Close

0131 510 1234

Archive for category: Cybersecurity

Top ten remote working security tips
by

Top ten remote working security tips

Severe snow and icy wind have hit the UK  with devastating effect this week. The adverse weather has made conditions treacherous, forcing schools to close as well as having a negative impact on transport infrastructure. A result of the extreme weather is an increase in people taking advantage of remote working.

Fortunately, at Network ROI, we spend a lot of time and effort planning for precisely this type of event. Acting as the IT department for growing businesses in Scotland, England and Wales, it’s important we are able to provide support in all conditions.

We host our critical services and applications in the cloud which provides our team with remote access 24/7. We have equipped our engineers with encrypted laptops for when they need to work remotely, and we use Gamma Horizon, a cloud-hosted telephony system, giving every member of our team the same direct dial number and extension – wherever we are working. Our team use Microsoft Office365, delivering further cloud-based collaboration and communication capabilities.

When working remotely, it is essential to remain secure, especially when dealing with private company information. Follow the tips below to stay secure when working remotely.

If it can be moved, encrypt it!

Before working remotely, ensure your devices and any external hard drives or USB sticks are encrypted. USB sticks, mobile phones, tablets and laptops are easy targets for criminals and are also easy to lose. Losing unencrypted data increases the risk of personal information falling into the wrong hands.  Encrypt all your mobile devices and hardware.

Enable remote wipe

Protecting mobile devices within your business doesn’t need to be taxing. Investing in a mobile device management solution such as Microsoft Intune allows users to wipe devices remotely should the device be lost or stolen, checks devices are encrypted, enforces PIN protection and can allow you to locate lost or stolen devices quickly protecting your company and personal data.

Use a VPN

A Virtual Private Network (VPN) creates an additional layer of security when using private or public networks. It does so by creating an encrypted tunnel between the location you are working from and your company network.  This ensures your data remains private as well as giving you access to your company applications and servers.  VPN technology is no longer the chore it used to be, and seamless VPN technologies make this technology transparent to your users.

Limit the use of public Wi-Fi

Public Wi-Fi is fraught with danger.  You may recall the vulnerability affecting the WPA2 security protocol known as Krack in late 2017. Be wary of connecting to public hotspots, especially those in coffee shops, train stations and airports and use only as a last resort – use your mobile data hotspot on your phone or use a VPN (as above) if using public Wi-Fi as this keeps your data safe.

Limit the use of public computers

In cases where you have no access to a company device or are fresh out of battery, you may need to resort to using a public computer. Although we strongly recommend not using public computers, here are some useful tips:

  • limit the information you send on public computers;
  • never send business-critical information, and;
  • never store passwords in browsers.

If you log into web apps such as Outlook, make sure you log out once finished. Finally, clear browser history and cache before closing down the machine.

Keep passwords strong

We can’t emphasise the importance of strong passwords enough. Cracking a weak password is perhaps the easiest and most common method used by criminals to enter company networks illegally. If you need further assistance to create strong, memorable passwords, see below to download our free password guide.

DOWNLOAD YOUR FREE PASSWORD GUIDE!

Make weak passwords a thing of the past

Have a clear remote working policy

The current weather crisis should act as a catalyst to implement a remote working policy if you don’t already have one in place. When considering a remote working policy, base it on the needs of the business and identify what resources and processes you will need to implement to enable a secure remote working policy.  Plan, document and most importantly, communicate the policy clearly to all members of staff.

Secure your network

Remote working provides criminals with further opportunities to enter the company network. A dispersed workforce accessing the company network from multiple locations can be a headache to manage and secure. Use only secure remote access methods with 2-factor authentications and consider insider threat detection software such as Zonefox to let you see who is on your system, where they are based and what information they are accessing or downloading. The software also sends alerts whenever unusual behaviour is detected.

Keep passwords and PINs secret

Never email or send password across insecure systems. If you do need to send a password, ideally use an encrypted messaging service such as WhatsApp or a text message.   Make sure never to send username and password using the same service. If you are in a public place such as a busy coffee shop – or even your office – we suggest you don’t divulge personal information such as name, address, date of birth or password information over the phone – always do this privately.

Educate your team

Our tenth and final tip is to make sure your team are well versed in remote working and include training as part of your overall information security strategy. As we have said in previous posts, your people are your main strength, but they can also be a significant weakness if they don’t know how to work remotely in a secure manner.

Need help with business continuity planning?

Business continuity planning takes a lot of hard work, but as we can testify, it is entirely worth it. Our service delivery team hasn’t missed a beat throughout the so-called Beast from the East, and we are proud of our team for delivering superb service in challenging circumstances.

