Archive for June 2016

Your Latest IT Newsletter

Bogus Tech Support Scam

Cyber Criminals have invented a new variant of the old ‘I’m from Microsoft’ fake tech support phone call in the form of an on-screen pop-up malware warning that claims to be from your ISP and asks you to call a number.

The reason that the advert appears in the first place is because your computer has become infected through single “bad” pixel adverts.

<More>

Microsoft Pays $10,000 For Windows 10 Upgrade Gone Wrong

Microsoft has been in the news this week again over Windows 10. This time however they have agreed a payout for a U.S. woman whose business computer was reportedly left in an ‘unstable’ condition by an automatic upgrade to Windows 10.

<More>

Brexit Makes No Real Difference to Data Protection Laws Says ICO

The Information Commissioner’s Office (ICO) has stated that despite the Brexit vote there will be no relaxation in data protection laws and that the data protection laws set by the EU will still apply.

The ICO has however stated that leaving the EU before any new data protection laws come into effect could mean that these laws may not apply in the UK.

<More>

Tech Tip – Improve the Operation of Your New Windows 10

If you’ve recently upgraded to Window 10 there are some simple steps you can take to make it more responsive and decrease the level of background data collection.

<More>

Tech Tip – Improve the Operation of Your New Windows 10

If you’ve recently upgraded to Window 10 there are some simple steps you can take to make it more responsive and decrease the level of background data collection. For example you could customise the Privacy Settings (that are set to default). In doing so you can choose to:

  • Disable everything you do not need or want to use.
  • Turn off some of the background apps (but be aware that this will stop updates to them).
  • Set the ‘Feedback’ setting to minimum / basic. Feedback essentially collects data for Microsoft in the background and it is usually set to maximum by default when you get Windows 10.
  • Open the Task Manager and disable all unnecessary start-ups in order to shorten boot times and make the system more responsive.

Brexit Makes No Real Difference to Data Protection Laws Says ICO

The Information Commissioner’s Office (ICO) has stated that despite the Brexit vote there will be no relaxation in data protection laws and that the data protection laws set by the EU will still apply.

The ICO has however stated that leaving the EU before any new data protection laws come into effect could mean that these laws may not apply in the UK.

Adequacy

Data protection law can be a complicated area and the complications surrounding Brexit and the confusion and lack of knowledge about exactly what kind of relationship the UK will now have with the rest of Europe has led to speculation about the relevance to the UK of EU data protection laws.

The ICO has therefore sought to clarify the situation this week by confirming that in order for the UK to trade with other countries in the EU, the UK’s own data protection laws / standards will at least have to be on a par with those in the EU i.e. at least on a par with GDPR. In legal language this means that the UK will need to provide ‘adequacy’ for its own data protection laws.

What Is GDPR?

The General Data Protection Regulation (GDPR) is new EU data protection law that is due to come into force in 2018 and will affect all companies worldwide that process the data of EU citizens.

This means that GDPR would need to be adhered to by the UK anyway, regardless of its position in the EU as the point about GDPR is that a company’s location is irrelevant. If the data a company collects and handles relates to any EU citizen and it can identify them then GDPR applies.

ICO Group Manager Said Basically ‘No Change’

Prior to the Bexit vote the ICO’s group manager Garreth Cameron is reported to have told delegates at the Data Security in the Cloud conference that the UK’s strong data protection laws would remain unaffected by a vote to leave the EU although that the exact details of how they work in that new context would be a matter for the UK government to decide.

Consistency and Reform

The ICO has also stated that consistency in data protection laws for international trade is going to remain an important issue and that the huge growth in the digital economy has meant that there may need to be at least some reform to the UK’s existing data laws.

What Does This Mean For Your Business?

It’s a case of keep calm and carry on where data protection laws are concerned. The same data protection laws and regulations apply for the time being and it is also important that businesses make sure that they are prepared for and up to speed with GDPR because even though it is an EU regulation, it applies to all countries worldwide including the UK.

Microsoft Pays $10,000 For Windows 10 Upgrade Gone Wrong

Microsoft has been in the news this week again over Windows 10. This time however they have agreed a payout for a U.S. woman whose business computer was reportedly left in an ‘unstable’ condition by an automatic upgrade to Windows 10.

What Happened?

Teri Goldstein, the owner of a travel agency in California received a forced Windows 10 upgrade on her business computer. The computer is reported to have downloaded and started to install Windows 10 without Goldstein’s knowledge but the install failed and the computer is reported to have slowed down and become unstable. This in turn is reported to have resulted in days of lost business. This, coupled with the fact that Microsoft’s customer support was unable to help resulted in Goldstein taking Microsoft to court.

