Coleman Technologies Blog

Numbers are still coming in as far as how widespread this issue is. As of Monday, cybersecurity firm Kaspersky Lab said potentially thousands of Asus computers were infected, but on Tuesday that number has potentially broken a million.

How Could My Asus Laptop Get Hacked?

This type of attack is called a Supply-Chain Compromise and is one of the most frightening kinds of cybersecurity threats out there. Asus’s software update system was compromised by hackers, putting a backdoor into consumer devices. The scariest part is that this backdoor was distributed last year and it’s just being noticed now.

The good news is this has given Asus plenty of time to plug up the security holes on their end, but if you own an Asus device there is still a chance that it is infected with malware from the initial attack.

What Do I Do Now?

First and foremost, no matter what brand of computer or laptop you have, you need to make sure you have antivirus, and that antivirus needs to be licensed and kept up-to-date.

If you have an Asus device, Asus has released an update in the latest version of their Live Update Software. They’ve also patched their internal systems to help prevent similar attacks from happening in the future. You’ll want to make sure you have Live Update 3.6.9 installed.

Asus has also released a security diagnostic tool that will check your system to see if it has been affected. Click here to download the tool.

We HIGHLY encourage you to reach out to Coleman Technologies if you are running any Asus hardware. It’s better to be safe than sorry.

As a result of this increase in phishing attacks, endpoint security has grown much more focused, but the issue with phishing isn’t necessarily an issue with the strategies surrounding your technology--rather, it’s an issue relating to your organization’s users and their tendency for failure. Now, we know this sounds a little harsh, but it’s been proven time and again that employees need security training on how to handle credentials and other sensitive information. Let’s take a look at a couple different types of attacks you can be exposed to, and what you can do to keep your organization from becoming just another company that has suffered from a data breach.

Deceptive Phishing
Deceptive phishing is one of the most common types of phishing scams, and it aims to fool unsuspecting users into handing over sensitive information. This happens when the hacker sends a message to users that impersonates an actual person or company that the organization has some sort of relationship with. These hackers use deceptive phishing to convince users to hand over information like passwords, usernames, account numbers, etc. Since official credentials are being used to access these accounts, it doesn’t immediately become a security concern.

For the most part, these deceptive phishing messages are either ignored by the users, caught by filtering technology, or disregarded when they’re accessed. Unfortunately, the handful that actually do fool the end user are worth the hundreds-of-thousands that are sent to others. To keep your business from making this fatal mistake, you need to focus on increasing awareness of what makes phishing attacks so much different from your average legitimate email.

Some of the telltale signs of phishing messages include misspelled words, problems with sentence structure, and suspicious attachments or URLs. Always hover your mouse over a link before clicking on it to determine its location, and never download an attachment unless you know who’s sending it. Another thing to look out for is any financial institution or vendor demanding payment or access to your account--there are other, more official methods of outreach for methods such as these; and no bank or similar institution will ever, ever ask you for passwords.

Spear Phishing
Spear phishing attacks are targeted attempts against a specific user. For example, someone who sees a message from a coworker might let their guard down, but this doesn’t necessarily mean the message is safe. It just means that some hacker managed to find a way to mimic the sender in a way that is extremely convincing. Spear phishing attacks will often know the target’s name, title, company, work phone number, and much more--all to seem as authentic as possible so the user will click on a malicious attachment or URL.

Even social media isn’t safe from this trend. LinkedIn, for example, is one of the most common places where spear phishing is leveraged. It might be used for connecting with other business professionals, but it’s not hard for a hacker to imitate a business professional. We aren’t saying that you need to avoid social media like the plague, only that you should approach it with some sensible caution.

Pharming
That being said, more people are learning about these attacks by the day, meaning that some hackers have ceased these types of attacks for fear of their efforts being for naught. Instead, they turn to a practice called pharming, which is using an organization’s DNS server to change the IP address associated with the website name. This gives them a way to direct users to malicious websites to steal their legitimate credentials.

To prevent this from happening, it’s very important that you tell your staff to be sure they are entering their credentials into a secured site. The best way to make sure this happens is to look for the “https” in the hyperlink, as well as a padlock icon next to the address. It also never hurts to have an antivirus solution on each endpoint within your organization.

Coleman Technologies can help your business stay as secure as possible. To learn more, reach out to us at (604) 513-9428.

What Are Biometrics?
Biometrics are a method of authentication that uses some sort of physical attribute or qualifier rather than a password or a key code. Some examples include fingerprints, voice patterns, typing rhythms, and so much more. They are easier to use than your typical passwords or key codes, and even better, they can be used in conjunction with traditional security measures and practices.

Let’s take a closer look at what some of these biometrics are, as well as the most practical way to implement them.

