Tech Tip  :   Turn Off “Quick Access” View

In Windows 10, although the ‘Quick Access’ view can help you find a recently or commonly used file or folder, you may also find it helpful and faster to have the familiar “This PC” view from Windows 7 and Windows 8. Here’s how to switch Explorer to it:

  • Click “View” then “Options” on the far right. The “Folder Options” menu will appear.
  • Next to the “Open File Explorer to” option, select “This PC” from the dropdown menu.
  • Click “Apply”.

• Click “OK” to confirm the change

Possible Russian Involvement in Brexit Vote

A UK lawmaker’s committee report appears to imply that a website (used to register for voting in the EU ‘Brexit’ referendum) may have been caused to crash by a cyber attack carried out by a foreign power.

DDoS Attack?

The Public Administration and Constitutional Affairs Committee (PACAC) indicated that a crash of the vote registering website on June 7th last year, just before the cut-off point (which had to be extended because of the crash), may have been caused by a Distributed Denial of Service (DDoS) cyber attack.

What Is A Distributed Denial of Service (DDoS) Attack?

A Distributed Denial of Service (DDoS) attack is a cyber attack that is intended to make a computer or network unavailable to users. The attack uses a ‘botnet’ of multiple compromised systems (sometimes thousands) that are often infected with a Trojan virus to launch a single attack on one system. The sheer number of requests that the target receives (sometimes called a ‘flood’) typically overload the resources and memory, and render the targeted computer or network unavailable.

Not Ruling It Out

PACAC’s report into the public’s view of the government’s handling of Brexit actually stated that it did not rule out the possibility that the crash was caused by a DDoS attack, and said that it was deeply concerned about allegations of foreign interference.

Commentators have noted that, in the light of reports of the alleged interference in the US election process by Russia, and the mention in the PACAC report of Russia and China’s use a cognitive approach to ‘cyber’, the implication is that the attack on the website may have been state-sponsored by either of those countries.

No Hard Evidence

Despite the implication of Russia and China in the report, no clear evidence has been publicly produced to support this.

Cabinet Office

A Cabinet Office report into the crash at the time is reported to have concluded that the most likely explanation for the outage was that there was a large spike in user numbers just before the referendum voting registration deadline.

What Does This Mean For Your Business?

Business and government websites are constantly at risk of all manner of cyber attacks. Only last week it was reported that a China-based hacking group had been targeting UK business data since 2014, and DDoS attacks are now a very common and low-cost way for cyber criminals from any country to inflict damage on business websites. The best approach for businesses is to make sure that they are well prepared against a wide range of threats. This could include prioritising the issue and making sure that basic cyber security steps are taken at the very least – see https://www.cyberstreetwise.com/cyberessentials/. Now may also be a good time therefore for businesses to seek other professional advice about measures that could be taken to ensure cyber resilience such as cyber security training for staff, health checks, risk assessments / audits, cyber security policies, Business Continuity and Disaster Recovery Plans.

Taxi Firm Introduces Facial Recognition

A ride-hailing service called Careem (similar to Uber but operating in more than fifty cities in the Middle East and North Africa) is adding facial recognition software to its driver app to help with customer safety.

Is The Actual Driver The Authorized Driver?

The software, produced by ‘Digital Barriers’ will be added to the driver’s Careem smartphone app so that the actual driver of the vehicle can be matched in real-time to the authorised and accredited driver. This is intended to provide re-assurance to (and protect the safety and security of) Careem’s passengers by demonstrating to them that their driver’s credentials are being monitored (in an impressive way).

Helps With Driver Enrolment Too

The introduction of the facial recognition software to the app is also intended to help with Careem’s driver enrolment process.

First Mainstream Commercial Integration

Digital Barriers have stated that the software’s use with the Careem app is their first integration of their facial recognition software into a mainstream commercial application, on a recurring revenue basis.

Uber Also Introducing Facial Recognition

It was reported last month that Uber also plans to introduce facial recognition-based real-time ID checking for its India app, in 5 cities first (including Mumbai and New Delhi), with more to follow. Reports indicate that Uber’s facial recognition software will require drivers to take a selfie before they access the app, or accept a ride. If this doesn’t match-up with Uber’s records, the driver will be suspended while the matter is investigated. This will provide protection to customers as well as protecting drivers and their accounts from fraudsters.

Driverless Pods

As well as being an early adopter of facial recognition software as part of normal business operations, Careem is also reported to be about to team up with NEXT Future Transportation to bring battery-powered, self-driving electric pods to the Middle East and North Africa.

What Does This Mean For Your Business?

This is another example of how the advances in, the lowering costs of, and the superior security benefits (e.g. over passwords) of biometrics mean that biometrics-based services / products are being adopted by more businesses. Other examples of how biometrics are being used by businesses include Samsung’s introduction of an iris scanner to its Note 7 phablet and Barclays Bank’s voice authentication for telephone banking customers.

Tougher US Border Checks Could Mean Divulging Passwords

It has been reported that President Trump’s administration may be about to introduce new measures that will require foreign travellers give up their phones / mobile devices and various passwords when entering the US.

Bon Voyage?

