Blog
Francis Pledger

Francis Pledger

Francis Pledger has not set their biography yet

Many software vendors now allow you to use their software for a monthly subscription, rather than having to pay for it up front. So, is this a better way to buy software or should we still pay the upfront fee and own it forever, or as least as long as it’s useful?

Hits: 823

Posted by on in Members

Watch out for CEO spam

Because we are in contact with a lot businesses and speak to companies about their IT security on a daily basis, we are able to pick up on new trends quickly.

One threat we are seeing more of is so-called CEO Spam, a sophisticated fraud that has resulted in firms losing hundreds of thousands, even millions, of pounds.

Also known as CEO fraud, Whaling, Spear Phishing or BEC (Business Email Compromise), the fraud takes the form of an accounts person receiving an email purporting to come from the MD or CEO asking them to make a payment to a certain account and telling them it is urgent.

The email will look genuine, and may even use all the relevant email signatures. It will certainly come from the right email address.

The European Police Office, Europol, is aware of this growing danger and recently gave details of the characteristics of this type of attack in its 2016 Internet Organised Crime Threat Assessment (see page 32).

The reports says in many cases prior to any attack the criminals have carried out a lot of research, mapping the organisations’ structure and behaviour of potential victims. Letters, emails or phone calls may also come from outside the company, when a payment request is sent by someone purporting to be a trusted business partner or a lawyer.

It says a fraudulent request is usually time-sensitive and often coincides with the close of business hours to make verification of the request difficult.

Recent cases include a Suffolk business paying more than £1million to a fraudulent caller and global fibre optics firm, Leoni, losing €40 million.

Earlier this year, the BBC reported that French businesses have lost an estimated €465m since 2010, with a reported 15,000 firms falling victim to similar scams, including big names, such as Michelin, KPMG and Nestle. In the US, the FBI estimates these scams have cost organisations more than $2.3 billion in losses in recent years.

Our advice to companies is to make sure all employees, not just financial staff, are aware of these threats and that they know the dangers signs. Businesses should also develop standard procedures for paying money, such as only paying against an invoice, or other signed document. In addition, companies are advised to research what information is publicly available about their business and whether it needs to be public.

In the words of Norfolk and Suffolk Police Cyber Security Advisor, “prepare for ‘when’ an attack happens not if”.

Hits: 1108

We have seen a recent increase in the number of emails that carry ransomware, which is malicious software that encrypts your data, only unlocking it in exchange for payment or ransom. This can be potentially ruinous for a business, especially as often the only solution is to simply “pay up”.

One particularly unpleasant version known as MSIL/Samas is currently in the news, as the FBI itself has asked US businesses to help with it’s investigations into the threat.  What makes MSIL/Samas particularly devastating is that it aims to encrypt entire networks rather than one computer at a time, and it will also search for backup files and delete them.

So we thought it worth providing some simple, good practice advice on how to stay safe from the threat of ransomware:

 

Be email savvy

Ransomware infections are often contained within a zip file attached to an email, or embedded within a Microsoft Word document (disguised as an invoice for example). Be very vigilant when receiving emails with attachments and if in any doubt whatsoever, DO NOT OPEN IT. Do not assume that they are safe just because they appear to come from some one you know – this is easy for hackers to simulate. You can always call the sender to check if an email is genuine.

 

Make it policy

Remember, a chain is only a strong as it’s weakest link, so ensure that EVERYONE in your organisation is aware of best practice and treats emails with caution.

 

Avoid Microsoft Office attachments

Encourage people to send you attachments as PDFs rather than Office documents (we would suggest that this is good practice anyway). Many businesses now block all emails with Office attachments; drastic perhaps but it provides a key extra layer of protection from potential viruses.

 

Disable Macros

Ensure that you have disabled Macros in Microsoft Office. You will find this under File, options, Trust Centre, Trust Centre Settings. The option disable all macros with notification should be ticked.  If the attached document asks you enable Macros it’s almost certainly contains a virus so NEVER enable Macros unless you are 100% certain.

 

Antivirus Software

Ensure you have good quality antivirus software that will scan incoming emails for viruses, monitor files as they are opened and perform periodic scans of your system, including USB connected devices. Thousands of new viruses are detected every year, so it is vital to keep it up to date to ensure protection against the latest virus threats.

 

Stay up to date

Keep ALL of your software up to date, not just your antivirus. The people who create viruses are very clever and will often specifically tailor an attack to software that is not up to date, because by reverse engineering the update they can identify and exploit the very issues the update seeks to address.

 

Keep back ups

Keep a regular full system back up that is stored off site and isolated from your network. Many ransomware variants will try to encrypt data on connected network shares and removable drives, and if you use a synchronised backup system such as Dropbox or OneDrive, ransomware viruses are capable of encrypting these as well. Ideally these backup will be “serialised”, with older versions of files available in case newer versions have been corrupted or encrypted.

 

Review your disaster recovery procedures

As data usage becomes ever more critical to a business, you should have tried and tested disaster recovery procedures in place that enable your business to get back up and running following a disastrous event such as virus attack, fire, flood or theft.

Hits: 1197
0

Posted by on in Members

The number of public Wi-Fi hotspots has grown massively in recent years. One report suggests the UK has one for every 11 people while worldwide there is one for every 150 people. It estimates there will be nearly 47 million public hotspots across the globe by the end of 2014.

While this coverage is a boon for an increasing number of users with smartphones, especially those in urban areas, this new age of open access has brought with it a number of security issues.

The biggest safety concern is that the data being transmitted over these public hotspots normally isn’t encrypted. This means that if someone is monitoring a particular hotspot they will be able to see everything an individual is typing, including valuable information such as usernames, passwords and bank account details.

And while using a reputable Wi-Fi provider, such as BT or O2, shouldn’t cause a problem, users have no guarantees of security.

Another current security concern about the plethora of free Wi-Fi access and public access points is that very little work has taken place to verify the identity of the organisations behind the access points. The reason this is important is because public hotspots are easy to mimic and a growing number of the trusting public are quick to use them. Casual passers-by are now used to finding free and open Wi-Fi and so are more likely to discover they have become the potential victim of criminals and those wishing to capture their information.

If criminals want to set up a scam it is straightforward to install an open wireless connection outside a café or other public space and give it a convincing name. All they then need is some software to monitor traffic and log everything that happens over that connection.

One recent experiment by IT security firm F-Secure saw the company set up a monitored public Wi-Fi hotspot in a busy London location for half an hour. In that time 33 users had connected to the service and 32MB of traffic had been collected including sensitive information from e-mails.

The answer to improving this growing problem is that a joined up approach from all stakeholders is required – device manufacturers need to make phones that are more secure while telecoms providers need to be more upfront about

what data is being taken from a customer‘s device in return for a Wi-Fi service over and above the terms and conditions.

Individual users can protect themselves in a number of ways – by adopting a Virtual Private Network (VPN), turning off the Wi-Fi on handheld devices when on the move and only using trusted Wi-Fi access points secured with a password.

Hits: 1824

I can't believe we began warning about this in April 2012 and now here we are romping towards April 2014 already!! In just three month's time, if you are still using any of the above products your system is seriously at risk.

Why? Because Windows XP will no longer be a supported product. Which means no support and more importantly no security patches or bug fixes. The really critical part here is no security patches which means that if someone discovers a way of hacking into your system, it will not be fixed so your system will always be at risk from further attacks. There is a bit of a silver lining from Microsoft here in that they will be providing anti-malware support until July 2015 but don't be fooled into thinking that's you in the clear as without the vital security patches your system can still be hacked.

Hits: 1789