Archives

Malware and Ransomware

cyber security nhs

We regularly cover internet security and high profile hacks on our blog, but how can you stay safe from hackers? Here are some internet security tips to stay safe online.

cyber security nhsUse a firewall

A firewall is a hardware or software barrier that sits between computer networks. They are used between areas that are trusted – such as your own corporate network – and untrusted – such as the internet. A firewall offers protection by controlling traffic that enters and leaves the network using a series of rules (or filters) set by the user. By blocking certain types of traffic, a firewall can protect against hackers accessing your systems.

Keep software updated

Any software – especially your operating system and web browser – on all your devices: computers, tablets and mobile devices – must be kept up to date. Publishers release regular patches to correct faults in the software that can be exploited by criminals. Older software must be replaced if it is no longer supported with security updates. For example, the devastating global WannaCry attack targeted an older version of Windows that had been patched but many users had not yet downloaded and installed the update.

Use a strong password

Some hackers access systems by using software. Such a “brute force” attack tries every combination of letters and numbers until they find a password that matches. They begin by using words from the dictionary so never use a single word as your password. Every extra character and number you add to your password exponentially improves its security. Often, breaches of security happen because passwords are not changed from the default one that ships with a device or piece of software. That is why you should always change passwords on new routers etc. as soon as they are installed on your network.

Digitalquill – Internet Security Advice for Hull Businesses

For advice on internet security for small businesses and to arrange for your Hull IT support, call us on 01482 424402 or visit www.digitalquill.co.uk to find out more.

 

Avast Antivirus

It is unsafe to operate business computers without the protection of anti-virus software. You cannot rely on the built-in Windows Defender program or free anti-virus solutions in a commercial environment. Many of the “free” antivirus software packages have strict licence conditions that restrict their use on business PCs, so you are not permitted to use them in a business – and are effectively unprotected. Free software is not professionally monitored, and staff can easily turn off the virus protection. This puts your business at risk of contracting malware such as viruses and ransomware.

Avast AntivirusAvast Anti-virus from Digitalquill

The solution is to invest in a proper business cloud antivirus solution. Digitalquill is an authorised reseller of Avast Cloudcare (formerly AVG), which is one of the best-rated anti-virus programs on the market. It has a very low impact on your system, so it does not slow down your PCs. Its “always-on” protection and deep scans help to keep your computer free from viruses, spyware, ransomware, rootkits, Trojans, and almost all other kinds of malware. It is constantly updated with new virus definitions in the background to keep your business PCs safe. When you choose to be protected by our fully managed cloud business antivirus service, you will have a team of professionals monitoring your computers 24/7 for potential threats.

 

When you sign up for the Avast Cloud-based antivirus service, we proactively monitor:

  • That the Avast Cloud Virus guard is installed properly and is working
  • That all the latest virus definitions have been updated
  • That scheduled scans have been completed as required
  • If any viruses are found we are alerted immediately
  • We can remotely update the virus definitions and virus guard software
  • We can initiate full virus scans on specific PCs, or all computers on the network

Avast Business Virus Protection from £0.95 per month

It is not costly to protect your business with Avast virus protection from Digitalquill. The Avast cloud antivirus service for business users costs as little as 95p per month per user (if you buy at least 50 two-year contracts). You can benefit from the expertise of a team monitoring your system for virus threats without breaking the bank.

Call Digitalquill today on 01482 424402, email us at support@www.digitalquill.co.uk or visit our website www.digitalquill.co.uk for more information on Avast Cloud Antivirus for business.

 

Equifax Hack
Equifax Hack
Credit cards, a chain and an open padlock is seen in front of displayed Equifax logo in this illustration taken September 8, 2017. REUTERS/Dado Ruvic/Illutration – RC1530D0D700

The major data breach at Equifax, the credit monitoring company affected 15.2 million records in the UK, relating to almost 700,000 customers, according to Sky News. The personal details of 143 million US customers were also stolen in the attack. The Equifax hack could well be the biggest ever cyber theft of financial information.

