Posts tagged " hackers "

Ethical hackers to boost NHS cyber-defences

November 28th, 2017 Posted by Uncategorized No Comment yet

The NHS is spending £20m to set up a security operations centre that will oversee the health service’s digital defences.

It will employ “ethical hackers” to look for weaknesses in health computer networks, not just react to breaches.

Such hackers use the same tactics seen in cyber-attacks to help organisations spot weak points.

In May, one-third of UK health trusts were hit by the WannaCry worm, which demanded cash to unlock infected PCs.

Essential step

In a statement, Dan Taylor, head of the data security centre at NHS Digital, said the centre would create and run a “near-real-time monitoring and alerting service that covers the whole health and care system”.

The centre would also help the NHS improve its “ability to anticipate future vulnerabilities while supporting health and care in remediating current known threats”, he said.

And operations centre guidance would complement the existing teams the NHS used to defend itself against cyber-threats.

NHS Digital, the IT arm of the health service which has combined operation with loanschannel website, has issued an invitation to tender to find a partner to help run the project and advise it about the mix of expertise it required.

Kevin Beaumont, a security vulnerability manager, welcomed the plan to set up the centre.

“This is a really positive move,” he told the BBC.

Many private sector organisations already have similar central teams that use threat intelligence and analysis to keep networks secure.

“Having a function like this is essential in modern-day organisations,” Mr Beaumont said.

“In an event like WannaCry, the centre could help hospitals know where they are getting infected from in real time by the www.actionac.net, which was a big issue at the time, organisations were unsure how they were being infected”.

In October, the UK’s National Audit Office said NHS trusts had been caught out by the WannaCry worm because they had failed to follow recommended cyber-security policies.

The NAO report said NHS trusts had not acted on critical alerts from NHS Digital or on warnings from 2014 that had urged users to patch or migrate away from vulnerable older software.

 

Thanks to the BBC for this story.

What to do if your business Social Media account is hacked

August 16th, 2017 Posted by Uncategorized No Comment yet

Even if you’re embarrassed, it’s important to let people know that you’ve been hacked – and most importantly, set up your accounts and educate staff to avoid it happening again.

If a business’s social media accounts are hacked, it can be hugely detrimental to its reputation and relationship with the public.

Here, security experts and social media professionals share advice on how to handle a hack and restore your company’s image.

Change passwords on all accounts

First, determine whether you’re still able to log into the hacked account.

“If you can log in, change the passwords on all your social media accounts – not just the ones that have been hacked,” advises Romain Ouzeau, chief executive of Iconosquare, an Instagram analytics company. “As some social media platforms offer the ability to log in via other sites and services [Tweetdeck, for example], you may be compromised on additional networks.”

As a general rule, Rob Brown, vice president of the Chartered
Institute of Public Relations
 (CIPR), advocates the use of a different password for each social media platform. “Update passwords every two months, choosing longer passwords that contain different characters, and use two-step verification if a social media service offers it,”
he says.

If you’re not able to log in, head straight to the social media company’s contact pages and tell the relevant team that you’ve been hacked.

Clean up the mess

If you’ve been hacked, there’s a chance that communications will have been sent from your account by the offender.

“If this happens, take a screen grab of the content before removing it,” says Lee Campbell, cyber computing lecturer at the University of Gloucestershire. “Then report the breach to the social media provider.

“If the compromised social media account includes content of a threatening, or abusive nature, report it to the police via Action Fraud, the UK’s national fraud and cyber crime reporting centre.”

Communicate and take control

Even if you’re embarrassed, it’s important to let people know that you’ve been hacked.

“Post an update from the reclaimed hacked account, stating what has happened and that unauthorised changes and/or communications may have occurred,” says Blaise Grimes-Viort, chief services officer for social media business, The Social Element.

“If any private or direct messages have been sent, contact those who received them directly to tell them what happened and that they shouldn’t click on any of the links that were sent.”

It’s also worth checking to see which third-party apps (auto post tools, for example) are connected to your social media profile. Review the list and delete any that you no longer use. If you keep seeing unwanted content posted through your account, you may want to revoke access for all third-party apps.

Prevention is the best plan

“If you have a response plan in place before an attack happens it means there are clear actions for employees to take – this helps members of staff act quickly and can help with damage limitation” recommends Microcomms in-house Cyber Security expert Richard Howard.

