Archive for Security

Update iTunes and iCloud against Ransomware Vulnerability

Update iTunes - Ransomware Exploit

A vulnerability has been found in the Windows version of iTunes and iCloud, which may allow ransomware to be inserted into Windows computers, bypassing antivirus security programs.

Mac versions are not affected.

Bonjour software exploited

The Bonjour component that both iTunes and iCloud uses, is meant to allow communication between devices on your network and is often used to allow Windows to communicate with Apple devices.

A bug has been found (by security company Morphisec) in Bonjour, called a ‘zero day vulnerability’ which in geek-speak, is an ‘unquoted service path’ – essentially code which has been written incorrectly. As iTunes and iCloud are classed as trusted programs, the vulnerability can avoid antivirus security software and install ransomware software, which can potentially encrypt hard drives and prevent you accessing your data.

Get your iTunes and iCloud update patches

Apple has now patched the vulnerability in iTunes 12.10.1 and iCloud 7.14, so grab your updates if you haven’t already and ensure that automatic updates are enabled, to provide maximum benefit from security fixes in the future – especially as other vulnerabilies were found at the same time, which are yet to be resolved.

Uninstalled iTunes? You can still be vulnerable

Even if you have previously uninstalled iTunes, the Bonjour software is probably still present on your system, as it is a separate program and is not automatically uninstalled when iTunes is removed.

If Bonjour is still on your system it may be still have background services running but in a potentially unpatched state, so you would need to go to your Control Panel and remove it manually.

How to Get Your Devices to Play Nicely Together

Connect your Network Devices

Desktop computers. Laptops. Tablets. Network printers. Routers. Smartphones. Smart speakers. Media players. Gaming systems. Homes today have many, if not all of these. Each has all sorts of features, and they’d be even more useful if they connected to one another. If only it wasn’t so challenging to get all our devices to relay information between each other reliably.

Home networking can bring so many benefits. You might enjoy:
• accessing emails on all your devices, wherever you are;
• surfing the Web using your voice;
• being able to share files, photos, and other media with any other networked device;
• viewing a baby photo album from your computer on your Smart TV
• printing from your smartphone or other devices, even when not connected to the device via cable, using AirPrint or Google Cloud Print;
• backing up all computers in the house to a centralized location via the network;
• securing your activity on all devices at home with a protected Wi-Fi network.

Yes, all that sounds pretty good, but how do we get our devices to do all that?

What Your Home or Business Network Needs

First, take a moment to imagine connecting all the computers and smart devices in your home or office via cables. As if you want more cables snaking around! So, you’ll be looking into a wireless network to connect your devices to the internet and each other. That means setting up a router (we’re assuming you already have an internet service provider).

The router connects you to the internet with its built-in modem, but just as importantly it connects your devices to each other. The router communicates the wireless signal between your devices and gives each device its own address on your network.

If your home or office is spread out over several floors or square feet, or you have to deal with thick walls, you might have difficulties with Wi-Fi dead spots. Don’t worry! You could try a mesh network (where instead of making one device do all the signaling, a primary router and many smaller satellites or nodes relay the signals with equal power) or use a Powerline setup which uses your electrical wiring.

Securing Your Home or Business Network

When you get your devices connected, you’ll want to secure your network. Taking these simple steps helps protect your personal information and prevent cyberattacks.

First, change the default passwords on your router, and choose something more complex than “123456,” “password,” or anything else easily guessable. You may also want to set up a guest network if the router supports it. This allows visitors to access the Wi-Fi without you having to share access to your main network.

Also, rename your Wi-Fi network so that it isn’t obvious that it’s your premises or what broadband router type you have. For example, if you live at 920 Hassell Place, you wouldn’t name it 920Hassell. Or, if you’ve got, for example, a BT router, don’t leave it with the name it came with as it’s a starting point for anyone trying to get into your network – don’t make it easy for someone trying to target you to identify which network they are trying to hack.

For business networks, there are other considerations too, but the above is a good starting point.

You like using all your devices, but getting them all networked seems like a headache. Still, once you have a network set up, you’ll wonder why you waited so long.

We can help you get all your devices playing together nicely and securely. Contact us today on 01455 209505!

Protecting Your Customers and Your Business Too

Protecting your Customers Information

Security and privacy are at the very top of priorities when considering business IT. Major data leaks are in mainstream news on a near-daily basis and hundreds of thousands, if not millions, of customers are impacted every time they happen. The goal should be to make sure our businesses are kept out of danger.

