Archive for Software

Featured Article – Windows 7 Deadline Now Passed

Microsoft’s Windows 7 Operating system and Windows Server 2008 formally and finally reached their ‘End of Life’ (end of support, security updates and fixes) earlier on Wednesday 14 January.

End of Life – What Now?

End of life isn’t quite as final as it sounds because Windows 7 will still run but support i.e. security updates and patches and technical support will no longer be available for it. If you are still running Windows 7 then you are certainly not alone as it still has a reported 27 per cent market share among Windows users (Statcounter).

For most Windows 7 users, the next action will be to replace (or upgrade) the computers that are running these old operating systems.  Next, there is the move to Windows 10 and if you’re running a licensed and activated copy of Windows 7, Windows 8 or Windows 8.1, Home or Pro, you can get it for free by :

>> going to the Windows 10 download website

>>  choosing to Create Windows 10 installation media

>> Download tool now and Run

>> Upgrade this PC now (if it’s just one PC –  for another machine choose ‘Create installation media for another PC’ and save installation files) and follow the instructions.   >> After installation, you can see your digital license for Windows 10 by going to Settings Update & Security > Activation.

Windows Server

Windows Server 2008 and Windows Server 2008 R2 have also now reached their end-of-life which means no additional free security updates on-premises or non-security updates and free support options, and no online technical content updates.

Microsoft is advising that customers who use Windows Server 2008 or Windows Server 2008 R2 products and services should migrate to its Microsoft Azure.

About Azure

For Azure customers, the Windows Virtual Desktop means that there’s the option of an extra three years of extended support (of critical and important security updates) as part of that package, but there may be some costs incurred in migrating to the cloud service.

Buying Extended Security Updates

‘Extended Security Updates’ can be also purchased by customers with active Software Assurance for subscription licenses for 75% of the on-premises annual license cost, but this should only really be considered as a temporary measure to ease the transition to Windows 10, or if you’ve simply been caught out by the deadline.

Unsupported Devices – Banking & Sensitive Data Risk

One example of the possible risks of running Windows 7 after its ‘end-of-life’ date has been highlighted by the National Cyber Security Centre (NCSC), the public-facing part of GCHQ.  The NCSC has advised Windows 7 users to replace their unsupported devices as soon as possible and to move any sensitive data to a supported device.  Also, the NCSC has advised Windows 7 users to not use unsupported devices for tasks such as accessing bank and other sensitive accounts and to consider accessing email from a different device.

The NCSC has pointed out that cyber-criminals began targeting Windows XP immediately after extended support ended in 2015. It is likely, therefore, that the same thing could happen to Windows 7 users.

Businesses may wish to note that there have already been reports (in December) of attacks on Windows 7 machines in an attempt to exploit the EternalBlue vulnerability which was behind the serious WannaCry attacks.

Windows 7 History

Windows 7 was introduced in 2009 as an upgrade in the wake of the much-disliked Windows Vista.  Looking back, it was an unexpected success in many ways, and looking forward, if you’re one of the large percentage of Windows users still running Windows 7 (only 44% are running Windows 10), you may feel that you’ve been left with little choice but to move away from the devil you know to the not-so-big-bad Windows 10.

Success For Microsoft

Evolving from early codename versions such as “Blackcomb”, “Longhorn,” and then “Vienna” (in early 2006), what was finally named as Windows 7 in October 2008 proved to be an immediate success on its release in 2009.  The update-turned Operating System, which was worked upon by an estimated 1,000 developers clocked-up more than 100 million sales worldwide within the first 6 months of its release. Windows 7 was made available in 6 different editions, with the most popularly recognised being the Home Premium, Professional, and Ultimate editions.

Improvement

Windows 7 was considered to be a big improvement upon Windows Vista which, although achieving some impressive usage figures (still lower than XP though) came in for a lot of criticism for its high system requirements, longer boot time and compatibility problems with pre-Vista hardware and software.

Some of the key improvements that Windows 7 brought were the taskbar and a more intuitive feel, much-improved performance, and fewer annoying User Account Control popups. Some of the reasons for switching to Windows 7 back in 2009 were that it had been coded to support most pieces of software that ran on XP, it could automatically install device drivers, the Aero features provided a much better interface, it offered much better hardware support, the 64-bit version of Windows 7 could handle a bigger system memory, and the whole Operating System had a better look and feel.