When designing a business continuity strategy, consider core products and services you deliver and think about the infrastructure and training your team will need to perform their duties if and when catastrophic situations arise.

Get in touch with us if you need help planning for business uncertainties.

Meltdown & Spectre – Everything you need to know
by

Meltdown & Spectre – Everything you need to know

Meltdown and Spectre are the names given to vulnerabilities recently discovered to exist in almost every central processing unit (CPU) manufactured in the last 20 years. These vulnerabilities could compromise sensitive data on nearly every server, PC, laptop, tablet and smartphone – including Apple devices – worldwide.

Researchers have known about Meltdown and Spectre for some months, and the risk is considered to be relatively small as no known exploit exists, so we urge you not to panic.

We are monitoring the situation closely and will update all clients and take appropriate action when necessary. But first, let’s take a more in-depth look at exactly what a vulnerability is and what you should do if you are concerned in the future.

What is a vulnerability?

A vulnerability can be defined as a security weakness resulting from a defect that the product developer or manufacturer did not intend to introduce. The flaws, in this case, were built into the chips to help them run faster.

We can split vulnerabilities into four main categories: low, medium, high and critical. Currently, Meltdown and Spectre are classed as Medium Level vulnerabilities.

For a hacker to capitalise on a vulnerability – an exploit must exist. An exploit is a piece of software code that takes advantage of the security weakness for the benefit of the attacker.

How to protect against vulnerabilities

Protecting your business, information and people against these vulnerabilities takes three forms:

  1. A hardware firmware upgrade must be applied which usually takes the form of a computer BIOS update.
  2. The Operating System (Windows, IOS, Android etc.) must be updated – typically known as a software update.
  3. The Antivirus product must be compatible with the Operating System Update.

Hardware and software updates only go so far. You also need to make your employees aware of potential threats. We highly recommend cyber awareness training for all staff. Network ROI will be happy to discuss your cyber training requirements.

LOOKING FOR CYBER SECURITY TRAINING?

The security team at Network ROI are ready to help achieve your cyber security objectives.

Patches and updates

As it currently stands, every hardware manufacturer is working on updates to their systems – big players such as Microsoft and Apple have already released updates. Software and hardware manufacturers worked tirelessly to release updates – known as emergency patches.  As a result, many patches weren’t tested fully with several causing serious operational issues.

Given the “medium” categorisation of the Meltdown and Spectre vulnerabilities, the fact that no known exploit exists, the issues the emergency patches are causing AND the fact that to exploit these vulnerabilities is a highly technical job, Network ROI have carried out the following actions:

  • Antivirus products have been updated to be compatible with the operating system update.
  • Our security team is monitoring the situation closely for developments
  • We are delaying the release of January’s Microsoft patches until they have been properly tested and we are satisfied they stable

In order to protect your data and company in the meantime, we highly recommend that basic cybersecurity hygiene is observed – this includes educating users not to click on suspicious links or opening email attachments from unknown sources.

The security team at Network ROI recommend you consider following the Cyber Essentials or IASME Governance scheme as a minimum standard of cyber and information security.

Sign up to the Network ROI blog

  • We'd love to keep in touch with you by email with offers, news and new product information. We treat all personal data with respect, and we promise NEVER to sell your details to third parties for marketing purposes.
How to change the password on your Virgin Superhub 2
by

How to change the password on your Virgin Superhub 2

Virgin Media is advising 800,000 customers in the UK using the Superhub 2 router to change the default password that’s printed on the device. A Which? Investigation has found that the popular router could be hacked within a matter of days if no action is taken. The investigation targeted a real home that used the Superb 2 to connect to the Internet. The default password is relatively weak, consisting of only 8 lowercase letters from a-z.

Ethical security researchers SureCloud accessed the router using hacking tools found on the web in just a few days. They were also able to log into the router’s configuration settings since the default password is shared across all Superb 2 routers.

How to create a secure password – Read our free guide.

Your router: the gateway to your home network

If hackers successfully penetrate the home router, they can potentially access all the devices on your network, including smart devices. Smart devices are becoming increasingly popular as people seek new ways to manage their home, reduce energy consumption and secure their homes. App controlled CCTV cameras are a popular method for monitoring home security, however, they could pose a significant threat to security if they become compromised by hackers.

We recommend changing the default username and password on all smart devices prior to installation. We would also recommend updating the firmware to the latest version as soon as a new version is released. If possible, we would also recommend using some form of two-factor authentication to add an additional layer of protection to your connected devices.

Following the Which? hack, Virgin has been quick to respond and has urged Superhub 2 users to update passwords immediately. They are also offering to upgrade users to the more secure Superhub 3.0.

