News

Fingerprints Replacing Passwords for Some Google Services

Posted on by Andy Miller

Google has announced that users can verify their identity by using their fingerprint or screen lock instead of a password when visiting certain Google services, starting with Pixel devices and coming to all Android 7+ devices in the next few days.

How?

Google says that years of collaboration between itself and many other organizations in the FIDO Alliance and the W3C have led to the development of the FIDO2 standards, W3C WebAuthn and FIDO CTAP that allow fingerprint verification.

The key game-changer in how these new technologies can help users is that unlike the native fingerprint APIs on Android, FIDO2 biometric capabilities are available on the Web which means that the same credentials be used by both native apps and web services. The result is that users only need to register their fingerprint with a service once and the fingerprint will then work for both the native application and the web service.

Fingerprint Not Sent To Google’s Servers

Google is keen to point out that the FIDO2 design is extra-secure because it means that a user’s fingerprint is never sent to Google’s servers but is securely stored on the user’s device.  Only a cryptographic proof that a user’s finger was scanned is actually sent to Google’s servers.

Try It Out

In order to try the new fingerprint system out, you will need a phone that’s running Android 7.0 (Nougat) or later, make sure that your personal Google Account is added to your Android device, and make sure that a valid screen lock is set up on your Android device.

Next, open the Chrome app on your Android device, go to https://passwords.google.com, choose a site to view or manage a saved password, and follow the instructions to confirm that it’s you trying signing in.

Google has provided more detailed instructions here: https://support.google.com/accounts/answer/9395014?p=screenlock-verif-blog&visit_id=637012128270413921-962899874&rd=1

More Places

Google says that this is just the start of the embracing of the FIDO2 standard and that more places will soon be able to accept local alternatives to passwords as an authentication mechanism for Google and Google Cloud services.

What Does This Mean For Your Business?

Not having to use a password but to be able to rely upon fingerprint (biometric) verification (or screen lock) instead should mean greater convenience and security for users of Google’s services, and should also reduce the risk to Google of having to face the results of breaches.

The development and wider use of the FIDO2 standard is, therefore, good news for businesses and consumers alike, particularly considering that Google (at 8% share) is one of the top 10 vendors that account for 70% of the world’s cloud infrastructure services market.

Back in May, Microsoft’s Corporate Vice President and Chief Information Officer Bret Arsenault signalled (in a CBNC interview) that Microsoft was looking also to move away from passwords on their own as a means of authentication towards (biometrics) and a “passwordless future”.  For example, 90% of Microsoft’s 135,000 workforce can now log into the company’s corporate network without using passwords but instead using biometric technology such as facial recognition and fingerprint scanning via apps such as ‘Windows Hello’ and the ‘Authenticator’ app.

Amazon Echo: Child Labour Concerns

Posted on by Andy Miller

Reports of a 2018 investigation by China Labour Watch (CLW) into the Amazon Echo manufacture at the Hengyang Foxconn factory show that the recruiting of young interns from vocational schools could mean that the Amazon devices are made with the help of child labour.

Schools Providing Workers For Night Shifts

The report of the investigation by New York-based non-profit group CLW claims that a number of interns from schools and colleges were brought in to work night shifts and if they were unwilling to work overtime or night shifts, the factory would arrange for teachers to pressure those workers. The report also claims that if those interns refused to work overtime and night shifts, the factory requested teachers from their schools to sack them from the job.

In addition to the night shift work, the report claims that young interns were required to work ten hours a day, including two hours of overtime, and to work six days a week.

Which Schools and Colleges?

The report claims that schools sending interns to work at the Hengyang Foxconn factory which manufactures Amazon Echo devices included Sinosteel Hengyang Heavy Machinery Workers Technical College, Hengyang Technician College, Hengyang Vocational Secondary School, Hengyang Industrial Workers College, and Hengnan County Technical School.

Teachers and Schools Paid

The worrying report also claims that teachers assigned to the factory put immense pressure on interns and sometimes resorted to violence and aggression against interns.  Teachers who helped at the factory are reported to have received a 3000 RMB ($425) subsidy from the factory, with their school receiving 3RMB ($0.42) for every hour an intern worked.

Dispatch Workers

The report also claims that the factory had hired a high number of dispatch workers, violating Chinese labour law.

13 Violations Listed

The report lists 13 violations that Amazon has allegedly made at the factory including interns working night shifts and overtime, and interns having to keep their heads down at their workstation for an extended period while doing repetitive motions.

