Software

Cybercriminals Hijacking Netflix and Other Streaming Accounts

Posted on by Andy Miller

It has been reported that the surge in the use of streaming music and video services has been accompanied by a surge in the number of user accounts being taken over by cybercriminals.

Entertainment During Isolation

Self-isolation and the instruction to stay at home during the next few weeks in the COVID-19 crisis has meant that many people have turned to streaming services like Amazon Prime Video, Netflix, Spotify and Apple Music. In fact, the demand has been so high that many streaming and social media platforms have reduced the bit rate of videos in order to make sure that services can still be delivered without taking up too much bandwidth.

Stealing and Selling Your Credentials

Security company Proofpoint has now warned that cybercriminals are taking advantage of this increase in demand for streaming services by stealing the valid credentials of users and selling them online.  This means that someone else may be piggybacking off a user’s streaming account without them even knowing it.  When the account credentials are sold online (for a much lower price than normal accounts), the seller gives instructions to the buyer not to try and change the login details of the account.

How?

For cybercriminals to hijack streaming accounts, they first need to steal the legitimate credentials of existing users. Proofpoint has reported that this is achieved by using methods such as:

Keyloggers and information stealers – software that has been unwittingly downloaded, that is able to record keystrokes to discover logins and other valuable personal data.

Phishing attacks – convincing emails from bogus sources that have made users click on a link/ to re-direct, which has led to login credentials and financial information being stolen and/or malicious software being loaded onto their computer/device.

Credential stuffing – where logins are stolen in cyber-attacks on other sites/platforms and sold on to other cybercriminals are tried in other websites in the hope that a user has been password sharing (using the same login for multiple websites).

How Do You Know?

The ways to tell whether your streaming account is being piggybacked include checking the settings to view which devices are connected to the account, checking previous activity on the account and activating the options that notify you each time a new device connects to your account.

Protection

Since the ability to hijack a streaming account relies on the ability to steal login details, following basic data security and hygiene can dramatically reduce the risk to users. For example, using strong and unique passwords, not sharing passwords between different websites/platforms, using a good password manager, keeping anti-virus software and patches up to date, keeping systems and browsers up to date, and not clicking on links or attachments in emails may help protect against this and others similar crimes.

What Does This Mean For Your Business?

Cybercriminals are quick to take advantage of a crisis or a trend and are always keen to find easy, low-risk ways to get money and personal details.  In this case, adhering to relatively basic security best practice can prevent you from falling victim to this and many other cyber-crimes.

Sadly, this is not a new situation.  For example, a CordCutting.com report from last year suggested that around 20 per cent of people who watch a paid-for video streaming service are using someone else’s account.

Now that streaming services are experiencing a surge in users and are very much in the spotlight, it may be a good time for those services to tackle some of the long-running security concerns and to reassure users that they are taking some responsibility to make it much more difficult of others to piggyback accounts.

Cybercriminals Take Advantage of Covid-19 Outbreak With Phishing Emails

Posted on by Andy Miller

Some cybercriminals have already taken advantage of the fear surrounding the Covid-19 outbreak by sending out phishing emails that promise cures, seek donations, or heighten panic in order to extract personal data and money.

Phishing For Fear

Cybercriminals rely on exploiting human error that’s often driven by emotional responses.  The coronavirus outbreak has, therefore, provided scammers with a near-perfect opportunity to exploit the heightened the level of fear and to offer things that will take that fear and panic away as a motivation for a person to click on a link.  Clicking on a link in a phishing email, however, means having malicious software loaded onto your device that can allow cybercriminals to take control of your computer, log keystrokes, gain access to your personal information and financial data (for theft and identity theft), or simply direct you to a payment page.

Examples

Examples of the kinds of corona-virus related phishing emails which have been spotted over the last couple of weeks, and could be coming to an inbox near you, include:

– As reported by Proofpoint, an email purporting to be from a doctor offering details of a vaccine cure that’s been kept secret by the Chinese and UK governments.  Clicking on the link promises access to the vaccine cure details.