How Could a Forced Upgrade Happen?

Windows users have been given the chance over the past year to upgrade to Windows 10 from Windows 7 and 8.1 via online prompts. A change in tactics by Microsoft dating back to February however has meant a shift to ‘Recommended’ from Microsoft which essentially means that users get an automatic / forced download and install onto their PC.

Some users have noted that the install began before the instructions on how to stop it were clear, and that once the install begins it can’t be stopped.

Users have also complained that whereas a notification message about the upgrade should be able to be dismissed by clicking on the ‘X’ in the top corner, Microsoft’s tactical changes mean that a click on the ‘X’ is now taken as approval for the upgrade to begin.

$10,000 Payout

In the court case brought by Goldstein against Microsoft, she argued that her Windows 7 computer automatically tried to update itself to Windows 10 without her permission and that she had never even heard of Windows 10 at the time. Goldstein won her case and Microsoft agreed to pay her $10,000 (the equivalent of £7,500).

After initially appealing against the court’s decision Microsoft, is thought to have then dropped its appeal to prevent the court costs from mounting up.

What Does This Mean For Your Business?

There is now just a month for taking up the offer of the free upgrade (by July 29th). If you’re still running older versions of Windows such as 7 & 8.1 it appears as though you will need to very soon make a decision about upgrading to Windows 10 and be very careful about how you respond to any notifications that you receive to prompt you to upgrade.

Be aware that there has been a shift to automatic downloads and that clicking on the ‘X’ in the top corner of upgrade notifications can now be taken as your approval for the upgrade to begin.

Now may be the time therefore to seek professional advice on the subject. It is also worth seeking information about the many benefits and positive aspects of Windows 10 rather than simply focusing on the potential risks.

Bogus Tech Support Scam

Cyber Criminals have invented a new variant of the old ‘I’m from Microsoft’ fake tech support phone call in the form of an on-screen pop-up malware warning that claims to be from your ISP and asks you to call a number.

The reason that the advert appears in the first place is because your computer has become infected through single “bad” pixel adverts.

Commonplace

We are all now aware that cyber crime, particularly that involving malware is relatively commonplace and the fact that we are aware and that most of us have at least some basic levels of protection means that cyber criminals need to be more cunning than ever. This latest scam as reported by US security firm Malwarebytes in the U.S., Canada and now the UK uses pop-up adverts that claim to be from popular ISPs.

How The Scam Works

In the case of this latest scam it relies upon infecting your computer in the first place with the malware which displays the pop-up advert. The worrying thing is that in this case the cyber criminals are using legitimate online advertising networks to place adverts on websites. These adverts don’t even need to be clicked on to infect your computer because they contain a single ‘bad pixel’ that can redirect you and infect your computer while you’re browsing on a legitimate website without you knowing.

How Do They Know Who Your ISP Is?

After your computer is infected by the advert, you are re-directed to an invisible page in the background that checks the IP address on your computer. The ownership of this IP address can then be traced to a specific ISP, and a pop-up advert is served on your page that features the name of that ISP and gives you a bogus number to call them on.

What Happens If You Call The Number?

Calling the number means that you will be greeted by convincing fraudsters who claim to be your ISP. From what is known about similar calls, it is likely that the fraudster will then try and convince you that you have viruses and errors on your computer which they can clean off for a fee. The final step will therefore be that they will try to persuade you to log in to your banking site.

In other bogus tech support scams, cyber criminals also use banking ‘Trojans’ to extract the victim’s financial information and install malware onto the victim’s computer that joins them up to a botnet so their computer is used in attacks on other computers.

What Does This Mean For Your Business?

Vigilance is once again needed to help defeat the cyber criminals. This latest attack comes on the heals of ‘Locky’ and ‘Raa’, both of which used malware. It important in this case to raise awareness among staff that they all need to be very careful in their web browsing as well as in their opening of any emails with attachments and / or emails from sources that are not familiar.

All staff should also be made aware of who the company’s ISP is and that bogus tech support calls exist and what form they take. It may also be good practice to have a designated person who deals with communication with the IT ISP.

Keeping computer updates, patches, and anti virus software up to date is also very important. Having a reliable, secure back up of your important files and folders is also advisable if not essential in today’s business environment.