What Does Amazon Say?

Amazon has been reported as saying that it is investigating the allegations and has sent representatives to the factory site as part of that investigation.  Amazon is also keen to promote the fact that it has a supplier Code of Conduct, and that suppliers are regularly assessed in relation to this.

What Does This Mean For Your Business?

Child labour is generally a feature of the world’s poorest countries, where, according to UNICEF, around one in four children are engaged in work that is potentially harmful to their health.  For example, International Labour Organisation (ILO) figures show that almost half of child labour (72.1 million) is to be found in Africa, 62.1 million in the Asia and the Pacific, and 10.7 million in the Americas.

Sadly, labour laws in China are not as strictly enforced as in other countries, and although Foxconn may be keen to promote the idea that internships at the factory are the way for young people to gain practical work experience, the report’s allegations of children working long hours and nightshifts while being pressured by teachers doesn’t appear to fit in with that picture.

While most of us like to purchase lower-priced goods, we are often unaware of how they were made and at whose expense. Companies need to keep costs down, but child labour is something that most businesses would actively avoid and is something that consumers certainly do not like the idea of.  These allegations, therefore, could have a negative impact on Amazon, thereby adding to some its other recent troubled headlines such as reports last year of Amazon’s profits trebling while its UK tax bill was significantly reduced, and how on Amazon’s Prime Day sale this year, thousands of their workers protested at sites around the world demanding better working conditions.

One-Third of Major VPNs Owned By Chinese

Posted on by Andy Miller

A recent survey by VPNpro has revealed that almost one-third of the most popular VPN services are secretly owned by Chinese companies that may be subject to weak privacy laws.

VPN

A ‘Virtual Private Network’ (VPN) is used to keep internet activity private, evade censorship / maintain net neutrality and use public Wi-Fi securely e.g. avoid threats such as ‘man-in-the-middle’ attacks.  A VPN achieves this by diverting a user’s traffic via a remote server in order to replace their IP address while offering the user a secure, encrypted connection (like a secure tunnel) between the user’s device and the VPN service.

Based In China

The VPNpro research found that the top 97 VPNs are run by only 23 parent companies and that although 6 of these companies are based in China and offer 29 VPN services between them, information on their parent company is often hidden to users.

Metric Labs Research Last Year

The results of the VPNPro research support the findings of an investigation by Metric Labs last year which found that of the top free VPN (Virtual Private Network) apps in Apple’s App Store and Google Play, more than half are run by companies with Chinese ownership.

What’s The Problem?

The worry about VPN services being based in China is that China not only tightly controls access to the Internet from within the country, but has clamped down on VPN services, and many of the free VPN services with links to China, for example, offer little or no privacy protection and no user support.  Weak privacy laws in China, coupled with strong state control could mean that data held by VPN providers could be accessed and could enable governments or other organisations to identify users and their activity online, thereby putting human rights activists, privacy advocates, investigative journalists, whistle-blowers, and anyone criticising the state in danger.  For other users of China-based VPN services, it could also simply mean that they could more easily be subject to a range of privacy and security risks such as having their personal data stolen to be used in other criminal activity or could even be subject to industrial espionage.

China, Russia, Pakistan and other states whose activities are causing concerns to Western governments all appear to be less trusted when it comes to hosting VPN services or redirecting Internet traffic through their countries.  For example, in February this year, US Senators Marco Rubio (Republican) and Ron Wyden (Democrat) asked the Department of Homeland Security to investigate governmental employees’ use of VPNs because of concerns that many VPNs that use foreign servers to redirect traffic through China and Russia could intercept sensitive US data.

What Does This Mean For Your Business?

The reason for using a VPN is to ensure privacy and security in communications so it’s a little worrying that some of the top VPN services are based in countries that have weaker privacy laws than the UK and are known for strong state control of communications.

Fears about security and privacy of our data and communications have been heightened by reports of Russia’s interference in the last US election and the UK referendum, and by the current poor relations between the Trump administration (which the UK has intelligence links with) and warnings about possible espionage, privacy and security threats from the use of equipment from Chinese communications company Huawei in western communications infrastructure.   Also, in the UK, there is a need by businesses and organisations to remain GDPR compliant, part of which involves ensuring that personal data is stored on servers based in places that can ensure privacy and security.

