Many tend to imagine that Cybersecurity is all about having an antivirus and a firewall. Whilst these are important, they aren't a silver bullet. Indeed, some argue that an antivirus instils a false sense of security, and we have often heard “it looked dodgy but I thought my antivirus would protect me.” This is a dangerous and incorrect assumption and one frequently exploited.
A little education goes a long way, so we have listed a few tips below to try and prevent that education coming through bitter experience. We have also included a link at the end of this page so you can easily download and print the full document for your office
- Stop and think before you click on email links or attachments. Are you expecting it? Do you really need it?
- Be especially alert and smart when surfing the internet. Resist the temptation to click through on adverts or to see what a celebrity has done this week.
- Avoid freebies on the internet; they often come with a sting in the tail. Free file, video or music sharing sites are also dangerous.
- Be alert for warnings from your antivirus and don’t cancel a scan just because it is slowing you down. If it is trying to tell you something this should not be ignored.
- Allow updates for Microsoft, Java, Flash and Reader to install. A system without updates is a vulnerable one.
- If you do think you have caught a bug, then you don’t want to infect your network or damage your company files. Unplug your PC immediately and call IT support
- Be aware that an antivirus alone cannot protect you against infection. You have a responsibility too!
Print it and protect IT! - Download without registration - PDF Documennt - 371kb
2 finance departments in our customer base have received emails in recent days purporting to be from the company's Managing Director requesting a wire transfer to be made. These fraud attempts have demonstrated a knowledge of the company targeted and obvious research has gone into identifying the names and email address of the Managing Director and Finance Officer concerned. The format of the email was also credible at first glance.
Both attempts resulted in queries of a procedural nature that flagged the issue and upon investigation the emails originated not from the clients email system but a server in the Netherlands.
We would recommend you alert your finance team to this issue.
Microsoft kicks Windows XP when it’s down
Although Windows XP has been “out of support” since April 2014, Microsoft have continued supporting its own anti-malware product with updates until this week. If you have any Windows XP PC’s running Microsoft Security Essentials then we recommend that you consider your options at this point; the 2 obvious options being either to change your antivirus protection to a third party product that still supports XP, or more sensibly; consider updating the PC to Windows 7 or better
Click here for more information
This week Windows Server 2003 also fell off the update cliff
With every server vendor seemingly emailing about Windows 2003 server going end of life and trying to sell new servers, I would be surprised if you were unaware of the fact. What in practice does this mean though? Does it mean Windows 2003 will stop working? No …. It doesn’t mean that. What it means is Microsoft will no longer issue security updates for their venerable product. It has been described as the “biggest security threat of 2015”, but it that hyperbole? Perhaps, but it certainly has security and for some; compliancy consequences.
A good article laying out the risks and compliance issues is available here
Antivirus for Macs
During our TechTalks on Cybersecurity, it is always apparent that the “Macs don’t get viruses” myth is still alive and well. Apple in fact dropped this claim in 2012 in light of 650,000 users acquiring a Trojan that was unchallenged. It is true that Apple device are far less afflicted by threats but as they become more popular this is changing. Several vendors offer free antivirus for Macs used at home (non-commercial use), the best in our experience being the one from Sophos. If you have Macs in the workplace, we would recommend you speak with your IT support provider regarding your options. No protection though is a folly and is a chink in your IT security armour.
Click here for more information on the Sophos free antivirus for non-commercial use
A particularly stealthy type software which is typically malicious; a rootkit is called so because it gives access to the “root” of the computer and therefore can be particularly dangerous as it gains admin access and therefore full control over your computer. It can modify software and therefore circumvent software designed to prevent infections and detection such as antivirus software. This also means that infection is particularly concerning as its use is more of an attack than an irritation and risk of danger to data and information is high.
Detection and removal is particularly difficult as a rootkit may well be able to subvert software designed to find and remove it.
Although a rootkit infection may occur through many sources, it is usually via vulnerabilities in software or social engineering. It is classic Trojan horse infection type.
Several providers offer rootkit detection products which can be downloaded for free. In no particular order they are
Even with these powerful tools however, a rootkit can be a tough challenge and sometimes a system reinstallation may be a more cost effective option.