There have been many reports that many companies across the globe have been subject to another major ransomware cyber-attack, currently known to have affected over 12,500 machines in Ukraine alone.
The malware compromises the computer through the download of a legitimate application (a tax application called MEDoc was the first known instance) and then creates a task to restart the computer after 10-60 minutes.
The malware then encrypts the computer (pretending to be a disk check) and then demands a ransom of $300 in Bitcoins per computer to be paid. One Bitcoin is currently worth $2350!
Petya Ransomware encrypting a computer.
These attacks come just two months after the WannaCry attack and use similar methods to spread throughout a network. Consumers that are using the latest Windows updates and definitions for their antivirus should be safe.
Additional information for technical users can be found here.
We can confirm that all of our clients are secured from this type of attack and the underlying vulnerability used to spread between computers. If you have been affected by this attack, or are worried about your compter security, get in contact with us today on 0800 304 7444 or firstname.lastname@example.org and we’ll be happy to help.
Each month we are going to take a look at what new innovations in the tech industry have taken the fancy of our team!
What has seemed to be the most popular innovation is the release of the Oculus Rift which is now available in Europe. The Oculus Rift is a Virtual Reality headset. For those who do not know, this is basically a headset that when worn, will take you straight into a virtual world that will seem completely lifelike. You delve into a life of fantasy with the sense of a three-dimensional world. Connect your Rift to your PC as this will essentially become the engine. Your Oculus Rift will come with the headset itself, a sensor, remote, Xbox controller, cables and a free copy of Lucky’s Tale game. You are able to watch movies, play games and much more on these amazing headsets. The VR space is a crowded one with Google previously entering the market with their Google Glass and Microsoft’s HoloLens due out shortly. However, many are tipping the Oculus Rift to be the device to bring VR into the mainstream. They could potentially live up to the title of the ‘future of entertainment’.
The next innovation that appealed to one of our team members, was the app AirDroid. This app enables you to gain full access to your mobile, through your computer. You are able to control calls, SMS’s and app notifications on the large screen. You can use your full keyboard and mouse to control these tasks. You can even copy files from your PC to your phone which eliminates the need for any cables. This app is only available for Android.
Although not a new innovation, Novation Launchpad app for iPad take the fancy of one of our tech team! This app helps children learn the art of music composition. This app specialises in electronic music and enables you to create music by combining beats, melodies, basslines, vocals and more. As a free app this is a must have for those budding musicians and producers.
Our last recommendation for the month is the Intel Compute Stick. This is essentially a USB stick sized computer than you can plug into a HDMI port on any monitor and it will then function like a fully-fledged PC. You can turn your TV into a computer! A quad-core Intel Atom processor inside gives a balanced performance for worth work and play. You can create entertainment, enhance your education and increase your productivity.
Following on from our successful event at Microsoft HQ, we visited Cowplain School so they could receive their prize from being the runners up on the day!
The theme for the Microsoft event was ‘Office 365 in Education’, so we decided to develop and expand on this topic in order to enhance the students knowledge on what really is Office 365.
The day consisted of two 2 hour sessions with the year 7 pupils at Cowplain School. We begun the day with a presentation that outlined what Office 365 is and how to sign up. We then touched on each of the Office 365 apps and how they can be used in education. The last app of the presentation was Sway, this is wen we introduced the days activity. The pupils were tasked with creating a Sway on their school, to be showcased at the upcoming open evening for new potential year 7 students.
The students separated off into 3 IT suites and begun the activity. The students currently have experience with Google Drive but wanted to learn more about Office 365 in order to begin using it at home and at school. So this was a totally new experience for all of the students. What followed was an array of collaborative, exciting sways that outlined why they enjoy their school. Throughout this activity we took into account how the students were working and how they were using the Office 365 app.
We gathered back in the gym at the end of each session to have a roundup of the days activities. We then announced a group from each class who really impressed us with their work. Each group was awarded with an Amazon voucher to use at their pleasure.
This day enabled us to teach many students about the wonders of Office 365 and how each of the apps can help within their education. It also meant the students were able develop within an app they had never even heard of before! Overall, a successful day!
Having one of your clients phone you up to say their website has been hacked over the holidays, is not something any IT support company wants. However, just that thing happened only this last week to a client who has a website hosted by another IT provider. Following on from this act of destruction, we thought we should put together an article on website security and hacking.
You are probably already aware of what hacking is. But for those who don’t – hacking is the action of somebody, generally referred to as a ‘hacker’, gaining access to your website/social media profile etc. without authorisation. They could be doing this for a number of different reasons – to steal personal information, to take down the website or to control the site, or even just for fun.
Hackers have many different ways which they use to hack into operating systems. To name a few; Cross Site Scripting (XSS), Clickjacking and SQL Injection. Hackers create code that they ‘inject’ that will have affect on the site. They can hack through spam email and pop up windows.
Unfortunately there is no way to completely protect your website, however there are steps that you can take to make it as difficult as possible for the hackers. Below are some things that you can do to secure your website from these hackers. We have chosen a few of our favourite top tips!
Hackers are able to get into your system by using a downloadable program that can guess your usernames and passwords in seconds. To help to prevent hackers from guessing your username/password you should change it regularly and it should be a very strong username and password. A strong username/password is a word that includes letters, symbols and numerical characters. You should keep this to no less than 8 characters. You can use the below link to run through a few words to see how secure they are. But DO NOT use your own current passwords!
Two-factor authentication is based on the principal of a) something you have, and b) something you know. So when a user enters a password, they are then asked to complete a second verification step such as entering a code sent to them by text, via an automated phone call, or by using a “soft token” which is an app which contains a code to verify the password.
This is becoming increasingly more popular with companies for logging in, especially with the likes of banks or other companies which store a lot of your data such as Google.
One of the best ways to protect your website, is by keeping all of the software up to date. Always ensure that you check for updates, patches and new versions of programs and plugins. Once you have verified the update is genuine and is not going to cause issues to your website, install the updates. If you are running plugins, only download them from websites that you trust.
There are some plugins that you can purchase in order to provide higher levels of security. A plugin called ‘SiteLock‘ is useable for both HTML pages and CMS-managed sites. This plugin provides daily monitoring for everything, including vulnerability identification, virus scanning and malware detection.
A web application firewall (WAF) sits between your website server and data connection. It reads every bit of data passing through it and can be either a software or a hardware facility.
The WAF works by blocking all hacking attempts and filtering out any unwanted traffic. Many WAF’s nowadays are seen through the form of a ‘Cloud’ based service.
You should always keep your files and data backed-up. Always keep a back-up just in case your website does get hacked – you have a second copy of everything. If you don’t know how to back up, take a look at our blog on what backing up is and how to do it.
Hyper Text Transfer Protocol Secure (HTTPS), is a secure communications protocol that is used to transfer sensitive information between a user, website and the web server. The way that this protects the website is, for example, when a user fills in a ‘subscribe’ form on your site, HTTPS protects this personal information. Data sent using HTTPS is secured via ‘Transport Layer security’ protocol which provides three layers of protection.
You can never really have any idea of how secure public Wi-Fi spots are. This being in hotels, the airport or your local coffee shop. If you do need to use these public Wi-Fi spots, then there are two ways around this. You can set up a hotspot on your smartphone using your mobile data. To find out how to set up a hotspot for your android check it out here, and for an iPhone here. Another way to avoid interruption into your online roaming, is Virtual Private Networks (VPNs). These encrypt traffic so that the Wi-Fi network is unable to see what you’re roaming.