Major institutions, such as multi-national banks and credit card companies, are expected to handle your data well. Unfortunately, less secured businesses require access to our data too.

Even just booking into a hotel often requires you to leave personal details. These few pieces of information are often more than enough to steal your identity, start a line of credit, and access many of your vital services. You can often only hope your chosen hotel handles your information as well as your bank does.

Securing Your Business with Smarter Thinking

There is no way to change how your favourite hotel service operates, but you can affect your own business to improve its security for your customers.

You don’t need the manpower or funding of a major banking chain to handle data securely. With simple tweaks and powerful changes, you can minimize the chances of your business suffering a data breach big enough close your doors for good.

By stepping up IT security to meet modern threats, you can help to limit your liability, put customer’s minds at ease and give your firm a competitive advantage.

Limit Your Data Collection

The single most important thing to consider when securing your business is how much data do you really need to hold anyway? Carefully consider the value of every piece of personal information you collect in any given transaction. Do you have a use for everything you ask for?

Emails, addresses, and contact numbers are useful for receipts and marketing, but additional data many firms collect is often useless and wasteful. Each piece of unnecessary data you hold represents additional value to hackers and thieves. While you may be unable to use your own stored data, hackers will find great value in gathering more personal information. This increases your liability without adding any extra value.

Clearly, the recent GDPR regulations also apply, so it isn’t just good practice to run through the details that you keep.

Consider Your Access Requirements

Think carefully about who has access to information within your business and precisely why they need to access it. Often security problems begin when employees have blanket privileges to access everything within the firm.

Access restrictions should be specific to the company structure. Employees should be limited to only what is strictly required for their role. Managers, for example, are likely to need systems that their junior staff cannot access.

Physical access restrictions are critical too. Unattended computers and mobile devices should require a password or identity verification to log on – preferably without other people knowing the password or leaving the password on a post-it note!

Treating Data with Care

The way you treat your data in day-to-day business reflects the impact hackers or IT disaster will have on your business when it is lost. Do you know where your backups are, and when they were last tested?

Firms often first know they are in trouble when they realize all their data is stored on a business laptop or device that could be easily lost or stolen. Some firms maintain backups on USB drives or shuttle a portable hard drive between home and work.

Protecting your customers and your business is all about the smart application of IT knowledge in a cost-effective and efficient way.

We can help you to protect the most valuable assets your business owns – data. Call us on 01455 209505.

OK Google, How Safe Are You Really?

OK Google, How Safe Are You Really?

Are you prompting Siri, Google, or Alexa? When you talk a home assistant, you join a growing number of smart homes.

Smart home assistants search online, start phone calls, order groceries, play music, turn lights on. All with a single spoken command.

Research into how people use Google or Alexa demonstrates the core features. Listening to music ranked first. Checking weather and asking for general information rounded out the top three. Setting timers and reminders, asking for the news or jokes (perhaps to make up for the news?) are also common.

Yet, the question remains, just how safe are these virtual assistants? After all, having a smart speaker in your home means there is always an open microphone in your house.

Smart Speaker and Home Assistant Safety Concerns

The convenience of the speaker demands that it always be on, ready and waiting for you to say “Hey Siri” or “OK Google.” Once triggered the device records the command, sends the data to servers for processing, and figures out its response.

Smart speaker users can log in to view the history of queries on their accounts. This prompts some concerns that these mega-companies will use the information for financial gain. For example, those talking about an overseas holiday might start seeing related ads on their computers.

Someone hacking into the home assistant to gain access to your personal information is another concern. Those who set smart speakers as a hub for many devices also create more points of vulnerability.

It’s difficult to anticipate all the ways the assistant could prove to be too good a listener. In one case, a voice assistant recorded a private conversation and sent it to the couple’s contacts list.

Steps to Stay Secure with a Smart Speaker

That candid conversation aside, few big privacy issues or personal data breaches have been reported – so far. Nevertheless, if taking advantage of Alexa, Siri, or Google helper, keep these strategies in mind.

