Archive for July 2016

Your Latest Newsletter

Amazon and UK Government Test Drone Parcel Deliveries.

This week, our fantasy view of the future seemed to look a little more real as the news was announced that Amazon will be paying the UK government to be embark on a project to test parcel delivery to UK households by drone.

The programme will be testing whether automated drones would be able to safely and effectively deliver small parcels to the homes of customers, ideally within 30 minutes of them being ordered online.

<More>

ICO Looking To Change Cookie Laws?

If you’ve ever found it annoying to see the banner appear on a website warning you that cookies are being used and requesting your consent or a click on the ‘X’ then you may be relieved to know that the Information Commissioner’s Office is looking to make changes to the cookie law that could mean fewer of these warnings.

<More>

Apps Replacing Desktops For Banking?

Our increasing use of mobile devices for more aspects of our lives means that according to new figures we are moving away from desktop banking in favour of using mobile apps.

New figures from the British Bankers Association (BBA) based on our banking habits in 2015 show that although customers logged on to banking websites 4.3 million times a day in that year, this was a decrease on the 4.4million in 2014. In the same period, phone app use on smart phones and tablets rose from 7 million logins in 2014 to 11 million logins in 2015 and BBA figures show that customers used these apps a staggering 4 billion times!

<More>

The Workings of Ransomware.

Locky and Raa are both examples of one of the most dangerous and prevalent forms of malware known as ‘ransomware’.

This major online threat has hit the news in recent months due to the chaos and misery that it has brought to its victims. Here is brief summary of the types of ransomware that we know about and what tricks they use.

<More>

Tech Tip – Find Files That Take Up Too Much Space.

If you have files on your computer that are taking up too much space it could have a negative impact of the speed of your computer.

<More>

Tech Tip – Find Files That Take Up Too Much Space.

If you have files on your computer that are taking up too much space it could have a negative impact of the speed of your computer. Some measures you could take include:

• Storing space gobbling things like music files on an external drive.

• Carefully deleting old programs that you never use via the Control Panel.

• Finding / deleting space wasting files using a tool such as WinDirStat (Windows Directory Statistics).

The Workings of Ransomware.

Locky and Raa are both examples of one of the most dangerous and prevalent forms of malware known as ‘ransomware’.

This major online threat has hit the news in recent months due to the chaos and misery that it has brought to its victims. Here is brief summary of the types of ransomware that we know about and what tricks they use.

Deleting Encrypted Files.

The ultimate object of ransomware is to force the victim to make a payment to halt and reverse the effects of malware i.e. pay for a software key to release the files that the ransomware has encrypted.

Jigsaw ransomware for example not only encrypts the files but deletes one of the files that it has encrypted every hour until the money is paid. This means that even if the victim pays they can’t reverse the damage. What is more, Jigsaw deletes an extra 100 files for good measure each time victim restarts their computer.

Encrypting Drives and Servers.

Ransomware such as Petya encrypts whole drives such as your computer’s entire Master File Table whereas ransomware like RansomWeb and Kimcilware are designed to infect whole web servers encrypting their website databases and hosted files.

Encrypting Network Drives.

The scale and scope of the dishonest work carried out by variants of ransomware varies widely. Some versions such as those called DMA Locker, Locky, Cerber and CryptoFortress work by going for the network drive and try to encrypt parts of the Server Message Block (SMB).

Compressing to Speed Up Encryption.

In order to make the encryption of files as fast as possible some ransomware such as Maktub even goes to the trouble of compressing the files first.

Attack in the Cloud.

With more businesses moving critical files to the Cloud so the cyber criminals follow. Some new forms of ransomware are able to delete or overwrite cloud back-ups.

Non Windows Not Safe.

Ransomware such as SimpleLocker for example encrypts files on Android, and Linux.Encode.1 encrypts files on Linux.

Spoken Ransom Messages Through Your Speakers!

It sounds chilling but ransomware such as Cerber generates a script that allows it to speak a ransomware message through the victim’s speakers in 12 different languages!

Buying It In.

For some cyber criminals it’s simply a case of buying in ransomware such as Tox as a service via underground forums. It can provide everything the cyber criminal needs including the vital facilitating of the transfer of funds.

What Does This Mean For Your Business?

As with any malware risk the trick for a business is not to get infected in the first place with the software that enables the attack to be launched.

Businesses need therefore to raise awareness among staff that they all need to be very careful about opening emails with attachments and / or emails from sources that are not familiar.

Keeping computer updates, patches, and anti virus software up to date is also very important. Having a reliable, secure back up of your important files and folders is also advisable if not essential.

ICO Looking To Change Cookie Laws?

