How Do Hackers Evade Detection?

Hacking is becoming too frequent a headline for our liking these days. It seems as though the technology that’s been developed to make our lives easier is backfiring thanks to a small army of hackers.

Getting their kicks out of circumventing firewalls and other security measures are putting the rest of us at risk.

So how come these attacks keep happening?

Well, according to BullGuard, before launching an attack, hackers make sure they cover their tracks by:

  • Breaking into poorly secured computers and using these hijacked systems as proxies through which they can launch and route attacks worldwide
  • Using viruses, worms, phishing emails and other malware to take control of internet servers or personal computers to create a network of ‘zombie’ computers, also known as botnets
  • These botnets are then used to launch attacks.
  • As a result, an attack may appear to come from a particular server or computer, but this does not mean the attack originated at that device.
  • Often a string of different proxies are used, typically located in different countries.

It is these factors that make it so difficult to find out where the original attack was launched.

As BullGuard states:

“ It can be done but requires law enforcement from different countries to co-operate with each other.

“On the surface, this may seem straightforward but political agendas can get in the way of forensics. For instance, law enforcement might trace an attack as far as a server IP address in Russia or a router on Chinese territory.

“This doesn’t provide definitive proof that the attack was launched from a server in Russia or a router in China, these devices could be proxies used by the attackers. But political relations, for instance between the US, Russia and China, ensure that the forensics investigations can’t go any further. This is why it is often difficult to catch attackers. That said, circumstantial evidence can certainly point a finger in the right direction.”

Attackers sometimes start small

BullGuard when on to explain:

“Attackers sometimes start their attacks by attacking small, remote and obscure computers or networks or piggyback into networks by infecting other devices. Their ultimate targets are often large organisations with sensitive information.

“But they don’t just press a big red attack button; instead they carry out surveillance and crawl through a victim’s network to find suitable launch points to reach their ultimate targets.

  • Foreign nation state-backed hackers took over outdated Windows servers run by a small company. They then moved across the network onto other servers. Spear-phishing emails were then sent from these compromised servers to more than a hundred targets, including companies working for the US Department of Defense.
  • Attackers exploited a vulnerable web application on public school servers to break into them. They moved around the networks and installed backdoors on the school’s computers to launch more attacks.
  • Malicious hackers breached a community club network and then distributed malware to anyone who connected to the club’s Wi-Fi. The attackers then later piggybacked into corporate networks when the owners of the devices had been infected logged onto their company networks.
  • Chinese spies penetrated an old computer belonging to a welding firm located deep in the Wisconsin countryside. The hackers used the compromised computer to plan and stage attacks on a major Manhattan law firm, one of the world’s biggest airlines, a prominent university and other targets.

“Often these firms or individuals have no idea their computers have been compromised until one day they receive a knock on the door from men in suits and raincoats who have a lot of questions.”

 

 

How To Limit The Data Your Android Phone is Sending Google

Your Android phone (even when idle) is sending data to Google – lots of data. A recent study shows that an Android phone “communicated location information to Google 340 times during a 24-hour period” with the Chrome browser merely active in the background.

That’s a whopping ten times more data than iPhones give up.

Is there anything you can do about this?

The answer is yes. Here’s a summary of the tips provided by pcworld.comin a recent blog post.

You have a surprising amount of control over your Google account, so long as you know where to find all the switches.

Google Privacy Checkup

You can adjust the privacy settings across all your Android devices just by visiting the Settings app.

Here you’ll either find a Google tab or an Accounts tab with a Google option inside. Click on Google Account or your email address, and you’ll be taken to your full account page.

At the top of the page, you’ll see a box called Review your privacy settings, which leads to thePrivacy Checkup guide. Tap Get started for an overview of your current settings. By default, everything will be turned on, but several layers can be switched off.

  1. Web & App Activity

This saves your searches, places, and other Google activity to your Google account. It includes browser and Google app searches as well as location data in Maps and Assistant queries.

You can turn it off by tapping the Turned on button and flip the toggle from blue to grey on the next page. Then tap Pausewhen prompted.

One downside with this is that the things you’re searching for might take longer to find because you’ll be searching without getting results explicitly tailored for your tastes.

