News

Author: Ali Dehghantanha   - Lecturer in Cyber Security and Forensics, University of Salford

If you’ve ever forgotten your phone or left it at home for the day, you will have realised just how much you use it. On average, we check our mobile phones about 110 times a day. Using them for just about everything, from summoning an Uber car and paying for our latest Amazon purchases, to receiving prescriptions and even tracking shares and trading on the stock market. 

Unsecured mobile phones are among the top seven major causes of security breaches and your mobile number is all a hacker needs to start the attack. Using your number, hackers can send you a text message containing a malicious link, which when clicked allows them to read your texts, listen to your calls and even track your whereabouts.

Smartphones are valuable targets for hackers – more so than laptops or personal computers. This is because they can be used as a “pivot point” to attack heavily protected environments such as banks or critical national infrastructure. Hackers can redirect their malicious traffic through your phone and store collected data on it. This means that all forensics traces would point to you as the hacker rather than the real culprit. 

On top of this, most phones are open to attack 24 hours a day, seven days a week, often with only limited security features in place. Combine this lack of security with the fact that most modern phones now contain more processing power than the computers that landed Apollo 11 on the moon, and it’s not hard to see why they are a hacker’s weapon of choice.

The worst-case scenario? You could wake up one morning to the police kicking down your door, investigating a sophisticated cyberattack with all the evidence pointing to you. Regardless of how ridiculous it may seem, in the absence of any cyber-monitoring or cyber-defence solution you would have a very hard time proving that you were not guilty. And it is not just hackers you need to worry about, even the US National Security Agency and the UK’s GCHQ have secretly used innocent people’s devices to cover their malicious activities. 

In my career as a cyber forensics investigator, I have not only seen many of these cases but also scenarios where hackers have been hired by organisations to deliberately frame employees by planting material such as child pornography onto their work phones. The person in question is then accused, for example, of selling secret company information to competitors and when the legal team investigates their phone, they find the child pornography. It is a scary prospect.

Keeping your phone under lock and key isn’t really an option. 

Many people wrongly believe that their mobile service providers should deploy cyber-protection mechanisms for their users. But if you read the terms of service, you will clearly see that as the owner and user, it is solely your responsibility to protect yourself. Exactly in the same way that you protect your laptop when you surf the internet.

If you are reading this and you are yet to install at least an anti-virus application on your phone, stop reading immediately and install one – there are many good anti-virus applications that are completely free. You should also make sure to only install applications from well-known app markets such as Google Play or the Apple or Windows Stores. Never “jail break” or root your phone to install free apps unless you are a security expert and know what you are doing. 

And it may sound like common sense, but do not click on the links you receive from unknown sources. It is also a good idea to have all your phone data encrypted and to install a logging or monitoring solution on your phone to have records of all activity. It could well turn out to be your “get out of jail free card” – just on the off chance anything was to happen.

Devices such as laptops and desktops which are seldom used are a risk to a customer’s security and can present a serious vulnerability in their network.

If they stay offline for a few months and then are re-introduced to the network these will not have current antivirus definitions or patches installed. The devices will be getting used immediately in their unpatched state, then often shut down again before all the patches and additional updates can be installed.

This can lead to some easily exploited vulnerabilities in your network that cyber criminals can use to do some serious damage to your business systems and infrastructure.

If you have any devices that haven’t been used for more than 2 weeks, give our friendly team a call to find out how to safely bring these back online on your network.

For a considerable period, small external USB hard drives were a favoured means of backing up a company’s valuable data. This backup method ticked the boxes by ensuring the storage device was backed up to another destination and secondly that backup was taken offsite. It was a satisfactory solution provided there was at least 3 drives, they were rotated out daily and one of the set was always offsite in a secure location.

Unfortunately, over time the short comings of this type of backup have become painfully apparent.

The list of problems include:
• USB Drives failing due to constant handling and transporting
• Drive not changed due to designated person being on leave or off sick
• Staff become forgetful or complacent and drive changes do not occur daily
• Error reports generated by the backup software being ignored

One of the inherent problems with this backup system is that if the current backup and the source are at the same location and a disaster occurred later in the day the amount of work lost can be up to 2 days. In this scenario, the last backup is going to be at least 24 hours old and still onsite with the person who was responsible for taking it home that evening.