1. Clear your history. Don’t leave everything you’ve ever asked it stored on the company server. The assistant will relearn your commands quickly.
2. Connect with caution. It’s great to be able to turn on the TV and dim the lights without leaving the comfort of your sofa. Be wary of connecting security or surveillance devices to your home assistant.
3. Mute the microphone. Yes, it undermines your ability to call from the closet “OK, Google, what’s the weather like today?” But, turning off the mic when it’s not in use stops recording without you knowing about it. Yes, the microphone may still be powered up, but you can expressly mute it.
4. Secure your network. Home assistants do their work by connecting to the Internet using your network. Ensure they are accessing a password protected network. They should use devices (e.g. routers) changed from default password settings – unfortunately, most people just use that default setting and it leaves your network open to outsiders with the knowledge to be able to get into it.
With a little effort you can gain convenience without worry.

Want more questions answered about setting up a smart speaker to be safe and reliable? We’re here to help. Give us a call on 01455 209505.

Has Your Email Been Hijacked?

Has Your Email been Hijacked?

A common problem found by some customers in recent months has been spam emails appearing to come from their own accounts.  Despite not knowing why, there are reports of friends, family, and contacts receiving spam email that appears to come from them and this has understandably worried many people.

Some have had their accounts suspended or shut down by their service providers as a result.  For many, this experience can be highly disruptive as well as worrying. It’s a problem that can cause many issues in both your professional and personal life.

The key to defence is learning how these attacks happen, and figuring out what you can do to protect yourself and your contacts against them.

Hackers Using Your Email Against You

Scammers that send out spam messages are continually looking for ways to make the process faster, cheaper, and more efficient. It’s the best way in which they can make more money every day by scamming unsuspecting victims for even more cash.

One of the most efficient ways they do this is by hijacking ready-made, trusted email accounts like your own. Hackers have several tools at their disposal to attempt to hijack your accounts.

Unfortunately some of the things which make emailing fast and easy to use, means that details such as those in the ‘From’ field, are easy to fake. A hacker might change the ‘From’ information to make it appear as if the email comes from anyone, simply by creating an account in that name in an email program – the details of the real sender are usually hidden away in something called an email header.

Defending yourself against this kind of misuse is difficult but you can help yourself by being cautious and if you believe something to be out of place, such as a strange ‘Subject’ title or attachment, you can try to verify that an email, even one you expect to receive, does come from the person that you believe it to be from. If you have any doubt, give them a quick call to verify – if their emails have been hacked, then they will appreciate the warning.

If your email provider flags up an incoming email as ‘suspicious’, or ‘untrustworthy’, it may well be.

Stolen Credentials

Hackers often buy large bundles of email addresses and passwords from the dark web. Leaked emails are often put up for sale following hacks of major companies and service providers (for example see previous Blog post here).

The value of these details comes from the fact that most passwords are unlikely to have been changed, the details attached to them are trusted, and often get hackers access to additional services too.

It is unlikely that you will know about every single hack incident that happens to a company that you use, so change passwords regularly.

How To Detect an Email Intrusion

It can take a long time before you’re aware that malicious hackers are using your details. You might even be the last person in your contacts to know.

The first sign to look out for is a large number of unexpected emails in your Inbox. These are likely to be replies to emails you never sent in the first place. Out of office, automatic responses, people complaining about spam, and people responding to the email as if it were genuine may all come to you first.

Keep a close eye on unexpected emails appearing suddenly in your Outbox. A hacker may be ‘spear-phishing’ (pretending to be from a trusted source) to someone that you do business with or trust. By acting as you, using your address and details, they may be able to divert payments or confidential information to their accounts instead.

A typical example is a business that receives an email from another business, stating that their bank details have changed and to make payments using the new bank details. Whenever you get an email like this, then always verify with the sender.

Do bear in mind that extra emails in your Inbox or Outbox do not happen every time, so the absence of these emails does not mean that you can relax your cautious approach.

Protecting Yourself Against Hackers, Attackers, And Hijackers

Sometimes your computer might have been compromised to give hackers access to your services, or malicious software may have infected your machine to steal data and infect your contacts. So in the first instance, use a good (and preferably not just a free version) of an Internet Security program.

Take extra care to change your passwords if you believe your email has or may have been accessed by hacker. Use a different, more secure password for your email than you do for every other service, such as using a mixture of capitals, numbers and special characters. Your email account is often the key to accessing many of the services you use most, so you need to protect it as much as you can.