It appears, therefore, that for businesses and organisations seeking VPN services, some more desk research needs to be done to ensure that those services have all the signs of offering the highest possible levels of security and privacy i.e. opting for a trusted paid-for service that isn’t owned by or a subsidiary of a company in a state that has weak privacy laws.

Opting Out of People Reviewing Your Alexa Recordings

Posted on by Andy Miller

Amazon has now added an opt-out option for manual review of voice recordings and their associated transcripts taken through Amazon’s Alexa but it has not stopped the practice of taking voice recordings to help develop new Alexa features.

Opt-Out Toggle

The opt-out toggle can be found in the ‘Manage How Your Data Improves Alexa’ section of your privacy settings, which you will have to sign-in to Amazon to be able to see.  This section contains a “Help Improve Amazon Services and Develop New Features” section with a toggle switch to the right-hand side of it and moving the toggle from the default ‘yes’ to the ‘no’ position will stop humans reviewing your voice recordings.

Echo owners can see the transcript and hear what Alexa has recorded of their voices by visiting the ‘Review Voice History’ of the privacy section.

Why Take Recordings?

Amazon argues that training its Alexa digital voice assistant using recordings from a diverse range of customers can help to ensure that Alexa works well for all users, and those voice recordings may be used to help develop new features.

Why Manually Review?

Amazon says that manually reviewing recordings and transcripts is another method that the company uses to help improve their services, and that only “an extremely small fraction” of the voice recordings taken are manually reviewed.

Google and Apple Have Stopped

Google has recently been forced to stop the practice of manually reviewing its auto snippets (in Europe) by the Hamburg data protection authority, which threatened to use Article 66 powers of the General Data Protection Regulation (GDPR) to stop Google from doing so.  This followed a leak of more than 1,000 recordings to the Belgian news site VRT by a contractor working as a Dutch language reviewer.  It has been reported that VRT was even able to identify some of the people in the recorded clips.

Apple has also stopped the practice of manual, human reviewing of recordings and transcripts taken via Siri after a (Guardian) report revealed that contractors used by Apple had heard private medical information and even recordings of people having sex in the clips.  This was thought to be the result of the digital assistant mistaking another word for its wake word.

What Does This Mean For Your Business?

If you have an Amazon Echo and you visit the ‘Review Voice History’ section of your privacy page, you may be very surprised to see just how many recordings have been taken, and the dates, times, and what has been said could even be a source of problems to those who have been recorded.  Even though we understand that AI/Machine Learning technology needs training in order to improve its recognition of and response to our questions, the fact that mistakes with wake words could lead to sensitive discussions being recorded and listened to by third-party contractors, and that voices could even be identified from those recordings highlights a real threat to privacy and security, and a trade-off that many users may not be prepared to accept.

It’s a shame that mistakes and legal threats were the catalysts for stopping Google and Apple from using manual reviewing, and it is surprising that in the light of their cases, Amazon is not stopping the practice as a default altogether but is merely including an opt-out toggle switch deep within the Privacy section of its platform.

This story is a reminder that although smart speakers and the AI behind them bring many benefits, attention needs to be paid, as it does by all companies to privacy and security when dealing with what can be very personal data.

Goodbye Skype for Business, Hello Teams

Posted on by Andy Miller

Microsoft has announced that Skype for Business Online will be giving way to ‘Teams’, with support for Skype for Business ending on 31 July 2021, and all new Microsoft 365 customers due to get Microsoft Teams by default from 1 September 2019.

What Is Teams?

Introduced back in November 2016, ‘Teams’ is a platform designed to help collaborative working and combines features such as workplace chat, meetings, notes, and attachments. Described by Microsoft as a “complete chat and online meetings solution”, it normally integrates with the company’s Office 365 subscription office productivity suite, and Teams is widely considered to be Microsoft’s answer to ‘Slack’.

Slack is a popular, multi-channel collaborative working hub that offers chat channels with companies and businesses you regularly work with, direct voice or video calls and screen-sharing, integrated drag-and-drop file sharing, and an App Directory with over 1,500 apps that can be integrated into Slack.

Back in July 2018, Microsoft introduced a free, basic features version of Teams which did not require an Office 365 account, in order to increase user numbers and tempt users away from Slack.

According to Microsoft figures announced in July, Teams now has 13 million users which are more than Slack’s 10 million users.  Microsoft is keen to promote Teams as a new communications tool rather than just an upgrade to Skype for Business.