We know of a company where one of the backup drives had failed and they were down to only two in rotation. On the day of the February earthquake, the server was in the office, the first backup drive was plugged into the server ready for the end of day back up, and the second drive was in the manager’s briefcase ready to be taken off site that evening. When the quake struck everyone quickly evacuated the building leaving the server and all the backups in the building.  Fortunately, the company was able to get back into the building and rescue the backup. In doing so they avoided a disastrous data loss and learnt a very powerful lesson.

It is for all of the above reasons that Computer Culture no longer recommends this type of backup. With the value of company data and rapid growth of cybercrime, a robust backup system is now an essential part of an organisations IT. 

An offsite backup solution which is proactively managed and monitored has become the favoured solution of many of our customers. Please call us If you wish to make the move away from the rotated drive backup system.

By now, you’ve heard about phishing – fraudulent emails that masquerade as communications from a legitimate source. These emails trick unsuspecting readers into giving up personal information or compromise their machines with spyware or viruses. Thankfully, email filtering and security has improved a great deal over the past few years. Unfortunately, no matter how effective the security, some phishing emails will always make it to the inbox – that’s where you come in. Here are some tips to help you identify a phishing or spoofing email.

Attackers have started to use Windows and Android malware to hack into embedded devices, dispelling the widely held belief that if such devices are not directly exposed to the Internet they're less vulnerable.

Researchers from Russian antivirus vendor Doctor Web have recently come across a Windows Trojan program that was designed to gain access to embedded devices using brute-force methods and to install the Mirai malware on them.


Mirai is a malware program for Linux-based internet-of-things devices, such as routers, IP cameras, digital video recorders and others. It's used primarily to launch distributed denial-of-service (DDoS) attacks and spreads over Telnet by using factory device credentials.

At Computer Culture we are constantly refining our web filtering settings to ensure we strike a happy balance between keeping out the malicious content and allowing legitimate use.

We don’t always get it right and below is an example of an overly protective filter which thought that the user viewing a link to “new chicks” was a bit dodgy. However, this sort of harmless block is always a great reminder to know that you’re being protected!

The process of screening out rogue and undesirable websites is an essential part of a security solution so we can afford to have the odd false positive.

Spinach is no longer just a superfood: by embedding leaves with carbon nanotubes, MIT engineers have transformed spinach plants into sensors that can detect explosives and wirelessly relay that information to a handheld device similar to a smartphone.

If you have steadfastly refused to update your Windows 10 PC to a new build since launch, Microsoft has given you another 2 months reprieve to still get patches and bug fixes.

Build 1507 of the OS was to exit support on the 26th March, but Microsoft has now announced on Technet that version 1507 will continue to be serviced until May 2017.

Currently Microsoft plans to only support the two latest versions of Windows 10, and expect most users to remain current with the latest version of the OS via automatic updates, a practice which has been criticised but which means that more than 75% of Windows 10 users are on the latest public version of the OS.

Every year on January 28th, the world celebrates Data Privacy Day. But keeping data safe and out of the wrong hands isn’t a once-a-year task. Today, keeping your data private is a daily task—one that involves an understanding of new data protection regulations and cyber security best practices. Here are nine predictions to help you understand what data privacy and security will look like in 2017.

1. Privacy and security will clash. There will be a major clash between privacy and security, as advances are made on both fronts from various legislative actions. On the one hand, countries are working to expand their surveillance of data communications and streamline law enforcement access to computers and data. For example, Britain’s new Investigatory Powers Act (Snooper’s Charter) will require ISPs to keep logs of all websites visited by UK citizens for 12 months and which websites were visited but not the pages and not the full browsing history. It also allows police authorities and intelligence officers to see users’ Internet records as part of their targeted and filtered investigations without a warrant.
   On the other hand, data protection laws, such as the EU GDPR, which will go into effect on May 25, 2018, will restrict how businesses collect, store and use personal data and institute enforcement mechanisms to ensure businesses are reporting on data breaches in a timely manner to governing bodies. For example, businesses will be required to notify supervisory authorities of a data breach within 72 hours.
   
   
2. Second-hand electronics will cause headaches for many businesses. The rise in second-hand electronics will become a data recovery nightmare for both businesses and end users. An independent analysis of used drives and mobile devices from online sites like Amazon, eBay, Gazelle and Craigslist have shown this to be true with large amounts of sensitive personal data and corporate data recovered, including customer lists, Salesforce records, spreadsheets with sales information, company emails, social security numbers, financial details, photos, videos and so much more. This calls into question certain ‘reliable’ methods many businesses and people are using to supposedly ‘delete’ data. But many of these methods (i.e. quick format, basic delete, factory reset) are not actually effective and leave a treasure trove of data exposed to hackers.
   