Don’t panic, here’s how to change your Superhub 2 password

If you have a Superhub 2, Virgin is advising you not to panic as the chances of your home network being hacked are still low.

  1. Connect your computer to the Superhub using an ethernet cable
  2. Enter the web address on the Superhub sticker to access the settings page and click on ‘Wireless Network Settings’.
  3. Enter your new password into the box marked ‘passphrase’.
  4. Restart all devices connected to the Superhub and enter the new wi-fi password to get online. You can disconnect your computer from the superhub.
If you are having difficulty changing your Superhub 2 settings, get in touch with Virgin Media by visiting superhub support page below.

Configure advanced settings on your Virgin Superhub 2 

Worried about cyber security?

Get in touch with our security team by filling out the form.

  • We'd love to keep in touch with you by email with offers, news and new product information. We treat all personal data with respect, and we promise NEVER to sell your details to third parties for marketing purposes.
7 Essential tips to avoid WannaCrypt
by

7 Essential tips to avoid WannaCrypt

WannaCrypt, WannaCry or WannaCrypt0r 2.0 is a type of malicious software program called ransomware that targeted a known vulnerability to infect and encrypt the contents of Windows PCs around the globe. This attack affected over 100,000 machines in over 100 countries in under 24 hours, affecting individuals and high-profile organisations including the NHS. The attack could have had much more serious consequences if it wasn’t for the quick-thinking of a researcher who stopped the threat spreading by just registering a domain name!

Ransomware is a piece of malicious software or malware that blocks access to a computer, or it’s files and demands payment for release. criminals don’t always play by the rules, access to data is not guaranteed, even after paying the ransom Ransomware is typically triggered when a user opens an email containing a malicious attachment such as a PDF or Microsoft Office document.

WannaCrypt is a game-changer!

WannaCrypt is different from traditional forms of ransomware as it can replicate itself and spread to other machines on the computer network, making WannaCrypt a hybrid ransomware/worm program. The infection spreads via SMB (Server Message Block) protocol used by Windows machines to communicate with other file servers over a network. An infected machine will then spread the malicious program to other at-risk devices.

Once infected, the WannaCrypt installer will extract a resource in a password protected zip file (wary.zip) which contains the executable ransomware files. WannaCrypt will also download a TOR client that it uses to communicate with the WannaCrypt servers.

What does WannaCrypt do?

The malicious program encrypts most of the files on a machine, and then a payment demand appears on the screen.  The criminal gang behind WannaCrypt request $300 in Bitcoin. Upon payment, you will receive a decryption key. The figure doubles to $600 if they haven’t received payment within three days. Access to files may be lost forever if payment still hasn’t been made within a week.

How to avoid the threat of WannaCrypt and other Ransomware threats

As mentioned earlier in the article, WannaCrypt targets a particular vulnerability within the Windows Operating System. There is, however, a high probability that other vulnerabilities will become exposed and exploited within the coming days, weeks, months and even years. Here are some tips to help you, your family and colleagues avoid falling victim to cyber crime.

  1. Delete any suspicious emails immediately, or if it’s from a known source, call the person to confirm they sent it
  2. Never forward such emails to colleagues
  3. Never click on an attachment in a suspicious email
  4. Alert your IT department if you receive a suspicious email
  5. Keep Anti-Virus and anti-Spam software up-to-date
  6. Keep Windows Operating System software up-to-date
  7. Ensure that you have email and web security that can block malicious emails and malware Command & Control server communications
  8. Keep essential software up-to-date to the latest version

What to do if you have a ransomware problem

If you have fallen victim to WannaCrypt or any form of ransomware, do the following:

  • Pull the power lead from your machine immediately
  • Inform a member of your IT team or your line manager

Finally

Security incidents such as WannaCrypt can strike at any time. Therefore it is important to maintain a regular backup schedule as part of your wider Disaster Recovery strategy.

The National Cyber Security Centre (NCSC) has released a statement with guidance and more information regarding the attack.

About Network ROI

Network ROI is a Managed Service Provider based in Scotland with skilled technical engineers throughout the UK.

As a Cyber Essentials and IASME certified company, we help organisations improve the security of their internal networks and reduce the likelihood of outside threats.

If you are worried about WannaCrypt or any other form of cyber crime, call us on 0131 510 3456 or fill out the form below and a member of our team will be in touch soon.

  • We'd love to keep in touch with you by email with offers, news and new product information. We treat all personal data with respect, and we promise NEVER to sell your details to third parties for marketing purposes.
VISIT THE NETWORK ROI BLOG
EMAIL SERVICEDESK HOW TO GET SUPPORT YOUR PORTAL QUICK SUPPORT CHAT SUPPORT