End of Skype For Business
Microsoft originally announced at the end of 2017 that Teams was set to replace Skype for Business as Microsoft’s primary client for intelligent communications in Office 365.

With this in mind, Microsoft ended support for Skype for Business at the end of July, will be giving all new 365 customers Teams by default from 1 September and has said that current Skype for Business Online customers won’t notice any change in service in the meantime.

Migration and Interoperability

Microsoft has announced investment and interoperability that will ensure a painless migration to Teams for Skype for Business Online.  For example, from the first quarter of 2020 customers on both platforms will be able to communicate via calls and text chats, DynamicE911 will work in Teams, and Teams also includes contact centre integration and compliance recording solutions.

What Does This Mean For Your Business?

Microsoft is succeeding in challenging and overtaking its competitor Slack in the business collaborative working communications tools market.  Brand reach and power coupled with a free version, and now compulsory migration for existing and default for new users has seen Teams reach the point where, as planned by Microsoft more than two years ago, it can ably replace Skype for Business.

It appears that Microsoft is making efforts and investing to ensure that the migration is as smooth for (and attractive to) existing Skype business customers as possible and that the voice and video capabilities, cognitive and data services and insights that Teams offers should add value that could translate into advantages and extra efficiencies for users.

Google Plugs Incognito Mode Detection Loophole With Chrome 76

Posted on by Andy Miller

Google has announced that with the introduction of Chrome 76 (at the end of July), it has plugged a loophole that enabled websites to tell when you were browsing in Incognito mode.

Incognito

Incognito mode in Chrome (private browsing) is really designed to protect privacy for those using shared or borrowed devices, and exclude certain activities from being recorded in their browsing histories. Also, less commonly, private browsing can be very important for people suffering political oppression or domestic abuse for example, where there may be important safety reasons for concealing web activity.

Loophole Plugged

The loophole that is being plugged with the introduction of Chrome 76 relates to FileSystem API.  In the case of Google’s Incognito mode, the problem has been that whereas Chrome’s FileSystem API is disabled in Incognito Mode to avoid leaving traces of activity on someone’s device, some websites that have been checking for Incognito mode have still been able to detect that is being used, and have received an error messages to confirm this.  This has meant that Incognito browsing has not been technically incognito.

In Chrome 76, which has just been introduced, the behaviour of the FileSystem API has been modified to ensure that Incognito Mode use can no longer be detected, and Google has stated that it will work to remedy any other future means of Incognito Mode usage in Chrome being detected.

Metered Paywalls Affected

While this change may be a good thing for Chrome users, it is more bad news for web publishers with ‘metered paywalls’. These are web publishers that offer a certain number of free articles to view before a visitor must register and log in. These websites have already suffered from the ability of users to use Incognito mode to circumvent this system, and as a result, many of these publishers resorted to Incognito detection to stop people from circumventing their publishing system.  Stopping the ability to detect Incognito browsing with the introduction of Chrome 76 will, therefore, cause more problems for metered paywall publishers.

Google has said that although its News teams support sites with meter strategies and understand their need to reduce meter circumvention, any approach that’s based on private browsing detection undermines the principles of its Incognito Mode.

What Does This Mean For Your Business?

Plugging this loophole with the new, improved Chrome 76 is good news for users, many of whom may not have realised that Incognito mode was not as incognito as they had thought. Using Incognito mode on your browser, however, will only provide privacy on the devices you browse on and won’t stop many sites from still being able to track you.  If you’d like greater privacy, it may be a case of using another browser e.g. Tor or Brave, or a VPN.

For metered paywall publishers, however, the plugged loophole in Chrome 76 is not good news as, unless these publishers make changes to their current system and/or decide to go through the process of exploring other solutions with Google, they will be open to more meter circumvention.

A.I. Powered Bar-staff. Who’s Next?

Posted on by Andy Miller

In what’s been called the world’s first ‘A.I. Bar’ (developed by British data science product company DataSparQ) ordering a drink at a busy bar has been made easier, faster and fairer by using facial recognition technology to place customers in an “intelligently virtual” queue.

Solving Old Problems

Information and statistics (DataSparQ) show that pub-goers in Britain spend more than two months over a lifetime queuing for drinks and that people pushing in at bar queues is the biggest gripe.  Who to serve next as efficiently as possible without causing an argument, and how to spot underage customers at busy times are challenges faced by many bar workers.  Also, solo drinkers and females can find busy bars intimidating and frustrating.