– Workplace policy emails that target employees in a specific company/organisation and encourage them to click on a link that will take them to their company’s Disease Management Policy.  Clicking on the link will, in fact, download malicious software that can provide a way into the company network.

– As reported by Mimecast, using the promise of a tax refund for coronavirus, directing the target to click on a link to input all their financial and tax information and with the lure of gaining access to (bogus) funds.

– Asking for donations for a fake campaign to fund the fast development of a Covid-19 vaccine.  In this scam, the victim is directed to a bitcoin payment page.

– As reported by Proofpoint, an email purporting to be from the World Health Organization (WHO) that offers a fake document with information about preventing the spread of coronavirus, where clicking on the link actually leads to the downloading of keylogging software (criminals can track your keystrokes to uncover passwords).

– Emails that exploit feelings of panic, such as an email that claims that Covid-19 has become airborne and asks the target to click on a link to a fake Microsoft login page.

Spotting Phishing Emails

Many phishing emails have giveaways that you can spot if you know what you’re looking for.  Examples of ways in which you can identify a phishing email include:

– Online requests for personal and financial information e.g. from government agencies are very unlikely to be sent by email from legitimate sources.

– Beware of generic greetings. Scammers are less likely to use your name to personalise the email greeting and title.

– Mistakes in spelling and grammar can be signs of scam emails.

– Check the email address by hovering your mouse (without clicking!) over the link in the email. This can quickly reveal if the email is genuine.

– Beware of heavy emotional appeals that urge you to act immediately.  These are signs of scam emails that hope to bypass your reasoning and tap into an emotional response.

What Does This Mean For Your Business?

Scammers often use phishing emails when there is/has been a recent crisis, when there’s been fraud/cybercrime that’s affected lots of people, or on other such events to take advantage of those who are looking for help and answers.  Scammers know that where emotions are strong and where they can tap into that by offering relief from negative feelings and by saying what people want to hear, they are more likely to achieve their aims.

In the case of coronavirus, although companies and organisations are issuing statements related to it, the best advice is to simply check the information that is given out through trusted, official sites such as the NHS https://www.nhs.uk/conditions/coronavirus-covid-19/, the World Health Organisation https://www.who.int/health-topics/coronavirus, and via trusted TV and radio stations.

Crisis or not, always exercise caution when you receive emails from unknown or unusual sources and remember that government agencies and financial institutions don’t send out emails asking for personal and financial information.

Companies also need to alert employees, many of whom may soon be working from home and may have a reduced ability to quickly ask the boss or manager about certain emails, to the threat of phishing emails with a Covid-19 theme and to the threat of social engineering attacks that could take advantage of a physically divided and reduced workforce.

Surge In Demand For Teleconference Apps and Platforms That Enable Home Working

Posted on by Andy Miller

The need for people to work from home during the Covid-19 outbreak is reported to have led to a huge increase in the downloads of business teleconferencing apps and in the use of popular cloud-based services like G Suite.

Surge In Downloads

Downloads of remote and collaborative working and communication apps such as Tencent Conference (https://intl.cloud.tencent.com/), WeChat Work (from China), Zoom, Microsoft Teams and Slack are reported to have risen by a massive fivefold since the beginning of the year, driven by the effects of the Covid-19 outbreak.

For example, services such as Rumii (a VR platform, normally $14.99 per month) and Spatial, which enable users to digital meetings in virtual rooms with 3D versions of their co-workers have seen a boost in the number of users, as has video communications app zoom.

Freemium Versions

Even though many of these apps have seen a surge in user numbers which could see users continuing to use them and recommending them in future if their experiences of the apps are good, the ‘freemium’ versions (the basic program for free and advanced features must be paid for) appear to account for most downloads.

Some companies, such as Rumii, have now started to offer services for free after noticing a rise in the number of downloads as Covid-19 spread in the United States.

