Archive for Public Sector

NHS Cyber Attack – how to build up your protection

Malware terms

Here is some more information about the NHS cyber-attack that started on Friday.

The Ransomware variant is called WanCrypt0r and 81,000 infections were reported in the first 12 hours. It has not only targeted the NHS but has also gone for Banks, Telecoms and Utilities worldwide.

It has been established that the criminals are exploiting a known vulnerability in Windows (MS17-010)  which has already been patched, but those computers which do not have up to date Windows Updates are still vulnerable.

We have warned customers before about the Ransomware threat and the extent of this attack means that we should all consider increasing our defences, especially businesses but also homes, as Ransomware can be spread via emails.

As there is no way to guarantee 100% protection against threats, we have to make it as difficult as possible for the threat to take hold and how much you decide to do depends on the level of risk you wish to take.

1. Ensure that Windows Updates is kept up to date

Windows Updates contain security fixes (amongst other things) and computers that have not been kept up to date are vulnerable, as in the case in this attack. Admittedly Windows 10 gives you little choice when it comes to Updates (you have to have them) but if you are using any previous version of Windows – make sure that Updates are kept up to date.

If you are still using Windows XP or Vista, you shouldn’t be. These versions of Windows no longer get Windows Updates.

Update:
Microsoft have now issued a patch for XP and Vista. Go to this web page to download the patch if you are still using XP and Vista (demand is high so it may take more than one try). Please note – this patches this vulnerability only so you should still move away from these unsupported operating systems.

2. Make sure that you have a good antivirus product that is kept up to date

Good security products give a better degree of protection but they have to be kept up to date, with active subscriptions. Free antivirus is better than nothing but does not give protection that is as comprehensive as paid versions.

3.    Install extra protection.

Usually, you should not have more than one security product installed on your computer at any one time, but there is a product called Malwarebytes, which can be installed as well as your existing antivirus. This increases your protection especially from Ransomware, if you install the premium version.

4.    Consider your backup situation

If a computer is infected, the virus goes across a network and it is possible that any connected storage will also get infected – this includes cloud storage such as Dropbox. Having said that, Dropbox state that within 30 days of the event they can restore your files (here) and you can subscribe to extend the 30 days to 1 year if you choose. If you are using any other Cloud storage, check with them to see if they have a similar service.

It is vital that your important files are backed up and a copy kept separate from your computer. In the event of an infection, you can at least relax a little that your important data has not been encrypted.

5.    Consider downtime – system backups

When a computer has Ransomware, if you have backups of important files you will not need to pay the criminals. It is likely that the computer will need to be wiped clean and Windows reinstalled, which takes time.

There is software available that can take a copy of your whole computer, which could be used to reinstall the whole system in much less time than a full reinstall. A copy once every 2 or 3 months would allow you to get back up and running in much less time.

As mentioned earlier, many viruses are spread through emails, so never click on links in emails and do not open attachments unless you know that they are genuine emails – if in doubt call the sender.

If you would like help with any of the above, give us a call on 01455 209505.

Share..Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInPin on PinterestPrint this pageEmail this to someone

New Windows 10S to Target Chromebook Education Market

Windows 10S for Education Sector

Microsoft are about to release a trimmed-down version of Windows 10 called 10S, aimed at the Education market which up to now has been taken over by Google’s Chromebook.

Traditionally, Windows had the Education market in its hand due to its lower Academic version pricing (which was much cheaper than retail) for Windows and Windows software such as Microsoft Office. Then the Chromebook came along with its cheap price tag together with its ‘locked down’ operating system making it harder for students to cause much damage. This was ideal for school administrators who wanted to get a working computer at the lowest price, which could also be set up quickly and securely.

Windows 10S will be released on Microsoft’s Surface Laptop as well as some computers from Samsung, Toshiba, Dell and Acer in the near future, and they will be pushing these offerings to the Education sector.

There are ‘pros and cons’ with the release (as you would expect) and what is good for administrators may be cause for complaint by others.

Locked Down and Faster booting

Windows 10S will be ‘locked down’ because only apps from Microsoft and the Windows Store will be allowed to be installed, so schools can relax in the knowledge that it will be less likely for students to be able to install malicious or other unwanted software.

It has also been designed to increase battery life and have a faster boot time, which you would expect with a thinned out version of Windows.

The downside is the reduction of choice – if it isn’t a Microsoft app or in the Windows Store, it will not be available for installation, which gives Microsoft effective control on what is and isn’t used on its machines, although the Chromebook did give Google a large amount of control too.

Another downside will be that schools will no longer be able to use free alternatives to expensive software such as Photoshop, unless Microsoft allow it.

An Upgrade route will be available

The release announcement stated that it will be possible to upgrade 10S to Windows 10 Pro, at a lower price. This may be useful but at the moment we are being told that it is a one-way upgrade – once upgraded you cannot go back and of course, it will not be classroom-proof any more. You will also lose the battery and boot time advantages too.

Cheaper computers in the future…?

Clearly the Chromebook is not just for classrooms and there is a big market for public consumption of a cheaper, trimmed down operating system that lets you do everyday tasks. This is why we expect that at some point Windows 10S (or a version of it) may be available to the general public at some point, for use in the less expensive part of the market. If or when this happens we will have to see.

With Google saying that they have half of the US education market and 20 million devices in education, there is everything to play for for Microsoft. Time will tell if it pays off for them but they are certainly going to give it their best shot.

Share..Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInPin on PinterestPrint this pageEmail this to someone