MSPNetworks Blog

Do you remember when you were able to Google something and get the answer immediately, and not have to scroll past ads, sponsored results, and a not-totally-reliable answer hallucinated by an AI? You aren’t the only one. This trend of gradually declining quality in the products and services we all rely on has a very specific, descriptive name that efficiently captures what is happening to tech while also making all our feelings about it exceptionally clear.

In 2022, technology critic and author Cory Doctorow coined the term “enshittification.” The term was named the Word of the Year by the American Dialect Society in 2023, even beating out “AI.” It has proved so resonant that its use has expanded beyond social media platforms to include hardware, software, and technology in general.

Technology works wonders for business, but it also enables other organizations, like law enforcement. We aren’t here to argue ethics, but we would like to touch on some of the technology that certain agencies are using in the execution of their jobs. Specifically, we want to highlight the issues involving the very sophisticated AI and data-mining platforms, such as those developed by Palantir.

The idea of a four-day workweek (where employees work the same schedule, minus one day a week) has long been campaigned for, with numerous anecdotes supporting its efficacy. One very successful example is provided by the nation of Iceland, which implemented initial trials of reduced work with just under 1 percent of its population, or about 2,500 people, back in 2015. 

These efforts have increased over the years, and today, almost 90% of Icelandic workers work 36 hours per week with no negative ramifications to the economy. In fact, Iceland’s society has enjoyed significant benefits during this experiment.

Technology is the engine driving success in our community. From managing daily operations to engaging customers, reliable IT is no longer optional. Keeping that engine finely tuned—ensuring hardware, software, and networks are always up-to-date—presents a significant challenge. Technology evolves at lightning speeds, and managing it can feel like a constant, resource-draining battle, pulling you away from focusing on your core business.

Is your current IT setup empowering your growth, or is it quietly creating risks that could derail your progress? Many businesses operate with technology that feels "good enough," unaware of the hidden dangers lurking beneath the surface.

There you are, working on the most important project of your career. You’ve worked through the initial problems and are making progress, and then your computer crashes. Panic sets in. You reboot, hoping that will fix the problem. It doesn’t. This is the nightmare scenario that haunts businesses and individuals alike. If you don’t have a solid backup plan, you’re one spilled coffee or rogue virus away from disaster. 

Text messages are great. They’re a quick and effective means for us all to communicate. 

Unfortunately, this does bring some downsides, too… namely, they’re a relatively simple means for a scammer to spread their attacks. Let’s discuss why this is so dangerous and how you can identify and avoid these threats.

Does your technology need an upgrade? Now might be the perfect time to get on it, especially since hardware prices are expected to rise dramatically this year. Let’s take a look at some of the benefits you can expect from working with us when outfitting your business with new technology.

As a provider of information technology services and support, a big part of our job is helping the businesses we work with make the best decisions regarding their critical IT. This responsibility means we often provide an advisory role to business leaders.

In that role, we strongly advise that you make any intended technology purchases and upgrades right now… because if you wait, you may have no good options left.

Artificial intelligence is the latest IT buzzword that everyone seems to focus on and it’s because it is a big deal. Advances in computing have created an environment where developers can create software that effectively learns. Unfortunately, due to the nature of AI regulation; or, the complete lack of it, there are some who are concerned that the technology—which could be a revolutionary tool for the improvement of human societies—is being degraded.

Can you tell the difference between your colleagues and a scammer with access to their email account? This is essentially what a business email compromise attack involves—a scammer initiates a phishing scheme using an internal mode of communication. These scams are also observed in schools, making them dangerous in the education sector.

You might remember the buzz when Josh Allen, a digital artist, won first place at the 2022 Colorado State Fair for his digital artwork called "Théâtre D'opéra Spatial." The catch? He created the image using AI. Now, he’s in a fight with the Copyright Office to prove that his work deserves copyright protection.

Over the past few years, huge scamming operations have operated in Southeast Asia, and now they are spreading. These scams—known as pig butchering scams—cause serious harm, as in an estimated $75 billion worldwide in 2023.

With these sorts of operations spreading, let’s go over what pig butchering is. 

Funerals are never to be taken lightly, which makes it all the worse that there are people out there willing to use these events to scam those in grief. Recently, Facebook has seen many groups that supposedly offer links to streamed funerals in exchange for credit card data, with different events being added more recently.

Sorry for the loaded title. There’s a lot to talk about, even for those of you who don’t use or even know what Telegram is.

We’ll try to sum this up, because we think there is a lot to say about security and the nature of technology in this, and like all things these days, there’s some odd rabble-rousing about this whole series of events. Who’s up for a wild ride?

In the wake of Hurricane Beryl, businesses have another reason to reflect on data backup, disaster recovery, and business continuity. Since the hurricane made landfall in Texas, despite being downgraded to a tropical storm, it still caused over $5 million in damage to islands across middle America.

One of the best things about the move towards streaming in media is that since people love watching real-life stories, studios have committed to creating documentary content that provides interesting perspectives. Many people don’t have a comprehensive understanding of technology, especially as it relates to real-world situations, so dramatized documentaries can be a good source of information. Today, we’re going to go through three riveting technology documentaries that are available on streaming services.

Nowadays, finding a business that does not use technology in its everyday processes would be extremely challenging. That’s just how things are today. This technology also typically sees advances in capabilities and accessibility, particularly for the small and medium-sized business sectors. This year, 2024, seems poised to be no exception.

Artificial intelligence is a hot-button issue in today’s business technology landscape, and for good reason. It’s being implemented in various software tools and platforms with mixed results. There are some concerns over it, particularly in regard to intellectual property, but there are also major issues with it related to “the profound risks to society and humanity,” according to an open letter.