If you’ve ever found it annoying to see the banner appear on a website warning you that cookies are being used and requesting your consent or a click on the ‘X’ then you may be relieved to know that the Information Commissioner’s Office is looking to make changes to the cookie law that could mean fewer of these warnings.

What Is the Cookie Law?

The so called ‘cookie law’ (which began life as an EU Directive) was widely adopted in 2011 and became an update to the UK’s Privacy and Electronic Communications Regulations. The cookie law is a privacy measure that was designed to make people aware of how the information about them is collected online and to give them the opportunity to say yes or no to it.

The visible aspect of this law is the banner that appears at the top of s a website. This also somewhat ironically means that a cookie is placed on your computer so you don’t see the banner the next time you visit the website.

An ICO study found that 94% of UK websites now feature these banners or warnings and that UK websites place an average of 44 cookies on your first visit. These figures mean that we in the UK have more cookies and more cookie warnings than many other European countries.

Why The Re-Think By the ICO?

Despite the ICO enforcing the law for the last 5 years they have now submitted suggestions to the EU’s Consultation for some changes for the following reasons:

  • In some cases the impact on a person’s privacy is likely to minimal and therefore consent banners may not be necessary.
  • The warning / consent banners themselves actually use cookies. This means that they require some personal information to operate and therefore don’t appear to be providing the level of protection that users may think they do.

What Kind of Changes?

The ICO appear to be in favour of changes that achieve a balance between the privacy rights of individuals and the information interests of business and society services. This means that the ICO would favour exemptions to the cookie law where there is minimal impact to a person’s privacy, but have rejected the EU’s suggestion of a cookie-free version of website content where the individual’s ‘choice’ would be to stop viewing the page.

What Does This Mean For Your Business?

A change in the cookie law is unlikely to have a huge commercial impact in the UK although exemptions may mean that website visitors have a better experience when visiting the company website. If subtle changes are made to the cookie law it could of course mean that changes will need to be made to the cookie banner and when / how / if it is displayed.

This could mean that you will need to consult your web hosting company.

Apps Replacing Desktops For Banking?

Our increasing use of mobile devices for more aspects of our lives means that according to new figures we are moving away from desktop banking in favour of using mobile apps.

New figures from the British Bankers Association (BBA) based on our banking habits in 2015 show that although customers logged on to banking websites 4.3 million times a day in that year, this was a decrease on the 4.4million in 2014. In the same period, phone app use on smart phones and tablets rose from 7 million logins in 2014 to 11 million logins in 2015 and BBA figures show that customers used these apps a staggering 4 billion times!

The Attraction.

The fact is that it’s far more convenient to be able to carry out our banking when and where it suits us and the use of a banking app on a mobile device makes this possible.

Not Best or Fully Trusted For Payments.

Checking balances and setting up standing orders are one thing but when it comes to making payments 2 different influences come into play that mean that we are more likely to prefer websites to apps.

  • Where banking is concerned, people need to log in to their bank’s website in order to set up a payment to a new person and this therefore excludes the use of an app. There are however some new app based banks e.g. Atom or Starling.
  • It has been known for some time that people prefer and trust websites over apps and desktops over mobile devices when it comes to payments. There’s something about being behind our own front doors with the trusted home broadband plugged into the phone socket and the trusted home PC and the actual company website on the screen that is more appealing where paying and giving out our card details are concerned.

These influences are reflected in the latest BBA figures which show that although payments via websites only rose by 2% from 2014 to 2015, payments totalled £417 million. This is still £70 million more per day via websites than via apps, even though payment via app grew by 54% in 2015.

What Does This Mean For Your Business?

The ability to do nearly everything, including all main aspects of your banking while on the move is almost here. Banks are changing more and more to suit the lifestyle and modern needs of their customers and your smart phone / tablet will soon be even more of an important business tool.

Amazon and UK Government Test Drone Parcel Deliveries

This week, our fantasy view of the future seemed to look a little more real as the news was announced that Amazon will be paying the UK government to be embark on a project to test parcel delivery to UK households by drone.

The programme will be testing whether automated drones would be able to safely and effectively deliver small parcels to the homes of customers, ideally within 30 minutes of them being ordered online.

Not only would this be a revolution in distribution that could pave the way for many other companies to follow but it raises some very important issues.

Safety.

There is the very obvious issue of safety to consider. The risks of drones being flown beyond the line of sight and the risk of many drones being flown around residential areas could mean that drones risk being crashed into property, people and each other. When you consider that drones can fly up to 10 miles from their base at speeds of 50 mph and at a height of 350 ft these are very real concerns.

It may be necessary to develop drones that, through the use of sensors can’t crash into each other, but this itself could be a big, time consuming, and expensive challenge.

