Blog

Do You Know What The Dark Web Is?

You may have heard of the dark web, but do you really know what is going on in this special part of the Internet that you need software to access?

What if somebody told you that there was a huge portion of the Internet that few people have ever been to? That right now, there is a place online that you can’t get through via your Firefox or Google Chrome web browser that houses 7500 terabytes of information? A place that has between 400 and 550 times more public information than the “regular” Internet, spread out across more than 200,000 different sites?

This may sound like fiction, but it is very much a reality. The above statistics are referencing something called the dark web and if you’ve never taken the time to learn about it, now would be an excellent time to start.

What is the Dark Web?

Technically, the dark web is just a blanket term used to describe either A) a part of the web that requires special software to access, or B) any website that hasn’t been indexed by Google. As the vast majority of all online interactions essentially begin with a search engine, a site that doesn’t appear – even when you search for it by name – on an engine like Google essentially doesn’t exist at all.

But these sites do exist and they’re a lot seedier than you were likely even imagining.

To the first point, certain areas of the dark web are only accessible via specialized applications. Tor, Freenet and I2P are some of the most prominent example. Tor is a name you’ve likely heard before in reports on the dark web on your local news, as it is the most popular of these applications in large part because it is also the easiest to use.

The Implications of the Dark Web

The major appeal of the dark web comes by way of anonymity – applications like Tor promise total secrecy and complete anonymity as they don’t connect a “user” and a “server” through traditional means. Instead, they use what are commonly referred to as Tor relays – specially configured computers that act as nodes. As a message moves from one node to another, it is encrypted in such a way that only the machine that sent it and the machine it is being sent to can decode it.

Pass a message across enough of these nodes and it becomes incredibly difficult – if not downright impossible – to decrypt.

Because of this greater degree of anonymity and secrecy, the dark web is incredibly popular among people with malicious intentions. But it isn’t just cyber attackers who are making use of these resources – everyday criminals, pedophiles and even certain terrorist groups regularly communicate via these means.

Just one frightening example of the “worst” that the dark web has to offer comes by way of its “Assassination Market.” This is exactly what you think it is – a place where users can pay money with the specific intention of having someone assassinated.

The dark web is home to many of these markets, in fact, where illegal goods like drugs and firearms are sold. In an effort to remain as anonymous as possible even in the middle of a transaction, Bitcoin has quickly become the favored currency among its users.

Where the dark web suddenly becomes relevant to small and medium-sized business owners, in particular, has to do with its intersection with cyber crime.According to one study conducted by the Norwich University, the total amount of revenue generated by criminal activities on the dark web exceeds $100 million per year. People are regularly using it to develop, share and test new cyber attacks before they have a proper “launch” against targets all over the world.

When you consider the fact that the cost of a single data breach now costs businesses an average of $3.62 million as of 2017 (breaking down to about $141 per compromised record), you can begin to get an idea of why the dark web has become incredibly popular among people who wish to do you harm.

Also making things incredibly difficult is the progress (or lack thereof) that law enforcement agencies are having in penetrating the dark web’s murky waters. Thanks to the aforementioned way that the dark web operates, it’s very difficult to simply “bust” someone planning a massive cyber attack. Even Bitcoin makes tracking illegal funds much easier said than done. Also complicating matters is the fact that a significant number of the sites listed on the main index of dark websites are scams – meaning that they only look like they’re fronts for illegal activity.

Still, the good news is that while the dark web certainly makes the job of agencies around the world more difficult – stopping these people is certainly not impossible. In recent years many agencies have had a large amount of success in both bringing down some of these illegal websites and arresting the users behind them. Ross Ulbricht, for example, was the person who created perhaps the most well known drug market in the history of the web – Silk Road. Though a feature film has been planned about his life, he’ll have to watch it from behind bars as he is currently incarcerated.