Equifax Hack – What was Stolen?

Names and dates of birth are amongst the personal details stolen from 693,665 UK-based customers of Equifax. The breach happened in May but was only reported last month. Most worryingly, 12,086 customers have had their email address breached and 14,961 customers have lost portions of their user names, passwords, and even their secret questions and answers and partial credit card numbers were stolen.

The National Cyber Security Centre (NCSC) said in a statement:

“If you have been told that security details from your Equifax.co.uk account – such as your password and secret questions – have been accessed, then you should ensure those same details are not used on any other websites or accounts.”

No Business is Safe from Hackers

After Equifax announced the hack, they were subjected to many class action lawsuits in the US. How would your company cope if hackers accessed your customer data? Even if your business is far smaller than Equifax and located in Hull, East Yorkshire or Lincolnshire doesn’t mean your data is safe. If hackers access your data, then it can affect your reputation, and you risk a fined from the Information Commissioner’s Office.

Digitalquill – Experts in IT Security

At Digitalquill we help businesses across Hull, and the East Riding keep their customers’ data safe from criminals. Whether you need help securing a wireless network, setting up the proper PCI-DSS compliant processes for handling credit card data, backing up your files or writing a security policy for your East Yorkshire business – we can help. For more information call us on 01482 424402 or email office@digitalquill.co.uk.

 

 

invoice virus

Reports in the media are saying that Action Fraud has found a recent increase in invoice virus emails – whereby businesses are tricked out of money or are targeted with viruses through emails claiming to include an invoice.

invoice virusWhat is an Invoice Virus?

Both Public and Private sector organisations have been the target of the bogus invoice scam. Fraudsters pretend to be genuine service or product providers and send an email purported to contain an invoice. Sometimes false instructions are included in the email asking the user to change their account details for future payments on ongoing contracts.

The most common Public and Private sector organisations that are targeted by this fraud type are:

  • Pharmaceuticals Industry
  • Airports
  • Travel related Industry
  • Universities, Schools and Colleges
  • Health Care Providers
  • Financial Services Industry
  • Food and Drink Industry
  • Councils

But invoice virus emails have arrived at all kinds of business so do not assume you are safe.

The National Fraud Intelligence Bureau state that losses can vary but often run into hundreds of thousands of pounds. Several of the biggest frauds have exceeded £1 million. The funds are quickly transferred outside of the UK, so recovery of the money by the police is often impossible.

Countless other businesses have been infected with malware such as viruses and malware as a result of opening links in scam invoice emails.

What does Invoice Virus Fraud look like?

The bogus invoice fraud sometimes involves a genuine invoice being intercepted. How this is done is unknown, but is possible a virus within the email system from a prior email. The account details given for payment on the invoice are then altered to make the payment go to an account that is under the Fraudster’s control.

Often the fraud will only be discovered months later when the legitimate company that sent the invoice chases up payment. Some incidents have involved emails with completely counterfeit invoices being sent as attachments or within infected file attachments.

What are the signs of an invoice virus?

Completely counterfeit invoices will usually not stand up to scrutiny. The invoices may contain logos scraped from the internet or scanned copies of an original document. The company logo may, therefore, appear to be slightly blurred.

Digitalquill – Experts in Computer Security for East Yorkshire Businesses

If you have received an email from an unfamiliar email address or think you may have been infected with an invoice virus, then we can help. For details of our Hull, IT support service and IT support for East Yorkshire businesses, call us on 01482 574402 or visit www.digitalquill.co.uk

Windows XP

Windows XPA recent article from the BBC revealed that the second biggest police force in England still runs Windows XP on 20% of its computers. A total of 1,518 PCs in the force still use the ageing operating system, which has not been supported by Microsoft since 2014. The revelation comes shortly after it was discovered that the NHS are still using Windows XP, and they were recently hit by a massive ransomware cyberattack that crippled many services. As well as Manchester Police, the Metropolitan Police service stated in June that they still had 10,000 Windows XP computers.

