Archive for October 2016

Your Latest IT Newsletter

How Hackers Used Smart Household Devices To Launch A Massive Online Attack

In a worrying change of tactics hackers have used the ‘Internet of Things’ (IoT) to launch an online distributed denial of service (DDoS) attack on the DNS service ‘Dyn’ with global consequences.

<More>

9 Out of 10 Businesses Fear ‘Right To Be Forgotten’ Rule

When the GDPR data protection regulation comes into force on 25th May 2018, a Symantec survey has revealed that 9 out of 10 businesses are not confident that that they will be able to delete customer data on request.

<More>

Virtual Reality Finds Its Place In The Real World

Far from being something confined to the world of games or being something that has potential for the future, virtual reality is being used now in important and beneficial ways.

<More>

Many Options For Getting Rid Of Your Old Mobile Phone

It is thought that there are more than 75 million unused mobile phone handsets currently in the UK, so rather than leaving it the drawer or even binning it, many people are swapping their old handset for money and / or the feel-good factor.

<More>

Tech Tip – Finding The Original Control Panel In Windows 10

The Settings panel is easy to find and use, but if you’re just getting used to Windows 10 but you’d feel more comfortable if you could at least find the original old Control Panel, it can be done. Here’s how.

<More>

Tech Tip – Finding The Original Control Panel In Windows 10

The Settings Panel is easy to find and use, but if you’re just getting used to Windows 10 but you’d feel more comfortable if you could at least find the original old Control Panel, it can be done. Here’s how.

The old control panel, that’s also very handy for accessing the advanced options can be found by doing the following:

Press Win + X on your keyboard. This will bring up the power user menu.

Many Options For Getting Rid Of Your Old Mobile Phone

It is thought that there are more than 75 million unused mobile phone handsets currently in the UK, so rather than leaving it the drawer or even binning it, many people are swapping their old handset for money and / or the feel-good factor.

Binning Them A Bad Option.

The worst option for that many old handsets from an environmental point of view is putting them in the bin. It is estimated for example that 75+ million handsets contain enough toxic substances to pollute over 3 trillion litres of water, and therefore if we can’t just keep leave them in a drawer or throw them in the bin, what other options are there? Here are some tried and tested options:

Sell or Recycle The Handset.

Nearly 80% of your old mobile handset is recyclable i.e. the metal and plastic, and components such the memory and circuit boards. This means that even if it’s broken it has some value, and if you have it recycled you could be helping the environment.
If it’s a simply a case of selling it for financial return you could get an idea of where you could get the most for it on a website such as http://mobilevaluer.com/. You could choose to sell it through popular channels such as Mazuma or E-Bay provided the phone isn’t locked and you’re not breaking any laws.

Whatever you decide to do with it make sure that the handset is cleared of your own and your contacts’ details as well as all of your other personal details and digital property e.g. photos.

Swap It For Food, Airtime or Points!

A Tesco scheme enables you to exchange your old handset for its recycled value in vouchers for the store or airtime on their network. You can also get Tesco GreenClub points.

Donate It To Charity.

Many charities are happy to receive old handsets as donations which they can then recycle and use the money for their charity work. For example see Oxfam.

Companies with large numbers of devices such mobile handsets can choose to use a suitable commercial waste recycling company.

Take It Back To The Shop.

Many mobile phone retailers e.g. Carphone Warehouse have a recycling scheme in place whereby if you take your unwanted mobile phone in to the shop they will recycle it and make a donation to charity.

Give It To A Member of the Family Or A Friend.

You can of course pass your old handset on or give it as a gift to a member of the family or a friend.

What Does This Mean For Your Business?

A business could of course choose to sell and / or recycle unwanted or old IT and comms equipment. This can bring in some funds to be used towards new equipment, or any money or equipment donated to charity could translate into some positive publicity for the business if mentioned in the website news / blog section and social media.

This story also highlights how quickly new technology hardware needs replacing as well as highlighting the many business opportunities and new market segments that have emerged and continue to feed new ventures in and around the technology sector. The IoT generally looks like creating many more opportunities over the next few years.

Virtual Reality Finds Its Place In The Real World

Far from being something confined to the world of games or being something that has potential for the future, virtual reality is being used now in important and beneficial ways.

Help With Understanding Autism and Dementia.

Autism is thought to affect more than 1% of the population which equates to over 700,000 peocheple in the UK alone. Its prevalence and its regular appearances in the media spotlight mean that 99% of people in the UK have heard of autism. The complicated and multi-faceted nature of the condition however means that very few of us know what autism actually is, and a lack of knowledge about the effects of the condition means that people with autism are frequently treated poorly in public situations e.g. in shops and restaurants.

