, nearly all of this information has viruses in them. I can guarantee you that if you have downloadable at least one file from P2P, that your devices have been contaminated with viruses and spywares which snip out information about you.

 

Keep your computer system and applications Updated: operating systems and software programs we use are not so perfect. They are prone to attacks as new inventions and developments are made each day. Updating the system keeps the chances of being hacked at bay. Using genuine applications makes the information leakage obstructed like rushing for cheap and free things which are cracked with spywares to steal much information about you.

 

fingerTake caution, the choice is all yours.

 

 

Danger of the Smart TV

Smart TV has become the center of a connected home. With latest advancements brought by the manufacturers for smarter home entertainment, these changes are providing mammoth leisure in our life. Still, they pose a threat to personal life.

 

Webcam Hacking

It is not new. It is the major threat for Smart TV users. Many of the smart TV users have complained regarding the digital camera hacking techniques. The hackers remotely by the use of remote administration software take non-public photos through your PCs and then blackmail you through these pictures. They can conjointly explore your house for stealing high-ticket and precious information through these digital devices of your house. This happens through your digital camera left on for long when you are not using it. This means that the smart TV can cause serious threats to your personal life yet they are too good to do away with. TAKE CAUTION!

 

Easy Access to Your Gadgets and Social Apps

Any android operating device can be easily accessed as a target through many ways like malicious SMSs, emails, game applications and file sharing. This transfer of information and files can provide a through pass for invisible keyloggers which study and analyze your personal data. This is remotely sent to the root origin and they can do whatever they want.

 

Once the hackers gain access to an IoT device, they generally gain entrance to launch attack to anything linked to the same internet connection such as your tablet, phones or computers. Sometime these devices are also connected to each other in corporate sector which definitely boost the risk to harm enterprise security.

 

If you are actively using social apps like Facebook, beware – you could be taken over.

 

Smart TV Virus

A hacker plus virus equals to a recipe for cyber security disaster. If the virus gets a hold of your contact information in your smart TV, it can spread.

 

Protect Yourself

 

You Have Been Cyber Attacked – Now What?

Keepcalm-makeaplan
We are engineers, we think before we do and then we check. It’s too late to ask that question after an attack.

 

Do the following now!

 

  1. Check that backups are being done.
  2. Check that you are backing up what you need.
  3. Test your backup setAnd
  4. Make a plan – now – while you can. Your career might depend on it. Being hacked is no way to become famous.
  5. Now think through Plan B.

 

“A goal without a plan is just a wish”
Antoine de Saint-Exupery (1900 – 1944)

 

“In preparing for battle I have always found that plans are useless, but planning is indispensable.”

Dwight D. Eisenhower (1890 – 1969)

 

4 Practices to Prevent Approx 80-85% of Cyber Attacks

Two government agencies suggest 4 basic steps to give you the most bang for your buck.

 

The Australian Signals Directorate (ASD) is an intelligence agency in the Australian Government Department of Defence, with its headquarters in Canberra.

 

Kaspersky Lab consider the Australian Signals Directorate (ASD) document to be the best publicly available guidelines from a government organization on how to successfully fight APTs.

 

ASD provide 35 mitigation measures. Industry professionals have estimated that the top 4 practices will prevent approx 80-85% of attacks.

 

Top 4 Strategies to Mitigate Targeted Cyber Intrusions

Measures Brief description
Administrative Training, physical security
Networking These measures are easier to implement at a network hardware level
System administration The OS contains everything needed for implementation
Specialized security solutions Specialized security software is applicable

 

The Canadian Cyber Incident Response Centre (CCIRC) recommends that network administrators implement the following four mitigation strategies, which can prevent as much as 85% of targeted cyber attacks. CCIRC works within Public Safety Canada and is part of the Canadian Dept of National Defense.

 

Top 4 Strategies

 

Ranking Mitigation Strategy Rationale
1 Use application whitelisting to help prevent malicious software and unapproved programs from running. Application whitelisting is one of the best security strategies as it allows only specified programs to run, while blocking all others, including malicious software.
2 Patch applications such as Java, PDF viewers, Flash, web browsers and Microsoft Office. Vulnerable applications and operating systems are the target of most attacks. Ensuring these are patched with the latest updates greatly reduces the number of exploitable entry points available to an attacker.
3 Patch operating system vulnerabilities.
4 Restrict administrative privileges to operating systems and applications based on user duties. Restricting these privileges may prevent malware from running or limit its capability to spread through the network

 

This list of mitigation strategies has broad international consensus and is considered network cyber security fundamentals. These strategies have been endorsed by the Government of Canada, including CCIRC and the Communications Security Establishment Canada. The “Top 4” also underpin CCIRC’s Mitigation Guidelines for Advanced Persistent Threats.

 

fingerPractical Advice:  Kapersky Anti Virus performs tasks that implement the top 30 ASD suggested mitigation procedures.