An Open Letter Calls for a Pause on AI Development

With tens of thousands of signatures, the short letter cautioned against the unfettered growth of AI without a greater appreciation of the potential outcomes.

There are many reasons why people are concerned, including present, short-term, and long-term ramifications of the continued development of AI programs.

Misinformation is a Short-Term Issue

Generative AI uses already existing content in its creation, meaning that it can also call upon information that is blatantly false, leading to the perpetuation of it. Considering how many people rely on the Internet for answers to their important questions, well, AI could only make it worse by showing the wrong answers. These falsehoods can even be made more convincing by the use of AI.

Developers could even use AI to spread misinformation intentionally, which is a serious problem that has many concerned.

Job Loss Could Become a Problem, Too

Some technology experts also believe that AI could lead to many employees losing their jobs due to their work becoming obsolete. Knowledge-based careers require more practical skills than AI can replicate, but other roles could be entirely eliminated as a result of advancing AI.

Long-Term AI Could Pose an “Existential Risk” to Humanity

While this might sound like an extreme stance, it’s one that is becoming more popular thanks to the Future of Life Institute, an organization that tries to predict “existential risks to humanity.” AI could disrupt the future if it can learn to write its own code, and the Future of Life Institute outlines how this could be problematic in its open letter.

Likewise, the Center for AI Safety has collected signatures in support of their own brief statement:

"Mitigating the risk of extinction from AI should be a global priority alongside other societal-scale risks such as pandemics and nuclear war."

There are Only Predictions at the Moment, but AI is a Challenge to Address

AI certainly seems to be a controversial technological advancement, but this is usually what happens when new and exciting things are developed. Only time will tell if AI becomes truly problematic for the business world or if it will just become another tool in our toolboxes.

To learn more about other technology and how it can improve your operations, be sure to contact MSPNetworks at (516) 403-9001.

Google’s Project Zero team has discovered 18 zero-day vulnerabilities impacting the Samsung Exynos modems—four of which enable remote code execution. Let’s talk about what this issue does, and what needs to be done to minimize risk.

These Threats are Severe and Need to Be Addressed

Without going too far into the weeds, some of these vulnerabilities—which, in addition to mobile devices, were also identified in wearables and vehicles—can be carried out with the attacker only knowing the target’s phone number and can give the attacker access to the device with no need for the target to provide access. In fact, a vulnerable device could be compromised without the target even being made aware.

Samsung’s list of impacted devices includes:

• Samsung mobile devices, including those in the S22, M33, M13, M12, A71, A53, A33, A21, A13, A12 and A04 series
• Vivo mobile devices, including those in the S16, S15, S6, X70, X60 and X30 series
• Google’s Pixel 6 and Pixel 7 series

Plus, any wearables that use the Exynos W920 chipset and vehicles with the Exynos Auto T5123 chipset are also impacted. It is also important to note that this is by no means an exhaustive list.

Patches Aren’t All Available as Of Yet, But There is a Fix

Because this issue impacts devices from so many vendors and manufacturers, patches aren’t necessarily available for everything that is going to be impacted. However, you should disable Wi-Fi calling and Voice-over-LTE to prevent the threat, and update your devices when patches are released.

For most of the common smartphones, like the recent Google Pixel phones and Samsung Galaxy phones, these updates were pushed out in the March security patch. If you own these devices, you need to make sure you apply these updates because not doing so will leave your device extremely vulnerable to attack.

We’re Here to Help You Manage the Complicated IT Businesses Require

Reach out to us for any assistance needed with implementing these fixes, or any of the rest of your IT. Call us at (516) 403-9001 today for help.

At the beginning of September, it was revealed that a relatively simple issue existed in nearly 2,000 mobile applications that potentially exposed some (read: a lot of) sensitive data. Let’s take a brief, basic look at the situation to see if there are any lessons that can apply to your business.

Trust us, there will be.

In Essence, the Issue is One of Access Permissions

Let’s go over how these apps generally work.

Naturally, the apps that you use on your phone aren’t fully hosted on your device. Instead, they are commonly hosted in cloud services. In theory, the application you install effectively just contains hardcoded access credentials that allow you to access the data or the service that application provides.

Notice that we said, in theory. Research conducted by Broadcom’s Symantec Threat Hunter team revealed that these purportedly single-purpose logins were able to access all of the files that a cloud service contained—including company data, backups of databases, and system controls.

Worse, if multiple apps included the same publicly available software development kits (SDKs) or were created by a single company, these login credentials could potentially grant access to numerous applications, exposing the infrastructure and user data of each.

So, let’s say that an attacker happened to obtain these access tokens. With the situation being the way it is, that would give the attacker access to all of the applications—and more critically, the user data these applications contain—that the access tokens granted access to.

Between the Android and iOS platforms, researchers found almost 2,000 applications that had their credentials hard-coded to Amazon Web Services—three-quarters of those granting access to private cloud services (and half of those granting access to private files), with about half containing access tokens found in completely unrelated applications.

So, What Does This Have to Do With Your Business?

Let me ask you something: who in your business could potentially access your payroll information, your employees’ private information, or all the financial data you’ve collected from your clientele and workforce alike?

This idea that certain information is accessible by those who shouldn’t have access to it is the crux of the issue. You need to ensure that your data and files are only accessible to those who need them for their work responsibilities. This is known as the principle of least privilege—basically, all access and information are distributed on a need-to-know basis, based on the responsibilities of the individual users.

In short, much like these applications should have been doing, you need to ensure that access to this data is locked down. We can help.

Give us a call at (516) 403-9001 to learn more about how we can help you.