Virtual reality has been used to help spread awareness and understanding of the nature of the condition in the form of a VR film made by the National Autistic Society. The film was made using Samsung Gear headsets to show a journey around shopping centres through the eyes of an autistic person.

VR has been employed in a similar way in by Alzheimer’s Research UK who have made a VR film intended to help people to understand how simple tasks can become huge challenges to Dementia sufferers.

Sales / Retail.

Virtual Reality has also been used to give customers virtual walks / tours and experiences that can help boost sales. For example, estate agents offer potential customers walks around properties while shopping centres and fashion stores offer virtual tours using VR headsets.

Furniture retailer IKEA has also made an app (using the HTC Vive) to enable virtual tours of and virtual experiences in its kitchens.

Medical Training and Treatment.

VR has also proved its worth in providing vital medical training in the form of virtual surgery experiences at Royal London Hospital back in April this year. In a VR operation for example a surgeon was able to deliver a virtual surgery experience to Some 5,000 people in 14 countries. This led to the formation of a start-up that will use VR to reduce the cost of training doctors.

VR has also been used to help treat patients with post-traumatic stress phobias.

What Does This Mean For Your Business?

Virtual reality tours and experiences can help potential customers to really engage with, discover more about, and really understand products and marketing messages. VR can help potential customers to really picture themselves with products and therefore feel the need and desire for them which could of course lead to sales. They can also help people to gain an understanding of complicated things, or to visualise future situations which can help with the marketing communications process in a unique way. VR can also be applied to at least some aspect of all industries which means that it is very flexible, and it could prove to be a very effective tool in reaching the technically proficient, ‘try before they buy’ Generation-Z customers.

9 Out of 10 Businesses Fear ‘Right To Be Forgotten’ Rule

When the GDPR data protection regulation comes into force on 25th May 2018, a Symantec survey has revealed that 9 out of 10 businesses are not confident that that they will be able to delete customer data on request.

Right To Erasure.

One of the many important impacts of GDPR will be the ‘right to erasure’ which builds upon the ‘right to be forgotten’ when it comes to customer data. Under Article 17, controllers will have to erase personal data “without undue delay” if the data is no longer needed, the data subject objects to the processing, or the processing of the data was unlawful. In short, if customer asks for you to delete all of the data you hold about them you will have to do so quickly or face steep financial penalties.

Unfortunately a recent survey by security firm Symantec shows that 9 out of 10 businesses think it will be difficult for them to delete customer data if they receive a request, and only 4 out of 10 companies have a system currently in place that allows them to do so. This raises questions about how prepared UK businesses are for GDPR and how vulnerable they are to the risks of non-compliance.

Not Ethical?

Another finding of the same survey is that 35% of UK business and IT decision makers don’t think that their companies take an ethical approach the securing and protecting of customer data. This highlights what appears to be a different attitude between companies and consumers about the importance of data security.

Data Protection Very Important To European Consumers.

It is worth companies taking note however of what an important issue data security is to consumers across Europe. The Symantec report reveals that no less than 88% of European consumers think data security is the most important factor when choosing a company. A similarly high amount (86%) think that data protection is even more important than product quality!

Not Prepared Yet.

With the introduction of GDPR less than 19 months away one of the worrying factors highlighted by the Symantec report is how unprepared many UK businesses are. 96% of companies for example don’t understand GDPR and 91% don’t think they’ll be able to comply with it.

It seems also that UK businesses have also given GDPR a low priority despite its potentially serious impact. For example only 22% of companies have made complying with the European security demands a priority over the next two years.

What Does This Mean For Your Business?

The new UK Information Commissioner Elizabeth Denham has already stated publicly that she would support the UK adopting EU data protection laws, even after Brexit. The fact is that GDPR is likely to come into force before Brexit anyway, and whatever happens GDPR will apply to organisations anywhere in the world that hold and process data about EU citizens. This means that UK businesses that haven’t started already should make GDPR a much higher priority and make sure that they are prepared to be able to comply in time for May 2018.

