SUMMER 2019
Distributor's Link Magazine Summer 2019 / Vol 42 No3
Distributor's Link Magazine Summer 2019 / Vol 42 No3
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
184<br />
THE DISTRIBUTOR’S LINK<br />
JOE DYSART HACKERS’ NEW TRICK: STEALING COMPUTING PROCESSING POWER FROM FASTENER DISTRIBUTORS from page 126<br />
It’s generally secretly downloaded to a computerized<br />
device via a rogue link and executes as a working mining<br />
program at the hacker’s whim.<br />
The second major form of Black Hat mining occurs<br />
while users surf the Web. Essentially, surfers get hit<br />
when they visit a Web page that has been reprogrammed<br />
by a Black Hat miner. The thieving script injected into the<br />
page steals computer processing power as long as the<br />
user remains at the Web site.<br />
In fact, millions of Android users were afflicted with<br />
this form of Black Hat mining in 2018, according to<br />
IT security firm Malwarebytes (www.blog.malwarebytes.<br />
com/threat-analysis/2018/02/drive-by-cryptominingcampaign-attracts-millions-of-android-users).<br />
Fortunately, best practices fastener distributorships<br />
can use to combat computer processing power theft<br />
generally mirror those used<br />
by companies for protecting<br />
against other kinds of<br />
malware.<br />
Job One: The best way to<br />
begin hardening your online<br />
digital perimeter is to realize<br />
that the administrator who is<br />
responsible for your fastener<br />
distributorship’s<br />
computer<br />
network is the number one<br />
person who can make or<br />
break your security.<br />
“Fundamentally, good security really is just good<br />
systems administration,” says Ira Winkler, founder of<br />
Internet Security Advisors Group, a computer security<br />
consulting firm. “And if you can’t afford or can’t get a<br />
good system administrator, I recommend outsourcing<br />
that.”<br />
In fact, Winkler says the smallest of fastener<br />
distributors will probably be best served by an outsourced,<br />
third party computing solution, given that the<br />
entire focus of a top-notch network systems provider<br />
is on configuring, maintaining and securing computer<br />
systems, 24/7.<br />
In other words: you may want to move the critical<br />
computer applications of your fastener distributorship to<br />
the ‘cloud,’ so you can take advantage of the relatively<br />
sophisticated Web security offered there, Winkler says.<br />
At minimum, Sharon D. Nelson, Esq., president of<br />
Sensei Enterprises, a computer security consulting firm,<br />
recommends a quality Internet firewall for your fastener<br />
distributorship that’s properly configured and Internet<br />
security software that guards against viruses, malware<br />
and spyware.<br />
AT $5,000-A-POP, IT PAYS THIEVES TO<br />
ILLEGALLY MINE CRYPTOCOINS.<br />
Both are available with software packages like<br />
Symantec’s Internet Security, Kapersky Security, Trend<br />
Micro Security and the like.<br />
And you’ll also need to be sure your staff gets the<br />
message that your fastener distributorship security must<br />
be taken very seriously. “Education of your employees<br />
is key,” says Rich Conklin, an IT security consultant and<br />
owner, Executive Computer Solutions.<br />
Staying a step ahead<br />
of hackers also means being<br />
careful with any custommade<br />
software, Nelson<br />
adds, since these programs<br />
are rarely subjected to the<br />
rigorous security testing that<br />
popular, established software<br />
endures.<br />
Content Management<br />
Systems (CMS) -- software<br />
designed to enable fastener<br />
distributors to easily update<br />
their Web sites – for example, are often custom-made.<br />
“A custom CMS is usually a bad idea,” Nelson says.<br />
Another common vulnerability: Many employees<br />
tend to get lazy about passwords. Surprisingly,<br />
one of the most commonly used passwords is still<br />
‘P-A-S-S-W-O-R-D’ – a seemingly trivial oversight that<br />
has spelled the undoing of countless, otherwise<br />
stellar computer security systems.<br />
Nelson recommends complex alphanumeric<br />
passwords of more than 12 characters, which are tough<br />
to crack even by software specifically designed to crack<br />
passwords. And she reminds people to use different<br />
IDs and passwords to enter different applications and<br />
networks.<br />
CONTINUED ON PAGE 204