All posts by Gary Johnston

I was born in Crawley, West Sussex. I am Married to Naomi. I Was employed for 10 years installing Business Telephony systems by BT. At First Choice Holidays I was employed to assist with Voice and Data nextworks and as part of my role travelled widely through Europe setting up IT infrastructure for resort offices. After leaving First Choice I have had various consultancy roles at Merryl Lynch & Telewest before setting up a business partnership CTSC. For the Last 2 years I have been a Director of Tamite IT Ltd. Interests include walking long distance trails. Running with my local running club and competing in distances up to the 1/2 Marathon. Reading and Cooking.

The UK Online Safety Act starts to make itself felt.

The Online Safety Act (OSA) was passed in October 2023 as a bill that effectively aims to make the Internet safe for all of us, especially our children. Ofcom, which has been handed the job of implementing the Act, now has the unenviable task of laying down the ground rules that will put it into effect.

One of the first areas is the rules intended to protect children and young people under the age of 18. These guidelines aim to clarify the new responsibilities and technical compliance that service providers must adhere to to comply.

The children’s safety codes published by Ofcom on 8 April 2024 set out around 40 measures designed to guide social media firms and other service providers to comply with their new legal obligations.

Ofcom to be given teeth to go with new offences

online safety bill

Measures currently under consultation and will come into force once approved by parliament. If companies fail to comply with the new rules, Ofcom have powers to enforce: fines of up to £18 million, or 10% of the company’s annual global turnover, whichever is greater criminal action against companies and/or senior managers who fail to comply with requirements or fail to follow requests from Ofcom business disruption measures, including preventing companies from being accessed or generating income in the UK.

Technology Secretary Michelle Donelan said (The Online Safety Act) “ensures the online safety of British society not only now, but for decades to come.”

https://www.computerweekly.com/news/366583794/Ofcom-publishes-draft-online-child-safety-rules-for-tech-firms

Ongoing Concerns Regarding the Online Safety Bill

Predictably, Social Media companies agree that “something must be done,” though they are not happy with the thought that they will have to do it and that it will affect their bottom line. Online safety is a key objective of the Online Safety Bill, which aims to create a safer life online by regulating harmful and illegal content.

Most people who see the tech company’s profits will probably not be sympathetic.

Tech giants make enormous profits from supplying media and messaging services that result in significant dangers and issues for society in general and, more specifically, their audience. Social media companies, in particular, must understand that internet safety and operating responsibly come with a cost and pay the bill.

Big Tech firms and social media companies are concerned about the implications of tighter regulations.

online safety bill, social media, safety bill

Inevitably, the OSA has caused concern among tech companies defaulting to its too complicated or using the freedom of expression argument to thwart any attempt to regulate their operations. Predictably, many online media companies are kicking back, lobbying, and raising objections to the measures.

The Privacy campaigners at Open Rights Group (ORG) who presumably don’t own cars or buy alcohol, claim that “the implementation of age assurance systems – including photo-ID matching, facial age estimation, and reusable digital identity services – to restrict children’s access could inadvertently curtail individuals’ freedom of expression while simultaneously exposing them to heightened cyber security risks”.

We believe that enforcing age limits through these systems is crucial

Regulated services are vital to protect children from harmful and illegal content and online abuse, aligning with the goals of the Online Safety Act.

Freedom of speech campaigners assert that this is a step too far. “Adults will be faced with a choice: limit their freedom of expression by not accessing content or expose themselves to increased security risks arising from data breaches and phishing sites,” said ORG executive director Jim Killock.

Well, Jim, that is called being an adult.

We adults face choices every day, and some of those choices involve modifying or curtailing our activities to protect our children.

In addition, if you presumably trust these “free” online platforms to provide you services and information, part of that deal is giving them information about yourself that lets them target you with news and advertising.

Supporters of the bill would say this highlights the importance of providing registered adult users with tools to navigate online spaces safely, emphasising the need for tech companies to conduct risk assessments to mitigate these online risks.

We need to trust Social Media companies, and they need to earn trust.

So yes, you, as an adult, will need to trust these platforms with additional information to enable them to implement systems to safeguard children. As a result, the platforms will need to take greater care of your data, and if you don’t trust them to keep that information safe, you can choose not to use their services.

Some overseas providers may block access to their platforms from the UK

Another objection is that “Some overseas providers may block access to their platforms from the UK rather than comply with these stringent measures”.

These presumably are the same overseas providers that profit from access to the UK market but choose to pay their tax overseas. This sounds like an empty threat, but it’s a win-win if more responsible providers replace them.