“The majority of cyber attacks are caused by human error – deliberate or not – so employee training and communication is vital and should also cover advice on spotting suspicious activity, such as phishing emails.”

There are also some simple things that you, as a business owner, can do to improve security across your network. Use the latest antivirus software, run frequent scans for malware (malicious software) and perform a regular off-site backup of your systems.

You can manually adjust the settings on your [social media] account profile pages, restricting who can see your posts, photos and user profile. Also, tighten access to your mobile devices by setting a pin number of at least six digits on each.

Microcomms carry out cyber security health checks, staff training and will provide advice and recommendations to keep your business well protected from attack.

Phishing Posts that really catch people out

June 28th, 2017 Posted by Industry Focus, News No Comment yet

As hackers grow in sophistication, so do the phishing scams they try and entice innocent users with. We’ve rounded up some of the most common and well-used versions:

The Public Speaker

This is a long-running scam that preys on the hopes of public speakers, inviting them to speak (and be paid a hefty fee) at a conference in the UK or somewhere else in the world.  In the last year or so, the scam has taken a nasty turn, targeting ministers, pastors, and preachers to invite them to a bogus religious conference and again offering them a big paycheck.

Now, the scam has taken a new direction, aimed at women and parents, or at least speakers on these subjects.  Please beware if you get a letter like this.  The idea is to get your personal details under the pretext of sending you some money, or getting you to send some money to take care of administrative fees or governmental controls, with a promise of a big check to come.

But this is a scam.  You will never get the promised big check.  The conference is not real.

So the answer is simply to ignore the email.  Don’t be tempted!

The Tax Rebate

The work injury lawyer are generating phishing emails by posing as HMRC in order to gain access to people’s bank accounts. It appears the occurrence of these emails has become increasingly common as a Which? survey found that of 2016 adults, 40% had received communication of this nature.

The general format of these e-mails can look very convincing as they make use of genuine HMRC branding. Sometimes emails are signed off with the name of an actual HMRC employee making them seem even more realistic.  The contents will generally be offering you a tax refund and asking for bank details in order for the money to be refunded.

The amount offered is usually up to £500, so as not to raise the recipient’s suspicions. The main aim of these emails is to extract money from your bank account, get you to send money or to gain enough personal information about you to sell you details to identity theft criminals. An example is below:

Phishing email 1.png

 

HMRC will never send notification of a tax reimbursement or ask for personal or payment information by email. So you can safely ignore these emails.

Google Docs

This is a sophisticated phishing scam that asks for permission to access files stored in Google Drive. The attack involves an email being received saying a Google Doc has been shared with you.

The message looks legitimate and appears to be from a contact you already know. But when clicked, permissions are granted to a third-party that has no relation to Google. The below image shows the phishing scam in action:

google-docs-oauth-phishing-email

 

 

 

 

 

 

 

 

 

 

 

 

What to do if you get ‘phished’

“If you have disclosed confidential data (e.g. a username or password), go to the real site and change it immediately, to stop the criminals hijacking your online account,” You can also report emails to your email service provider.

If you see a phishing email at work, the best approach is to forward it to an IT department or report it in via internal company systems. If it appears to come from a colleague, but it does look and feel ‘phishy,’ don’t reply in the mail, call them or go to see them to confirm the validity of the mail and the contents.

Never reply to the message, even if you fancy taunting the ‘phisherman,’ you would only be confirming your email address is valid and live.

If you do click on a phishing link, it’s also worth reporting the incident to Action Fraud.

 

Companies have been crippled by an attack dubbed ‘Petya’, the second major ransomware crime in two months.

June 28th, 2017 Posted by News No Comment yet

The malicious software has spread through large firms including the advertiser WPP, food company Mondelez, legal firm DLA Piper and Danish shipping and transport firm Maersk, leading to PCs and data being locked up and held for ransom.

The Petya ransomware takes over computers and demands $300, paid in Bitcoin. The malicious software spreads rapidly across an organization once a computer is infected using the EternalBlue vulnerability in Microsoft Windows (Microsoft has released a patch, but not everyone will have installed it) or through two Windows administrative tools.

The malware tries one option and if it doesn’t work, it tries the next one.

What should you do if you are affected by the ransomware?