If you think that the dark web doesn’t have the potential to affect your employees, your customers and ultimately your business, you’ll definitely want to think again. Part of staying protected in terms of cybersecurity and the digital age involves staying aware. Knowing as much as possible about what people are up to in the so-called “dark” or “deep” web puts you in a better position to fend off new cyber attacks before they have a chance to do some real damage.

If you’re in Omaha and would like to find out more information about this or any other essential IT topic, or if you just have any specific questions that you’d like to discuss in a little more detail, please don’t delay – contact InfiNet Solutions today by phone at (402) 895--5777 or by sending us an email to [email protected].

Do You Know What The Dark Web Is? Read More »

8 Ways to Prevent Phishing Attacks  

Phishing attacks are deadlier than ever. Here’s how to train your employees to watch out for them. 

Phishing schemes send duplicitous emails to businesses in an attempt to infect computers with malware. They’re successful when an employee clicks a suspect link/attachment, or gets tricked into giving up financial information.

When it comes to data security, phishing threats get less attention than more “active” malware attacks—And that’s too bad, because today’s phishing schemes are deadlier than ever.


Gone is the broken grammar from Nigerian princes. It’s been replaced with professional, detailed messages containing legitimate-looking logos and intelligent language.

They’re so good that even tech experts get fooled.


A successful phishing attack could cost your company anywhere from thousands to millions of dollars. Protect your business—Here are eight tactics to put in place.     

Phishing Alert

Encourage Suspicion.

Studies reveal that employees fall for phishing scams because they’re trained to always be “nice.”   As a result, they comply with email requests from “clients” without any question. Experts advise taking a suspicious approach to all emails. If an email message “feels wrong, listen to your gut.” Train your employees to follow their instincts when it comes to suspect emails.

Scrutinize URLs and Addresses.

You should always carefully examine all email addresses and URLs. With phishing emails, they tend to be a bit “off.” The URL won’t match the directions given in the message, or it won’t be the real web address, rather a similar one. The same is true of email addresses, and company logos, watermarks, and signoffs. If you simply glance at this information, you may be fooled.  If you take closer look, you’ll realize it’s a counterfeit. Train employees what to look for if they come across an unexpected email, and to always pay attention to the details.

Think About the Message and Logo.

Phishing scams can be very subtle. Advanced phishing attempts may take over email clients to send messages from what appear to be very reputable sources. This is why it’s essential to stop and think before taking action—especially when money or sensitive information is involved.

Train your employees to examine the message. Is it unusual? Is it unexpected given what they know about the project or client? If they get a message that says, “Wire $5,000 right away for patent rights or we will lose this market,” this should raise warning bells—Why didn’t this person make a call or explain this in person? Any emails that focus on a disaster or emergency like this should be immediately suspected.

If You Don’t Know the Person, Stay Away from the Email.

Don’t recognize who the email is from? Then don’t do anything. This policy protects employees from phishing emails that get through your spam filters. If the email is from an address they don’t recognize, they should ignore the message. If necessary, they should forward it to the appropriate account manager and ask if it’s legitimate. It’s always worth taking a little extra time to confirm messages, rather than falling for a phishing scheme.

Call for Confirmation.

It’s amazing how many people don’t do this, even with extraordinary requests. Successful phishing emails depend on you not calling the sender and asking what’s going on. Calling the sender can destroy the most careful phishing attempts. (At the highest level, phishing may include fake phone numbers or rerouting, but this is quite rare.)

To get around this, phishers may include a message that says, “I will be out of the office today, but this request requires your immediate attention. Please don’t try to contact me, just download/click link/send money/ or (do some other stupid thing).”  If you see a message like this, the first thing you and your employees should do is pick up the phone and call, especially when important data is involved.

Stay on Top of the Latest Phishing Schemes in Your Industry.

Phishing schemes vary between industries (based on how much money can be conned out of particular businesses). Research the phishing schemes trending in your industry, and what warning signs to look for. A variety of services offer intelligence reports for this very purpose.  You can also visit security zines and forums that focus on your industry. These are typically updated with the latest cyberattacks.

Block Access.