Your Latest IT Newsletter

Companies Face Tougher Government Action For Poor Cyber Security

The security breach at TalkTalk last October that saw the loss of data from a reported 157,000 customers to cyber criminals formed the basis of discussions by Culture, Media and Sport accounts committee to generate ideas to prevent future incidents.

Although companies can already be fined by the Information Commissioner’s Office (ICO) for data breaches, the MPs and peers on the committee have suggested bigger fines and greater accountability.

<More>

New Windows 10 Tool To Rid Computer of ‘Bloatware’

Participants of the Microsoft Insider program have been given a look at a new tool for Windows 10 that could allow users of the new Operating System to easily remove all of the unnecessary (and seldom used) extra software that computer makers load onto new machines.

The tool could therefore mean a welcome end to what has become known as ‘crapware’ or ‘bloatware’.

<More>

RAA…! A New and Unique Ransomware Threat

Internet security researchers have discovered a new version of the malware known as ransomware. Dubbed ‘RAA’ this latest malicious program is unique because it is written in the web-based language Javascript. This could make it more likely to be activated and therefore to claim more victims.

<More>

Tech Tip – What if Your Site Goes Down?

Assuming your website is important to your business, then it makes good sense to regularly monitor it and make sure that it’s on track. The first thing to ensure is that your website is actually ‘online’ 100% of the time.

<More>

Tech Tip – What if Your Site Goes Down?

Assuming your website is important to your business, then it makes good sense to regularly monitor it and make sure that it’s on track. The first thing to ensure is that your website is actually ‘online’ 100% of the time.

For example, let’s say your website generates income of £10,000 per month from leads or sales. So, assuming that people are looking at it during a normal working day, that’s 9 am to 5 pm, 5 days a week, four and a half weeks in a month.

That’s 8 hours x 5 days x 4.5 weeks per month = 180 hours per month to generate £10,000 pounds income. Therefore, your site generates roughly £56 per hour. Which means that your site needs to be up 100% of the time!

Other things to monitor are missing pages, dead links, incomplete images etc. Anything down or missing ultimately costs you money in some way, even if it just negatively impacts your Google page rank.

There are cheap and reliable website monitoring tools available, get in touch if you need help.

RAA…! A New and Unique Ransomware Threat

Internet security researchers have discovered a new version of the malware known as ransomware. Dubbed ‘RAA’ this latest malicious program is unique because it is written in the web-based language Javascript. This could make it more likely to be activated and therefore to claim more victims.

Why Is It So Dangerous?

Whereas an operating system will typically block executable programs like .exe, Windows computers allow Javascript .js files to run. Javascript documents that are sent via email therefore won’t always trigger a security warning on Windows or require administrator access to run.

The fact that RAA is written completely in Javascript means that it has a much better chance of getting through basic email security on Windows machines. There is a real concern therefore that by opening a simple email containing RAA as an attachment a Windows computer could use the Windows Based Script Host to run its code and therefore simply install the ransomware.

Outlook is likely to automatically block Javascript .js files although some reports indicate that Gmail may not currently block .js files in email attachments and therefore could be a potential way for RAA to be spread.

A New Trend

Earlier this year Microsoft had reported seeing an increase in Javascript malware email attachments. This announcement proved to be very timely as it was followed by the spread of the ‘Locky’ ransomware program in May which used JavaScript-based attachments for its distribution.

What Happens When a RAA Email Is Opened?

When an email containing the RAA ransomware is opened, the program encrypts important files on the victim’s computer so that the person is essentially locked out of those files. RAA then displays the ransom message (reported to be in Russian in this case) which demands that the victim pays $250 to reverse the encryption and release the files.

As well as locking the files and posting a ransom demand, RAA also extracts embedded password stealing malware called ‘Pony’ from the .js file and installs it onto the affected computer.

What Does This Mean For Your Business?

Clearly businesses need to raise awareness among staff that they all need to be very careful about opening emails with attachments and / or emails from sources that are not familiar.

Keeping computer updates, patches, and anti virus software up to date is also very important.

Having a reliable, secure back up of your important files and folders is also advisable if not essential in today’s business environment. It is also possible to instruct Windows not to start the Windows Based Script Host when a .js file is double-clicked, thus potentially stopping the RAA file from installing.

If your computer is infected by RAA be aware that there is currently no way to reverse the RAA encryption without paying the ransom, although paying the ransom in these cases is not advisable.

New Windows 10 Tool To Rid Computer of ‘Bloatware’

Participants of the Microsoft Insider program have been given a look at a new tool for Windows 10 that could allow users of the new Operating System to easily remove all of the unnecessary (and seldom used) extra software that computer makers load onto new machines.