In order to make the system commercially viable, it may also be necessary to create a system whereby one pilot has responsibility for several drones. This too could be another challenge.

Dropping on Your Head?

Drones experiencing technical problems and falling onto people and property below is another consideration, as is potentially having a heavy parcel fall onto people and property. On the issue of the weight of the parcels that will be carried by the drones, it is believed that these will be less than 2.2kg (5lbs). That represents over 80% of the things that Amazon sell.

Privacy.

We all know from their military applications and from the fact that drones are steered using cameras that they are therefore capable of filming. This of course raises the issue of privacy, who will be operating them, what they’ll be filming / allowed to film, and what happens to any recordings.

Drones can and have been hacked e.g. military drones hacked by the by the Taliban and this also raises more issues e.g. hacking a drone to film. Worse, stealing a drone for use delivering drugs or even bombs could be another possibility.

Regulation and Discussion.

It is understood that the Government is to draw up rules and regulations for the future use of drones in the UK and to allow all companies to make use of drone technology.

Some commentators however have argued that with the kinds of issues at stake there should be a wider discussion taking place across society rather that just between the government and Amazon.

What Does This Mean For Your Business?

It is estimated that the drone technology market could develop into one that is worth many billions of pounds. This could mean potential business opportunities and there is of course the chance for businesses to benefit from the development of drone technologies.

This could also represent new logistics and distribution business opportunities both for companies wishing to operate their own or buy in drone delivery and courier services, as well as companies wishing to use these services to deliver their own products this way.

Your Latest Newsletter

Pokémon Go Craze Provides Tangible Proof of Bright Future For Augmented Reality.

20 year old Nintendo game Pokémon has re-emerged in the form of Pokémon Go, a mobile phone App that has experienced phenomenal popularity and growth in a very short time.

Far from just being a children’s game this time around, marketers see it as proof that rich augmented reality opportunities are just around the corner.

<More>

Most Companies Believe the IoT Is Vital For Future Success.

A recent report by Vodafone has shown that three quarters of organisations see how they use the Internet of Things (IoT) as being a critical factor in their success. Exactly how the IoT can be harnessed to bring about that success is the next planning challenge.

<More>

Ransomware Found Hiding in Google Docs.

In the world of Cyber Crime, malware has proven to be a persistent and potent threat in recent months. Hot on the heels of ‘Locky’ and ‘Raa’ ransomware comes a new variant of ransomware which has recently been discovered hiding in Google Docs.

<More>

Tech Tip – How To Spot Phishing Sites and Emails.

With phishing attacks on the rise again and with phishing sites and emails appearing more authentic than ever how do spot them? Here are some of the signs.

<More>

Tech Tip – How To Spot Phishing Sites and Emails.

With phishing attacks on the rise again and with phishing sites and emails appearing more authentic than ever how do spot them? Here are some of the signs.

Spotting Phishing Emails:

  • The sender’s email ID will not be (exactly) the same as the company’s official email ID e.g. support@yourcompany1.com rather than support@yourcompany.com
  • Check for misspelling and grammar mistakes – phishing emails often have plenty.
  • There is a very strong focus on links and buttons to click on.
  • There is likely to be a mysterious attachment. This could contain malware such as ransomware.
  • The email goes straight to your spam folder.

Spotting Phishing Websites:

  • The URL will differ slightly from the official one, and the HTTPS connection will be missing.
  • The lock icon will be grey rather than green.
  • You may get a browser warning.
  • A fake pop-up asking for information may show after only a very short time on the site.
  • If you give the wrong password you can still log in to many Phishing sites.

Pokémon Go Craze Provides Tangible Proof of Bright Future For Augmented Reality

20 year old Nintendo game Pokémon has re-emerged in the form of Pokémon Go, a mobile phone App that has experienced phenomenal popularity and growth in a very short time.

Far from just being a children’s game this time around, marketers see it as proof that rich augmented reality opportunities are just around the corner.

What Is Pokémon Go?

Pokémon Go mixes gaming and reality. It is a game played via a mobile phone app that has been developed with the help of its original creators Nintendo by a Californian company that reportedly has links to Google.

Players of Pokémon Go have to find and catch comic book style creatures and train them for battle.

Since the craze of the original video game lost momentum the Pokémon franchise has been responsible for other spin off crazes such as Pokémon cards.

The Big Difference

What makes Pokémon Go so different is that it has reinvented a widely known and much loved brand into an ‘augmented reality game’ that achieves the opposite of what many other games are capable of i.e. getting the player out of the house.

How It Works

The Pokémon Go app uses the GPS / mapping and camera elements of the user’s phone to create a view of the real world and overlay it with the game’s fictional characters. Players of the game then go out into real world locations where they can use the game on their phone to find and ‘catch’ the creatures.