   
3. Companies will leave data behind. Companies that go out of business – or shut down part of their operations/physical locations – need to add secure data removal into their ‘close down’ procedures. If they don’t, hackers could easily discover sensitive, confidential corporate data that’s been left behind in online backups, orphaned data stores, servers and virtual machines.
   
   
4. The Internet of Things will expand. IoT will create a morass of personal and corporate data on millions of connected devices. The only way to ensure all that connected data doesn’t fall into the wrong hands is to create a system of processes and tools that make it easy to manage, protect and securely erase all data on-demand. The important piece here will be in providing proof that the connected data has been removed and cannot resurface at any given point in the future.
   
   
5. Hackers will turn recent proof of concept exploits into attacks. This will allow them to mine poorly wiped virtual machines. Essentially, they’ll be able to steal credentials and other critical data. Organizations need to ensure they know where their data resides, especially when it comes to the cloud. Processes must be put in place to ensure that virtual machines are permanently and verifiably erased when they are no longer needed.
   
   
6. Ransomware, spear phishing and direct attacks will be a triple threat. The triple scourge of ransomware, spear phishing against corporate treasury functions and direct attacks on central banks will continue to drive investments in new security technology. On the endpoint, new technologies that use machine learning are being deployed to catch malware without needing signatures. Learning and training systems are being deployed to reduce the number of successful spear phishing attacks. Central banks are, in turn, beefing up their own cybersecurity practices and requiring partners to do so too.
   
   
7. Quantum computing research will continue. Nations will continue to make large investments in quantum computing research with the goal of being the first to engineer a major breakthrough. The winner in this new arms race will have a short-term edge (and leverage) in the world of technology. On the one hand, this will create a crisis for all cryptography since quantum computing is theorized to be extremely effective at breaking even the largest key. On the other hand, it will create an opportunity for post-quantum crypto start-ups. New methods of encryption will be proposed that are impervious to cracking with quantum computers.
   
   
8. Denial of Service attacks will be broken. In 2017, all records for large distributed Denial of Service attacks will be broken. Every organisation that depends on connectivity for communicating with their customers or providing a service should have a plan in place for dealing with DDos attacks. This means redundant systems for computing, DNS and connectivity, and a recovery plan. Look for single points of failure because the attackers will find them.
   
   
9. Where data is stored will matter more. The geographical preferences for where data is hosted will increase. For example, companies may want to host data in the UK or elsewhere. This will then require businesses to migrate data, which in turn, will trigger the need to permanently erase data from old locations. And this will need to be done on a large-scale basis for big companies – and will require specific processes to ensure the data migration project was done properly and that ‘old’ data was properly removed.

Program expanded in January 2017. It is essential to recheck your battery, even if you did so previously and were informed that it was not affected.


If you have already received a replacement battery, you are not affected by this expansion. 

In January 2017, in cooperation with various government regulatory agencies, HP announced an expansion of its ongoing worldwide voluntary safety recall and replacement program for certain notebook computer batteries, which was announced in June 2016. The program has been expanded to include additional batteries that were shipped with the same notebook products. These batteries have the potential to overheat, posing a fire and burn hazard to customers. 

Because these batteries pose a fire and burn hazard, it is essential to recheck your battery, even if you did so previously and were informed that it was not affected. However, if you have already received a replacement battery, this expansion does not affect you. 

The affected batteries were shipped with specific HP, Compaq, HP ProBook, HP ENVY, Compaq Presario, and HP Pavilion notebook computers sold worldwide from March 2013 through October 2016, and/or were sold as accessories or spares, or provided as replacements through Support.

Customers should cease use of affected batteries immediately. Customers may continue to use their notebook computer without the battery installed, by connecting the notebook to external power. HP’s primary concern is for the safety of our customers. HP is proactively notifying customers, and will provide a replacement battery for each verified, eligible battery, at no cost. For customers with 10 or more potentially affected batteries, HP has put in place a process to assist with the validation and ordering process. For details please refer to the FAQs tab on this website. 
Getting Started 

Note: Not all batteries in all HP, Compaq, HP ProBook, HP ENVY, Compaq Presario, and HP Pavilion Notebook Computers are affected.

Click here to find out if your battery is affected.