 

Antenna Miniaturization Technique for Wireless Networks

(For a very detailed discussion of the science and how different shapes provide different frequency ranges read TNC – Fractal Antennas)

 

In the recent years and with the multiplication and miniaturization of telecommunications systems and their integration in restricted environments, such as Smart-phones, tablets, cars, airplanes, and other embedded systems. The design of compact multi-bands and Ultra Wide Band (UWB) antennas becomes a necessity. One of the interesting techniques to provide this kind of antenna is the use of fractal structures.

 

Most antennas are cut in a shape to accommodate for a specific range in frequency. However, fractal antennas are different in that they allow for the transmission of a wide range of electromagnetic frequencies, which most regular antennas do not. Without this function, we would not be able to process all the complex software in such a small size as smart phones today.

 

Ever wonder how an entire computer fits into the smallest cell phone? Cell phones of the 1980s were huge abominations in comparison to the sleek, sexy design of your average cell phone of the 21st Century. Not to mention, the only thing the earliest cell phone model could accomplish was a phone call. Today, many people carry around an entire computer in their pocket and don’t think twice about it. So, how does everything fit into the tiniest cell phone? The answer to this question – it’s all about fractals.

 

Antenna1 Antenna2

 

Radio astronomer Nathan Cohen would use this knowledge in Mandelbrot’s book to make cell phones possible. When Cohen’s Ham radio wasn’t getting good enough reception, he began to experiment with it (as any good scientist would). Thinking back to the book, he bent the antenna into a fractal shape and found that his radio came in much clearer than before.
Antenna3

 

New to CAS – Service / Test / Install Team – EAST

In quarter 3 of 2015 CAS added a new group of employee to its Service / Test / Install Team. Three of them are located in the eastern time zone and service all our eastern clientele. Josh Villeneuve is the team leader and is doing an amazing job.

 

This team is getting exceptional feedback from customers. Job well done!

 

Josh

Josh Villeneuve

Josh Villeneuve is located in Gatineau, QC. Josh is the National Service Manager in our department. He has a degree in Electrical Engineering technology from CEGEP and experience in lighting automation, electronic security, monitoring and access control. Josh has been working with GE Lighting Control services for the past two years.
Wesley

Wesley Shi

Wesley Shi is based in Hamilton, ON. Wesley is a senior in our department. He is very meticulous with his work having a great eye for detail. Graduated from McMaster university, he holds a Bachelor of Electrical Engineering. Wesley has been working for GE Lighting Control for 4 years and is very happy to continue under CAS.

 

Ebad 1

Ebad Hanafi

Ebad Hanafi is based in Toronto. He holds a B.Sc. in Electrical Engineering from the University of Calgary and is specialized in power systems. Ebad has 2 years of experience working in high-voltage transmission line and substation protection & control design for Canadian electric utilities. Ebad has taken on two of our largest projects since we started, he dove in head first and has proven to handle the enormous pressure.

 

Invest for Free – Dividend Aristocrats and the Rule of 72

Some stocks pay dividends. I.e. every now and again they send you money for simply owning the stock. (usually quarterly). This is part of their profit that they are returning to you as an investor.

 

The rule says that to find the number of years required to double your money at a given interest rate, you just divide the interest rate into 72. For example, if you want to know how long it will take to double your money at eight percent interest, divide 8 into 72 and get 9 years.

 

If a stock pays a 5% dividend then it will pay for itself in 14 years
If a stock pays a 6% dividend then it will pay for itself in 12 years
If a stock pays a 7% dividend then it will pay for itself in 10 years

 

How do you know what the dividend is?

Dividend

 

Key questions

  1. Do they have a consistent record of paying dividends?
  2. Do the dividends keep increasing?
  3. Do they have enough money to keep paying the dividend?

 

Dividend Aristocrats are companies who have

  1. Never missed a payment in the last 5 years
  2. Always increased the payment
  3. They have a demonstrated track record of returning money to stock holders.
  4. (There are slightly different definitions for USA and Canada)

 

The Payout / Dividend Ratio

  1. Tells you how much of their ‘profit’ they are paying out as dividends. If the ratio is above 100% then BEWARE they are paying out more money than they are earning.
  2. Optimal ratio’s are 50-70%

 

What does yield mean?

  1. What is the value of 1 year of dividends as a ratio of the stock price. Stock is worth $100 and pays out $1 per quarter then the ration = 4×1/100 = 4%

 

If you can?

  1. Buy these stocks when the price dips – your return will be higher and your money will double sooner.

 

Resources

List of Canadian Aristocrats
US S&P 500 Dividend Aristocrats 2016

 

Advice and when to buy

  1. Seek professional advice before investing. The contents of this article are not financial or investment advice.
  2. Just because they pay dividends you still need to
    • Buy at the right time
    • Buy using good practices – eg. Don’t buy all at once.
    • Do your homework and seek advice. Things can change. The past is not a good predictor of the future.

 

Revenge

Let’s say you hate your bank. You feel their fees are too high, they rip you off ….. Here is a way to get even. If you own stocks in your bank then each time they overcharge you, you can secretly smile because some of that profit is coming back to you as a shareholder. The author owns shares in his bank, cable company and telephone company for this reason.
Stock

 

Amazing Feats of Engineering

Amazing Feats of Engineering

If you liked this post;
  • Please consider subscribing to our RSS feed