Tellingly, the arguments against the OSA’s provisions focus on educating children to self-censor and avoid using technology to filter the results.

The Online Safety Act serves as the legislative framework guiding these discussions, emphasising the role of the online safety regulator, Ofcom, in enforcing the bill and ensuring companies comply with its provisions to combat illegal content, including child sexual abuse and illegal drugs.

The Open Rights Group claim that despite OSA, “Risks to children will continue with these new rules. Regulators must shift their approach to one that empowers children to understand the risks they may face, especially where young people may look for content, whether it is meant to be available to them or not.”

This attitude from Groups such as Open Rights ignores the fact that, at a minimum, the regulation will reduce the risk of harm to children from content that is currently all too accessible; each child that is exposed to images relating to self-harm or other harmful content or other age-inappropriate content is a victim of a system that is failing them and that a reduction equates to a real number of actual children saved from harm.

When you look at the argument this way, it underscores the necessity of the safety bill to regulate content promoting self-harm, among other harmful online behaviours, aiming to keep young people safe online.

The approach backed by the ORG inevitably puts the costs of dealing with the fallout from tech companies’ commercial activities back on governments and societies. Presumably, empowering children through education means making children responsible for the content they consume.

Education is important but existing technologies and Artificial Intelligence can help suppliers meet their obligations under the new rules

The problems caused by the companies that dominate content on the Internet are technical but the solution must in part be regulation.

Organisations like banks, the media, and other industries that profit from society expect to be regulated where their services may cause harm. The Internet giants are no different, and they must expect to bear the financial burden.

Robin Tombs, CEO of biometrics firm Yoti, argued while there is “no one silver bullet when it comes to child safety”, the influential age-checking tech will be an essential part of protecting children from accessing harmful content online.

What is the Online Safety Act, and how can you keep children safe online?

Ofcom move to protect young people from harmful online content

Ofcom has notified social media providers that they face being named, shamed, and even banned from providing service to under-18s if they don’t comply with new online safety rules in the Online Safety Act (according to this BBC article).

Social algorithms must change to protect children – Ofcom – BBC News

As a parent, I’m very interested in regulating social media giants. Young people are understandably drawn to content. Mine constantly search stuff about hair care and, bizarrely, over-the-hill football icon Ronaldo.

Apparently, the Ronaldo vs Messi GOAT argument is still being argued in school playgrounds.

National online safety for kids

social media, connection, icons, young people, older children, potential risks, advice, resources

Young people lack a sense of “why this stuff” is being served up to me, a problem I honestly can’t relate to as the Internet wasn’t a thing when I was a kid, and CBBC and Teletext were hardly a challenging technology environment.

So I’m very much pro-regulation of the Internet, especially where children are concerned; even the “Wild West” finally got regulation, but not before a lot of people ended up shot.

Make online safety a priority.

Making sure your children are safe online can’t be left to regulation; children hopefully receive online safety training at schools. Parents should take the opportunity to sit with their children to discuss online bullying and fake news and expand on the online safety they learnt at school; make it part of a daily conversation, and you will learn as well.

Childnet created the digital leaders programme for schools. They give practical guidance, resources, materials and key online safety topics. https://www.childnet.com/parents-and-carers/have-a-conversation/

Contact Us

What online safety parental controls are available?

filter pornographic content, protecting young people online,

Don’t forget there are things you can do for yourself to keep your children safe online; on computers, set up separate profiles for you (the parents) and each of your family, which can support age-specific limitations.

Protecting phones and tablets is slightly more problematic, but remember that you can, with a little effort, make these safer environments and protect young people and adults by using the security settings provided by your Internet service provider.

This guide from the UK Safer Internet Centre covers some leading UK providers.

https://saferinternet.org.uk/guide-and-resource/parental-controls-offered-by-your-home-internet-provider

Don’t neglect your antivirus software’s ability to protect your online world. Products like Eset Home Security offer parental control.

Online safety advice

young people and website security, children online security, internet a safe place

In future blogs, I will cover how to set secure age-specific profiles for kids of different ages on PCs and software you can use to create your own safer Internet environment for you and the kids.

Next week, I will publish a list of the most responsible Internet providers and the tools they provide to protect you and your children and keep you safe online.

The Online Safety Act 2023 is a UK law regulating the duties of care of providers of online services, such as user-to-user and search services. Its purpose is to protect users, especially children, from illegal, harmful, and fraudulent advertising.