Run a virus scan and maintain security updates. If you think your computer could have been infected, have your machine and services looked at by a professional if you believe there is a risk that your data is being used.

Business Email Users can Authenticate their own Email

If you have your own email service, you can enable various email authentication methods such as SPF, DKIM and DMARC which are ways that your genuine emails can verify that they are genuine – helping to make it more difficult for someone to pretend that they are you. It also has the added benefit that it helps you pass through spam filtering.

Unfortunately, some email services (especially at the cheaper end of the market) don’t check for these authentications, so you do need to be a little bit choosy about which email service you use.

If you think your email could have been hijacked, or your details used elsewhere, give us a call on 01455 209505.

Don’t Fall Victim to Webcam Blackmail

Don't fall Victim to Webcam Blackmail

Many customers have reported recent scam messages from individuals claiming to have intercepted their username and password. These messages often state they have been watching your screen activity and webcam while you have been unaware.

Typically, attackers threaten to broadcast footage and your web browsing details to your contacts, colleagues, or social media channels. Demanding payment in Bitcoin payments, malicious hackers blackmail their victims to keep confidential information private.

Where Have the Attacks Come From?

In many cases where hackers have claimed to have a victims’ password, this has turned out to be true, but usually its not because you have been hacked – but rather that a company you have had dealings with has.

In the last few years alone, many large websites have suffered enormous hacks which have released confidential details on many of their users. LinkedIn, Yahoo, Myspace and TalkTalk all suffered massive and devastating hacks. Some users of these services are still feeling the consequences today.

The details leaked from these sites, and others facing the same issues, are sold online for years after the initial breach. Hackers buy username and password combinations in the hopes of reusing them to access services, steal money, or blackmail their owners.

How to Respond if You get One of these Emails

If you have been contacted by one of these hackers, it is a scary reality that they could have access to your credentials, data, and online services. That said, accounts that share the same password should be changed immediately. Security on additional services you use should be updated too.

The only thing you can do in response to this type of email is to ignore it. This “we recorded you” email is a scam made much more believable because they probably do have one of your real passwords gained from a site hack, but that does not mean that they have access to your computer or Webcam.

Self Defence On the Web

When using online services, a unique password for every site is your number one defence. A good password manager program makes this practical and straightforward too.

Using a different password for each site you use means that hackers can only gain access to one site at a time. A hack in one place should never compromise your other accounts by revealing the single password you use everywhere – unfortunately we still do come across customers that only use one password for everything.

Often, people think that maintaining many passwords is hard work or even impossible to do. In truth, it’s almost always easier to keep tabs with a password manager than it is to use the system you have in place today.

A high quality and secure password manager such as LastPass, or 1Password, can keep track of all your logins efficiently and securely. They often offer the chance to improve your security by generating random and strong passwords that hackers will have a tougher time cracking.

Password management services offer a host of features that help you log in, remind you to refresh your security, and make your safety a number one priority. After using a manager for just a short time, you can be forgiven for wondering how you managed without it.

If you think you might have been hacked already, or want to prevent it from ever happening, give us a call on 01455 209505 to help update your security.

CSH Computer Services is a local business providing PC and Laptop repair and I.T. support services to Homes and Businesses. We are based near Lutterworth, Hinckley and Broughton Astley in Leicestershire and provide a full range of services, from PC and Laptop repairs, PC and Laptop upgrades, sales of new computers and workstations plus business network support. We also provide Virus and Malware disinfection, Broadband installation and troubleshooting, data recovery, Wireless networking and troubleshooting, plus much more. We work in and around the whole Leicestershire area and can be seen daily in Lutterworth, Hinckley, Broughton Astley, Market Harborough, Nuneaton, Rugby, Leicester and surrounding areas too.

New Years Computer Resolutions

New Years Computer Resolutions

New Year resolutions can come and go, but if you would like to keep your computer running smoothly, here are a few tips that can help.

Running the Best Security Software

Most computers today run at least some form of basic antivirus.  In the modern day however, threats have evolved to be more sophisticated, more damaging, and much more common.   Ransomware, malware, phishing, and zero-day attacks all work to attack unpatched systems without strong security.

Today, to keep up with increasing threats, you need a complete internet security package.   A layered system means more than just virus scanning.  A comprehensive security package includes prevention, detection, firewall and system monitoring at a minimum.   These layers work together to provide security many times stronger than a stand-alone system.