Embracing the Positive

It may even be the case that in the process of worrying about the many complications and potential challenges of migrating to Windows 10 you haven’t allowed yourself to focus on the positive aspects of the OS such as a faster and more dynamic environment and support for important business software like Office 365 and Windows server 2016.

What To Do Now

The deadline to the end of support/end of life for Windows 7 has now passed and the key factor to remember is that Windows 7 (and your computers running Windows 7) is now exposed to any new risks that come along. If you have been considering some possible OS alternatives to Windows 10, these could bring their own challenges and risks and you may now have very limited time to think about them. Bearing in mind the targeting of Windows XP immediately at the end of its extended support (in 2015), we may reasonably expect similar targeting of Windows 7 which makes the decision to migrate more pressing.

For most businesses, the threat of no more support now means that continuing to run Windows 7 presents a real risk to the business e.g. from every new hacking and malware attack, and as the NCSC has highlighted, there is a potentially high risk in using devices running Windows 7 for anything involving sensitive data and banking.

If you choose to upgrade to Windows 10 on your existing computers, you will need to consider factors such as the age and specification of those computers, and there are likely to be costs involved in upgrading existing computers.  You may also be considering (depending on the size/nature of your business and your IT budget) the quick solution of buying new computers with Windows 10 installed, and in addition to the cost implications, you may also be wondering how and whether you can use any business existing systems or migrate any important existing data and programs to this platform.  The challenge now, however, is that time has officially run out in terms of security updates and support so, the time to make the big decisions has arrived.

Want A Walkie-Talkie? Now You Can Use Your Phone and MS Teams

Microsoft has announced that it is introducing a “push-to-talk experience” to its ‘Teams’ collaborative platform that turns employee or company-owned smartphones and tablets into walkie-talkies.

No Crosstalk or Eavesdropping

The new ‘Walkie Talkie’ feature will offer clear, instant and secure voice communication over the cloud.  This means that it will not be at risk from traditional analogue (unsecured network) walkie-talkie problems such as crosstalk or eavesdropping, and Microsoft says that because Walkie Talkie works over Wi-Fi or cellular data, it can also be used across geographic locations.

Teams Mobile App

The Walkie Talkie feature can be accessed in private preview in Teams in the first half of this year and will be available in the Teams mobile app.  Microsoft says that Walkie Talkie will also integrate with Samsung’s new Galaxy XCover Pro enterprise-ready smartphone for business.

Benefits

The main benefits of Walkie Talkie are making it easier for firstline workers to communicate and manage tasks as well as reducing the number of devices employees must carry and lowering IT costs.

One Better Than Slack

Walkie Talkie also gives Teams another advantage over its increasingly distant rival Slack, which doesn’t currently have its own Walkie Talkie-style feature, although things like spontaneous voice chat can be added to Slack with Switchboard.

Last month, Microsoft announced that its Teams product had reached the 20 million daily active users (and growing) mark, thereby sending Slack’s share price downwards.

Slack, which has 12 million users (a number which has increased by 2 million since January 2019) appears to be falling well into second place in terms of user numbers to Teams in the $3.5 billion chat-based collaborative working software market.  However, some tech commentators have noted that Slack has stickiness and strong user engagement and that its main challenge is that although large companies in the US use it and like it, they currently have a free version, so Slack will have to convince them to upgrade to the paid-for version if it wants to start catching up with Teams

Apple Watch Walkie-Talkie App

Apple Watch users (Series 1 or later with watch OS 5.3 or later, not in all countries though) have been able to use a ‘Walkie-Talkie’ app since October last year.

What Does This Mean For Your Business?

For businesses using Microsoft Teams, the new Walkie Talkie feature could be a cost-saving and convenient tool for firstline workers, and the fact that it integrates Samsung’s new Galaxy XCover Pro will give it even more value for businesses.

For Microsoft, the new Walkie Talkie feature, along with 7 other recently announced new tools for Teams focused firmly on communication and task management for firstline workers are more ways that Teams can gain a competitive advantage over rival Slack, and increase the value of Office 365 to valuable business customers.

Tech Tip – Tidy & Focused

If you’d like to quickly clean up a messy desktop in Windows 10, and if you’d like to stay focused by clearing away all open apps except for the one you’re working on, here’s how:

To hide desktop icons quickly:

– Press and hold (or right-click) the desktop.

– Select ‘View’ and ‘Show desktop icons’ – this will clear the desktop.