G Suite

Google’s cloud-based G Suite service (Gmail, Docs, Drive, Hangouts, Sheets, Slides, Keep, Forms, Sites) is reported to have gone past the two billion monthly active users mark at the end of last year. It appears to have gained many active users due to people preparing to work from home following the Covid-19 outbreak.

Google has also offered parts of its enterprise service e.g. Hangouts Meet (video conferencing) for free to help businesses during the period when many employees will need to work from home.

Microsoft

Microsoft is also reported to be offering a free six-month trial for its collaborative working platform ‘Teams’, which surpassed the 20 million active user mark back in November.

Unfortunately, Microsoft Teams suffered a reported two-hour outage across Europe on Monday, just as many employees tried to log in as part of their first experience of working at home in what some commentators are now calling the new “post-office” era.

What Does This Mean For Your Business?

Cloud-based, collaborative and remote working and communications platforms are now providing a vital mitigating lifeline to many businesses and workers at the start of what is likely to be a difficult, disruptive, dangerous and stressful time.  Companies that can get the best out of these cloud-based tools, especially if they can be used effectively on a smartphone, may have a better chance of helping their businesses survive a global threat. Also, the fact that many companies and employees are forced to seek out and use cloud-based apps and platforms like these could see them continuing to make good use of them when the initial crisis is over and we could be witnessing the trigger of a longer-term change in working towards a post-office era where businesses make sure they can last out the effects of future similar threats.

Tech Tip – Managing Background Apps

Posted on by Andy Miller

If you’re connecting via a mobile device, information, notifications and updates going to and from apps that run in the background can sap your battery power and your data.  Here’s how to control which apps are running in the background:

– Go to Settings > Privacy > Background app.

– To stop all apps from running in the background, toggle ‘Let apps run in the background’ to ‘Off’. Be aware that some background app updates serve a useful purpose.

– To stop individual apps from running in the background, scroll down the list and switch to ‘Off’ as required.

Tech Tip – The 2nd Start Menu

Posted on by Andy Miller

In addition to the main Start menu that you can access by clicking on the Windows symbol (bottom left), Windows 10 has a 2nd start menu that gives you fast access to features like PowerShell, Device Manager, Task Manager and File Explorer.  Here’s how to launch it:

– Click on the Windows key + X or right-click on the Windows icon (bottom left).

– This will launch the 2nd Start menu.

Featured Article – Coronavirus and Tech Shares

Posted on by Andy Miller

Coronavirus is firstly a threat to public health but the impact of the virus hitting the Chinese economy (a centre for tech goods), the threat of widescale illness among workers, the effects of measures to contain the virus and other factors have already had a serious effect on economies and tech share prices.

Biggest Hit Since 2008

The disruption and fear caused by the coronavirus (SARS-COV-12/COVID-19) outbreak meant that end of February saw the US stock markets suffering their worst falls since the 2008 global financial crisis with the three big US indexes ending 10% on the week before and with the UK markets following suit and the FTSE 100 index down 3.2% for the day.

The Governor of the Bank of England, Mark Carney, has also warned that the effects of coronavirus could lead to the UK’s growth prospects being downgraded.

Also, the US Federal Reserve has just slashed interest rates, to between 1% and 1.25%. That’s down from 1.5% to 1.75%, to protect America’s economy from the economic impact of the “evolving risks” of coronavirus.

Contributing Factors and Reactions

From seeing the first news from China to hearing about the rapid spread through Iran, Korea, Japan and Italy, many tech companies are seeing downward pressure on their share prices caused by the coronavirus outbreak and spread. There are many contributing factors and many reactions by tech companies to these factors that have fuelled the fall. These include:

– China, the country which the virus is thought to have come from, and which has seen whole cities and their industries and markets shut down and seriously disrupted is a major tech component manufacturing country for major tech companies e.g. the US. This has caused shortages in supply chains and other knock-on factors to other big economies and markets and the tech companies that operate within them. For example, Apple has major component supply companies in China, and Korea e.g. Samsung Electronics Co Ltd, LG Electronics Inc, and LG Innotek.  Both Samsung and LG Innotek have shut their factories due to a worker testing positive for coronavirus.  Apple is also supplied by STMicroelectronics (chipmakers) in Italy.

