Windows is the prime target for cyber criminals

Windows is the prime target for cyber criminals

Windows is the prome target for cyber criminals, the bigget reason why is its huge dominance in the workplace. The bad actors are trying to steal your information, disrupt your business, or hold your data to ransom.

Tens of millions of attempted malware attacks were discovered throughout this year, and a massive 95% of those threats were targeted at Windows.

Although most of these are unsuccessful, those that are succsessful can cause havoc for the affected businesses. The best way to minimise or prevent this is by taking all possible precautions to protect your business and your data.

  • Hardware and software companies release regular updates to address threats to Windows users, as well as security patches designed specifically to deal with new risks. These should all be installed as soon as they become available.
  • Your people should be regularly trained in how to spot cyber security threats and what to do if they suspect one.
  • And because it’s not possible to protect every business from 100% of all threats, it’s also important that you have a strong resilience plan in place.

Resilience Plan

This should detail exactly how your business should react if it falls victim to a cyber attack and who should be notified to take action. Everyone in the company should have access to this document and know to report any potential attack as quickly as possible – that’s the best way to lessen its impact.

If you have an IT service provider, they’ll be able to make the best recommendations to keep your business safe and secure, train your people, and even provide monitoring to spot any potential danger before it becomes a problem.

This is something we do every day. So if we can help your business become more resilient, just get in touch.

Read more

Holiday Cyber Attacks

Holiday time is coming and so are the Holiday cyber-attacks!

Before working in IT, and Cyber Security, I was in the Military, and whenever we were operating during holiday periods, we knew in the back of our minds that if something was going to happen it would happen during holiday time.

The same is true of cyber-attacks and cybercrime. This year we might see more than previous years, already in early October there was an attack on some of America’s largest airports websites.

It isn’t just the Christmas holiday period that we see the increase

  • Colonial Pipeline (Mother’s Day Weekend (US))
  • Kaseya 4th of July
  • Sony and Microsoft Christmas Eve)

Holiday Cyber Attacks, why and what you can do.

The bad guys are aware that during holiday periods there are fewer employees around to look after the infrastructure. Also we are all preoccupied with thoughts of the festive season. So may click on items that we might not normally do.

Security tips:

  • Train empolyees in cybersecurity and phisihing awareness.
    User error is still the number one cause of malware attacks, make sure all employees undergo an annual social engineering training.
  • What are the internal threats, including scanning and patching software?
    If you are able to make sure these are taken care of this will help in securing your organisation from exploits whilst there is limited supervision during this period.
  • Who has access to your Systems.
    Have you implemented a strategy to restrict who has access to data stores, and applications. Only allowing team members access to what they need and having the right levels of privileged access will help.
  • Protect the Network
    Although perimeter firewalls will assist in a strong defence, you should also deploy firewalls at the endpoint, and this should block applications and traffic, unless it is required.

Don’t get caught out this year! If you need any help on this please call 01752 546967 and we will be happy to help.

Read more

Are you sure you are downloading Zoom?

Are you downloading Zoom or Malware. When you think about tools for remote working and chatting online, one of the first names in your mind is Zoom.

But its popularity has opened the door for cyber criminals. They’re using its name to steal sensitive data.

Researchers have discovered at least six convincing-looking download sites. They’re not the real thing. They’re designed to tempt you into downloading FAKE Zoom software, containing ‘info stealers’ and other forms of malware (malicious software).

Outcomes!

Accidentally use one of these sites thinking that you’re downloading a Zoom update… and you risk having sensitive data stolen. Possibly your banking info, passwords or browser history.

Some can even steal your multi-factor authentication details. That could give cyber criminals access to your most sensitive data.

The research also found these ‘stealer logs’ for sale on the dark web, where criminals can buy this information and use it to gain access to business networks.

Once a cyber criminal has access to your network, every piece of data you have stored becomes a target. In extreme cases, this can leave you vulnerable to ransomware attacks, or data theft.

While these fake sites can be incredibly convincing, take these simple steps to avoid being fooled.

  • Before you download the Zoom application (or any application), double check the address of the website you’re on. Is it what you’re expecting? If you clicked an email to get to that site, are you 100% sure it’s from the real company?
  • Study the rest of the web page too, looking for anything that doesn’t ring true, such as spelling mistakes or a clunky layout.
  • Make sure your security software is up to date and is actively scanning for malware and suspicious downloads.
  • Have a plan to roll out this advice across your business.

If you need any help or advice to keep your business protected from malware and other security threats, get in touch.

Published with permission from Your Tech Updates.

Read more

Malicious browser extension are you using them?

There are hundreds of thousands of browser extensions designed to help us to save time, be more productive, and personalise our online experience.