Reliable, up-to-date, security keeps you safe online.  It’s a resolution you simply can’t afford to skip.

Clean Up Files

Cleaning up unnecessary files is the number one way to gain additional storage space on a typical device.  It’s cost-effective without any extra hardware purchases too.

Almost all computers have files hanging around from old software, data or applications they no longer need.  Just like tidying the spare room or de-cluttering the kitchen, clearing files off your desktop and organizing your emails will leave your computer feeling refreshed and new again.

Restart Your Computer

Fully shutting down a computer and rebooting can take time.  When you are watching the clock, waiting to start a task or get work done, it can feel like an eternity.  Most of us enjoy simply opening the lid or powering on the screen to have everything ready to run.

Many times, we come across a computer that has not beeen fully restarted in weeks and these habits can cause issues with running software and the operating system too. Hardware updates, security patches, and critical updates often wait for a reboot before they install and reboots or shutdowns perform essential maintenance tasks too.

Merely performing a reboot at least every once in a while can secure your system and help get rid of software problems and updates can prevent new issues from cropping up too. Our general advice is to shutdown daily, unless there is a reason not to do so.

Use A Password Manager

Hacks of large institutions and popular websites are frequently in the news today.  Almost every month a major service reveals they have been hacked, their database compromised, and their customer credentials have been stolen.

For this reason, it is very unwise to use the same password to access multiple websites.  This can be a challenge for many.  It’s clearly impossible to remember a unique and secure password for every site you visit.  We recommend using a password manager that can store and recall your passwords for you.

A good password manager relies on just one, very secure, remembered password to safeguard an encrypted database of all your login credentials.  The password database is often stored in the cloud for access from all your necessary devices.  A manager can typically assist in creating a strong, secure password for each of your accounts too.

Using a good password manager and unique password for every site protects you against the attacks commonly in the news.  Hacks compromising major services from your providers will be powerless against directly affecting your other accounts and services.

Keep Your Computer Away from Dust

Dust, hair, and household debris are one of the major causes of premature death for computers.  Fans, used to cool components, suck in house dust as well as the air they need.  This dust often clogs up the inside of the device and overheats internal components.

If possible, keep a tower PC off the carpet and don’t run your laptop sitting on the floor, blanket, or other soft furnishings.  Cleaning out your device is as good a resolution as any, and there’s never a better time than now.

For a little help sticking to your digital new year resolutions and starting off on the right foot, give us a call today on 01455 209505.

Common Malware to Watch Out For

Common Types of Malware Infection

The term “virus” is often used to describe many different types of infection a computer might have and can describe any number of potential computer programs. What these programs have in common are they are typically used to cause damage, steal data, or spread across the network but they are usually designed for a malicious or criminal intent right from the start.

Malware (‘malicious software’) is any software used for negative purposes on a personal computer  and can actually be legitimate software, but which is being deliberately misused.

Adware

Short for ‘advertising-supported software’, adware is a type of malware that delivers advertisements to your computer.  These advertisements are often intrusive, irritating, and often designed to trick you into clicking something that you don’t want. A common example of malware is pop-up ads that appear on many websites and mobile applications.

Adware often comes bundled with “free” versions of software that uses these intrusive advertising to make up costs.  Commonly it is installed without the user’s knowledge and may be made excessively difficult to remove.

Spyware

‘Spyware’ is designed to spy on the user’s activity without their knowledge or consent.  Often installed in the background, spyware can collect keyboard input, harvest data from the computer, monitor web activity and more.

Spyware typically requires installation to the computer. This is commonly done by tricking users into installing spyware themselves instead of the software or application that they thought they were getting. Victims of spyware are often be completely unaware of its presence until the data stolen is acted on in the form of fraudulent bank transactions or stolen online accounts.

Virus

A typical virus may install a keylogger to capture passwords, logins, and bank information from the keyboard.  It might steal data, interrupt programs, and cause the computer to crash but  more commonly, includes a ‘ransomware’ package – see below.

Modern virus programs commonly use your computers processing power and internet bandwidth to perform tasks remotely for hackers – the first sign of this can be when the computer sounds like it is doing a lot of work when no programs should be running.

A computer virus is often spread through installing unknown software or downloading attachments that contain more than they seem but perhaps the most common is by links in emails.