To get the desktop icons back, select ‘Show desktop icons’.

– To clear your workspace of all open apps except the one you’re working on:

– Select and hold the window you want to stay open.

– Give your mouse (or finger) a back-and-forth shake.

– All the other open apps will automatically minimise.

Featured Article – Email Security (Part 2)

Following on from last month’s featured article about email security (part 1), in part 2 we focus on many of the email security and threat predictions for this year and for the near, foreseeable future.

Looking Forward

In part 1 of this ‘Email Security’ snapshot, we looked at how most breaches involve email, the different types of email attacks, and how businesses can defend themselves against a variety of known email-based threats. Unfortunately, businesses and organisations now operate in an environment where cyber-attackers are using more sophisticated methods across multi-vectors and where threats are constantly evolving.

With this in mind, and with businesses seeking to be as secure as possible against the latest threats, here are some of the prevailing predictions based around email security for the coming year.

Ransomware Still a Danger

As highlighted by a recent Malwarebytes report, and a report by Forbes, the ransomware threat is by no means over and since showing an increase in the first quarter of 2019 of 195 per cent on the previous year’s figures it is still predicted to be a major threat in 2020. Tech and security commentators have noted that although ransomware attacks on consumers have declined by 33 per cent since last year, attacks against organisations have worsened.  In December, for example, a ransomware attack was reported to have taken a US Coast Guard (USCG) maritime base offline for more than 30 hours.

At the time of writing this article, it has been reported that following an attack discovered on New Year’s Day, hackers using ransomware are holding Travelex’s computers for ransom to such a degree that company staff have been forced to use pen and paper to record transactions!

Information Age, for example, predicts that softer targets (outdated software, inadequate cybersecurity resources, and a motivation to pay the ransom) such as the healthcare services will be targeted more in the coming year with ransomware that is carried by email.

Phishing

The already prevalent email phishing threat looks likely to continue and evolve this year with cybercriminals set to try new methods in addition to sending phishing emails e.g. using SMS and even spear phishing (highly targeted phishing) using deepfake videos to pose as company authority figures.

As mentioned in part 1 of the email security articles, big tech companies are responding to help combat phishing with new services e.g. the “campaign views” tool in Office 365 and Google’s advanced security settings for G Suite administrators.

BEC & VEC

Whereas Business Email Compromise (BEC) attacks have been successful at using email fraud combined with social engineering to bait one staff member at-a-time to extract money from a targeted organisation, security experts say that this kind of attack is morphing into a much wider threat of ‘VEC’ (Vendor Email Compromise). This is a larger and more sophisticated version which, using email as a key component, seeks to leverage organisations against their own suppliers.

Remote Access Trojans

Remote Access Trojans (RATs) are malicious programs that can arrive as email attachments.  RATs provide cybercriminals with a back door for administrative control over the target computer, and they can be adapted to help them to avoid detection and to carry out a number of different malicious activities including disabling anti-malware solutions and enabling man-in-the-middle attacks.  Security experts predict that more sophisticated versions of these malware programs will be coming our way via email this year.

The AI Threat

Many technology and security experts agree that AI is likely to be used in cyberattacks in the near future and its ability to learn and to keep trying to reach its target e.g. in the form of malware, make it a formidable threat. Email is the most likely means by which malware can reach and attack networks and systems, so there has never been a better time to step up email security, train and educate staff about malicious email threats, how to spot them and how to deal with them. The addition of AI to the mix may make it more difficult for malicious emails to be spotted.

The good news for businesses, however, is that AI and machine learning is already used in some anti-virus software e.g. Avast, and this trend of using AI in security solutions to counter AI security threats is a trend that is likely to continue.

One Vision of the Email Security Future

The evolving nature of email threats means that businesses and organisations may need to look at their email security differently in the future.

One example of an envisaged approach to email security comes from Mimecast’s CEO Peter Bauer.  He suggests that in order to truly eliminate the threats that can abuse the trust in their brands “out in the wild” companies need to “move from perimeter to pervasive email security.  This will mean focusing on the threats:

– To the Perimeter (which he calls Zone1).  This involves protecting users’ email and data from spam and viruses, malware and impersonation attempts, data leaks – in fact, protecting the whole customer, partner and vendor ecosystem.

– From inside the perimeter (Zone 2).  This involves being prepared to be able to effectively tackle internal threats like compromised user accounts, lateral movement from credential harvesting links, social engineering, and employee error threats.