Here are some key points about the Online Safety Act and tips on keeping children safe online:

We as parents need to be conversant with the new rules.

What are the new rules for technology companies?

Providers’ Duties of Care:

The Act places duties of care on providers of user-to-user services (such as social media platforms) and search services (like search engines).

Providers must assess and manage risks related to illegal and harmful content and children’s access to their services.

Illegal Content Risk Assessment:

Providers must assess the risk of illegal and harmful content on their platforms.

They are responsible for promptly removing or restricting access to illegal and explicit content.

Children’s Safety:

Providers must consider children’s risks when designing their services.

They should take measures to protect children from harmful content and ensure age-appropriate experiences.

User Empowerment:

Providers must empower users to manage their online experience.

This includes features like reporting content and setting preferences.

Codes of Practice:

The Act allows for creating codes of practice to guide providers in fulfilling their duties.

These codes cover principles, objectives, and specific content protection measures.

New Criminal Offences:

The Act introduces new criminal offences related to online safety.

It grants powers to the regulator (Ofcom) to enforce the framework.

Tips for Keeping young people Safe Online:

Set a good example

Open Communication:

Regularly talk to your child about online safety.

Encourage them to share any concerns or experiences they encounter online.

Parental Controls and Filtering:

Set up parental controls on devices and apps to limit access to age-appropriate content.

Use home filtering tools to create a safe online environment.

Educate Your Child: Online safety

Teach your child about privacy settings, safe behaviour, and recognizing red flags.

Discuss the importance of keeping login details and passwords secure.

Supervise Online Activities:

Monitor your child’s online activities, especially for younger children.

Check their profiles and posts periodically.

Safer Internet Day 2024 & information sources for parents

Safer Internet Day is a global annual event focusing on online safety and well-being for children and young people. In the UK, it took place on Tuesday, February 6, 2024

The Internet Watch Foundation (IWF) is a UK-based charity focused on eliminating online child sexual abuse imagery and content. https://www.iwf.org.uk/

Trust – advice on your child’s first phone -NSPCC

Computer support, IT advice,

Working for a safer internet for children and parents.

Tamite is committed to protecting our online lives. We provide advice, support, training resources, teaching resources, and cyber security products that are just as valid for home users as business users.

Tamite Apple Mac support Sussex believe FBI v Apple court case may open Pandora’s Box

Governments around the world struggle to come to terms with the issues surrounding the security of data.

We try to keep you informed about Apple Mac related stories Sohail Yousaf who provides Apple Mac support Sussex for Tamite has been following this story for us.

The Apple v FBI case currently being played out in US courts is the culmination of a long running row that has been brewing between intelligence agencies and the technology industry.

Governments or rather intelligence agencies have been long-time critics of the growing availability of encryption, a technology which is being increasingly used to make data secure on networks and devices and only available to authorised users and intended recipients.

Encryption is an old technology literally thousands of years old, Caesar wasn’t just responsible for creating salad dressings he also had his own cypher.

Sohail of Tamite Apple Mac support Sussex comments that with the advent of computing and the development of more complicated algorithms has resulted in encryption that to all intents and purposes is unbreakable. Yes of course all encryption is in theory breakable, but when the time taken to break it is greater than the average lifetime then it becomes a pointless exercise.

As an expert in IT security and a specialist in Apple Mac support Sussex Sohail points to the fact our own GCHQ have been stressing over the fact that the encryption gives any self-respecting terrorist the ability to communicate securely with a minimal chance of the content of the message being read by hostile agencies.

On a more positive note they are probably finding it quite difficult to snoop on the rest of us.

So what is to be done, well the authorities would like to have back doors built in to the security so that they can access the information that encryption increasingly denies them.

The industry argues that by providing backdoors for government agencies, will be counter-productive, criminals and terrorists will just refrain from using systems that they know will be compromised. By building in vulnerability the same back doors are available to potential hackers, building in vulnerabilities goes against the grain for companies that have spent time and money on trying to eradicate vulnerabilities to make their products more secure for the end user.

Because of the issues surrounding Cybercrime customers are becoming increasingly aware of the volumes of data our every-day devices store, the companies behind those devices have responded to those concerns by adding layers of security to the devices.

Tamite Apple Mac support Sussex comment on the Apple vs FBI case
The Apple vs FBI case

The FBI and Apple are fighting a public battle in US courts that may have long term ramifications for the IT Security industry.

The FBI want Apple to assist it in removing a security barrier on the iPhone of Syed Farook, one of the people responsible for killing 14 people in San Bernardino last year.