And while the majority of them do what they’re supposed to, some are not designed to help you at all…

If you’re unfortunate enough to download a malicious browser extension without realising, it could harm your productivity and even flood your work with unwanted advertising.

This is known as adware. It’s a form of malware (malicious software) that’s designed to bombard you with unwanted adverts.

It can also change your search engine and send you to affiliate pages when you’re making purchases. These activities generate revenue for the extension’s creators.

In a recent report from a cyber security company, it revealed more than 4 million of its customers have been attacked by adware hiding in browser extensions over the last couple of years.

And often people didn’t realise they were under attack.

There’s a darker scenario where these malicious extensions are hiding actual malware which can infect your computer.

This can lead to sensitive data such as your logins or even payment details being stolen. And of course malware can spread across an entire network.

To keep your business and its data safe from the risk of malicious browser extensions, it’s important you only ever download them from reliable and trusted sources.

What to do

Read reviews and look at ratings. If a browser seems too good to be true it probably is.

As the business owner, you might also look into controlling which extensions can be installed by your team.

We can help with this, as well as looking at up-to-date software protection and (fun) security training for your team.

Published with permission from Your Tech Updates.

Read more

Passkeys could improve the way you work.

Passkeys could improve the way you work, a few months back we looked at passkeys as the successor to the password.

Now, we’re hearing that Apple will start rolling out Passkeys in the next few months in iOS 16. And we’re excited.

Though it’s caused a bit of confusion. Apple is going to great lengths to market the Passkey, and understandably, people have assumed that it’s a feature exclusive to Apple.

That’s not the case.

In fact, Passkeys will be used in a joint effort to boost online security by Apple, Microsoft and Google. The reason Apple is promoting this new feature so hard is to get the message out there.

Microsoft and Google are also keen to spread the word so that people understand how Passkeys work.

The more people take advantage of Passkeys, the safer our businesses are online.

Passkeys could improve the way you work

Passkeys – otherwise known as FIDO authentication – work by letting you log into an app or website with just your username and your pre-authenticated device, most probably your phone.

Your device generates a cryptographic token, which makes the second part of a cryptographic key pair. When the pair matches, you’re allowed access to the app or website.

What that means in practice is when you’re logging in, you just use your phone to prove its really you. You’ll just unlock it using your face, fingerprint or PIN.

So long as your phone is within Bluetooth range of your computer it will work.

And without needing a password… bliss…

It’s a far more secure way to access apps and keep your accounts safe from cyber criminals. You never see your cryptographic token, so it takes away a lot of the danger of having your login credentials stolen.

Cyber criminals will be unable to use their normal tactics – such phishing emails, brute force attacks, or key loggers – to steal your credentials.

They’ll need your physical device, making remote hacking much less likely.

If you use Windows Hello, you’ll see that Passkeys are already supported. And it won’t be long until all three tech giants roll out support across their entire product range.

Before then, if you’d like any help or advice on keeping your apps and accounts safer, just give us a call.

Published with permission from Your Tech Updates.

Read more

Coming to Windows 10 Soon.

Coming to Windows 10 Soon.

There’s no denying the Windows 11 has a lot of really cool new features, and some of these will be coming to windows 10 soon.

If you haven’t made the move from Windows 10 yet, you’re missing out.

But there’s good news. To make the (eventual) move from Windows 10 to 11 a little easier, Microsoft is sharing a couple of 11’s most useful features.

Coming to Windows 10 Soon.

The first should make printing a little easier. We can hear your cheers from here! Anything that makes printing easier is OK in our book too. Printers don’t have a terrible reputation for nothing…

This feature makes printing PIN-protected. That means when you want to print a document, you’ll send it off to the printer – but it’ll only print when you’ve reached the printer and entered your PIN.

This removes the risk of you printing something confidential and leaving it on the printer for everyone to see.

Or accidentally printing several copies of the same document. Yes, this will reduce paper waste.

And that’s not all…

There’s a second really useful feature coming over to Windows 10. It’s called Focus Assist and works alongside do not disturb.

Switching on do not disturb is great when you want a little uninterrupted time to finish a task or do some research. But if you use it a lot, you might miss a notification that you really needed to see.

Focus Assist stops that from happening. You use it alongside do not disturb and it still allows important and time-sensitive notifications and messages to reach you.

These features have been in testing since June this year. There’s still no date for when they’ll be released to everyone with Windows 10. But they’re on their way.

If you can’t wait to try more of the time saving and productivity boosting features that Windows 11 has to offer, give us a call to see how we can help you make the switch.

Published with permission from Your Tech Updates.

Read more

Are you under pressure to take action.

Phishing scams are one of the biggest security threats to your business right now. As we all get used to these emails the scammers are upping the pressure to take urgent action.

A massive 83% of organisations said they suffered successful attacks last year. And with just under a third of phishing emails being opened, the chances that someone in your business will be fooled are high.