– From beyond the perimeter (Zone 3).  These could be threats to brands and domains from spoofed or hijacked sites that could be used to defraud customers and partners.

As well as recognising and looking to deal with threats in these 3 zones, Bauer also suggests an API-led approach to help deliver pervasive security throughout all zones.  This could involve businesses monitoring and observing email attacks with e.g. SOARs, SIEMs, endpoints, firewalls and broader threat intelligence platforms, feeding this information and intelligence to security teams to help keep email security as up to date and as tight as possible.

Into 2020 and Beyond

Looking ahead to email security in 2020 and beyond, companies will be facing plenty more of the same threats (phishing, ransomware, RATs) which rely on email combined with human error and social engineering to find their way into company systems and networks. Tech companies are responding with updated anti-phishing and other solutions.

SME’s (rather than just bigger companies) are also likely to find themselves being targeted with more attacks involving email, and companies will need to, at the very least, make sure they have the basic automated, tech and human elements in place (training, education, policies and procedures) to help provide adequate protection (see the end of part 1 for a list of email security suggestions).

The threat of AI-powered attacks, however, is causing some concern and the race is on to make sure that AI-powered protection is up to the level of any AI-powered attacks.

Taking a leaf out of companies like Mimecast’s book, and looking at email security in much wider scope and context (outside the perimeter, inside the perimeter, and beyond) may bring a more comprehensive kind of email security that can keep up with the many threats that are now arriving across a much wider attack surface.

Glimpse of the Future of Tech at CES Expo Show

This week, at the giant CES expo in Las Vegas, the latest technology from around the world is on display, and here are just a few of the glimpses into the future that are being demonstrated there, with regards to business-tech.

Cyberlink FaceMe®

Leading facial recognition company Cyberlink will be demonstrating the power of its highly accurate FaceMe® AI engine. The FaceMe® system, which Cyberlink claims has an accuracy rate (TAR, True Acceptance Rate) of 99.5% at 10-4 FAR, is so advanced that it can recognise the age, gender and even the emotional state of passers-by and can use this information to display appropriate adverts.

D-ID

In a world where facial recognition technology is becoming more prevalent, D-ID recognise the need to protect the sensitive biometric data that makes up our faces. On display at CES expo is D-ID’s anti facial recognition solution which uses an algorithm, advanced image processing and deep learning techniques to re-synthesise any given photo to a protected version so that photos are unrecognisable to face recognition algorithms, but humans will not notice any difference.

Hour One

Another interesting contribution to the Las Vegas CES expo is Hour One’s AI-powered system for creating premium quality synthetic characters based on real-life people. The idea is that these very realistic characters can be used to promote products without companies having to hire expensive stars and actors and that companies using Hour One can save time and money and get a close match to their brief due to the capabilities, scale/cope and fast turnaround that Hour One offers.

Mirriad

Also adding to the intriguing and engaging tech innovations at the expo, albeit at private meetings there, is Mirriad’s AI-powered solution for analysing videos, TV programmes and movies for brand/product insertion opportunities and enabling retrospective brand placements in the visual content. For example, different adverts can be inserted in roadside billboards and bus stop advertising boards that are shown in pre-shot videos and films.

What Does This Mean For Your Business?

AI is clearly emerging as an engine that’s driving change and creating a wide range of opportunities for business marketing as well as for security purposes. The realism and accuracy, flexibility, scope, scale, and potential cost savings that AI offers could provide many beneficial business opportunities. The flipside for us as individuals and consumers is that, for example, as biometric systems (such as facial recognition) offers us some convenience and protection from cyber-crime, they can also threaten our privacy and security. It is ironic and probably inevitable, therefore, that we may need and value AI-powered protection solutions such as D-ID to protect us.

AI Better at Breast Cancer Detection Than Doctors

Researchers at Good Health have created an AI program which, in tests, has proven to be more accurate at detecting and diagnosing breast cancer than expert human radiologists.

Trained

The AI software, which was developed by Good Health researchers in conjunction DeepMind, Cancer Research UK Imperial Centre, Northwestern University and Royal Surrey County Hospital was ‘trained’ to detect the presence of breast cancer using X-ray images (from mammograms) from nearly 29,000 women.