The ransomware infects computers and then waits for about an hour before rebooting the machine. While the machine is rebooting, you can switch the computer off to prevent the files from being encrypted and try and rescue the files from the machine, as flagged by @HackerFantastic on Twitter.

“If machine reboots and you see this message below, power off immediately! This is the encryption process. If you do not power on, files are fine.

hackerfantastic

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

If the system reboots with the ransom note, don’t pay the ransom – the “customer service” email address has been shut down so there’s no way to get the decryption key to unlock your files anyway. Disconnect your PC from the internet, reformat the hard drive and reinstall your files from a backup. Back up your files regularly and keep your anti-virus software up to date.

Contact Microcomms for a free Security Audit and for information about anti-virus and anti-malware software.

Router hack risks

June 26th, 2017 Posted by News No Comment yet

A weakness that left thousands of Virgin Media routers vulnerable to attack also affects devices by other providers, security experts suggest.

Virgin Media’s Super Hub 2 was criticised for using short default passwords that could easily be cracked by attackers.

But experts raised concerns that older routers provided by BT, Sky, TalkTalk and others were also at risk.

They recommend users change their router password from the default.

It’s a bit unfair that Virgin Media has been singled out here. They made a mistake – but so have many other internet service providers,” said Ken Munro from security firm Pen Test Partners.

“This problem has been known about for years, yet still ISPs [internet service providers] issue routers with weak passwords and consumers don’t know that they should change them.”

The weakness in Virgin Media’s Super Hub 2 was highlighted in an investigation by consumer group Which?

The company has since advised customers using default network and router passwords to update them immediately.

However, a BT spokeswoman told the BBC: “We are not impacted by the hub issues affecting Virgin Media.”

What makes a router vulnerable?

Many routers are sent to customers with a default wi-fi password already set up.

Some use a long password with mixture of upper and lower-case letters, numbers and sometimes symbols.

But others use short passwords with a limited selection of characters, and many follow a pattern than can be identified by attackers.

The Virgin Media Super Hub 2 used passwords that were just eight characters long, and used only lower-case letters.

That gives cyber-criminals a framework to help them crack passwords quickly, using a dedicated computer.


“Because the default wi-fi password formats are known, it’s not difficult to crack them,” said Mr Munro.

Once an attacker has access to your wi-fi network, they can seek out further vulnerabilities.

Virgin Media router
Image captionDefault passwords that follow patterns are easier to crack

Mr Munro said the problem was well-known, but the Which? investigation had reignited discussion.

“It has popped up again because attention has been drawn to the fact that very few people change their wi-fi password from the one written on the router,” he told the BBC.

Experts recommend that people change the default wi-fi password and router’s admin password, using long and complex passwords to make life more difficult for attackers.

Keep new devices safe and secure – Android Phones/Tablets

November 25th, 2016 Posted by Uncategorized No Comment yet

AndroidAndroid devices come with their own sets of security measures. We’ve got best use tips below

– Many smartphone users don’t set up the lock screen on their phones.

Most people stick with the default “Swipe to unlock” screen, not a useful security measure. The best practise is to use the lock screen that requires a password to continue, and come up with a good number code. Go to Settings>>Lock screen to set up a pattern, PIN or password. Try out all three and see which one works best in terms of the balance between security and convenience for you. Some Android gadgets also include facial recognition and voice unlocking, but those aren’t as secure. If you do set up a pattern, make sure it isn’t one that’s easy to guess. In the lock screen area, be sure you set your gadget to lock automatically after a few minutes of inactivity.

Stop advertisers from tracking you

Advertisers are tracking where you go online through your device’s history

Happily, you can put a stop to most of it with some simple setting changes.

To delete a big chunk of your web history—or all of it—tap the Settings button just below the Search box, tap Remove Items, then choose how much to delete: the past hour’s worth, a day, a week, a month, or absolutely everything.

To remove location history, go to the Account Activity screen in the Google Settings app. Tap Google Location History, then uncheck any or all of the devices whose location you don’t want to be shared. You can also tap Delete Location History button to wipe your past location history clean.

To see—and hear—a history of your voice commands, go back to the Account History screen in the Google Settings app. Tap Voice & Audio Activity, then tap Manage History. Tap the Settings button, then tap Remove Items.