The other downside affects Maps. You won’t be able to set Home and Work addresses. However, if you have Location History turned on, Maps will still remember your Home and Work destinations under the Driving tab. Another side effect hits Google Home. When you ask to control a smart device such as a light bulb, Assistant will tell you that it doesn’t know how to do that yet.

  1. Location History

Location History is a timeline of the places you’ve been. It uses your phone’s GPS, Wi-Fi, and mobile networks to create a map of where you go with your phone.

You can turn it off by tapping the Turned on button to the right of “Location History” and then Manage settings on the next screen. There you’ll see a list of every device you own that’s sharing its location. You can choose to turn it off for specific devices or nuke the whole thing using the toggle at the top.

Turning off Location History means the results will be more generic, and your location won’t be saved in Maps.

  1. Device Information

This is specifically related to the phone or PC you’re using. In addition to your searches, Google can also access and save your contacts, calendars, media, and app information to your Google account. Google uses this data to recognise specific things on your device, such as contacts and appointments, to help you make calls and send messages more quickly.

To turn it off, tap theTurned on button and flip the toggle on the next page. Then tap Pausewhen prompted.

  1. Voice & Audio Activity

Mainly for Google Assistant, it allows Google to record your voice when you tap the microphone button or summon Google Assistant to “help you get better results using your voice, “recognise the “Hey Google” wake word, and train Voice Match.

You can turn it off by tapping the Manage Voice & Audio Activity button and then Change Setting. Then flip the toggle to off.

Of course, that then means you won’t be able to summon Google Assistant using “Hey Google,” and Google won’t be able to make adjustments to how its voice recognition understands your speech pattern and cadence. You’ll still be able to use the microphone button to dictate text, however.

Other things you can do

Inside the Privacy Checkup, you’ll see toggles for YouTube search and watch history, which you can also turn off. If you’re a heavy YouTube user, these switches will make it harder for you to find recently viewed videos and get personalised recommendations.

You can also limit Google’s ability to track your Chrome history by turning on incognito mode. Instead of tapping the New tab, select New incognito tab. Your Chrome bar will turn black to let you know incognito mode has been activated. Anything you search for or view won’t appear in your browser or search history.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, and surrounding villages.

Protect The Data From Your Smart Devices

Are you concerned about protecting the data from your smart devices?

Are you worried they may be transmitting data back to the manufacturer?

Not worried?

That’s because you don’t what sort of data they are gathering.

Does a smart toy need to collect a child’s interactions? Does your smart TV need to send data on your viewing habits to hundreds of other companies?

How to protect your smart device data

Most companies are less than transparent with users when it comes to telling them how they are collecting data, what data they are gathering, how they are using it, or whether they are selling it onto third parties.

It’s usually available if you know where to look for it. A hint – take a look at the impenetrable terms and conditions.

Here are a few steps you can take to protect your smart devices (courtesy of Bullguard):

  • Smart devices come with an app or web interface so you can set them to operate according to your preferences. Some have privacy controls so you can explore the app/web interface so see exactly what these controls are and whether you can adjust the settings to control the data that is collected and shared.

  • When you register a smart device or sign up for a service, set up a separate email account that you use specifically for this purpose. You can use different names and so on, so if something goes wrong, your actual data won’t be compromised.

  • Google and Apple are increasingly taking steps to protect privacy. B their operating systems, now give you greater control over what data smartphone apps can access. Check the settings menus in your device for these features.

In addition to these, you should also:

  • Set strong passwords– To improve security you should set a strong yet but memorable password or passphrase. You should also do this on your router.
  • Keep your software up to date –  Some smart devices will update automatically, but it’s worth checking the device or app periodically.
  • Voice-controlled smart devices, such as Amazon Echo and Google Home, are vulnerable to the simplest hack – someone else talking to them. You can turn off voice purchasing from the Echo’s Alexa app, or you can set up a four-digit passcode to give an extra layer of security.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, and surrounding villages.

Find Out What Information Google Has On You (And How To Delete It)

Google and in the information it holds on you

 

Google, Facebook, and all the other tech goliaths are discovering that it’s not OK to gather the data of internet users.