The fact that Farook’s iPhone may hold vital evidence led to the legal cases between Apple and the FBI in America, the FBI believe that Farook’s IPhone may hold vital clues to the case but are unable to access it without Apples assistance, Apple and the majority of the technology industry who are watching developments anxiously feel that by unlocking Farook’s iPhone they may just open a Pandora’s box.

Sohail of Tamite Apple Mac support Sussex concludes that It is easy to see how the situation could easily repeat in the UK, the British Government’s Draft Communications Data Bill (AKA the snoopers charter) shows the anxiety of UK Intelligence Agencies when faced with the new digital reality.

To access the iPhone, the FBI have asked Apple to effectively hack their own device, as since iOS 8, Apple has included device-specific encryption methods but claims the FBI would get around this by rolling back to a previous operating system.

Apple – and other Silicon Valley firms – believe that setting such a precedent would harm American citizens and by extension the rest of us, and is fighting the case in a California court and Congress.

Meanwhile, the judge overseeing the court battle between the two organisations has heard that criminals have been switching to the newer iPhone models as their “device of choice” to commit offences thanks to the tough encryption present in each handset.

Of course the cynical amongst us might point out that Apple are in something of a win win situation here. Win or lose Apple have demonstrated that their devices are taking data security seriously and that they are willing to stand up to governments to protect the integrity of their products.

West Sussex Apple Mac specialist says Safari Crashes due to bug

West Sussex Apple Mac specialist asks has your Apple Mac, IPhone or IPad been acting as if it were possessed

Well join the club, according to West Sussex Apple Mac specialist Sohail “the problem you have been experiencing was due to an update issue on 26th January and was responsible for introducing a bug that caused Safari to crash when Mac and iPhone / iPad owners attempted to search within the address bar; The issue lasted for several hours”.
According to Apple “only people whose Safari suggestions data storage updated during early AM hours” were affected.

The bizarre bug caused the hugely-popular iOS web browser to CRASH whenever a user tried to enter a new search or URL into the address bar.

Apple say the issue only affected iOS and OS X users whose Safari Suggestions data was updated late on the 26th January, Greenwich Mean Time.

Apple has now rolled out a fix for the glitch, but some users could still be experiencing the infuriating bug.

“Apple now believes it has resolved a bug with its Safari browser on both OS X and iPhone that caused the web browser to crash for users around the world”.

If you are still experiencing issues we suggest

Apple Clear history image
Clearing your history may help

 

West Sussex Apple Mac specialist Sohail suggests; “If you’re still having trouble, your iPhone or iPad almost certainly still has the problematic data cached

Clearing the cache should solve the issues for good. To do that, head to Settings > Safari then tap Clear History and Website Data”.

“This will wipe the web history from any devices signed into your iCloud account, so don’t panic if your MacBook also loses any record of your browsing”.

The latest update from Apple has now resolved the issue, which made Safari on iOS unusable so finally check your IOS version is the most recent version iOS 9.2.1

Reached through Settings>General>Software Update

Tamite IT provide support for both Windows PCs & Servers and are specialists in Apple Mac support

 

 

TalkTalk Data-breach

Talking the TalkTalk – The TalkTalk Data-breach

The databreach at Telecoms provider TalkTalk has brought into sharp focus the havoc that can be created and the fallout brands experience as a result of a data breach. Especially if as is the case with TalkTalk and parent company Carphone warehouse you are serial offenders.

At the time of writing as a result of the TalkTalk data-breach more than 10% has been wiped off of the groups share price representing some £360 Millions in value.

Tamite Secure IT believe the time has come for companies of all sizes to look at their individual risk and commit to spending on security commensurate with the risk. If you are in the Telecoms industry with lists of customers that include banking details you must realise you are high up on the Cyber criminals list of high value victims.

Between them Carphone Warehouse and TalkTalk have been victims three times this year and in Talk Talks case it really could be three strikes and you are out.

carphonewarehouse TalkTalk2

 

 

 

 

Dido’s Stuttering Performance on TalkTalk Data-breach

Dido Harding Talk Talks Chief Executive is taking lots of flack and rightly so, but the Chief Executive has been either incorrectly briefed or she has been incapable of accurately presenting the situation around the TalkTalk data-breach, maybe she thought nobody understands IT anyway, as some of her statements have been well off the mark; so in case you are reading this Dido.

For your information, the TalkTalk data-breach was not the result of a DDoS attack, data is not leaked as a result of DDoS attacks in fact almost the opposite, your servers are so overwhelmed by incoming requests they are incapable of supplying the data they are supposed to, serving up “webpages”, let alone divulging the contents of the company database.