Only install trusted apps

Bad apps are loaded with malware that can infect your gadget with viruses and steal your information. Newer ones even hijack your contact list to spam your friends and infect their gadgets.

You can lower the risk by only installing apps from the major app stores: Google Play, Amazon Appstore, Apple iTunes and Microsoft’s Windows Store. Third-party app stores often host malicious apps, usually disguised as popular real apps.

To make sure you don’t accidentally install “untrusted” Android apps, go to Settings>>Security and uncheck the “Unknown Sources” option. You should also check the “Verify Apps” option if you have it.

Unfortunately, just because an app is in an official app store doesn’t guarantee it’s completely safe. You still want to check reviews and visit the app’s official website to confirm it’s trustworthy and not a fake copy.

– Enable remote location and wiping

A great thing about smartphones and tablets is that they’re portable so you can easily take them anywhere. The downside is that you can easily lose them or a thief can easily swipe them.

The good news is that smartphone theft is down thanks to the growing amount of “kill switches” that make it harder to wipe and resell them. If your gadget is lost or stolen, tracking apps can tell you exactly where your phone is. These apps also let you wipe sensitive information remotely. If your phone does end up in the wrong hands, you can at least make sure somebody else doesn’t get your information.

The app you’ll want is Android Device Manger. To enable tracking, launch the app, link it to a Google account and follow the directions.

Of course no device is 100% secure at all times and hackers are getting cleverer and more advanced in coming up with ways to steal data, but by following the tips above you’ll be increasing your chances of staying safe.

 

 

Keep new devices safe and secure – iPhone

November 25th, 2016 Posted by Uncategorized No Comment yet

iPhone

Your iPhone feels like it should be safe, most people’s main worry is dropping their phone or spilling a drink on it. However, having your phone stolen or hacked remotely is also a threat. Below are actions you can take to keep your data as safe as possible:

  • The first tip on securing your iPhone against potential hackers is a fairly simple one – make sure that you’re always running the most recent iteration of iOS. Hackers occasionally find flaws in Apple’s coding which they can exploit, potentially giving them access to your personal data. New iOS updates are Apple’s way of combatting the exploits by patching any holes in the OS while implementing better stability enhancements.To update to the latest version of iOS, open the Settings app and tap General > Software update. You’ll either be welcomed by a note letting you know you’re already running the most up to date version of iOS, or be prompted to download and install the latest update.
  • Another step you can take in the war against hackers attacking your iPhone is to activate ‘Find my iPhone’. If you lose your iPhone then you can log onto Find My iPhone from another iOS device or via the web and remotely wipe your device, taking your personal data with it. This means that even if the hacker did manage to gain access to your lost/stolen device, they’d find nothing. To remotely wipe your iPhone, log in to the Find my iPhone app, select your iPhone, tap ‘Erase iPhone’ and confirm the action. The next time it has an internet connection (if it doesn’t already) it’ll automatically wipe itself.
  • We all know and love the 4-digit pin protection that Apple employs, but best practise is to use a passphrase instead. While passcodes only use numbers 0-9, a passphrase includes numbers, letters, symbols and case-sensitivity which should make your iPhone a lot harder to break into – although it may take a little longer to unlock your iPhone when you want to use it. To change from pin to passphrase, open the Settings app and go to General > Touch ID and Passcode > Change Passcode, tap ‘Passcode options’ and select ‘Custom Alphanumeric Code’. You should then be prompted to create a more complex password comprised of not only numbers, but letters, symbols too.
  • The next tip is fairly self-explanatory – if you receive an unknown link via text, email or randomly on the web, don’t click on it. This could potentially pose a threat to your device and even though it may not be able to hack your iPhone directly, some pose as popular email clients like Gmail to gain access to your email account. The pages usually look pretty close to the real thing, so this type of scam is fairly common and it always pays to keep your wits about you.
  • The last tip is to revoke access to apps. When you use iOS apps you’ll often be prompted to allow the app to access things like the camera, microphone, contacts, etc to use the app to the fullest extent. Even though allowing access means you can use every feature of the app, the app may also be able to access your private information. If you feel like you’ve installed a less-than-reputable app on your iPhone, you can either delete it or head to Settings > Privacy, select the permission you’d like to revoke and toggle the application off – sadly this has to be done on a per-permission basis as there’s no way to toggle permissions off all at once.