Biometric Types
There are two major categories for biometrics: physical identifiers and behavioral identifiers. Physical identifiers are by far the most common:

• Signatures: Signatures are one of the unique ways you can identify an individual, and you’ve surely seen this biometric used at least once somewhere or another. Whether it’s a transaction or an agreement, a signature can do much to guarantee someone’s authenticity.
• Fingerprints/Physiological Attributes: This particular biometric is often used to secure smartphones. Fingerprints can be used to determine the identity of the user, as well as various other physiological attributes, like palm scanning, retinal scanning, and facial recognition.
• Voice: Voice-based authentication is common all over the place these days, whether it’s a personal user issuing commands to a virtual assistant or a business using voice authentication to navigate automated answering systems.
• DNA: The technology to implement DNA sequencing into authentication is still a ways off, but it’s closer than you might think.

There are other behavioral identifiers that are used for biometric authentication. While these methods are still in development, here are a few examples of them:

• Typing Patterns: People all write in different ways, and the same goes for typing. Therefore, this can be used to determine the authenticity of the user based on their keystrokes and the pressure applied to the keys.
• Navigation and Engagement: In a similar fashion, the way that people navigate applications and systems can also determine identity. Mouse movements are quite showing, as well as how we hold devices.

Reliability (and Risks) of Biometrics
Biometrics are proving problematic to an extent, mostly because they can be inconsistent. Voices can vary depending on the user’s health or age, and faces can change based on a clean-shaven (or bearded) face, a haircut, or a pair of glasses. There are ways to work around this system, and with biometric authentication, there is much that needs to be taken into account.

Security is a Major Concern
This kind of data needs to be heavily protected, as it not only exposes sensitive information, but personal information as well. These kinds of credentials are also not easily changed, as they are heavily based on physical traits. For these reasons, biometrics may take some time to be adopted as the norm.

What are your thoughts on biometrics? Let us know in the comments.

New Gestures
The latest version of Android OS contains a built-in new gesture navigation system, but it might not be turned on automatically. To turn this on, go to Settings > System > Gestures. Then you must tap on Swipe on Home Button and press the on-screen toggle switch. You will see the change propagate almost immediately--the three-icon setup will change to a singular pill-shaped icon.

Navigation isn’t much different from the other builds, either. Tap the pill icon to bring back the homescreen and long press it to bring up your Google Assistant. You can then swipe up twice or long-swipe from the home icon to bring up your app drawer.

Another change that needed to occur is that Android 9.0 Pie removes the dedicated button for recent applications. Users now need to singular short swipe up from the bottom of the screen to open up a carousel gallery that shows all recently opened apps. You can then navigate by swiping between apps or using the home icon to swipe fast-left or right to move through the apps more quickly. To clear the apps, swipe up on the specific app window. To clear all of the apps, just scroll all the way to the left and tap the Clear All button to exit out of all running applications.

Android 9.0 Pie actually tries to predict what you’re likely to need next. These commands are within the apps. If you find it useful, you can drag these suggestions, found at the top of your app drawer, onto the screen. You can then find the shortcuts offered by each app by long-pressing the specific application’s icon. This includes opening an application in split-screen mode, a considerable improvement from Android 8.0 Oreo.

Device Notes
One extremely useful feature for smartphone users is the ability to open your device using a fingerprint scanner, but an even better one is when you can use the scanner on devices that don’t feature an in-display fingerprint reader to keep your screen from turning off.

The alarm clock in Android 9.0 provides some additional functionality. When your notification panel is open (swipe down from the top), you only need to tap on the clock in the system tray to open your clock app and manage the alarms.

What do you think about Android 9.0? What are your favorite features? Let us know in the comments.

1. Prioritization

One of the keys to productive work is to work smarter, not harder. By identifying what is most pressing to accomplish or otherwise needs to happen first, you can inherently increase your productivity.

Ignore Inspiration

For instance, one of the biggest causes of procrastination is taking in a project in its entirety. Seeing the entire scope of an undertaking can be intimidating, which often makes people feel as though they need to be “inspired” before they will be able to accomplish anything.

This is untrue, but can be a difficult impulse to resist. If you catch yourself falling back on this excuse, try focusing specifically on a certain aspect or piece of your greater responsibility. Once this portion is completed, you’ll most likely be motivated to continue. In essence, don’t wait to be inspired… inspire yourself through what you accomplish.

Leverage Prioritization Strategies

Another common cause of procrastination is indecision as to what aspect of a project to tackle first. Again, identifying the most important or pressing activity makes it much easier to make this decision, and there are a few ways that you can do so.