When you said sequential attack I think you probably meant SQL Injection attack. The second most common database exploit on the net, and you really should have had that one covered.

The fact that a fifteen year old from Ireland has been detained as part of the investigation seems to add weight to the growing feeling that TalkTalk have not been as diligent as they should have been when it comes to protecting customer information.

The possibility that a fifteen year old could have orchestrated the DDoS attack and carried out the SQLi attack is not beyond the realms of probability. DDoS tools can be readily accessed and attacks need surprisingly few resources.

SQLi hardly qualifies as a zero day threat and the information on how to go about it is out there.

Bearing in mind Dido Hardings recent pronouncements that TalkTalk are head and shoulders ahead of their competitors when it comes to Cyber Security we can only fear for the rest of the industry.

Reaction to the TalkTalk Data-Breach

Since the breach TalkTalk’s website has displayed a list of data that is thought to have been released.

talktalk

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

On the plus side TalkTalk put their hands up early and made statements to the effect they knew they had been hacked but couldn’t be sure how much data had been exposed, just demonstrated how little confidence they had that it wasn’t all of it.

Baroness Harding said she reported the security breach to BAE Systems and detectives from Scotland Yard’s cybercrime unit are also investigating the crime.

She told the Daily Telegraph: “Do I wish I had done more? Of course I do. But would that have made a difference? If I’m honest I don’t know.

“This is happening to a huge number of organisations all the time. The awful truth is that every company, every organisation in the UK needs to spend more money and put more focus on cyber security – it’s the crime of our era.”

The police are investigating ransom calls to TalkTalk last week seeking payment.

Baroness Harding warned that it would be “naïve” to think an attack like this would not take place in the future.

She told The Guardian: “It would be naive to say something like this will never happen again to any business.

Some financial commentators have already made the point that TalkTalk are by no means in shape to weather this particular storm.

Performing as they do in a tough and competitive environment TalkTalk have been making bold statements about taking costs out of the business and setting tough financial targets for the coming year. Indeed some of these were based on reducing customer churn, they must now have a hollow ring, when put against the cost of rescuing a reputation that had already been damaged by shortcomings in customer services recently highlighted by the telecoms regulator.

Neither Talking the TalkTalk or Walking the WalkWalk.

Ironically Baroness Harding who was elevated last year to the peerage, possibly rashly announced that rather than seeing the position as a cushy extra, Dido Harding is determined to make her time on the red benches count.

Announcing to the press that she is in a race to make the internet safer for children and families. (Read More)
Her shaky grasp of the state of IT in her own company would appear to make her ideal material for her other governmental post UK Business Ambassador for the Technology and Communications Sector.

She has certainly done her bit when it comes to showcasing the state of IT Security in many British companies.

Yesterday TalkTalk came out with a statement to the effect it could have been worse. I think your customers and shareholders might have the final say on that one.

The damage done to the TalkTalk Brand has been immense, it may even have been damaged fatally.

What the Data Commissioner will make of all this is yet to be seen but don’t be surprised if they are inclined to be punitive, wanting to make an example of such a high profile breach.

Also don’t be surprised if the TalkTalk brand is consigned to history as The Carphone Warehouse may seek to dispose of a fatally damaged brand in a fire sale as soon as the dust has settled.

Haywards Heath IT security specialist asks what can we learn from Kaspersky

The way that data breach has been handled by these two organisations provides valuable insight into how it should be done.

Haywards Heath IT security specialist Gary Johnston has been taking a particular interest in events at Kaspersky and the US Office of Personnel Management.

As an IT security specialist when stories of this kind unfold it is always interesting to see how they are dealt with by the companies involved, very often unfortunately the answer is badly.

Haywards Heath IT security specialist Gary Johnston says Kaspersky and The US Office of Personnel Management provide contrasting examples of how to deal with a data breach.

Tamite Haywards Heath IT security specialist comment on Kasperky & US Office of Personnel Management data breach

Kaspersky have given a text book demonstration of how to handle the potentially embarrassing fact that they have been the victim of data breach. Kasperky disclosed the fact that during the testing of a new product designed to search for APTs (Advanced Persistent Threats) they had actually discovered an intrusion on their own network.

The phrase not knowing whether to laugh or cry comes to mind. I should imagine that the event was akin to the head designer at Dyson plugging in the latest design, pushing a button, watching his own workshop disappear up the nozzle and saying to the assembled audience, “well that worked”. Presumably the new product has passed its Beta testing with flying colours.