Ransomware

A particularly malicious variety of malware, known as ransomware, prevents the user from accessing their own files until a ransom is paid.  Files within the system are often encrypted with a password that won’t be revealed to the user until the full ransom is paid.

Instead of accessing the computer as normal, the user is presented with a screen which details the contact and payment information required to access their data again.

Ransomware is typically downloaded through malicious file attachments, email, or a vulnerability in the computer system. This si the type of infection that seriously affected NHS machines not too long ago.

Worm

Among the most common type of malware today is the computer ‘worm’.  Worms spread across computer networks by exploiting vulnerabilities within the operating system.  Often these programs cause harm to their host networks by consuming large amounts of network bandwidth, overloading computers, and using up all the available resources.

One of the key differences between worms and a regular virus is its ability to make copies of itself and spread independently.  A virus must rely on human activity to run a program or open a malicious attachment; worms can simply spread over the network without human intervention.

No need to be paranoid!

So with all these types of infections, it would be easy to be put off using computers altogether and we have certainly met people that do the minimum possible with theirs, due to infection worries.

The fact is that we have found that the typical number of calls for traditional computer virus infections has gone down over recent times and that more often than not, infections today are the result of scams or insufficient security protection.

If you use common sense, a good security package (preferably paid for as opposed to a free version) and are cautious with what you do online and download, then you can reduce the chances of infection – but you must remain vigilant.

If you would like us to help  keep your systems safe from malware, give us a call on 01455 209505.

How to Tell if You Have Been Hacked

How to Tell if You Have Been Hacked

Being hacked is the single biggest fear of most computer users. Many believe that the first sign of strange behaviour or errors on their PC is a sign that hackers have taken control. But are hackers really inside your machine, stealing your information? Or should we be on the lookout for more subtle signs? What does being hacked really look like?

There is an important distinction to make between being hacked by a person and being infected with a virus or malware. Virus software and malware are automated processes designed to damage your system, steal your data, or both. There are of course ways that we can defeat these processes, but what if we are instead hacked by an individual?

Remote Connections

Our previous blog posts have warned people about not allowing strangers to remotely access their computers unless they are 100% sure that they are genuine.

Remote Support technology is a very useful tool but if you allow the wrong people to remotely connect, they can be doing things in the background that you may not be aware of. For example, whilst speaking to you they can be downloading software that they can then use to convince you that your computer has a problem – i.e. displaying fake error messages. Needless to say, they can also be gathering information from your computer too.

They can also leave software on your machine which in many cases is very difficult to spot. You should only allow people to connect when you have approached them – never from a phone call or email coming to you out of the blue, no matter how believable or what they appear to know about you.

Logins not working

One of the first steps a hacker might take would be to change the computers passwords. By doing so, not only do they ensure future access to the account, they prevent you from accessing the system to stop them. For the hacker, this is a crucial step that keeps them in control.

Being hacked is not the only reason why you may not be able to login, but it is a possible symptom that you need to bear in mind. We always need to make sure to keep on top of our own login details and how often we change them.

Security Emails or SMS’s from online services

Many services track which device and location you logged into your account from last. If your account is accessed from a new device or a different country it might trigger an automated email or SMS to ask if this new login is your own.

If you have logged in using a new computer, tablet, or phone; an email that asks “hey, is this you?” need not be cause for alarm. If you haven’t, it may be time to investigate further. This service is an important part of information security and may be a key first step to identify someone else gaining access to your account.

Bank accounts – strange transactions

Most commonly today, hackers commit crimes to steal money. The end goal for hackers is typically to profit from their crimes by taking money from people online. Obviously it pays to keep a regular eye on your financial transactions to make sure you know what money is coming and going from your account, especially when doing online banking.

Whilst you may see a large sum missing where hackers have attempted to take as much as they can in a single transaction, this is not always the case. Alternatively small, hard to notice transactions may sometimes appear. These often account for small purchases where attackers have tested the details that they have, to make sure they work. Hackers may even wait months before attempting a transaction.

Either way, the sooner you spot unusual or unrecognized transactions, the better.

Sudden loss of cellular connectivity

Mobile network interruption is a symptom that few people expect but occurs commonly when hackers attack. Many banks and online services use a security feature known as Two-factor authentication. To do this they send a short code to your phone or app when you log in. Two-factor authentication is ideal in most cases and is a great boost to security.