– Big tech companies are not attending important tech industry conferences and shows.  For example, Huawei is postponing the hosting of its February developer conference to the end of March, Alphabet (Google) has cancelled its I/O developers conference set for May 12-14, Facebook Inc has cancelled its annual developer conference which was due to be held on May 5 and 6 in San Jose, California (which attracted 5,000 people last year), and Microsoft won’t attend a games developer conference in March.

– Consumers and other tech stakeholders are changing their travelling habits and purchasing habits and are holding onto their money as they anticipate perhaps having to ride-out a work shutdown, store closures, transport cancellations and disruptions and more. Lower revised earnings warnings have been issued by tech companies that are already feeling the pinch and are anticipating a more drawn-out crisis than they had originally thought.  For example, Microsoft has revised its earnings due to fears over how the coronavirus could affect PC supply chains.

– Factory and workplace closures, not just of suppliers, but of the tech companies themselves are causing disruption.  For example, Tesla has postponed Model 3 deliveries due to a closed factory in Shanghai, Google has asked thousands of employees at its European headquarters in Dublin to work from home, Twitter is encouraging its 5,000 global staff to work from home, and cryptocurrency exchange platform Coinbase is asking some employees to start working from home.

– Store closures are also contributing to downward pressures on share prices.  For example, major tech companies have been temporarily shutting down retail stores across China, and in other affected countries and population centres.

Baidu in China

Chinese tech companies are also suffering.  For example, Baidu Inc, China’s biggest search engine company, has warned that its first-quarter revenue could drop by as much as 13% from a year earlier due to the effect of the coronavirus epidemic on economic activity and advertising.

Opportunity?

Whereas the downside of fall in share prices is being seen as a very bad event for the markets generally, some people, such as US CNBC’s ‘Mad Money’ presenter Jim Cramer have pointed out that tumbling stock values can mean that investors have an opportunity to buy tech stocks at a low price now that will grow in value soon.  With this in mind, and suggesting that those stocks that have little China exposure and work in a largely stay-at-home environment are the best options, Mr Cramer has recommended 10 stocks to buy now while the market is still affected by coronavirus.  These include the tech-related stocks of Adobe, Shopify, Square, Zoom Video Communications.

Expectations

Despite the initial huge fall in share/stock prices at the end of February, when panic was reaching its highest point, the news that central bankers from the world’s biggest economies have been speaking to Group of 7 Finance to discuss a response to the outbreak e.g. lowering of interest rates, fuelling expectations among investors that governments might go with a co-ordinated lowering interest rates has given a boost back up to many stocks and led to shares in Europe making somewhat of a recovery from the initial huge losses.

Looking Ahead

For those seeking information about coronavirus in the UK, the latest government information can be found here https://www.gov.uk/guidance/coronavirus-covid-19-information-for-the-public and the NHS advice and information can be found here https://www.nhs.uk/conditions/coronavirus-covid-19/.

The unknown nature of the immediate future as regards the spread (through clustering) and duration of the coronavirus outbreak, coupled with the many reduced growth forecasts, disruption in global supply chains, and many tech and other companies shutting offices and factories and recommending remote working where possible means that tech share prices are likely to be functioning well below expectations for some time yet.

Billions Of Devices At Risk Due To Wi-Fi Chip Vulnerability

Posted on by Andy Miller

A security threat to devices, Wi-Fi access points (APs), and routers that comes from the Kr00k Wi-Fi chip vulnerability could affect billions according to security researchers.

Kr00k

The existence of Kr00k, also known by the catchy name of CVE-2019-15126 was made public at the recent RSA Conference in San Francisco and its discovery was attributed to ESET security researchers Miloš Cermák, Robert Lipovský and Štefan Svorencík.