Kaspersky unlike previous victims of this type of event, have actually in some ways turned what could have been a hugely embarrassing event into something a little more positive. They promptly admitted to the breach and the investigation showed that the attack was highly advanced. Using what Kaspersky have dubbed Duqu 2.0 which presumably infers a link to Duqu 1.0 (BBC News) which was famously uncovered by Kaspersky in 2011 to eves drop on the organisation.

Gary Johnston of Haywards Heath IT Security specialist Tamite Secure IT comments that Kaspersky appear to have been open about the scope of the breach from the start, including the extent and the timeline of the attack and the fact that within a short period of being discovered it appeared to uninstall itself and attempt to cover its tracks (Computer Weekly), it makes fascinating reading and gives a real feel for the sophistication of the APT.

July was also a good month to bury bad news as the events at Kaspersky were possibly over shadowed news wise by the events at The US Office of Personnel Management (US OPM) who managed to leak tens of millions of records relating to government employees. (BBC News)

In contrast to Kaspersky the reaction of The US OPM went through the usual phases, of denial, to grudging acceptance while still understating and minimalizing the extent of the breach. The classical pattern was almost complete when after having been over taken by events, The US OPM finally resorted to a hand wringing confession to the true extent of the breach. The final phase was marked by the inevitable and ritual decapitation of the person deemed most culpable. In this case the Director of US OPM Katherine Archuleta who announced she would step down to help the department “move beyond the current challenges”.

However of the two events, the one at Kaspersky is the more troubling, it seems to be a universal fact that governments don’t do a great job of IT or IT Security per se and in any case the USOP have what is known as previous. The fact that Kaspersky who do IT Security well have been spied upon for an indeterminate period should be seen as sinister.

Gary Johnston Haywards Heath IT Security Specialist goes on to say that there are three scenarios that have been mooted.

1. The Israelis who have plenty of “previous” spying on the Iranian Nuclear Arms proliferation talks and wanting early warning if their latest piece of Spyware has been exposed.

2. GCHQ, Nation state China, US NSA etc. a security service wanting to know how to circumvent the latest security products.

3. Three Cyber criminals least likely but similar motive.

The comments in this blog represent the thoughts of Haywards Heath IT security specialist Gary Johnston of Tamite IT

Email on the dark side – Spear Phishing

The need for spear phishing awareness training is demonstrated by the events at US Office of Personnel & Kapersky 

 I think we need to come clean about the purpose of this weeks blog on the subject of Spear Phishing and come right out and admit that it has been written with the intention of gaining your attention and trust, with the ultimate aim of (shock horror) selling you our spear phishing awareness training and other services.

Why do I feel the need to say this, before we get into the main topic of this weeks blog.  Well it’s because the stories we want to draw your attention to this month all probably began with a carefully crafted message.

At this point I will point out that our “carefully crafted” message has been produced with the intention of increasing your awareness of the risks that cyber crime poses both to the individual and business. We know that any effort at tackling Cyber security begins with awareness of the issues. Not in a scary technical way. Just the basics of why, what and how.

Kaspersky-Labandusdop

There have been two major stories this month, one hacking and the other a combination of hacking and the use of advanced spyware known as Ducu 2.0.

Both Kapersky the Russian security software specialist and the American Government have suffered major breaches. In the case of the American Government the breach resulted in millions of employee records being stolen, these records are now being sold on the dark Internet presumably for the purposes of identity theft.

The Kapersky breach was in all probability espionage as the tools used in the breach were state of the art and probably the product of a spy agency, fingers are being pointed at Israeli Intelligence but who knows. (I will be publishing blogs covering both breaches in more detail next week).

The thing that both breaches have in common is they probably came about as the result of what is known as a Spear Phishing attack, where email carrying a carefully crafted and targeted message (yes probably even better than this one) are directed at an individual or individuals in an organisation.

Because the email comes from someone or an organisation (possibly posing as internal mail) they trust and contains information on a subject that is of current interest and because the criminals have already been researching the victim to find out what they are interested in.

Because the victim believes in the validity of the sender and the message they make a single simple mistake. Almost certainly in each case the carefully crafted (Spear Phishing) email was received by the carefully targeted victim and they opened it and possibly followed a link. Unfortunately from that point on they have unleashed a series of events that eventually will lead to a full- fledged breach.

So what can I as a business owner do to protect myself against these threats?