We won’t stand for it anymore.

The problem is that our lives are inextricably linked with the online world. Whether we like it or not, every keyboard click weakens our grasp on your privacy.

Although there is no a magic way of stopping your data being harvested, we will show you how to download all the information Google holds on you as a user of its many products.

Find out what Google knows about you

Finding out what data has been collected is remarkably easy.

All you have to do is visit the search giant’s Takeout Tool.

On the left of the screen that appears is an extensive list of Google products. To the right is a slide button to choose the information you want to download.

Be warned though; the files are likely to be enormous.

How to delete the information Google has on you

By now, you’re probably horrified and want to delete all or some of the information you’ve found.

We haven’t got the space here to talk you through each product, but as an example, here’s how to delete the information help through Google Maps:

  • Sign into Google Maps. Click the menu bar and three horizontal lines, and a drop-down menu appears
  • Choose ‘history’ at the bottom and you will be presented with ‘My Activity’ page
  • On the left hand side, you choose ‘Delete activity by’
  • A page appears that gives you the option of deleting your activity for ‘all time’ or specific dates
  • The activities include Books, Google Play Store, Image Search, Maps and Search
  • On the left hand side of the ‘My Activity’ page, you also have the option to manage your data via ‘Other Google activity’

It’s pretty scary what information is stored on us these days, but you have to balance that with the convenience of life online.

Only you can decide what you’re happy with.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Were You One Of The 87 Million Facebook Users Caught Up In The Cambridge Analytica Saga?

Facebook data saga

The Big Fight: Facebook Vs Cambridge Analytica

The Facebook / Cambridge Analytica saga has been fascinating.

Mark Zuckerberg’s grilling by the Senate was cringe-worthy stuff. He came away virtually unscathed. Not because he was proven innocent of any dubious goings-on, but because most of the senators had no idea how Facebook works.

It all started with a personality quiz called, “This Is Your Digital Life.” Anyone who took the test had their data harvested by Cambridge Analytica. Worse still, their friends’ data was mined too.

Facebook announced that if you were amongst the unfortunate 87 million people affected, you would be notified via your News Feed.

But what if you haven’t been notified and are still sceptical?

You can check if your Facebook data was shared with Cambridge Analytica by logging into Facebook and visiting their help page.

This is probably a good time to check out the other apps that have access to your Facebook account and disable any that you no longer use.

What does Facebook know about you?

It’s events like this that make you stop and think about what you share on social media.

PCWorld.com offers a guide on how to download your Facebook data.

If you’re not comfortable with what you find, here’s their article on how to delete, disable, or limit your Facebook account.

 

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Using Dropbox For Business To Work Better And More Safely Together

Dropbox for Business

 

With GDPR legislation on the horizon, we thought we’d let you know about an alternative way to transfer your documentation – Dropbox for Business.

Dropbox for Business is a great way to simplify your work, with a central place from which to access and share your files.

It delivers all the features your business needs, including:

Flexible storage plans

You have the ability to choose the right plan to ensure your team has the space it needs to be productive.

File and version recovery

It provides a quick way to recover deleted files and restore previous file versions.

Team folder manager

Get visibility and control of team folders, including sync management.

Link permissions

You can password protect your links or set expiry dates to grant temporary access.

Dropbox Paper

Dropbox paper gives you a simple and powerful way to create, share and keep your team in sync – with the added benefit of admin controls.

Smart Sync

Access every file in their Dropbox, directly from their desktop, using very little hard disk space.

Admin dashboard

Monitor team activity, view connected devices and audit sharing activity.

Account transfer tool

You can easily transfer files from one user to another when responsibilities change.

Groups

Create groups to manage team member access to specific folders efficiently.

Remote wipe

Clear files from lost or stolen devices to keep company files in the right hands.

Third-party app integrations

Extend the power of Dropbox with over 300,000 connected apps.

Live support

Get answers to your questions quickly via priority phone, email and chat support.

If you’re not already using it or thinking of upgrading your current DropBox account to a business one, pop along to their website and compare the different plans they offer. 