Determined hackers can try to work around this by calling your mobile service provider to report your phone as lost or stolen. During this call, they will request your phone number be transferred to a new sim card that they control. When your bank sends its regular two-factor authentication code to the number registered, it goes instead to the hacker who may be able to log in. From your perspective the phone service will simply stop working.

Unusual or unrecognized icons

In many cases hacking software tries to be stealthy and not be seen, but there are some that do not hide themselves so much because the hackers believe that it may not be noticed. A common one is remote connection software that can only be seen as a tiny icon in the bottom right-hand corner of a Windows computer, which automatically starts up every time you switch the computer on. It is hiding amongst all the other small icons and is frequently overlooked.

Similarly there may be an icon appearing on the Desktop which you do not recognize or remember installing, or your normal search engine changes to something else – if a virus or malware has caused this, what else is going on?

Keeping vigilant and maintaining security

These are only some of the modern techniques that hackers can try to use to gain access to your accounts. You don’t need to be paranoid but it pays to be extra vigilant and pay close attention to the signs and signals that indicate you may have been hacked.

Also, make sure that you have a good security product installed – it makes it that much harder for hackers.

If you suspect that you might have been hacked, or would like help to prevent hackers in future, give us a call on 01455 209505 and we’ll help improve your security.

Top 5 I.T. Problems for Businesses

Top 5 I.T. Problems for Businesses

Companies that suffer security breaches nearly always have at least one of these IT security problems. Do any apply to your company?

No Backups

A shocking number of businesses are not backing up their data properly. According to market research company Clutch, 60 percent of businesses who suffer a data loss shut down within six months.

Not only should every business be fully backing up their data, but their backups should be regularly tested to work too. It’s a step that businesses miss surprisingly often. Many businesses don’t find out that their backup can’t be used until it’s already too late.

Reactive and not proactive

The world is constantly changing. The IT world doubly so. Attackers are always figuring out new ways to break into businesses, hardware evolves faster than most can keep up, and old systems fail due to wear and tear far quicker than we would like. A huge number of businesses wait until these issues impact them directly before they respond.

The result is usually higher costs, longer downtime, and harder hitting impacts.

By responding to hardware warnings before it fails, fixing security holes before they’re exploited, and upgrading systems before they are out of date: IT can be done the right way. Being proactive about your IT needs means systems don’t have to break or compromised before they are fixed. The result for your business is less downtime, fewer losses, and lower IT costs.

Weak Passwords

A surprising number of people will use the password “password” to secure some of their most important accounts. Even more still will write their own password on a post-it note next to their computer or allow everyone else to know what the password is. In some cases, many will even use no password at all.

Strong passwords act, not only as a barrier to prevent unwanted entry, but as a vital accountability tool too. When system changes are made it’s often essential that the account that made changes is secured to the right person. With an insecure password or worse; none at all, tracking the individual responsible for reports or accountability becomes impossible. This can result in both auditing disasters on top of technical ones.

Insufficient Staff Training

Humans in the system are commonly the weakest point in IT security. Great IT security can be a bit like having state-of-the-art locks on a door propped open with a milk crate. If staff aren’t trained to use the lock, it’s worth nothing at all.

Many times businesses can justify spending big on security for the latest and greatest IT defences but the very same firms may exceed their budget and spend almost zero on training staff to use them. In this instance, a little goes a long way. Security training can help staff to identify a threat where it takes place, avoiding and mitigating damage, often completely.

Weak Data Controls

Some companies can take an ad-hoc, fast and loose approach to storing professional data. Often crucial parts can be spread across many devices, copied needlessly, and sometimes even left unsecured. Client data can be found regularly on employee laptops, mobile phones, and tablet devices. These are famously prone to being misplaced or stolen out in the field along with vital client and security data.

It can be easy for both employees and firms to focus on the costs of devices and hardware purchased for the business. The reality is that the data held on devices is almost always worth many times more than the device that holds it. For many firms, their approach to data hasn’t been changed since the firm was first founded. Critical data is often held on single machines that haven’t been updated precisely because they hold critical data. Such machines are clearly vulnerable, outdated, and prone to failure.

Common problems with simple solutions

Each of these common issues have simple solutions to secure against IT failure. With a professional eye and expertise in the field, every business should be defended against IT issues that risk the firm.

If you need help securing your IT to protect your business, give us a call on 01455 209505.