The first thing we would recommend is that you look at the way you are dealing with SPAM; Probably you haven’t thought much about it and have gone for the default position which is to use the filtering built in to Microsoft Outlook or whichever mail client you presently use. You may even be using something slightly more sophisticated that came with your Antivirus software and if you are lucky this will result in at least some Spam being automatically removed.
Most likely you have never put any real thought into it.

Well luckily for you, we have. Our conclusion is that the best option in almost all cases, is to deal with Spam before it even reaches your desktop. Using highly sophisticated cloud technology that results in most of the Spam around 98% being removed before it ever reaches you. Even the dangerous stuff.

So now you have more time to deal with the messages you need to deal with and less time deleting the dross.

Consider spear phishing awareness training for your staff.
Spear Phishing is something we all need to be aware of, when someone of the sophistication of Kapersky fall victim it is an indicator that we all need to be on our guard.

Protecting your customers data and your companies own assets is vital, as it is central to what you do.

This is why you need IT Security to be part of the responsibility of every employee. Basics of IT Security & Spear Phishing awareness training need to become intrinsic to your company operations.

Gary Johnston
IT Security Product Director
Tamite Secure.IT

Spam Filtering out the bad guys

Protecting yourself from the watering hole predators

In my previous blog I spoke about watering hole attacks, where legitimate websites are used by criminals to pass on malware to the website owner’s customers. This month I thought I could expand upon the theme, and would explain a little about how businesses can protect themselves from the threat of Malware, and exploits that are often inadvertently introduced to the network by unsuspecting employees.

It is a simple truth that most malware is introduced and social engineering (The Internet phrase used for being tricked into letting someone scam us) is perpetrated during the browsing of websites or via email. Adding to this mix increasingly is Social media such as Facebook.

Almost all Infections are introduced because we make bad decisions at a critical point. Because we can be overwhelmed by the quantity of email presented to us, the Social engineering call from the scammer has come through at a time when the PC is running slowly and time is precious. When presented with overload of information. Our decision making becomes erratic. We may inadvertently delete valuable leads, or even more potentially damaging, open something that contains malicious code. We may even let someone purporting to be from Microsoft take over our PC. In the case of browsing the Internet, we don’t spot the warning signs that something is amiss.

In the case of Spear Phishing the message might seem to have all sorts of information about us that leads us to trust the sender. Scarily in this case, they probably do have some of this personal information, and you are being specifically targeted.

Some of these issues can only be addressed by making your employees aware of the risks, and arming them with the knowledge to recognise suspicious behaviours. A basics of IT security awareness course would benefit most people both in the office and at home..

But, wouldn’t it be good if someone were to check the websites we browse are safe before we look at them, maybe even checked the content of my emails to make sure they were legitimate and not trying to scam me. In fact as Social Media is now often used by Internet criminals to insert their malware, it would be good if they also performed a similar function with my Social Media. Well this is what Web Security and Email Spam filtering seek to achieve, and the good news is that once they are in place, not only will I be safer in my interactions with email and the web. I will find that because all the junk is filtered out before it reaches me, I don’t have to sort through hordes of irrelevant emails before I get to the ones that are relevant. In addition by adopting filtering of email & web pages at the cloud level, you will reap an additional side benefit of your company becoming more efficient and effective as a result, each user possibly saving 30 minutes a day sorting through irrelevant and dangerous information.

Using Spam filtering and web filtering as part of a layered strategy for the defence of your network means you are removing some of the burden of decision making from your users. The decision to block a site or quarantine a suspect email is mad at the cloud level before it even lands on your network.

A browser can be infected in seconds with little intervention from the user, in the case of Forbes it was achieved via a regular pop up related to Astrology. When just a single click on an infected email attachment can infect a machine or unleash a devastating encryption of your documents as part of a ransom ware

Watering Hole Attacks

Forbes.com Watering Hole Attack
(shows you can lead a horse to water & make him drink!)

Watering hole attack

The news that Forbes website was compromised in November leading to thousands of its customers being potentially infected with malware, has provided a wake-up call for us all.

The term watering hole attack refers to the idea that the cybercriminals identify. Websites that will appeal to the demographic that they are intent on exploiting.

Potentially, your customers. The analogy being the obvious one of a predator, (in this case Malware), lying in wait for its prey by a frequently visited watering hole (Your website). I’m sure you worked that one out for yourself.

The exploit relies on the fact that often the company website is poorly defended, and it will be relatively easy to find an exploitable weakness in the security of the site or the underlying code. The perpetrators insert their malware, and the popularity of your website and your SEO effort will do the rest.