But to make matters more difficult, cyber criminals have borrowed a technique from ransomware groups that is designed to panic people into taking action and giving away their login details.

This phishing attack begins like most others, then the pressure to take urgent action.

You get an email alerting you to potentially suspicious activity on your account. It might say someone is trying to login from a different location or device and the attempt has been blocked.

You’re then asked to click a link to verify your email address and password.

That’s worrying enough, right?

But what makes this phishing attack even more dangerous, is the countdown timer that appears on screen.

Typically, it’s set at one hour, and you’re asked to confirm your details before the countdown ends, otherwise your account will be deleted.

Yes, deleted! That catches a lot of people’s attention.

This is a powerful manipulation tactic designed to scare people into taking immediate action – and think later.

In reality, if that countdown hits zero nothing will happen. But watching the seconds count down can give you a sense of urgency that makes you forget to check whether an email is the real deal or not.

The page you’re entering your details on is fake. Criminals will steal your details and login to your real account. That’s a major problem you don’t ever want your business to face.

You’ll be at risk of data theft, financial loss, or malware, as well as potentially putting other accounts at risk (if you’ve reused your password).

Your login details may even be sold on the dark web, giving other cyber criminals the opportunity to break into your account.

Here are some basic phishing protections for you and your team.

Look at the email address the email was sent from. Make sure the spelling and grammar are both correct, and hover over links to see what website address they are trying to send you to.

If you think you’ve fallen for this kind of scam, it’s important you change your login details immediately. Don’t click a link in an email – type in the website address in your browser.

We’d also recommend using a password manager. This is software that creates long and strong random passwords that are impossible to guess for every account you have.

It will store these passwords for you. And autofill login boxes to save you time (yes, password managers detect when they’re being asked to fill in details on a different page, such as a fake phishing page).

Share this article with your whole team right now. And if anyone ever clicks a link they’re not sure about, ask us how to keep your business safe.

Published with permission from Your Tech Updates.

Read more

Working from home, is it good for your business?

Working from home. Or remote working, as it’s now called.

It’s the big thing in business, isn’t it? And some people love it.

They’re happier working where they want, and when they want. And that makes them more productive and less likely to leave.

But have you stopped to consider the downside to remote working? The negative elements for your business and your people?

While many employees are happy to work from home using video calls and collaborative software to stay connected, there’s a small percentage who find the whole experience isolating.

And when that happens, it can quickly lead to a drop in motivation and happiness. It can even change the culture within your business.

In turn, this can lead to performance issues which may be trickier to spot.

At the other extreme, some employees will become more susceptible to burnout as they struggle to draw a line between work and personal time. That change in environment can be so important for some.

And while you want your team to be happy and fulfilled in their roles, there are also some practical considerations you need to make for your business.

Practical Considerations

Such as the cost of remote working. Does everyone have the right tools for the job – laptops, phones, office equipment? Maybe even a desk and chair, or an internet upgrade?

Do you need to spend twice – giving them an at home setup and investing in hot desks in the office?

Most importantly, you must put in place full cyber security protection wherever someone is working.

Here’s how we can help you stay safe and potentially save money.

Would you like us to audit your current setup and suggest some options? This is what we do every day. Just get in touch.

Published with permission from Your Tech Updates.

Read more

The Global Chip Shortage and your business.

The global chip shortage has been with us for the past couple of years, the tech world has been struggling with a huge shortage of chips.

But it’s not just tech businesses that are feeling the impact.

Pretty much everything we use every day has at least one chip in it. Laptops and desktops, sure. But also household appliances, even our cars. It’s hard to find an electric device without at least one chip.

This global chip shortage has the potential to disrupt our modern lives.

Did you know, it’s been ongoing since 2020 (ah, that year really was a gift, wasn’t it)?

It started during the pandemic as production fell while demand went up.

Other events since have made it worse, including extreme weather, the Ukraine war and a factory fire.

The need to increase chip production

We’re told that increasing chip production isn’t easy. It can take years to build a new factory because of the unique production demands.

Of course, all of this is someone else’s problem. Let’s make it real to you – what does this actually mean for your business?

Essentially it means you need to plan ahead more.

Some of the technology you need to run your business may be in short supply.

As an example, getting large numbers of the same laptop might be difficult, compared to getting just 2 or 3.

And some of the essential devices you rarely think about as they’re in the background, such as network switches, are currently much harder to get.

As you push your business towards increased growth it means planning ahead more than ever before.

Industry experts expect the shortage to last into next year… and it could be even longer.

Would you like to run your growth plans by us, so we can advise what might need to be ordered, when? Get in touch.

Published with permission from Your Tech Updates.

Read more

Staff Working remotely need to be secure.

Are your remote staff, as secure as they need to be, we explore a recent report.

Read more