Windows XP Hacking Risk

Continuing to use the outdated system on machines that connect to the internet poses a massive security risk, and even standalone machines can suffer problems that will result in the loss of data – or worse. Even if security vulnerabilities are found in Windows XP, Microsoft no longer distribute patches to fix them as they do with newer releases of Windows.

It’s Not All Bad News

Although most police forces  refused to respond to the BBC’s Freedom of Information Request on the grounds it could put them at risk of cyber attack, eight forces disclosed that they had fewer than 10 computers still running XP. These were mainly to run highly specialised software that has not been made compatible with new Windows versions.

Why Upgrade From Windows XP?

A number of small (and some big) businesses still have not upgraded to the latest version of Windows. The reasons vary from concerns about cost to fears over getting to grips with the newlook and feel. A common reason is if a company relies on old software that is not compatible with newer versions of Windows.

Help to Upgrade to Windows 10

Digitalquill can offer IT support for small businesses in Hull to upgrade from Windows XP. Call us on 01482 424402 today to find out how we can help you.

phishing

Phishing is an online scam whereby cyber criminals send out an email that appears to be from a legitimate company. It will usually ask the recipient to provide sensitive information. This usually takes the form of a link that supposedly takes you to a known website where you are asked for your personal information, passwords etc. However, the website is actually a fake and the information you input will go straight to the scammers.

phishing

The word ’phishing’ is based on the word fishing. It is so called because the criminals dangle a ’lure’ in the hope that people will ’bite’ and providing the information. It is used to steal credit card numbers, account numbers, passwords, usernames and much more.

Am I at risk from Phishing?

Yes, this is as relevant for your business email as your personal email. Massive companies such as Amazon, Facebook, Google and Microsoft have all been stung with large scale Phishing scams.

How Do I Stay Safe from Phishing Attacks?

  • If you are not expecting the email and you don’t know who it is from just delete it
  • Don’t reveal sensitive information if requested to do so via email
  • Don’t click on links in emails appearing to be from banks or other service providers. Where possible, open a new browser window and navigate to the site yourself.
  • If you do need to click a link in an email, check it before you click on it. You can do so by hovering over the link. The URL will usually show in the browser’s status bar.
  • If the email is from a bank, consider calling them to check. Use the fraud hotline number written on your card, not numbers provided in the email or from Google searches because the number in the email might be a fake.

If in doubt DO NOT CLICK ON LINKS IN EMAILS!

Digitalquill – Experts in Cyber Security

For more information or advice on keeping your Hull, East Yorkshire or Lincolnshire business safe from phishing, visit www.digitalquill.co.uk/ call us on 01482 424402 or email office@digitalquill.co.uk.

Ransomware CYber-Attack

Ransomware Cyber-AttackCompanies across the globe reported last week that they were struck by a major ransomware cyber-attack. The virus froze the user’s computers and demanded the payment of a ransom in the untraceable digital currency, Bitcoin. Experts have suggested that the malware was exploiting the same weaknesses as the WannaCry attack last month.

Experts suggest the malware is taking advantage of the same weaknesses used by the WannaCry attack last month.

Ukraine was hit particularly hard, with firms including the state power company, Kiev’s main airport, and even the Chernobyl nuclear power plant being affected. The anti-virus firm Kaspersky said there had been around 2,000 attacks – mostly concentrated in Ukraine, Poland and Russia.

Problems also affected companies including:

  • Aircraft manufacturer Antonov,
  • Russia’s oil producer, Rosneft
  • Danish shipping company Maersk
  • Shipping company TNT

How Can I Keep My Business Safe from a Ransomware Cyber-Attack?