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

What The Equifax Breach Means To You

Equifax Data Breach

 

Last month, the credit reference agency Equifax, admitted that 694,000 customers in the UK had their data stolen between May and July this year.

This vast data breach was part of an attack on the firm’s worldwide customer records in which the personal records of 146 million people in the US were stolen

According to a recent article on BullGuard’s blog, it’s thought that Equifax holds the personal details of 44 million UK citizens, but it’s unclear what percentage of these users have been affected.

The UK’s Information Commissioner’s Office (ICO), the UK’s data privacy watchdog, said it had advised Equifax to “alert affected UK customers at the earliest opportunity.” However, it has no mandatory powers to force it to do so.

This what BullGuard had to say:

Things you need to know

You may not think that Equifax holds any data on you but this would be a mistake.

  • Every UK adult has a credit score
  • The information in your credit report comes from companies that have extended you credit in the past
  • This can include credit card companies, banks, retailers, mortgage lenders, vehicle leasing, mobile phone contracts and more
  • These companies report the details of your credit activity to the credit reporting agencies

In the UK there are three main credit reporting agencies: Experian, Equifax and Callcredit.
According to the Clearscore website:

  • 76% of lenders use Experian
  • 54% of lenders use Equifax.
  • 30% of lenders use Callcredit which is a relatively new agency

What sort of information might Equifax hold?

Although each credit reporting agency reports information differently, they basically all hold the same categories of information.

  • Date of birth
  • Address
  • Employment information
  • Credit account information and payment histories including outstanding loan agreements and utility company debts
  • Court judgments, bankruptcies, debt relief orders, individual voluntary arrangements and administration orders

Dangers and concerns – identity theft and fraud

Equifax said “limited personal information” on UK and Canadian citizens had been filched during the hack.

This is extremely unhelpful and you can read into it what you will. Equifax is engaged in a damage limitation exercise and its definition of “limited personal information” may well be different than yours or mine.

However, in the interests of self-preservation it’s safer to assume that the fraudsters have got hold of information that can be used for fraud such as your name, address and credit histories.

The big concern with this hack is:

  • The stolen information is circulated on the dark web, offered for sale to would-be fraudsters and identity thieves
  • It’s available for years. In fact, the attackers may well hold onto the information and not try to sell it immediately until time has passed and the dust has settled
  • The stolen information is used to apply for credit cards and loans or open banks accounts or even mortgages

In a nutshell, despite Equifax’s claims that “limited personal information” on UK and Canadian citizens has been lost the data is still personal. And as such is a potential goldmine for identity thieves.

  • If someone gets your personal data they can cause a lot of damage. If they can see that you have a good credit score all the better, if not, it won’t stop them trying to use your information.
  • Identity thieves and fraudsters can open an account in your name, gain a loan which goes into the account and then empty it.
  • If a loan, for instance is granted using your data, lenders start chasing you when repayments aren’t made, threatening court orders and bailiffs. And of course, your credit rating is adversely affected.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Source: BullGuard

 

 

Please, Please, Backup Your Data

backup

Have you noticed how many ‘experts’ have sprung up recently?

They’re everywhere.

They’re always telling you to eat healthier, drink less, do more exercise – basically stating what should be obvious. Of course, that doesn’t mean you take any notice of their advice. After all, if you did everything they told you to do life would be pretty boring.

The problem is you shouldn’t ignore all their advice. Listen to it and take on board the things that will make a difference to you.

If you do ignore all the advice you are given, you could regret it.

Take a new client of ours.

The other day, we a small business that had tried to self-manage its computer and fix a problem itself.

The fix resulted in the loss of emails. After much head scratching, the team decided to call MPMIT.

Of course, the first thing we did was to ask if they had a backup, to which they replied:

‘What’s that? Not sure how I go about doing that.’

After a visit to their site, we managed to retrieve their emails and get their systems back up and working again.

After explaining what help MPMIT can provide for small businesses they have agreed to come onboard with our 6 monthly maintenance scheme.

The maintenance scheme consists of regular site visits primarily to make sure that everything is clean and dust free, that all the software is behaving itself and is up to date, and to make sure you have a backup of all your data external to the machines in your business.