In fact hardly any data will not fall under GDPR which means your business will need to become very familiar very quickly with GDPR it and its implications. GDPR will mean for example that:

  • Your company will need to be clear about getting consent to use a person’s data for just the specified purpose and not regard silence or inactivity as consent.
  • You may need to prepare to select a DPO for appointment, and your company may require a lot of training so that everyone understands basic compliance. This could mean that the kind of human error that could cause a data breach is minimised.
  • Your data security policies may need to be changed and the changes promoted across the company. You will also have to develop highly effective systems for monitoring for any data breaches. There will also be the need to design compliance into all data handling and processing systems, and could mean starting the analysis and thought process now to ensure that you are ready for May 2018.
  • You will have to develop effective systems that ensure fresh consent is gained before you alter the way you use data, and that all data on a subject can be easily and quickly deleted on request.
  • If your company provides data processing services for anyone else’s personal data you will need to consider your liability and be compliant with the new EU regulations.

How Hackers Used Smart Household Devices To Launch A Massive Online Attack

In a worrying change of tactics hackers have used the ‘Internet of Things’ (IoT) to launch an online distributed denial of service (DDoS) attack on the DNS service ‘Dyn’ with global consequences.

Domestic ‘Smart’ Household Devices Used.

Although DDoS attacks using botnets are certainly not uncommon the fact that this latest attack used smart household IoT devices as such as CCTV cameras and printers to launch last week’s attack does make it unusual, and cause for concern.

High Profile Customers of Dyn Among the Millions Affected.

Another reason why this latest DDoS attack received such attention in the media was because in attacking Dyn, some of the very large customers of Dyn were affected or temporarily put out of action including Twitter, Spotify, and Reddit. This is because Dyn’s service involves directing users to the internet address where websites are stored, and an attack on Dyn essentially disabled this function.

As well as the high profile names, it is estimated that tens of millions of internet addresses were affected in the attack which meant that the hackers were able to use household devices to cause a disruptive event on a global scale.

How Could Household Devices Have Been Used?

Security experts have said the common denominator in this case is that the household devices used were likely to have been made in China where they would have been given usernames and passwords that could be easily guessed but difficult to change by the user.

This vulnerability meant that malware (possibly ‘Mirai’) was used to scour the web for IoT device targets, and then to mobilise them to make up a giant ‘botnet’ of devices that were then all instructed to send requests to the target Dyn servers. The sheer volume of requests from the devices overwhelmed the servers, thereby causing the disruption to the service.

What Does This Mean For Your Business?

Fears about the IoT being potentially used in this way have been expressed for some time, and it seems that cyber criminals have found a way to harness the power of the IoT for bad on a grand scale before business has been able to find a way to harness its potential in a productive and good way. There are of course many smart IoT devices used in businesses and this attack shows that these can therefore be another vulnerable area that businesses may need to find an effective way to protect. Changing default passwords can help.

There is also a free online IoT Scanner available (from BullGuard) that can check if check if your internet-connected devices are accessible to the public on Shodan (a search engine for the Internet of Thing) and therefore whether they are vulnerable to hackers. Click here.

There is also a free guide (pdf) to the IoT here.

Your Latest IT Newsletter

Big Data Breach Fine Warning For UK Firms With GDPR.

A warning has come from The PCI Security Standards Council that failure by UK firms to prepare for the introduction of the European Union’s General Data Protection Regulation (GDPR) in 2018 could mean big fines.

<More>

Higher Cloud Costs Due To Pound Fall.

451 Research analysts have stated that UK-based public cloud users look likely to be paying thousands of pounds more in 2016 compared to 2015 due to the Brexit vote’s negative effect on the pound.

<More>

Could Wearable Technology Enable Better Care of the Elderly?

With wearables already helping to support healthier lifestyles, could they also be used to specifically foster healthy ageing and independent living, as well as monitoring the health of the elderly.

<More>

Serious Security Flaws Found in Many Online Shops.

Research by WhiteHat Security has found that retail websites have an average of 13 serious security vulnerabilities and that half of all retail websites have at least one serious security flaw.

<More>

Tech Tip – Getting Updates At Convenient Times.

Although updates are necessary, it can be really annoying when your computer decides to give you a large number of updates at once and restart itself when you don’t want it to. With Windows 10 you can take control of updates.

<More>

Tech Tip – Getting Updates At Convenient Times.

Although updates are necessary, it can be really annoying when your computer decides to give you a large number of updates at once and restart itself when you don’t want it to. With Windows 10 you can take control of updates.

Windows 10 does force you to accept any updates to the Operating System BUT you have the power to delay the process by not just an hour or two, but by up to six days. This means that you can receive the updates at a time that’s most convenient to you.

To set up the time when you want to receive updates:

1 – Go to Settings.

2 – Then to Update and Recovery

3 – Then choose ‘Notify’ to schedule restart.