  • The first and most important rule is to keep your systems updated. We have covered how to upgrade Windows 7, 8 and 10 in an earlier post. Click here to find out how to update Windows.
  • Always run a paid virus protection program and never skip its updates or ignore warnings. We can supply your business with a 24/7 monitored enterprise version of AVG antivirus. Click here to find out more about our antivirus software.
  • If you think you may be infected with ransomware or see a warning screen, unplug all internet cables, switch off your router and call us on 01482 424402 for advice. Do not pay any ransoms; there is no guarantee that your files will be recovered by the criminals behind the attack.

Digitalquill: Cyber Security Experts

When it comes to ransomware, prevention is better than cure. We can help you design a more secure system and conduct an audit of your IT security to make sure you have the policies and procedures as well as the software and hardware you need to protect against cyber-attack. If you run a small business and do not have board-level IT representation, then you might want to consider our Virtual IT Director service.

To find out more, call us today on 01482 424402, visit our website www.digitaquill.co.uk or email us at office@digitalquill.co.uk.

ransomware

Many businesses now offer free WiFi to their customers. In fact, it is now an almost essential offering for many service companies. Customers expect to be able to connect to the internet in cafes, coffee shops and public waiting areas. If you offer WiFi to your customers, you must be aware of some potential risks. Don’t think it won’t happen to you: half of all UK businesses were subjected to attempted cyber attacks last year.

Free Wifi Security
Using free tools, we could identify every device on the network
Free Wifi Security
A hacker could easily exploit these open ports and steal your data – or worse

Free Wi-Fi: The Risk for Businesses

 

Keep your free  WiFi connection separated from your Point of Sale or payment processing systems. Otherwise, you are in breach of PCI-DSS rules, and your customers’ credit card data is at risk. If you share a connection with business systems, you could also find your customers hogging all of your bandwidth. If this happens, your main business internet connection will run slowly and impact the business.

 

We recently visited a major UK tourist attraction whose open free WiFi allowed us to scan all devices on the network. As an illustration, we scanned a printer, so we did not invade anyone’s privacy, but a hacker could have searched these devices for open ports or other vulnerabilities. They could even connect to your router and install malware. You did change the default router password to a secure alternative password when it was installed, didn’t you…?

Digitalquill – Experts in Cyber Security

If your business has, or wants to offer, your customers free WiFi, call us.

  • We can help you achieve PCI DSS compliance. This is essential if you take credit card payments.
  • We can supply, install, configure and support PCI-DSS compliant routers. We will keep business and customer networks separate, and ensure that a cap is in place to provide sufficient business bandwidth.
  • You may want to consider a backup internet connection. That way, if your fixed line internet goes down, you can continue to trade.
  • Digitalquill are security experts. We can conduct an audit of your business and identify where and how you are vulnerable to cyber attack or ransomware. We can supply the software, hardware and know-how to get your IT security policies up to scratch.

For more information call us on 01482 424402 or email office@digitalquill.co.uk.

Ransomware

Yesterday we covered how NHS services in England and Scotland have been hit by a large-scale ransomware cyber-attack that disrupted hospital appointments. The malware, known as  “Wanna Decryptor” or “WannaCry”, demanded users pay £300 (£230) to unlock their files.

How to Update Windows to avoid Ransomware

Early indications are that this attack relates to a vulnerability in Microsoft Windows. Microsoft has released a patch for this vulnerability, but many users do not have this patch. It is tempting to ignore system requests to update your computer – but these updates are intended to keep you safe and should never, ever be ignored.

Here are instructions on how to update your Windows system to make sure you have all the latest security patches:

How to Update Windows 7

1: Click Start and then select control panel, select system and security

Ransomware

 

2: Click on Windows Update

Ransomware

 

3: The update status will be shown. Clicking “Check Updates” in the left-hand pane will force a check for the latest patches.

Ransomware

 

4: You can select the updates to install by putting a tick into the boxes by each line.

Ransomware

 

5: Finally, click “Install Updates” and follow the Wizard through to the end.