The moral of this story is, if you haven’t already done so, make sure you have a maintenance plan sorted? If you don’t, you could end up doing a lot of damage to your business.

 

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

What is Better – SSD or HDD?

SSD or HDD?

 

Should you be opting for a solid-state drive (SSD) or a hard disk drive (HDD)?

They both do the same thing – storing data so you can save your documents and install operating systems and applications – but in different ways.

To help you decide whether to remain a traditionalist and stick with the HDD or embrace the new kid, SSD here is a bit more information.

What is an HDD?

HDDs have been around forever; well, at least since the early days of computing. Although technological evolution has brought with it a few changes, an HDD still works in the same was as it always has. They use a magnetic head moved by a mechanical arm to read and write data on one or more storage platters.

What is an SSD?

An SSD is a storage device that reads and records data on flash memory, a medium that uses transistors to represent the ones and zeros that make up digital information.

They have been around for decades but didn’t become commonplace until the early 2000s, when prices came down to affordable levels for the masses, and the technology grew more mature.

What are the benefits of SSDs?

The thing that sets them apart from HHDs is that they have no moving parts, which means they are:

  • Faster – SSDs don’t have a moving arm to slow them down. That makes them faster at things like random read/writes (about 200 times faster), data access times (about 100 times faster), and even sequential read/writes (about 5 times faster), which significantly improves overall system performance
  • Energy efficient – SSDs consume less power because they don’t need cooling. Mind you; the difference isn’t as big as it was because HDDs continuously improve their efficiency and SSDs do more internal housekeeping
  • More durable – thanks to the lack of moving parts, SSDs are better able to operate in harsh environments, where they are more resistant to shock, vibrations, and high temperatures

Therefore, SSDs are an excellent choice for high-performance users and their laptops, as well as for application servers with demanding I/O requirements.

Are there any downsides to SSDs?

SSDs don’t last forever; after you’ve overwritten a block enough times, it will wear out.

Some early SSDs had the reputation of giving up the ghost without warning, but since 2012 consumer SSDs have become far more reliable. Even though we don’t have to worry about SSD reliability as much as before, as of 2016 the price per GB is still high compared to spinning hard disks.

What about consumer vs. enterprise SSDs?

Enterprise SSDs are expensive, but because they use more durable single-level cell (SLC) technology that can last longer than the more consumer-oriented multi-level cell (MLC) and triple-level cell (TLC) flash technologies – that’s not surprising.

You’ll also find that enterprise drives have a much higher terabytes written (TBW) limit, rating companies give to their drives to indicate how much data you can expect to write to them before you start experiencing trouble.

Now for the big question – should you buy an SSD?

Right now SSDs are at the point where their reliability is excellent, and prices are finally within reach for many users, even if the price per capacity is still a bit high for some. So yes, now would be a superb time to invest in an SSD.

 

 MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.

Soure: Spiceworks

 

 

Are You in The Password Management Paradox?

Password management paradox

 

What is the Password Management Paradox and are you in it?

Let’s find out.

  • Does your company make you change your password every 30 to 60 days?
  • Do you constantly forget your passwords?

If you answered yes to both of those, you’re in the Password Management Paradox.

The problem is you’re forced to change your password to increase security. However, the more passwords you have (and the more regularly you change them) actually decreases security and here’s why.

You will potentially ignore the constant requests to change your password, or you’ll spend most of your time on the phone to your IT section resetting your password because you can’t remember what you changed it to.

So how can you keep your work and personal data safe?

Here are our three top tips to help you:

  1. Never use the same password twice. Yes, it’s a pain, but if you use a password on multiple sites and one gets hacked, you’re opening yourself up to a whole lot of grief because your other online  data (including potentially your banking details) will be in danger
  2. Use complicated phrases that are easy to remember. Another paradox? Nope – an example would be using the phrase “I love MPM Computer Consultancy” but using the initial letters as your password (i.e. ILMPMCC)
  3. Keep track of your passwords with a password manager program

If you want to keep your data safe, you have to think smart.

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich. Bury St Edmunds and surrounding villages.