Serious Security Flaws Found in Many Online Shops

Research by WhiteHat Security has found that retail websites have an average of 13 serious security vulnerabilities and that half of all retail websites have at least one serious security flaw.

This research highlights one of the reasons why cyber-crime figures remain stubbornly high. The WhiteHat figures show that on average retail websites have 23 unique vulnerabilities which could be exploited by criminals.

Critical Flaws.

To give an idea of how bad the 13 “serious” security vulnerabilities are in most retail websites, if the Open Web Application Security Project (Owasp) were applied to them they would be classified as ‘critical’ or ‘high risk’. Owasp is a trusted online community for resources that can be used to improved web application security.

Other Research.

The findings of WhiteHat Security are unfortunately no surprise and are backed up by research from other organisations. Dutch developer Willem de Groot, for example, have uncovered shocking evidence that nearly 6,000 online retailer websites contain code (which is unknown to the website administrators) that has been designed to steal credit card details.

In these cases, it is believed that hackers have been able to access the online store code via unpatched software flaws. Hackers can exploit and monetise these flaws by installing a (JavaScript) wiretap which intercepts and directs live payment data to an offshore collection server.

De Groot has also found that there has been a shocking 69% increase in credit card skimming since November 2015.

Key Logging Attacks.

Security researchers at RiskQ have also uncovered a key-logging attack being used on shopping card software. The attack known as ‘Magecart’ inserts JavaScript into the online retail website in order to steal credit card details.

What Does This Mean For Your Business?

This means that businesses could face an uphill struggle in making sure that their online shops are safe and secure, and therefore action needs to be taken as soon as possible.

If, as the research suggests, there may be many serious vulnerabilities in the web applications of online retailers, the most sensible move by those businesses may be to prioritise the critical and high-risk security flaws for remediation. Less serious flaws can be dealt with later as resources allow.

Credit card skimming risks could be nipped in the bud if businesses with online shops would upgrade their software regularly. It is also important for businesses to maintain vigilance and to scan their own websites for Owasp‘s top 10 most critical web application security risks. Maintaining a web application firewall and applying patches immediately are also ways that businesses can reduce the risk.
To reduce the risk of crimes such as key-logging attacks, website shop owners could partner with integrators and contractors to ensure that the desired compliance, transparency of technology, and e-commerce security standards are met. Website shop operators should also make sure that web stack software is updated, and that there is conformance with recommended security controls and best practices.

Could Wearable Technology Enable Better Care of the Elderly?

With wearables already helping to support healthier lifestyles, could they also be used to specifically foster healthy ageing and independent living, as well as monitoring the health of the elderly?

Ageing Population.

ONS figures show that by 2039, the number of UK people aged 75 and over could be 9.9 million and the number of people aged 85 and over is projected to more than double, reaching 3.6 million.

The rise in the average age of the population (and in the proportion of older people in the population) means that in the UK we certainly have an ageing population.

Similarly, in the United States, 13% of the population is over 65 today, and this figure is set to rise to nearly 20% by 2030. As well as being a new challenge for the countries across the developed world, this ageing population trend also represents a potentially lucrative untapped market for tech companies.

Smart Clothes.

One example that wearables could help seniors’ health is in the form of ‘smart clothes’.

Advances in nano-technology and the development of futuristic and lightweight threads that could have tiny circuits sewn into them have helped fuel predictions that medical applications will account for the largest share in this new textile market by 2021.

Examples of how smart clothes could help include:

  • Clothes / watches / bracelets that remind people when to take their medication.
  • Clothes that include technology to help seniors monitor and avoid complications from chronic conditions such as diabetes and heart disease.
  • Wrist-worn devices to track blood pressure.
  • Intelligent socks / footwear that can warn diabetics when they are at risk of foot ulcers. This is already being developed by a New Zealand startup, aided by the University of Nottingham.
  • T-shirts that monitor the wearer’s stress levels and send vital signs to family members and doctors. These t-shirts which could help to prevent heart failure and seizures are already being developed by a Canadian company.
  • Smart mobility aids such as white canes or clothing for the visually impaired that emit ultrasound waves and use sensors to detect obstacles and then send a warning signal (e.g. a vibration) to the user.
  • A smart body-brace which can be used to reduce the number of falls in older people. The brace (which is already a product in development by a Washington based company) uses textile sensors to alert the user when they are about to lose their balance.

What Does This Mean For Your Business?

The ageing population could therefore, with the help of technology, represent a very real business opportunity.

The advances in nanotechnology and smart clothes and wearables could provide many different businesses with opportunities in different market segments within the senior age groups.