The fact that the game tends to put interesting characters / things near real world landmarks e.g. tourist attractions in towns and cities, means that Pokémon hotspots are created where players of the game are able to spot and meet other players.

Super Popular

To help give some idea of how popular this game is there were 5.3 million tweets worldwide about Pokémon Go in its first week which is more than the 11.7 million for Brexit in the week of the UK referendum!

Players spend an average of 43 minutes a day on Pokémon Go which is more than Whatsapp, Instagram or Snapchat. In terms Internet searches Pokémon Go app interest now exceeds the interest in pornography!

Who?

Game players on smart phones tend to be those in younger age groups although it is believed that many of Pokémon Go’s players are thought to be those twenty somethings who remember Pokémon first time around.

Why So Popular?

As well as the nostalgia aspect Pokémon’s appeal comes from a combination of things including:

  • Combining childhood fantasy with the real world.
  • Providing extra layers of engagement, interest and adventure by requiring the player to go out into the real world (rather than remain isolated).
  • The social aspect of meeting other players and the positive feelings of being part of a trend / reference group.

Caution

It is important that Pokémon Go players remember that they are playing a game in a real world setting that has real world dangers. This week for example Pokémon Go players on a Somerset beach sparked an alert after wading out half a mile across dangerous mudflats to hunt for the game’s virtual monsters.

In Manchester, police warned of the dangers of getting too caught up in the game and ending up in dangerous situations and areas after 3 students in Hulme had their mobile phones snatched while playing the game.

What Does This Mean For Your Business?

The huge success and popularity of the game has caused a great deal of excitement among business investors who believe that it will bring augmented reality into the mainstream, thereby providing a huge new area of business opportunities in the very near future.

For businesses, Pokémon Go provides the first tangible proof that augmented reality can work.

The popularity of the game could open up opportunities for branding and advertising, and other possible monetising opportunities as there are with different aspects of Google.

Retail outlets could also leverage the fact that they are situated near to rare / important Pokémons.

Ransomware Found Hiding in Google Docs

In the world of Cyber Crime, malware has proven to be a persistent and potent threat in recent months. Hot on the heels of ‘Locky’ and ‘Raa’ ransomware comes a new variant of ransomware which has recently been discovered hiding in Google Docs.

‘Cute’ It Is Not.

This latest ransomware threat has been ironically dubbed ‘cuteRansomware’. Internet Security experts say it is a Chinese variant of a ransomware package published a few months ago on GitHub known as ‘my-Little-Ransomware’.

Ransomware is a form of malware that typically encrypts important files on the victim’s computer so that they are locked out of them. A demand for money is then issued to the victim in exchange for a key to a release the files.

This kind of malware attack has dramatically increased in recent months with criminals finding many different and new ways to help the ransomware to beat the user’s security measures.

How Cute Works.

The cuteRansomware recently discovered by security researchers works in a similar way to other known ransomware programs but has some key differences that enable it to beat the victim’s security. For example, Cute:

  • Infects the victim’s computer in the first place via a drive-by download i.e. via a security flaw in a browser, app or an out of date operating system.
  • Uses Google’s own security to bypass the victim’s firewalls, thereby leaving the attacker free to encrypt the end-user’s files at will. Google Docs is therefore used as a data transmission vector, and a Google Docs form is used to relay details to the attacker. These details include RSA encryption keys and the name of the victim’s computer.

Why is Using Google Docs So Effective?

Just as ‘Raa’ was written in Javascript in order to stop it triggering Windows security warnings or requiring administrator access to run, by using Google Docs cuteRansomware benefits from the default HTTPS network data transmission over SSL that Google Docs has. These elements can easily beat firewalls, intrusion prevention systems, or next generation firewalls thus giving the attacker an effective way in.

Unfortunately, traditional detection tools still lack visibility into SSL meaning that those deploying cute are at an advantage at this point in time.

Fewer File Types

One small plus point is that the cuteRansomware variant seeks out and encrypts fewer file extensions than the ‘my-Little-Ransomware’ that it was developed from. It is still however likely to target the most popular file extensions, thereby making it able to do a very effective job of locking the user out of their own important files.

What Does This Mean For Your Business?

As more businesses move things into the Cloud this latest ransomware indicates that Cyber Criminals will be moving there too, using the cloud for delivering malware and exfiltrating data via command-and-control.

As with any malware risk the trick for business is not to get infected in the first place.

Businesses need therefore to raise awareness among staff that they all need to be very careful about opening emails with attachments and / or emails from sources that are not familiar.

Keeping computer updates, patches, and anti virus software up to date is also very important, particularly in the case of cute. Having a reliable, secure back up of your important files and folders is also advisable if not essential.