National Cyber Security Month

October is National Cyber Month.
What is National Cyber Security Month?

National Cyber Security Week

Threats of Cyber Crime from Cyber Criminals continue to increase and we all need to be increasingly alert and focussed on the threats, the impact they could have on our lives AND the things we can do to minimise the risk to ourselves and our businesses.

National Cyber Security Month 2021 has the overarching theme “Do your part. #BeCyberSmart” and looks to empower individuals and businesses to own their role in protecting their part of cyberspace.

If we all do our part then we will all benefit from a safer place to live and be in a safer place to do business. Not only that but we’ll also be denying the cybercriminals the space they need to extort, employ fraud and generate the money they lust after.

USer name and password box

How can we contribute?

We can all look to implement stronger/better security practices such as not clicking links in emails, not opening emails from people we don’t know or even opening emails we weren’t expecting. We can install security software on our phones, our tablets and our computers. We can use stronger passwords, and make sure we use unique passwords for EVERY application.

Each week, National Cyber Security Month will have a different focus, starting with Week 1 – Be Cyber Smart

Week 1, Starting October 4 – Be Cyber Smart

Hacker, tilting his hat

Our lives are increasingly intertwined with the internet and the World Wide Web. Pretty much all personal and business information is stored on internet connected platforms, from banking to social media, from email to SMS, from phone and video calling to watching TV and listening to music and beyond. The internet simplifies some areas of our lives and makes it more complex in others but the one, overarching common factor, is the need for a strong level of security to keep our data safe.

That’s why Week 1 of National Cyber Security Week focuses on the best security practices and “cyber hygiene” to keep our data safe, owning our role in Cyber Security and starting with the basics. That includes using unique, strong, passwords and making sure that we use multi-factor authentication (2FA) where it’s available, preferably avoiding SMS (text Message) authentication where possible.

Week 2, Starting October 11 – Fight the Phish – Trust No One

Phishing attacks, where emails and text messages are sent containing web links encouraging you to click the link, visit a website set up by cyber criminals and enter your user names and passwords are still on the increase. Why are they on the increase? Because they work. People see an email that purports to come from their bank, HMRC, DVLA, Post Office, BT etc. and are given a warning claiming that the recipient needs to do something NOW or they will be locked out of their account, will be arrested, won’t have an order delivered …. or one of many other ruses. You click the link and either have malicious software sent to your computer without your knowledge and approval or give away user names and passwords to cyber criminals, enabling them to access your personal accounts and to steal from you.

The X-Files mantra of “Trust No one” applies here. Any email that contains a request for such information should always be approached with caution and, if you have even a small inkling of concern, then simply open your web browser and visit the website of the sender to check out the veracity of the email.

Week 3, Starting October 18 – Explore, Experience, Share

Week three focuses on the National Initiative for Cyber Security Education (NICE), inspiring and promoting the exploration of careers in the cybersecurity sector. Whether you are a student or a veteran or seeking a career change, this week is all about the exciting, ever changing, field of cyber security, a rapidly growing business sector with something for everyone

Week 4, Starting October 25 – Cybersecurity First

The last week of National Cybersecurity Month looks at making security a priority. Actually taking a Cyber Security First approach to designing and building new products, developing new software, creating new Apps.

Make Cyber Security Training a key part of onboarding when taking on new employees (and, at the other end, making sure that technology rights are revoked when people leave organisations).

Ensure that your employees are equipped with the cyber secure tools that they need for their jobs. If you practice a BYOD (Bring Your Own Device) policy, allowing employees to use their own phones, tablets and computers then you need to ensure that the cyber security deployed is as strong as that on equipment that you provide.

Before buying new kit, or signing up to a new service, do your research, check the security. Is it secure enough? Can it be made more secure? Can it be remotely wiped? Who has control? All of these questions, properly answered, will ramp up your cyber security defences and help keep the cyber crims at bay

When you set up new equipment, that new phone, tablet or laptop, I know it’s exciting but please invoke the Cyber Security first, don’t leave it until last – it might be too late. Make sure default passwords are replaced with something secure and lock down those privacy settings.

Cyber Security MUST NOT be an afterthought. If it is, you could find yourself paying the price

And if you need some help, you can always ask me. I might not know the answer but I know people in the Cyber Security industry that I can put you in touch with. Email andy@enterprise-oms.co.uk, phone/message me 07966 547146, call 01793 238020 or message me on Social Media and we’ll get it sorted.

The Google “Red screen of Doom”

I had a telephone call from a former client a month or so ago. He was in a bit of a panic because we was suffering from the Google “red screen of doom”. Having been in IT for a while, I’ve been familiar with Microsoft’s “blue screen of death” but this was something that was new to me, or so I thought and so I asked for more information.

He asked me to do a search for his company on Google – which I did – and his company came top of the search results, which was good. What was less good – much less good – was the stark warning, inserted by Google, that “This site may harm your computer”

Caution, This site may harm your computer

Aha, Google was warning that the website had been hacked and was now serving malware to visitors.