The new DataSparQ ‘A.I. Bar’ Software-as-a-Service product, which costs landlords from just £199 a month and uses a standard webcam, display screen and Internet connection to link up to A.I facial recognition technology appears to be able to address all of these challenges.

How It Works

The A.I. Bar, which has been tested in London, uses a camera linked to the machine learning technology to spot those persons arriving at the bar.  The system displays a live video of everyone queuing on a screen above the bar and a number, which appears above each customer’s head, representing their place in the queue. The system also protects customer privacy by deleting the data (pictures of faces) within 24 hours.

For bar staff, the ordered numbering of customers, and the fact that customers are clearly aware of their number in the queue reduces the chance of arguments. The system shows the bar staff on an iPad, exactly who to serve next thereby helping bars and pubs to maximise their ordering efficiency. The system also tells bar staff who they should ask for I.D. to verify their age, thus helping the pub/bar to stay on the right side of the law.

More Pints Served

In tests of the system, the before and after data has revealed there was an overall reduction in serving times with equivalent of more than 1,600 pints extra poured over a year compared to the average UK pub.  This could equate to a potential 78million additional pints poured a year if the UK’s 48 thousand pubs adopted the A.I Bar technology.

What Does This Mean For Your Business?

For UK pubs and any business which have to deal with busy bars (hotels, clubs, live music venues and festivals), this system is an example of how the latest technology can be used in a practical setting to solve a number of age-old problems that have troubled drinkers, owners and staff alike.  If this system was widely adopted, the efficiencies created, the extra beer sales, and the reduction of potentially intimidating situations in pubs could benefit the wider pub and drinks trades, and could go some way to helping at a time when so many pubs are being forced to close.

Free Ransomware Killers Save £88M in Ransoms

Posted on by Andy Miller

Free downloadable ransomware tools launched by Europol in association with several cybersecurity firms as part of the ‘No More Ransom’ initiative are estimated to have saved businesses £87.6 million.

Who / What Is Europol?

Europol is the European Union Agency for Law Enforcement Cooperation.

No More Ransom

‘No More Ransom’ is the name given to the initiative launched July 29th 2016 by Europol’s European Cybercrime Centre.  This is the National High-Tech Crime Unit of the Netherlands’ police and McAfee that works to help victims of ransomware to retrieve their encrypted data without having to pay ransoms to criminals.  The idea is that, by restoring access to their infected systems free of charge, victims now have a third choice they did not have before.

Portal

The ‘No More Ransom’ portal ( https://www.nomoreransom.org/ ), which was originally released in English, is now available in 35 other languages, and thanks to the cooperation between more than 150 partners, provides a one-stop-shop of tools that can help to decrypt ransomware infections – see https://www.nomoreransom.org/en/decryption-tools.html.

Impressive Stats

Europol has reported that its ‘No More Ransom’ portal has visitors from 188 countries and since its introduction in 2016 has enabled 200 000 victims of ransomware recover their files free of charge.  In money terms, Europol reports that this equates to $108 million / £87.6 million that cybercriminals have not been paid in ransoms.

For example, No More Ransom’s tools led to 40,000 decryptions of the ‘GandCrab’ ransomware, thereby stopping those victims from having to pay over £41 million.

More Tools This Year

This year has seen the introduction of 14 new tools, thereby enabling the portal to provide the means for users to decrypt 109 different types of potentially crippling ransomware infections.

What Does This Mean For Your Business?

Until the introduction of Europol’s ‘No More Ransom’ portal three years ago, victims of ransomware were faced with a very stark choice of not paying the ransom (potentially losing all their data and/or suffer a permanent shutdown of certain computer systems) or pay the ransom and not only have to find a very large sum of money but also run the risk of the attackers still doing nothing to help even though they’d been paid.  In both cases, the balance of power was very much in favour of the criminal rather than the victim, who may have accidentally downloaded the virus with a mistaken single click in the first place.

The growing number of tools on the No Ransom portal offers businesses that vital third option of being able to restore their valuable data free of charge, thereby providing a practical, easily available way to defeat ransomware attackers.  This could lead to criminals moving away from ransomware as it becomes more difficult to make money from this attack method.

Business owners should remember, however, that even though the No Ransom portal offers real hope, it should not provide an excuse not to take as many preventative security measures as possible in the first place such as educating and training staff and keeping anti-virus software and patches up to date.