Eventually, companies reach a size where trusting employees to avoid phishing attacks becomes very difficult. It’s important to use strong firewalls and updated security filters to block access to any dangerous or illegitimate sites (the same goes for downloads, etc.). This is essential to mitigate damage once phishing emails are opened. Phishing scams can’t hurt your business if they can’t upload malware.

Adopt Email Authentication Standards.

Email authentication standards are improving all the time. They provide an excellent way for companies to stop spoofing attempts both to and from your organization. Basically, it authenticates senders and makes sure that an email really did come from that sender.  This tactic also makes it more difficult to spoof emails from your company. The current standard is DMARC (Domain-based Message Authentication, Report and Conformance). So, if your business is a target of phishing scams, look into adopting this standard for added protection.

An issue worth noting is that DMARC is relatively new and underused.   It may not be compatible with all software and services. So, this is the time for a serious consultation with your IT experts to discuss implementing authentication. The process is highly effective, and worth your time.

Need help protecting your business in Omaha from phishing attacks? InfiNet Solutions is ready to help. We specialize in data services and security, and can find the right approach for your business. Contact us at [email protected] or call us at (402) 895--5777 for a no-obligation, complimentary consult.

8 Ways to Prevent Phishing Attacks   Read More »

Hidden Gems in Apple iOS Notes  

The Apple iOS Notes application is a great tool with so many practical features.  However, many don’t know about these hidden tools to extend the Notes experience.  Check them out here.    

The Apple’s Notes application is built into all versions of iOS. Ever since the release of the original iPhone in 2007, it’s been the perfect way to handle word processing on-the-go.

Apple IOS Notes

Notes will get a significant overhaul when iOS 11 is released in the fall of 2017. If beta versions are any indication, you’ll be impressed with the new capabilities Notes provides.   Here are just a few of them:

Notes Stationary

With Notes, iOS 11 you’ll be able to change the default stationary—select yours from a range of lined and gridded paper styles.  Change the default style for all your notes, or on a note-by-note basis. Just tap the “New Note” button and select the “Share” arrow. Or from your computer keyboard hit “CMD” + “N”. Once you select the “Lines & Grids” option, you see all the styles to choose from.

Superior Organization

The iOS 11 version of the Notes app has some great options for organizing. Until now, Notes appeared on one screen. You could create folders, but extensive organization wasn’t a possibility—Until now, that is.

In iOS 11, all you have to do is swipe the title of a note with your finger to open up a new list of organizational options. In addition to moving and deleting notes, you can password-protect a note. This is perfect for people in enterprise environments who share devices like iPads.

Pinning

You can also pin a note to the top of your list, so it’s always within reach. To do this, simply swipe right on the name of the note, and release. The note will be pinned in place so it can’t be moved even if you organize by date created, or alphabetize by title, etc.

Moving and Deleting Notes

Previous versions of Notes allowed you to quickly delete a note or move it into a folder with a few swipes of your finger. This basic functionality remains in the iOS 11 version—However, it’s gotten a significant makeover.

Now, when you swipe on a note and select “Move,” you won’t see a list of all the folders you created. Instead, you’ll see icons that represent things like attachments and images.  This lets you quickly view your options so you can move your note. All you have to do is tap on the folder and the selected note will move there instantly. This won’t take more than a few seconds.

However, when you attempt to delete or move a password-protected note, you’ll now be prompted to enter the password (or use Touch ID depending on the settings on your device). You won’t be able to do anything unless you provide the proper credentials, which, again, helps to keep your confidential information private.

If at any point you make a mistake when it comes to moving and organizing your notes, all you have to do is physically shake your iPhone or iPad for a second or two to undo it. You don’t need to go through the menu system.

More New Features

The new iOS 11 Notes app comes with advanced features that add value for enterprise users in particular. If you own an iPad Pro and an Apple Pencil, you can now sketch anywhere in any note, at any time. Certain text tools that were only in the macOS version of Notes, will now be available in iOS 11.