Broadcom and Cypress Chips

According to the researchers, the Kr00k vulnerability is present in Wi-Fi chips manufactured by Broadcom and Cypress.  These chips are present in billions of devices and, prior to patches being developed and released already by many major manufacturers, the kinds of devices that were at risk included home smart speakers (Amazon Echo), Kindles, smartphones (Apple iPhone and Samsung Galaxy), the Raspberry Pi 3 and many Wi-Fi routers and access points that have Broadcom chips.

What Could Happen?

The Kr00k vulnerability could allow attackers to decrypt Wi-Fi traffic, thereby gaining access to data. Kr00k can do this by forcing an extended dissociation period in Wi-Fi devices, which is the temporary disconnection that occurs when a device moves between access points or when there is a low signal. In this period, Kr00k resets the encryption key used to secure packets to an all-zero value, giving the attackers access to your data.

This kind of attack, however, may not be as easy as it sounds because attackers would need to be within close range of their target’s Wi-Fi network.

Related to Krack

Some security commentators have noted that Kr00k is related to Krack, discovered in 2017, a vulnerability that was also a threat to devices that connected using Wi-Fi and required attackers to be in close proximity to the Wi-Fi network.  Krack was found to be a vulnerability in the Wi-Fi Protected Access 2 (WPA2) protocol.

What Does This Mean For Your Business?

The security researchers who discovered Kr00k shared their findings with the relevant manufacturers early-on which meant that the major manufacturers were able to quickly develop and release patches, thereby significantly reducing the scale of the threat posed by Kr00k.  Also, the need for attackers to be in close proximity to a Wi-Fi network to exploit the vulnerability is unlikely to be particularly attractive to many cybercriminals who prefer methods that allow maximum financial gain with minimum effort and that position them a long distance from their targets in a way that cannot be traced back to them.

Additionally, in this case, even though it is technically possible for attackers to use the dissociation period to decrypt Wi-Fi traffic, the data that they would be intending to steal is subject to being additionally encrypted by TLS thanks to HTTPS.

Gigabit, Ultrafast Broadband For One Million Households In The West Midlands

Posted on by Andy Miller

Virgin Media has announced that in the UK’s largest gigabit switch-on to date, it is launching its next-generation Gig1 Fibre Broadband services for 1 million+ homes in Birmingham, Coventry and surrounding areas across the West Midlands.

Speed

Virgin Media says that its Gig1 Fibre Broadband offers broadband speeds up to 20 times faster than the regional average with an average peak-time download speed of 1,104Mbps.

Also, the Hub 4 gigabit-capable router is Virgin’s fastest to date and can manage multiple devices at the same time around the home, thereby sharing the hyper-fast speed.  This could mean that ultra-high-definition 4K films and TV programmes, large files and 360-degree videos could be downloaded almost instantaneously, even with multiple devices using the connection at the same time.

Virgin Media says that it now has the largest gigabit-capable network in the UK which currently passes nearly 15 million UK premises.

Government

The government’s Digital Secretary, Oliver Dowden, has said that Virgin Media’s gigabit switch-on for households in the Midlands puts them “a million homes closer in delivering our plans to deliver gigabit broadband to everyone in the UK” and stresses that his government are investing £5 billion to make sure that “even the hardest to reach areas aren’t left behind”.

Electronic Communications Code Changes

In October 2019, the UK’s Electronic Communications Code was amended to help speed up fast broadband rollout across the UK. The change to the law gave broadband operators compulsory rights to install their apparatus on another person’s property, thereby getting around the problem of landlords not responding to requests for access to blocks of flats and apartments.

Full Fibre By 2025?

Back in June last year, while on the campaign to become the next Conservative party leader, Boris Johnson proposed a target of full-fibre broadband for the UK by 2025.  This target has since been seen by many not realistic because ‘full-fibre’ would mean digging up land and laying down cables, even in the most remote of homes.

What Does This Mean For Your Business?