Vulnerability in Contactless Card Allows Bypassing of £30 Limit

Posted on by Andy Miller

Researchers from security company Positive Technologies have reported found a vulnerability in Visa contactless cards that could lead to your bank account being drained if your card fell into the wrong hands.

Device

The researchers developed a ‘skimming’ device which was able to intercept communications between a contactless card and payment terminal, thereby allowing the £30 spending limit per transaction to be bypassed without requiring the entry of a PIN number. The device was found to work with cards from five different UK banks. It has been reported that the hack would also work on cards and terminals outside the UK.

The device developed by the researchers, tells the card that verification is not required, even if the payment amount is greater than £30, and the device tells the terminal that verification has already been made, thereby allowing the user to potentially make purchases to an amount that could drain the victim’s bank account.

Visa

Visa is reported to have urged consumers to continue using their cards with confidence because the threat is not really scalable due to it coming from a device that has been made by researchers that is highly unlikely to be in real use anywhere by criminals at this point. Visa is also reported to have noted that although security threats are taken seriously, research tests of this kind have proven impractical for fraudsters to use in the real world, and Visa’s multi-layered security approach has kept rates at less than one-tenth of one per cent.

Contactless Fraud

Despite Visa’s views on this research, contactless fraud levels appear to be rising with (UK Finance figures) fraud on contactless cards and devices reported to have increased from £6.7 million in 2016 to £14 million in 2017, and with nearly £8.5 million was lost to contactless fraud in the first half of last year.

What Does This Mean For Your Business?

Even though this vulnerability was exploited by researchers who had developed a device and system that fraudsters are not known to be using, it still highlights the fact that it is possible to get around contactless card security and that Visa doesn’t appear to be asking issuers and acquirers to have any checks in place that could block payments without presenting the minimum verification.  Also, any of the random checks that terminals do carry out currently have to be set by the merchant. If fraudsters could get their hands on a similar device, banks and their customers could face damaging losses.

Some security commentators believe that bearing in mind the apparent rise in contactless fraud, issuing banks should also take more responsibility for security by adding their own security measures rather than simply relying on Visa’s protocol.

Commercial Release of BlueKeep Malware Causes Concern

Posted on by Andy Miller

Tech and security commentators have expressed their fears that a version of the BlueKeep malware (that’s been included in a commercial penetration testing toolkit) could prove to be dangerous if it falls into the wrong hands.

What Is BlueKeep?

BlueKeep is a kind of malware that can be deployed to exploit a vulnerability in older versions of the Windows operating system.  The malware, which was discovered in May, is estimated to have already affected one million systems globally, and is, therefore, thought to have the potential to become a bigger threat than WannaCry (the ransomware from 2017 that affected 300,000 computers in 150 countries worldwide).

The vulnerability that BlueKeep uses is the Remote Desktop Protocol (RDP) and can affect Windows Vista, 7, XP, Server 2003 and Server 2008 operating systems. BlueKeep will not affect Windows 10.

BlueKeep is self-replicating, without the need for user interaction, and once an attacker has sent malware packets to an unpatched system where RDP is enabled the attacker is then able to perform several actions including adding user accounts, installing more malicious programs and changing data.

A patch was issued by Microsoft back in May for all supported Windows operating systems, Windows XP and Server 2003.

Version Commercially Available

Bearing in mind the threat to businesses and individual users posed by BlueKeep some tech and security commentators have expressed concern that a working version of BlueKeep has been released commercially by Immunity as part of its CANVAS penetration testing toolkit.  Even though the price of the toolkit may deter purchases by potential attackers just to get their hand on BlueKeep, the fear still exists that this commercial release may be dangerous if it falls into the wrong hands.

Healthcare and Telecoms Systems Risk

Some security commentators have noted that older healthcare computer systems and the kind of end-customer systems that can’t be upgraded themselves that are used by telecoms companies may be at risk of being infected.

What Does This Mean For Your Business?

BlueKeep is a real threat for those businesses still using the older versions of the Windows operating system (Vista, 7, XP, Server 2003 and Server 2008).  Although a patch has been issued, patching some business systems can be complicated and time-consuming, but businesses are advised to do so as soon as possible bearing in mind how quickly and easily BlueKeep has spread to date.

In addition to making sure Windows systems are patched and up to date, business IT administrators can also take precautions like disabling any unused and unneeded RDP services, blocking TCP Port 3389 and enabling network-level authentication in RDP services so that would-be attackers can be prevented from performing remote code execution without valid credentials.