The tool could therefore mean a welcome end to what has become known as ‘crapware’ or ‘bloatware’.

Refresh

Refresh Windows is the name for the new tool that currently only works on pre-production preview builds of Windows 10 for Microsoft ‘Insiders’. It is thought however by those who have downloaded and tried it to be something that will be a tool that is ideal for use immediately after purchasing a new Windows 10 system and before the user has installed any software on their new machine.

The Problem With Bloatware

Bloatware or ‘crapware’ is a collective term for 3rd party and often unwanted software that comes bundled with a new PC.

Although it is intended to benefit the user of the computer and add to the PC manufacturers profit margins,  many users find it annoying because it can clog up the computer, slow it down and take up space. It is also viewed by some as a potential security risk.

Many computer manufacturers now recognise that customers tend not to like bloatware and are taking action to reduce it. In 2015 for example, Lenovo and Dell were both reported to have been taking steps to actively reduce pre-loaded software of their new machines. Acer have also stated that they now pre-check third party software and applications to ensure that they don’t pose a security risk.

What Does The Refresh Windows Tool Do?

According to reports by those who have tried it, the new Refresh Windows tool for Windows 10 works by downloading and installing a recent and pristine build of Windows 10 onto the PC thereby overwriting the pre-installed version. This means that all of the non-Microsoft applications that were bundled and installed on Windows 10 (excluding Mail email client and the Edge browser) are removed, thus clearing the machine of bloatware all in one go.

What Does This Mean For Your Business?

If you have upgraded to Windows 10 or are buying new computers with the Windows 10 OS you will finally have a more convenient and thorough way to get rid of all those unwanted, space gobbling, speed reducing, potentially risky 3rd party programs. In the past only the more technically minded users have felt confident enough to download a clean disk image of Windows and use that to clean the machine.

Refresh therefore offers a simpler way than before to maximise the efficiency of your machines.

Companies Face Tougher Government Action For Poor Cyber Security

The security breach at TalkTalk last October that saw the loss of data from a reported 157,000 customers to cyber criminals formed the basis of discussions by Culture, Media and Sport accounts committee to generate ideas to prevent future incidents.

Although companies can already be fined by the Information Commissioner’s Office (ICO) for data breaches, the MPs and peers on the committee have suggested bigger fines and greater accountability.

Costs

The biggest cost of a serious hack / data breach in today’s digitalised business environment is of course likely to be the company itself. TalkTalk’s losses from the October 2015 data breach are estimated to be £60 million, 95,000 lost customers plus long lasting damage to the company’s reputation. This however should not detract from the fact that companies have a legal obligation to protect customer data and the recent discussions with MPs have been focused on suggesting ways in which that message can be reinforced among the business community.

Suggestions

Other suggestions from the MPs have included generally increased powers for the ICO in these matters, having some means to make companies report problems as soon as possible, and the putting aside of money to fund educational programmes to encourage better security by users.

Firms could also set up their own ‘kitty’ style fund so that they are able to fund compensation payouts.

The committee of MPs also suggested that agencies such as the Citizens Advice Bureau, ICO and police victim support units could provide advice to consumers who are seeking compensation through the small claims process.  The committee were keen to force CEOs to take proactive and preventative cyber security more seriously by recommending that a portion of CEO compensation e.g. their bonuses and salary incentives, could be held back if they fail to act before a cyber security crisis occurs.

Annoying

The idea of holding back CEO compensation is likely to have been aggravated by the news that TalkTalk chief Dido Harding was reported to still have been paid £2.8 million by the budget telco in the past year, even though the breach happened on her watch in that period. Dido Harding has however reportedly offered to donate her £220,000 annual bonus to charity.

What Does This Mean For Your Business?

The culture, media and sport chair Jesse Norman has described cyber attacks “a constant, evolving threat”. The fact that the government recognises this and is now looking for ways to effectively force company bosses to take more responsibility for cyber security and impose stiff penalties on those bosses and companies that don’t act is a warning shot across the bows for business.

If businesses have not done so already now is the time to prioritise the issue and make sure that basic cyber security steps are taken at the very least – see https://www.cyberstreetwise.com/cyberessentials/

Now may also be a good time therefore for businesses to seek other professional advice about measures that could be taken to ensure cyber resilience such as cyber security training for staff, health checks, risk assessments / audits, cyber security policies, Business Continuity and Disaster Recovery Plans.