News

A botnet is a number of Internet-connected devices, each of which is running one or more bots. Botnets can be used to perform distributed denial-of-service attack (DDoS attack), steal data, send spam, and allow the attacker access to the device and its connection. The owner can control the botnet using command and control (C&C) software. Users are often unaware of a botnet infecting their system. 

Infected devices are controlled remotely by cybercriminals, and are used for specific functions, so the malicious operations stay hidden to the user. 

The botnet malware typically looks for vulnerable devices across the internet, rather than targeting specific individuals, companies or industries. The objective for creating a botnet is to infect as many connected devices as possible, and to use the computing power and resources of those devices for automated tasks that generally remain hidden to the users of the devices.

For example, an ad fraud botnet that infects a user's PC will take over the system's web browsers to divert fraudulent traffic to certain online advertisements. However, to stay concealed, the botnet won't take complete control of the web browsers, which would alert the user. Instead, the botnet may use a small portion of the browser's processes, often running in the background, to send a barely noticeable amount of traffic from the infected device to the targeted ads.

On its own, that fraction of bandwidth taken from an individual device won't offer much to the cybercriminals running the ad fraud campaign. However, a botnet that combines millions of devices will be able to generate a massive amount of fake traffic for ad fraud, while also avoiding detection by the individuals using the devices.

Security experts have been saying for more than a decade that it is “not if, but when” an organisation will be hacked. Therefore, the focus needs to move to “What to do when you are hacked”.

Cybercrime is big business, a huge underground economy estimated to be larger than the drug trade. Large amounts of money are then invested into developing new cyber-attacks to steal data, hijack systems and find your passwords, credit card and bank details.

Companies need to identify what their critical data is, where it is located, the impact on the company if that data is destroyed or shared, and how quickly they can recover from a breach. The response to a major hack becomes as important as the security measures taken to protect that data.

The attacks are getting more sophisticated and even security professionals fall for phishing.  This highlights the need to report and alert the general public to new scams and attacks as they are detected.

The reality is that “people are the weakest link” in the security chain.  Organisations need to foster an environment that allows employees to do their jobs by providing training and testing to mitigate the risk.

The New Zealand Government has set up CERT NZ to provide trusted and authoritative information and advice, while also collating a profile of the threat landscape in New Zealand.

Computer Culture is constantly updating our Cyber Security solutions to ensure that our customers have the best protection and a way back from a disaster.

 

Each year we see security reports from dozens of companies about how the sky is falling – mainly because the people sponsoring the reports are in the umbrella business. However, some data in a recent Verizon Data Breach Investigations Report was of some concern. Unpatched vulnerabilities are still a huge opportunity for threat actors.

The report looked at over 100,00 incidents with only 3% recognised as actual breaches. An enormous 99.9% of the exploited vulnerabilities took advantage of a reported Common Vulnerabilities and Exposures weakness that had been patched at least a year ago.

Most crucially, the report noted that it’s not just about patching, but also about ensuring you prioritise patching of your most critical and vulnerable systems.

Devices such as laptops and desktops which are seldom used are a risk to a customer’s security and can present a serious vulnerability in their network.

If they stay offline for a few months and then are re-introduced to the network these will not have current antivirus definitions or patches installed. The devices will be getting used immediately in their unpatched state, then often shut down again before all the patches and additional updates can be installed.

This can lead to some easily exploited vulnerabilities in your network that cyber criminals can use to do some serious damage to your business systems and infrastructure.

If you have any devices that haven’t been used for more than 2 weeks, give our friendly team a call to find out how to safely bring these back online on your network.

For a considerable period, small external USB hard drives were a favoured means of backing up a company’s valuable data. This backup method ticked the boxes by ensuring the storage device was backed up to another destination and secondly that backup was taken offsite. It was a satisfactory solution provided there was at least 3 drives, they were rotated out daily and one of the set was always offsite in a secure location.

Unfortunately, over time the short comings of this type of backup have become painfully apparent.

The list of problems include:
• USB Drives failing due to constant handling and transporting
• Drive not changed due to designated person being on leave or off sick
• Staff become forgetful or complacent and drive changes do not occur daily
• Error reports generated by the backup software being ignored

One of the inherent problems with this backup system is that if the current backup and the source are at the same location and a disaster occurred later in the day the amount of work lost can be up to 2 days. In this scenario, the last backup is going to be at least 24 hours old and still onsite with the person who was responsible for taking it home that evening.

We know of a company where one of the backup drives had failed and they were down to only two in rotation. On the day of the February earthquake, the server was in the office, the first backup drive was plugged into the server ready for the end of day back up, and the second drive was in the manager’s briefcase ready to be taken off site that evening. When the quake struck everyone quickly evacuated the building leaving the server and all the backups in the building.  Fortunately, the company was able to get back into the building and rescue the backup. In doing so they avoided a disastrous data loss and learnt a very powerful lesson.

It is for all of the above reasons that Computer Culture no longer recommends this type of backup. With the value of company data and rapid growth of cybercrime, a robust backup system is now an essential part of an organisations IT. 

An offsite backup solution which is proactively managed and monitored has become the favoured solution of many of our customers. Please call us If you wish to make the move away from the rotated drive backup system.

At Computer Culture we are constantly refining our web filtering settings to ensure we strike a happy balance between keeping out the malicious content and allowing legitimate use.

We don’t always get it right and below is an example of an overly protective filter which thought that the user viewing a link to “new chicks” was a bit dodgy. However, this sort of harmless block is always a great reminder to know that you’re being protected!

The process of screening out rogue and undesirable websites is an essential part of a security solution so we can afford to have the odd false positive.

Program expanded in January 2017. It is essential to recheck your battery, even if you did so previously and were informed that it was not affected.


If you have already received a replacement battery, you are not affected by this expansion. 

In January 2017, in cooperation with various government regulatory agencies, HP announced an expansion of its ongoing worldwide voluntary safety recall and replacement program for certain notebook computer batteries, which was announced in June 2016. The program has been expanded to include additional batteries that were shipped with the same notebook products. These batteries have the potential to overheat, posing a fire and burn hazard to customers. 

Because these batteries pose a fire and burn hazard, it is essential to recheck your battery, even if you did so previously and were informed that it was not affected. However, if you have already received a replacement battery, this expansion does not affect you. 

The affected batteries were shipped with specific HP, Compaq, HP ProBook, HP ENVY, Compaq Presario, and HP Pavilion notebook computers sold worldwide from March 2013 through October 2016, and/or were sold as accessories or spares, or provided as replacements through Support.

Customers should cease use of affected batteries immediately. Customers may continue to use their notebook computer without the battery installed, by connecting the notebook to external power. HP’s primary concern is for the safety of our customers. HP is proactively notifying customers, and will provide a replacement battery for each verified, eligible battery, at no cost. For customers with 10 or more potentially affected batteries, HP has put in place a process to assist with the validation and ordering process. For details please refer to the FAQs tab on this website. 
Getting Started 

Note: Not all batteries in all HP, Compaq, HP ProBook, HP ENVY, Compaq Presario, and HP Pavilion Notebook Computers are affected.

Click here to find out if your battery is affected.

When most of us think of hackers, we conjure up images of a spotty teenager sitting in a darkened room trawling the Internet on their laptop. Cybercrime, however is a massive and highly organised industry. It is now larger than the international drug trade with larger sums of money being made. Last estimate put it at $445 billion a year.