Results

In the UK tests, compared to one radiologist, the AI program delivered a reduction of 1.2% in false positives, when a mammogram was incorrectly diagnosed as abnormal, and a reduction of 2.7% in false negatives, where the cancer was missed. These positive results were even greater for the US tests.

In another separate test, which used the program trained only on UK data then tested it against US data (to determine its wider effectiveness), there was a very respectable 3.5% reduction in false positives and 8.1% reduction in false negatives.

In short, these results appear to show that the AI program, which outperformed six radiologists in the reading of mammograms and only had mammograms to go on (human radiologists also have access to medical history) is better at spotting cancer than a single doctor, and equally as good as spotting cancer as the current double-reading system of two doctors.

Promising

Even though these initial test results have received a lot of publicity and appear to be very positive, bearing in mind the seriousness of the condition, AI-based systems of this kind still have some way to go before more research, clinical studies and regulatory approval brings them into the mainstream of healthcare services.

What Does This Mean For Your Business?

This faster and more accurate way of spotting and diagnosing breast cancer by harnessing the power of AI could bring many benefits. These include reducing stress for patients by shortening diagnosis time, easing the workload pressure on already stretched radiologists, and going some way towards helping bridge the UK’s current shortage of radiologists who need to be trained to read mammograms (which normally takes more than 10 years training). All this could mean greater early diagnosis and survival rates.

For businesses, this serves as an example of how AI can be trained and used to study some of the most complex pieces of information and produce results that can be more accurate, faster, and cheaper than humans doing the same job, remembering that, of course, AI programs work 24/7 without a day off.

Tech Tip – Format Painter

If you’re preparing a Word document in Windows 10 and you like the look of the formatting in one section and you’d like a quick and easy way to apply the same formatting to other sections, try using ‘Format Painter’.

You can find Format Painter on the top left of the screen – a paintbrush symbol. To use it :

– Highlight a paragraph in your document which has the formatting you like.

– Click on the Format Painter symbol.

– Click in the document next to the section you’d like to change to that formatting (you’ll see the paintbrush symbol appear) and highlight the new section.

– The formatting you like will automatically be applied.

Email Security (Part 1)

In this week’s featured article, which is the first of two parts on what is a huge subject for businesses to tackle, we take a look at some of the important issues of email security and how businesses can try to strengthen this crucial area of their cyber-defences.

Most Breaches Involve Email

Over 90 per cent of breaches now involve email, and Proofpoint’s Annual Human Factor Report figures, for example, show that social engineering is strongly favoured as a way in by cybercriminals. 99 per cent of these email attacks rely on victims clicking links.

Statistics like these reveal some of the key challenges that businesses and organisations face on a daily basis, such as how to defend effectively against the whole range of email attacks, how to spot and eliminate threats as they arrive, and how to ensure that staff are aware of email threats and know what to do when faced with suspicious emails and links.

Types of Email-Based Attacks

There is a vast array of attacks launched through email systems (often relying on social engineering) including targeted phishing schemes, business email compromises, and ransomware attacks.

– Ransomware is still a popular attack and extortion method, and Trend Micro reported a 77 per cent surge in malware attacks during the first half of 2019.

– Phishing is a cheap, easy and highly effective method for criminals to gain access to company systems, steal important data and money, and create a cornerstone of all kinds of other hacking campaigns. Just some of the high profile examples from the news this year include fake voicemail messages being used to lure victims into entering their Office 365 email credentials into a phishing page, Thomas Cook customers being targeted by phishing attacks in the wake of the travel company going into receivership, and news of Lancaster University being hit by a large, sophisticated phishing attack aimed at grabbing the details of new student applicants.

Verizon’s 2019 Data Breach Investigations Report showed that 32 per cent of data breaches involve phishing. Phishing threats to businesses are also evolving and becoming more sophisticated all the time. For example, PhishLabs recently discovered a tactic whereby attackers used a malicious Microsoft Office 365 app to gain access to a victim’s account without the need for the account holder to give up their credentials to the attackers – worrying!

The National Cyber Security Centre offers advice on how to protect your business/organisation from phishing attacks here: https://www.ncsc.gov.uk/guidance/phishing.

There are also a number of phishing test sites available online so that you (or staff members) can see if you’re able to spot a phishing email.

– Malware attachments to emails. There are a now staggering amount of malware types that businesses and organisations have to protect themselves against. For example, over 800 million different types were encountered in 2018, and some commentators are predicting that variants will reach over 1 billion by 2020!