Use the camera on your device to scan paper notes and save them in Notes until you move them to the folder of your choice. Previously, this feature was only available in third-party apps, most of which will now be unnecessary.

These are just a few of the new, hidden features in Notes iOS 11.  If you’d like to learn more for your business in Omaha contact InfiNet Solutions at (402) 895--5777 or [email protected].

Hidden Gems in Apple iOS Notes   Read More »

Everything You Need To Know About World Wide Web Day

World Wide Web day is a chance to celebrate the way the Internet has created an environment for collaboration and business growth.

World Wide Web Day

How often do you start your days by signing into your email account, scanning your social media accounts, or reading the latest headlines? For over two decades people across the world have enjoyed the Internet and all that it has to offer. From staying connected, to increase revenue streams, to helping businesses grow, World Wide Web Day is a global celebration dedicated to web browsing, the online activity that brings a wealth of knowledge to your fingertips.

A Look Into The Origins Of World Wide Web Day
CERN scientist Tim Berners-Lee wrote a proposal in March 1989 regarding the future development of a distributed system for the laboratory and scientists across the globe. By December 1990 the world’s first server and website were on the precipice of going live at CERN. From its birth to initial inception, the World Wide Web was designed as the system to inspire communication via hyperlinks. Today, the web has exponentially grown to allow people from all over the world to communicate, share knowledge, learn, connect, and grow. In many ways it has become the catalyst for change within our society as doors that would have been previously unimaginable are being opened.

A Brief History Of The Internet
The invention of the internet is attributed to Tim Berners-Lee, a British scientist who in 1989 first conceived of the idea at CERN in Geneva, Switzerland. The idea grew out of a necessity for nearly instantaneous and automatic knowledge-based sharing between scientists across the globe. Until the birth of the World Wide Web, a scientists ability to share information quickly and accurately was minimal at best; needless to say, if progress was to continue to develop at a rapid pace, then a better, more innovative communication platform needed to be developed.

The world’s first website was hosted on Berners-Lee’s NeXT computer and was dedicated to the World Wide Web project. The site described the features of the web; how to set up your own personal server; and how to access other people’s shared documents. As time progressed and the popularity of the World Wide Web sky rocketed, the need for larger and faster servers quickly arose; however, the original NeXT machine can still be found at the CERN laboratory.

By April 30, 1993 CERN had decided to make the World Wide Web software a public domain. Over the next months CERN issued a release that was made available with an open license to further spread the use of the World Wide Web to those outside of the scientific community. Through these steps, CERN ensured that the use of the World Wide Web would continue; its growth would flourish; and people from all walks of life would be able to enjoy the mass amount of knowledge that would soon be stored, displayed, shared, and published. By making the software needed to run a web server freely available, CERN also helped to create the platform needed for future open source software development ventures, which have resulted in some of the greatest digital technological advancements of our time.

How Can You Celebrate World Wide Web Day?
In 2013, CERN decided that it wanted to raise additional awareness regarding the initial origins of the World Wide Web project. As part of this initiative, CERN reinstated the world’s first website, going so far as to use the site’s original address. Today, we can celebrate World Wide Web Day on August 1, 2017 in a multitude of fashions. We can celebrate by logging into our email accounts, posting on social media platforms, debating in online forums, posting a blog, streaming live music, backing up our data servers, reading blog posts (such as this one), or completing any of the myriad of actions that the World Wide Web has placed at the tips of our fingers. No matter what actions you choose to take remember to honor the original mission of the World Wide Web by creating, sharing, and publishing valuable information that can be enjoyed by people throughout the world. Partake in World Wide Web day and discover how emerging technologies can benefit your business when you contact InfiNet Solutions located in Omaha via [email protected] or (402) 895--5777.

Everything You Need To Know About World Wide Web Day Read More »

How serious is Your Company about Securing its Data?

This article will discuss data security at most companies. It will look at some of the biggest mistakes company makes when securing data and some possible solutions.  

Today we use technology in almost every aspect of our lives. While that can be a good thing, there is a negative side to it. Anyone with the right technical know how can gain access to your company’s data, which they can use to destroy your business empire.