For those in the Midlands who actually need these kinds of speeds, this service could be advantageous, and it could benefit small (home) businesses with large data requirements.

Although it is the beginning of ultra-fast broadband rollout in an area where there is a large population and is, therefore, a step in the right direction, critics say that many users may not need a connection that fast and may simply not know the speed of the connection that they already have.

Broadband and Wi-Fi are now essential services for business, and businesses would obviously welcome any improvement in broadband speeds in the UK as soon as possible as it would undoubtedly help UK companies to become more competitive and would boost the economy.

AI Skills Course Available – Free of Charge

Posted on by Andy Miller

A free, basic AI skills course, funded by Finland’s Ministry of Economic Affairs and Employment (MEAE), is being made available to citizens across the EU’s 27 member states.

Success in Finland

The decision by the Finnish government to make the course available online across the EU to an estimated five million Europeans (1% of the total population of EU states) in the 2020-2021 academic year was boosted by the popularity of a test run of the course in Finland back in 2018.

The Course

The six-chapter ‘Elements of AI’ course, which is still open to UK citizens, is aimed at de-mystifying and providing a critical and customised understanding of AI, offers a basic understanding of what AI is, how it can be used to boost business productivity, and how it will affect jobs and society in the future. The six chapters of the course can be studied in a structured or ‘own-pace’ way and cover the topics of What is AI?, AI problem solving, real-world AI, machine learning, neural networks and implications.

The course is available in six languages – English, German, Swedish, Estonian, Norwegian and Finnish.

Run by the University of Helsinki, the course represents a way in which a university can play a role in reaching a Europe-wide, cross-border audience and build important competencies for the future across that area.

Gift

The provision of the online course, which is funded by the MEAE to an estimated cost of €1.7m a year is essentially a gift from Finland, not just to leaders of fellow EU states but to the people of EU countries to mark the end of Finland’s six-month rotating Presidency of the Council of the EU.  It is the hope, therefore, that Finland’s gift will have real-world value in terms of helping to develop digital literacy in the EU.

You can sign up for the course here: https://www.elementsofai.com/

170 Countries

It’s claimed that to date, the free online AI course has been completed by students from over 170 countries and that around 40 % of course participants are women, which is more than double the average for computer science courses.

What Does This Mean For Your Business?

With a tech skills shortage in the UK, with AI becoming a component in an increasing number of products and services, and with the fact that you can very rarely expect to get something of value for nothing, this free online course could be of some value to businesses across Europe.  The fact that the course is delivered online with just a few details needed to enrol makes it accessible, and the fact that it can be tackled in a structured way or at your own pace makes it convenient.  It’s also refreshing to see a country giving a gift to millions of citizens rather than just to other EU leaders and the fact that more women are taking the course must be good news for the tech and science sectors. Anything that can effectively, quickly and cheaply make a positive difference to digital literacy in the EU is likely to end up benefitting businesses across Europe.  Also, even though the UK’s now out of the EU, it’s a good job that we’re still able to access the course.

Tech Tip – Ransomware Protection in Windows 10

Posted on by Andy Miller

Ransomware is still a common threat to businesses, but you may not know that Windows 10 already has a ransomware protection features built-in to Windows Defender which is usually disabled by default.  Here’s how to enable ransomware protection:

N.B. If you already have third-party antivirus software installed and Windows Defender’s real-time protection is disabled, the Ransomware Protection features screen and Controlled Folder Access feature won’t be accessible to you. You’ll find this out when you follow these instructions:

– Click on the Start menu.

– Type Windows Security and select the search result, or go to the Settings app, then to Update & Security > Windows Security.

– Open Windows Security and click on the Virus & Threat Protection option

– Scroll down to Ransomware Protection and click on the Manage ransomware protection option.

– Next page, you will see a description of Controlled folder access – toggle to enable it.

– To enable Ransomware Protection, turn on Controlled Folder Access and log in to OneDrive.

– This will allow you to configure Controlled Folder Access and choose which folder you want to monitor and block from malicious programs.