A Number of Sources

Email-based attacks aren’t simply targeted just at your email system in a straightforward way but could come from sources such as supplier email systems that have been compromised or they could use details stolen from breaches elsewhere as part of the campaign.

Protecting Your Business Against Email Threats

There are many ways that you can try to protect your email system from email attacks and try to minimise the risk of human error that is so important in social engineering attacks. These include:

Help From the Big tech Companies :

Microsoft

Microsoft offers a number of ways that businesses and organisations can help keep their email secure, such as:

– Outlook’s Junk Email Filter, and the Report Message add-in for Outlook.

– Office 365’s Advanced Threat Protection (ATP) plans which offer a variety of leading-edge tools to investigate, understand, simulate, and prevent threats.

– Secure Score for Office 365 – a way to measure and get suggestions about how to protect your business from threats, all through a centralised dashboard.

– The “campaign views” tool in Office 365 that is designed to offer greater protection from phishing attacks by enabling businesses to be able to spot the pattern of a phishing campaign over individual messages.

More information: The Microsoft blog here gives 6 email security best practices to protect against phishing attacks and business email compromise: https://www.microsoft.com/security/blog/2019/10/16/top-6-email-security-best-practices-to-protect-against-phishing-attacks-and-business-email-compromise/

Google

Google also offers a number of tools and suggestions, including:

– Advanced security settings for G Suite administrators to protect against phishing and malware (find out more here: https://support.google.com/a/answer/9157861?hl=en).

– Offering steps to identify compromised accounts (see https://support.google.com/a/answer/2984349?hl=en&ref_topic=2683865).

– Advice on Firewall settings.

You may, of course, already be using another email protection system.

Other Advice

Advice about ways in which you can protect your company now from email-based attack such as phishing and malware attacks is widely available, and in addition to the measures already covered (e.g. using Microsoft security tools), some basic measures that companies take include:

– Always keeping anti-virus and patching up to date.

– Staff education and training e.g. how to spot suspicious emails and what to do/what not to do e.g. not to click on links from unknown sources.

– Disabling HTML emails if possible (text-only emails can’t launch malware directly).

– Encrypting sensitive data and communications as an added layer of protection.

– Getting into the routine of checking your bank account’s activity for suspicious charges.

– Making sure important and sensitive company data is backed up and including business email compromise (BEC) in business continuity planning and disaster recovery planning.

– Preventing email archives from being publicly exposed e.g. by making sure that archive storage drives are configured correctly.

– Monitoring for any exposed credentials (particularly those of finance department emails).

– Using two-Factor Authentication (2FA) where possible, and enterprise users may wish to block .html and .htm attachments at the email gateway level so that they don’t reach members of staff, some of whom may not be up to speed with their Internet security knowledge.

– Not using the same password for multiple platforms and websites (password sharing). This is because credentials stolen in one breach are likely to be tried on many other websites by other cybercriminals (credential stuffing) who have purchased/acquired them e.g. on the dark web.

Looking Forward and Getting Prepared

In today’s environment, attackers can adapt their campaigns and methods so quickly, and use methods that can evade the more common protection solutions (‘polymorphic’ attacks) that businesses and organisations find themselves in a position whereby known signature and reputation-based checks aren’t enough, and that they need to be able to get a fuller picture and find solutions that can focus effectively on zero-day and targeted attacks in addition to known vectors. Looking forward, there is also the future threat of AI machine-learning software being able to possibly generate phishing URLs that can beat popular security tools, and of the threats posed (further in the future) buy the possible use of quantum computers in cyberattacks, and these are subjects that we will look briefly in part 2 of our look at email security. For now, stay safe.

New Phishing Tracker For Office 365

Microsoft is launching a new “campaign views” tool in Office 365 that is designed to offer greater protection from phishing attacks by enabling businesses to be able to spot the pattern of a phishing campaign over individual messages.

Context and Visibility

Microsoft is in a good position to leverage the large amount of anti-phishing, anti-spam, and anti-malware data and experience that it has across the entire Office 365 service world-wide to identify campaigns. It is this information that feeds into the campaign views tool.
The idea is that the extra context and visibility that campaign views provides gives the full story of how an organisation has been targeted. This additional dimension of defence means that an organisation and its users can see if/how defences have held up against popular attacks, and adjust its own defences accordingly, based on these insights.