I switched to my Chromebook – which is impervious to all known computer malware – and clicked through to the website – only to be blocked by the “Google red screen of doom”

The Google "Red Screen of Doom"

Although there was nothing to buy on my client’s site, it did host a range of technical papers and specification sheets that were vital for his clients and this attack was already having an impact on his business. Action was desperately needed.

The site was originally built 7 years ago and nothing much had changed, including the access data required to log-in to the host. So, I logged in and saw that a number of .js files had newer dates on them than the rest of the content, confirming that the site had been hacked and a small number of files altered so that they could be used to force malware downloads on to the computers of unsuspecting visitors.

The next step was to delete all of the website files, just to be on the safe side, and create a new, simple, home page with contact details and links to the most popular PDFs so that clients would be able to access the information they required.

Next was to see what Google had found by logging in to the Google Webmaster Toolkit account for the website- www.google.com/webmaster.

There were a number of warnings relating to suspicious activity on the site that had gone unread, simply because my client had changed email addresses, was unable to access the original email account and had not updated his Webmaster Tools account with the new address.

Webmaster Tools advised of the type of threat that had been set up on the site and provided other, valuable, information along with a reporting tool that enabled me to advise Google of the actions taken to remove the threat.

Clicking “Send” was quickly followed by a confirmation message from Google that they would look at my message within 18 hours – a time frame that I thought was commendably fast. They were as good as their word and within 18 hours had checked the website to make sure it was clean and had removed all warnings and red screens of doom – my client was back up and running.

However, we didn’t leave it there. The original site was old, used old code and the web hosts weren’t the most responsive – telephone calls to their support line either went unanswered or, when answered, were as much use as the proverbial chocolate teapot and so the decision was made to move the hosting to a more secure provider and to work on a plan to develop a new website.

The moral of this tale is simple. Make sure that you use the Google Webmaster Toolkit!

It’s the only way to let Google know what you’ve done should your site fall victim to an attack, keep your Toolkit account up to date and only use a web host that you know provides good security and a decent level of support.

And please don’t think that you’re immune – small businesses are the most targeted, the presumption being that their security is weaker than measures put in place by larger organisations and there are a number of websites that I keep an eye on that are attacked many times a day. However, being hosted on a secure platform with monitoring in place means that I am kept aware of the threats and can take remedial action, if required, very quickly.

To date, none has been required.

If you are worried by the security of your website, or your IT systems, please give me a call on 01793 238020 or email me, andy@enterprise-oms.co.uk for a confidential, impartial, and free chat about your security concerns

Are you being held to ransom by your computer?

There’s a new strain of Windows malware that’s doing the rounds and it’s pretty nasty.

Ransomware has been around for a while now, the concept is that you are convinced to click on a link in an email which ends up with the installation of a piece of software on your machine that stops you from working unless you hand over some money.

A Ransomware Scree

The most common variant flashes a message on your screen from the Metropolitan Police warning you that illegal activity has been detected and that your computer is now locked until you pay the fine.

Although worrying to see, these types of attacks are relatively easy to cure. However there’s a new kid in town, it’s far more malicious and cannot be easily solved. It’s called CryptoLocker and its bad news.

You get the infection by either clicking on a link in a phishing email or by visiting an infected website. Either way, the CryptoLocker software is installed on your PC without your knowledge. Some of the phishing emails reported so far look as if they’ve come from Companies House or as a supposed customer complaint.

CryptoLocker Screen

Once it’s been installed it starts to encrypt your data using an almost unbreakable form of encryption. If you back up your data across a network or to an external hard drive and it’s connected then CryptoLocker will also encrypt your back-up.

Once it’s finished your PC will flash up a ransom message on your screen demanding a payment of $300 within 3-4 days with payment to be made through one of the anonymous cash services such as MoneyPak, Ukash or through the BitCoin digital currency.

If you fail to pay up the de-cryption key is destroyed immediately and your data is lost!

Although the software itself can be removed fairly easily from your computers your data remains encrypted so there’s no way to get your data back without paying the ransom and hoping that the criminal minds behind this scheme are good enough to share the decryption key with you without actually demanding more money.

Even experienced anti-virus company, Sophos, have been unable to find a way to decrypt the files without the decryption key.

So, how do you protect yourself?

  1. Make sure that your anti-virus software is always up to date, all of the good ones will do this automatically provided nobody has disabled it in the hope that it will make their computer run a little faster.
  2. Be highly suspicious of any hyperlinks in emails, hover your mouse over the link before clicking to see the actual web address the link goes to and if it bears no resemblance to what it should be then don’t click.
  3. And just use common sense when browsing the internet.

If you’re not sure about any of this, please don’t hesitate to give me a call on 01793 238020 or email me andy@enterprise-oms.co.uk