One way is to leverage something called the Eisenhower Matrix. It can be used to sort tasks based on their urgency and importance, advising you on how a task should be approached - if it should be done now, planned for, delegated to someone else, or eliminated. This tool can help you avoid spending time on activities that ultimately don’t matter as much as others, optimizing how you spend the time you have. The Pareto Principle, or the 80/20 Rule, is another means of spending your time more intelligently. By identifying the most important 20 percent of their tasks and minimizing the remaining 80 percent, many people use this principle to spend the most time on their most impactful activities.

Save Distractions for Later

We’ve all experienced that moment where, in the middle of one task, we suddenly have an idea for another. While this new task may be valuable or important, it can also hurt your operations by interrupting the one you’re engaged in at the moment… but again, this thought also needs to be addressed. Many people resolve this dilemma by creating a distraction list. Rather than suspending what they are working on, these people simply take a moment to jot down this idea for further consideration after their task is done. This means that they aren’t jumping between unfinished tasks each time a new idea pops up.

2. Preparation

Once you have your tasks organized properly, you need to ensure that you have properly made preparations to attend to them. Some of these preparations may sound counter-intuitive, but are no less crucial to your efforts.

Make Sure You’re in Order

If you aren’t ready to be productive, you aren’t going to be no matter what you try. Therefore, you need to be taking care of yourself, as well as your technology. You need to be healthy and rested to reach your potential, which means that self-care is a must. This also means that you should be strategic in how you approach your responsibilities. If you know that you tend to have a period of low energy in the late morning, it’s probably beneficial to avoid scheduling intensive tasks for that time. In addition, you need to be sure that you’re up-to-date on how things are done. The more knowledgeable you are, the more efficiently you’ll be able to make decisions, and the faster processes will move along.

Expect to Be Interrupted

The best-laid plans of mice and men often go awry, as they say. This means that you should anticipate other things to interfere with your established work schedule. What if another task pops up, or a task takes longer than anticipated? Taking these kinds of challenges into account will allow you to figure out a solution preemptively, or at least a plan that allows you to adjust and adapt.

Learn from Everything

We’ve all been taught the value of learning from our mistakes - examining situations in which things went wrong, identifying why, and avoiding those circumstances in the future. However, this is only half of what you should do to optimize your productivity. You also need to identify why your successes were successful.

Once you have completed a project or process, take some time to examine it. What about it worked well, and how could that be made better? Was every aspect necessary, or could some of it be eliminated or streamlined? Doing so will allow you to further optimize your procedure to be even more productive the next time.

3. Cheating!

In fairness, these strategies aren’t “cheating” so much as they are methods of working smarter. This way, you can make sure that your tasks are accomplished without expending more resources than they need - including your energy.

Subdivide Your Tasks

Remember the prioritization strategies we discussed above? This is a similar activity, in that you take a larger concept and divvy it up into each step that needs to be completed. Instead of putting them into a matrix or focusing on a specific set of them, the idea here is to simply make your tasks appear more achievable.

Let’s say you have to plan a work event. This alone is a significant responsibility, and can be overwhelming to approach as a whole - where to start? However, you can make your process much more comprehensible by going about it piece-by-piece, effectively expanding your task into a complete to-do list. While this does give you more tasks, they will be much easier to attain and progress with. So, instead of “Plan Party for Greg’s Retirement”, your list might include:

• Buy decorations
• Buy card
• Buy ice cream cake
• Hide cake in freezer
• Have team sign card
• Put up decorations
• Take out cake
• Send email to team to gather

More tasks, but much easier to follow nevertheless.

Leverage Shortcuts

There are a great many ways that your technology can offer an easier way of doing things. Naturally, keyboard shortcuts are one example of this, but so is automation. Let’s face it, any time you can save by having your technology handle something is time that you can then spend being productive elsewhere.

Eliminate Inefficiencies

How much time do you spend debating your options for truly inconsequential decisions during the day? Chances are, it’s more than you’d like to admit. The fact of the matter is that many of the choices that we are faced with aren’t all that impactful. Eliminating as many of these choices as possible will allow you to reserve your decision-making skills for the times that you really need them.

Email is another notorious source of lost productivity, simply because people don’t use it as efficiently as they could. It is too common for what should be a very brief and simple correspondence to take far longer than anticipated. Ironically, this is often because the people involved are trying to be brief.

Instead of cutting corners on your next email, invest a few minutes into including more specifics. Don’t just say you want to meet - identify the topics to be discussed. Don’t leave the time of the meeting open-ended, offer a few availabilities. While it takes longer to write, one email written this way will keep you from having to read, write, and send a few more.

Finding Your Groove

Clearly, there are many aspects to consider when you’re trying to be more productive, and some may be more effective for one person over another. A bit of experimentation will help you to land on the approach that works for you.

Coleman Technologies can help by providing the solutions that enable some of these methods. Reach out by calling (604) 513-9428 to learn more about these solutions.