No matter the size of your company, you will need to create a plan that ensures all the data generated is secure. This plan is known as a security program. The program provides the framework that helps to keep the whole organization safe.

Some of the Biggest Mistakes that You Can Make in Securing Data:

  • Lack of a System on Where to Store Important Data.

When a system is not in place on where sensitive data should be stored, it increases the chances of it ending up in an unsecured location. One way to solve this is if a company creates a policy that categorizes what type of data is considered sensitive.

  • Cloud Misuse.

When a company stores data on the cloud, they are essentially storing their data on a hired computer. That means they have no control over it. If the data is of a sensitive nature, then it needs to be encrypted before being placed on the cloud. It is also important to understand the policy of the cloud services provider. It is especially so if you are required to share encryption keys with them.

  • Failure to Protect from Internal Threats.

One of the best examples of this kind of leak was the “Snowden” leak. The issue of the leak was because of weak governance issues. For instance, in this leak, the person managed to copy many gigabytes of data without any hindrance. Organizations need to be careful about giving employees access to data when they do not need it.

To fight off any chances of internal leaks, an organization needs to address the insider threats with appropriate controls. The controls need to be able to identify the damage and tell how much data has been stolen.

  • Trusting Technology.

One of the biggest mistakes a company can make is to have faith in its technology. It is important to note that as you work to improve security, hackers are also working. They are designing new and creative ways on how to get past your security. It is thus important that you have experts who conduct regular tests on your system. That way, they can help identify any potential leaks before they occur.

  • Failing to Invest Enough in Data Security.

When a business faces a data security challenge, it will most times look for a one size fits all solution. In such a case, the company may end spending too little to protect the data effectively. However, a business has to be willing to go further than this. It has to look for the most secure means of keeping its data secure.

  • Failure to Protect Physical Devices.

One of the easiest ways to hack a network is by using a device that is already accepted into the system. However, some organizations do not have measures in place to deal with the loss of physical devices. A good organization should have a mechanism that ensures stolen devices can no longer be allowed to access the system.

  • Failing to Take Care of the Human Factor.

An organization will spend a lot of money implementing the most complex security measures. However, most organizations drop the ball when handling the human factor. The staff is not well-trained on how to stay secure. There needs to be a training program for both new and existing employees. As changes are made to the security program, employees need to receive additional training.

Some of the most important Tips to Stay Secure.

If these measures are not being implemented at your organization, you need to start implementing them if you want to stay safe.

1. Make Use of Strong Passwords.

One of the easiest ways of keeping your organization secure is by implementing a strong password. Ensure that everyone who has access to your network makes use of a strong password. Use a combination of all character types on your keyboard for the best password. You should also ensure that your password is at least 8 characters long.

Never use any personal data as your password. Additionally, avoid using variations of personal data to create your password. Besides that, ensure that you change your password after every 90 days. It is also important everyone to have his or her own password and username. Having a generic password for everyone is dangerous.

2. Make Regular Software Updates.

Another simple but effective measure to keep your data safe is to keep all programs updated often. There is little use in installing the latest software if you will not make regular updates to it. Data is only as safe as the most recent updates to the system.

3. Encrypt Portable Devices.

Portable devices such as laptops are quite easy to steal. It is thus important that you take the extra step to ensure they are safe, even when stolen. One of the easiest measures to keep them safe is to encrypt them. The encryption software will make data on your hard drive unreachable unless they have a password.

4. Make Regular Backups.

Ensure that all company data is backed up to a secure offsite storage facility. Thus, even when your systems are compromised, your data will still be secure. The general rule of thumb is that backups should happen once a week. Getting data corrupted is painful but failing to have a backup can be even more painful.

Conclusion.

When creating any security measures, the top leadership must lead by example. They must be willing to spend money on programs that help to educate employees. It is important to note that data security is an ongoing process that will require regular revisions.

How serious is Your Company about Securing its Data? Read More »

Call Now Button