What It Shows

The kind of information that the ‘campaign views’ tool can reveal to security teams includes:

  • A summary of a phishing campaign i.e. when it started, it’s pattern and timeline, the size and spread of the campaign, and how many known victims there has been (and see if users have clicked on the phishing link).
  • A list of IP addresses and senders associated with the attack, plus a list of all the URLs that were used in the attack.
  • A look at which messages were blocked, delivered to junk or quarantine, or allowed to get through to the inbox.

Today’s Attacks ‘Morph’ To Get Around Defences

Today’s email attacks are often the sophisticated output of factory-like cybercrime operations where new templates and variances can be rapidly created, generated, and scaled-up in a way that is designed to offer the best chance of maximising financial gain while evading detection and capture.

For example, in a single campaign, the attackers can make multiple changes and variants (morphs) e.g. changes in the sending infrastructure, the sending IPs and sending domains, sender names and addresses, URLs, and the hosting infrastructure for their attack sites. These morphs can, therefore, enable attackers to get around popular defence tactics such as blocking known bad URLs, sending IP address, or sending domains.

Value

Microsoft says that the extra context and visibility that ‘campaign views’ gives security teams means that they can be more effective and efficient. For example, once armed with the information that ‘campaign views’ provides, security teams can be better at remediating compromised/vulnerable users, improving the general security posture (by removing configuration flaws), investigating related/similar campaigns, and hunting and tracking any threats that have the same indicators of compromise.

What Does This Mean For Your Business?

Email is one of the main ways that cybercriminals can gain access to company systems and phishing campaigns are an all-too-common way to dupe businesses into clicking on links in often convincing-looking pages, thereby releasing the malware that causes so much damage, or imparting password and financial information. ‘Campaign views’ appears to be another potentially valuable tool in the cyber defences of businesses with its main strong point being that it gives a much fuller picture of real-world attacks. This additional context and data can help businesses to become much better prepared and more proactive in finding and closing the door on rapidly evolving email security threats.

Real-time Phishing Protection Now Available in Chrome

Google has announced real-time phishing protection with the help of improvements to ‘Safe Browsing’ which allow Chrome to check each new site you visit against a safe list stored on your computer and with Google so that Chrome can issue an instant warning if the site is thought to be suspicious or malicious.

Phishing Problem

As well as being sent to phishing pages via links in phishing emails, phishing links are also inserted into malicious advertisements and even direct messages on chat apps.

Also, even though Google’s existing ‘Safe Browsing’ feature adds thousands of new unsafe sites and to the blocklists of the web industry and Chrome already checks the URL of each site you visit/file you download against a local list which is updated every 30 minutes, Google has noted that some phishing sites are even able to slip through the 30-minute refresh window by switching domains quickly or by hiding from Google’s crawlers.

The multiple phishing threats coupled with the ability of some sites to side-step even a 30-minute time window are what have prompted Google to move into real-time phishing checks through Chrome.

Real-Time

Google’s new, improved protections via Chrome allow the inspection of the URLs of pages visited with Safe Browsing’s servers in real-time (local safe site list check + checks with Google) in order to be able to give users an instant warning that they may be on a malicious page as well as a prompt to change their password.

Google says that this real-time warning system on sites that are brand new can deliver a 30% increase in protections.

Password Issues

The issues of using weak passwords, password sharing, and the stealing of passwords through phishing are all-too-familiar threats. With this in mind, Google launched predictive phishing protections which can warn users who are syncing history in Chrome when they enter their Google Account password into suspected phishing sites. Google has now also expanded this protection to cover everyone signed in to Chrome (whether or not Sync is enabled) and the feature will also work for all the passwords stored in Chrome’s password manager.

This updated security feature now means that if you type one of your protected passwords (from Chrome’s password manager, or the Google Account password you used to sign in to Chrome) into an unusual site, Chrome will classify this as a potentially dangerous event.

What Does This Mean For Your Business?

Offering real-time phishing protection checks is one way to help Chrome users stay a step ahead of cybercriminals who have shown that they could even adapt their campaigns quickly enough to get past a sophisticated system that updates its security information every 30 minutes. This has to be good news for business and domestic users alike, and the flashing up of instant warnings on visiting new sites looks as though it could reduce the numbers of those who fall victim to phishing attacks as well as constantly reminding Chrome users of the risks that are ever-present on the Internet today and of how easy it would be to fall victim to ever-more convincing and sophisticated phishing attempts.