In the case of Forbes, (Invincea and iSight Partners said in their joint report), the attack exploited two zero-day vulnerabilities. One in Microsoft’s Internet Explorer, and the other in Adobe’s Flash Player.
Adobe fixed the flaw back in December and Microsoft updated Internet Explorer as part of its Patch Tuesday release.

The exploit appears to have been targeting senior executives, managers and professionals in the defence and financial services industries.
The very fact that two zero day vulnerabilities were used indicates that this attack was a serious attempt at compromising these high value users of Forbes website, zero day vulnerabilities suggest the attacker was sophisticated and determined, the use of two zero day vulnerabilities emphasises just how determined they were in pursuing their quarry.

The malware infection was inside the “Thought of the Day” Flash widget, which appears whenever users try to access a Forbes.com page. Visitors didn’t need to do anything other than to try to load Forbes.com in their browser to get infected. It is probable this campaign focused on cyber-espionage, not cybercrime.

It is a fact Watering hole attacks are insidious, because it wouldn’t occur to anyone that these sites could be infected.

Of course the Forbes incident was the top of the tree as far as these things go, but it does emphasise that everyone is at risk. You should realise that it is common practice for criminals to infect legitimate websites, that’s your business website, with the aim of passing on malware to your potential clients.

Forbes probably have a whole department dedicated to the upkeep of their website, you probably speak to your web designer a couple of times a year. Little wonder that because the scripts and coding that underlie the site are rarely updated or patched that they are wide open to this sort of attack.

WordPress based websites are notoriously insecure, not surprising as they make up such a big proportion of published websites, but so are most other platforms. So what is the answer? Well we would suggest you speak to an IT company who understand just how significant security is to your business. Some one that gets the bigger picture.
Your customers come to you because they want your products and trust you. It is in your interest to make sure that in visiting your site, the only thing your customers leave with are an enduring good impression of your organisation.

Apple Mac support Haywards Heath for Apple Mac upgrades

Apple Mac Support Haywards Heath Love their Apples

Apple Mac Support Haywards HeathTamite Apple Mac Support Haywards Heath carry out a full range of servicing and repairs on Apple Mac products, Tamite in house Apple Mac guru Sohail says that; With the new financial year approaching many companies will be deciding on budgets for IT and deciding on the priorities for the coming year.

In reviewing the health of your IT systems you should look at the performance of your Apple Mac machines, it may be that they may have slowed down after a number of years of use. It can be the case that you can give them a new lease of life by carrying out a service, often they run like new after just an hours work.

Sohail has years of experience working on Apple Macs and is an accredited Apple Certified Support Professional bringing his expertise to Tamite IT Apple Mac Support Haywards Heath customers. I have been carrying out periodic full servicing for my customers for a number of years and would suggest carrying out a service every six to nine months.

At the same time you may wish to consider taking this opportunity for us to look at the specification of your Apple Mac. We have found that customers are surprised by the difference something even as simple as adding memory can make to the performance of a machine.

You have invested in Apple Mac hardware as you are aware that they are renowned for quality and durability. With proper care and making sure they are regularly updated with the latest patches and versions of IOS your Apple Mac will give you many years of efficient reliable service.

Because of the soundness of the design it is often a cost effective option to look at memory and other upgrades you will be amazed by the improvements that can be made. If your hard disk drive is beginning to show its age we suggest you consider a new Solid State Hard Drive. These drives really do give a big boost to your Apple Macs performance.

Freak Flaw Patched
Apple, Google & Microsoft have all been active in releasing patches to the Freak Flaw

The Freak Exploit can affect Safari Web Browsers

Sohail of Tamite Apple Mac support Haywards Heath advises customers. In addition don’t stick your head in the sand when it comes to the security of your system, Antivirus and Malware protection aren’t an optional extra, those updates to my Operating System are produced to protect against known exploits. A very good example of such an exploit is the recently patched Freak Vulnerability which could be used to facilitate a man in the middle attack (See BBC story) or the Tamite IT Apple Mac support Haywards Heath Blog post on the same subject to see how Man in The middle attacks are potentially used to amongst other things compromise your banking.

Also look at your Spam filtering solution, it should not only reduce the amount of mail you have to plough through every day to get to the ones you are really interested in, it should also filter out the infected and obviously dangerous stuff. Spam filtering is an often overlooked aspect of your over-all IT security strategy.

Tamite Apple Mac support Haywards Heath are specialist in bringing security to businesses at an affordable price.