Start
Otevřít panel

Search (en)

   

 

  Ensuring the operation of a computer network

We will take care of the users and hardware of your computer network under pre-agreed conditions


 Helpdesk and support

 
We provide basic user support, which is based on the needs of daily operation of the company's ICT infrastructure

 Consultation for development of IT infrastructure

Consulting services related to strategic planning and development plans in the field of information and communication infrastructure


  Service and prophylaxis

We also perform routine repairs of corporate hardware directly related to the operation of the company's ICT infrastructure


  Instalation of hardware and software

 
We introduce new devices into the existing environment and install various types of software applications

 Servers and active items of PC networks

We supply more complex computer systems, especially physical servers and active elements of computer networks and selected application solutions


 Consuling support to comercial IT departments

We provide consulting support to IT staff in solving problems associated with the operation of corporate computer networks and IT infrastructure


 Educate Me! Traininng and courses of computer literacy 

We increase computer literacy and qualification of employees of private companies and organizations

Diestra® - the IT & computer security company

 

The computer security company 

 

We are a company providing consulting, implementation, service, sales and technical support of ICT infrastructure in companies and organizations. "Diestra" - in Spanish right hand. Diestra comprende, or if you will, Diestra understands and gives its customers the right hand in solving computer problems and the functioning of corporate networks. Shake your right with IT specialists and salespeople from a stable company operating in their field since 2007. Our goal is to ensure the proper and secure operation of your corporate IT. You will have both hands free to develop and manage your company.

 

 

 

 

Diestra® Wikipedia

Whalers or Spearphising or an upgraded version of ordinary Phising

(Spear phishing - harpoon hunting)

Sophisticated attacks on computers, company data, but also the health of employees, especially from the company's ICT department. How not to shake your head over spilled milk.

According to our ethical penetration experiments in companies of various sizes and orientations, phishing methods can be used effectively, on the scale of attack effectiveness with a scale from 1-10 (10 most risky), in terms of risk of a successful proven attack and obtaining information, say 7. A fairly decent awareness of this problem for the general lay IT public, as well as ordinary corporate users in the most remote offices, which will easily announce this method and the number 5. At the same time we actually express that the success of the attack "old-fashioned" is currently about fifty to fifty . But be careful. If you use "deception" of access data through attachments or hyperlink aspects in fake emails, the attacker tunes the responsible preparation for knowledge of the environment and internal processes of the target of the future attack, we are suddenly at 8,9,10… or more. It is already a Spearphising attack (or Spear Phishing - hunting on the edge of a spear or simply a harpoon)

In the case of Spearphising, it is a combination of classical phishing and old well-known social engineering, as its world was introduced (and realized) in the distant past and was described in a few years by Kevin Mitnick in his book The Art of Deception. He realized himself very sophisticatedly with telephone companies and later with banking houses, and with the help of his discovered and undisguised talents he discovered how easy it is to obtain information from unsuspecting employees of these companies. Then they couldn't do almost unbelievable things with them, incomprehensibly simply. But back to Spear Phising. It is with email in the perfect Czech language, with a small, easily overlooked "modification" of the sender's domain in a single letter (for example, instead of l), with email preferably with the signature of one of the influential bosses, it is becoming relatively more interesting. If the attacker decorates this email optimally with the boss's iconic photo in the signature of "his" email, then the chances of success for the enemy increase again. In addition, if the text in the e-mail is sufficiently urgent and requires the reaction of the user "ASAP", which term this boss very often, as an experienced megamanager uses J even more experienced, is only a small step to a major fire problem. The user clicks on the attachment, confirms that he really wants to open it and he must not avoid the inconvenience associated with disobeying the order in due time :-) And that's it.

All it takes is the user, his boss and the boss of his boss together with the management or directly with the business owner… and especially in the past before the heart attack of the company's IT department already shakes his head in disbelief, usually late. The heads are even more concerned about whether to pay the ransom or try to recover from the deposit. Whether to start a contract with an attacker for the best price for the decryption key, or spend, at best, weeks, or worse, unnecessarily, trying to collect (understand find where to take) data after all possible and impossible backups and step by step to resume operation companies with "thank God" perhaps most of the original data and databases.

What with this? How to reduce the risk of a successful attack in our company? How to reduce to a minimum the possibility that this problem will concern us? It simply doesn't work. Unfortunately.

Still, let's not lose hope. There are definitely methods, ways, technologies from which a very effective defense strategy can be mixed. It is clear that it is mainly, but not only, software and hardware technologies, their regular and consistent management, monitoring, ongoing evaluation of security incidents, but also, not least, user education, their motivation to behave on the Internet and regular security education.

All these segments of the company's developing security strategy, which are appropriately selected and "tailor-made", cannot do wonders. Thanks to this, neither the user, nor his boss and the boss of his boss, nor the owner of the company, and especially the well-functioning fire brigade IT separate, just nowhere else has to shake his head in disbelief.

Diestra® consulting CZ, s. r. o.
Drážďanská 42; 400 07 Ústí nad Labem
phone: +420 475 207 634
e-mail: This email address is being protected from spambots. You need JavaScript enabled to view it.
ID org: 27336930 | TAX ID: CZ27336930
top