Ransomware

How to Update Windows 8

1: Make sure your PC is plugged in and connected to the Internet

2: Swipe in from the right edge of the screen, tap Settings, and then tap Change PC settings.
(If you’re using a mouse, point to the lower-right corner of the screen, move the mouse pointer up, click Settings, and then click Change PC settings.)

Ransomware

 

3: Tap or click “Update and recovery”, and then tap or click “Windows Update”. You can type a “w” to bring it to the top.

Ransomware

 

4: Tap or click “Check Now”.

Ransomware

 

5: If updates are found, tap or click “View Details”.

Ransomware

6: Don’t disconnect, unplug, or turn off your PC while the update is being installed.

How to Update Windows 10

1: Click Start (Windows Logo) and type “updates”.

Ransomware

2: Press the Enter key, and the updates window will open: in there it tells you when your machine was last updated.

Ransomware

 

3: Press “Check for Updates” to see if there are any new patches. If there are, you will be prompted to download them.

4: Leave the machine turned on and connected to power and the internet while it downloads the updates. When you next restart the machine, you will be asked if you want just to restart or to install updates and then restart. Select “Install updates and restart.”

Avoiding Ransomware

Remember some basic rules:

  • Do not open email attachments originating from people you don’t know or from people you do know, but are not expecting
  • Make sure you have an up-to-date virus guard (we can supply AVG for businesses)
  • Make sure your operating system is up-to-date with the latest security patches.

Digitalquill – Ransomware Protection for Hull, East Yorkshire and Lincolnshire

If you do not have paid virus protection on your business systems, contact us for a subscription price for AVG for business to keep your data safe from hackers.

If you are worried that you may have been affected by ransomware, remove your network cable and turn off your wifi to prevent it spreading to other computers on your network, then call us on 01482 424402 and we will help.

NHS Ransomware Cyber Attack

NHS services in England and Scotland were hit on Friday by a large-scale ransomware cyber-attack that disrupted hospital and GP appointments. The incident is believed to be part of a wider, untargeted attack that affected computers all over the world.

Worldwide Ransomware Cyber Attack

NHS Ransomware Cyber Attack
©-Paulo-Resende-Dreamstime-Stock-Photos

Some hospitals and GPs were left been unable to access their patient data after their computers were locked by a ransomware program. The malware – “Wanna Decryptor” or “WannaCry” – demanded a payment of £300 (£230) to unlock their files. About 40 NHS organisations and some GP practices were hit. Who is behind the attack is not yet known, but the hackers demanded payment in the virtual currency Bitcoin, which is very hard to trace. The National Cyber Security Centre (NCSC) is working closely with the NHS to identify the attackers and assist with recovering the data.

Why were computers affected?

Early indications seem to indicate that this relates to a vulnerability in Microsoft Windows. Microsoft has already released a patch for this vulnerability, but there are many users who for one reason or another do not have this patch. Computers that had not been updated were affected. We reported in December 2016 how the NHS is still running Windows XP in many hospitals, and the support contract ended over two years ago. It is tempting to ignore requests to update your system, but these updates are designed to keep you safe and should never be ignored.

What can I do about Ransomware?

If you do not have the time right now to read through our ten tips to avoid ransomware, our immediate advice is:

  • Do not open email attachments from people you don’t know or are not expecting
  • Make sure you have an up-to-date virus guard (we can supply AVG for businesses)
  • Make sure your operating system is updated with the latest security patches.

If you have any feeling, no matter how small that you have have been affected:

  • remove your network cable
  • turn off your wifi immediately

This will prevent it spreading to other computers on your network. Then call us on 01482 424402, and we will help.

If you are worried call us. Throughout the rest of this week, we will be providing details of how to make sure your system is up-to-date, for Windows 7, 8 and 10 users. If you need business IT support for your business then call us on 01482 424402 for more details on our cloud IT support service or our managed AVG Antivirus solution.