The new rules will even apply to those countries that are part of the visa waiver programme i.e. 38 countries including the UK, Ireland, and France. It has been reported that border checks may also require passengers to reveal their social media account passwords, mobile phone contacts, and even financial data in order to legally enter the country.

Where There Is Doubt?

Reports indicate that this kind of information may be required by the Department of Homeland Security where there is doubt about a person’s reason for entering the country.

Could Apply To Anyone But US Citizens

Although US citizens have established rights against being subjected to unlawful searches at the border, the current word from the US Customs and Border Protection agency to all international travellers arriving to the US is to be prepared for an inspection. This could include electronic devices e.g. computers, disks, drives, tapes, mobile phones / other communication devices, cameras, music / media players and any other electronic or digital devices.

Concerns

Human rights and civil liberties groups are reported to be concerned that proposals to gain access to social media accounts, emails, and devices could be a serious, excessive, and unnecessary invasion of privacy that could end up discouraging people from travelling to the US, thus damaging its economy.

Already Possible In The UK

Some commentators have noted that Schedule 7 of the Terrorism Act 2000 means that travellers to the UK can, in theory, already be asked for information such as passwords for electronic devices.

Not A New Idea

Requiring information linked to social media accounts for entry into the US is not a new idea. Back in July 2016, the Federal Register of the U.S. government published a proposed change to travel and entry forms which indicated that the studying of social media accounts of those travelling to the U.S. would be added to the vetting process for entry to the country.

It was suggested that the proposed change would apply to the I-94 travel form, and to the Electronic System for Travel Authorisation (ESTA) visa. The reason(s) given at the time was that the “social identifiers” would be: “used for vetting purposes, as well as applicant contact information.

What Does This Mean For Your Business?

If you are a business traveller to the US, you may now decide to take as few electronic devices as possible with you. You may also wish to make sure that your social media profile, email accounts, and devices don’t contain any material that could cast any doubt upon or create suspicion about your reasons for entering the US. (Or that of your staff)

Too many border rules that appear to be excessive and intrusive, could end up deterring some UK business travellers from making all but the most necessary business trips to the US, which may have an effect on UK / US business relationships.

Microsoft Word Hack – Patch Available

Microsoft has moved to patch a vulnerability in its ‘Word’ program in order to stop hackers and scammers from exploiting it to spread bank account snooping malware.

What Does This Mean For Your Business?

This is another example of how cyber-criminals are using a combination of social engineering, macros, and other elements to achieve their aims. The fact that this scam requires the human error of clicking on attachments means that businesses can help to protect themselves by educating staff not to open unknown files, and not to download content from untrusted sources.

In this case, as well as recommending that businesses apply the patch as soon as possible (provided that they have release version of Service Pack 2 for Office 2010 installed on the computer ), some security experts are also recommending the complete blocking of RTF documents in Microsoft Word via the File Block Settings in the Microsoft Office Trust Center.

What’s Been Happening?

Emails containing Microsoft RTF [Rich Text Format] attachments, loaded with the trojan malware associated with a £20m British bank account theft 2 years ago, have recently been sent to millions of recipients across numerous organisations (primarily in Australia).

The scam, which was discovered by cyber-security firm Proofpoint, relied upon human error to click on the attachment to trigger the malware, and upon a “zero day” vulberability (a flaw / unknown exploit) that could allow the malware program to run.

The reports of this incident prompted Microsoft to release a patch to Word which should stop the same thing from happening again.

Arrived By Email

The malware-loaded Microsoft documents were sent to their targets by emails from “<[device]@[recipient’s domain]>”. The ‘device’ part of the sender’s address was “copier”, “documents”, “noreply”, “no-reply”, or “scanner”, and the subject line read “Scan Data”. The attachments were named “Scan_123456.doc” or “Scan_123456.pdf”, where “123456” was replaced with random digits.

What Kind of Vulnerability In Word?

The zero-day vulnerability in Microsoft Word (until the patch) meant that Microsoft RTF [Rich Text Format] Word documents laden with macros i.e. full of small malicious programs (rather than the normal customisable shortcut programs), could load malware onto the computer without users having to enable macros for the exploit to execute.

This means that, after clicking on an infected RTF Word document email attachment, and despite the presentation of a dialog box, the malware would load immediately onto the computer, and would fully exploit the recipient’s computer to achieve its ‘snooping’ aim.

The vulnerability affects Microsoft Office, including the latest Office 2016 edition running on Windows, but it is not clear whether Word for Mac is affected.

What Does The Malware Do?

The malware in this recent incident is reported to have been “Dridex”. This is a notoriously sneaky trojan program that snoops on the recipient’s bank account details and logins, and then sends them back to the attackers.
In past incidents, this has resulted in lots of small transaction amounts being taken from a victim’s bank account over time.

The Patch

As of Tuesday 11th April, Microsoft customers who have updates enabled should receive the patch automatically.

 

Your PIN Numbers Can Be Guessed When You Tilt Your Phone

Researchers from Newcastle University have discovered that how you tilt your smart-phone when you type in your secret PINs and passwords could increase the likelihood of them been obtained by hackers due to mobile browsers and phone sensor vulnerabilities.

Accessing Your Smartphone’s ‘Silent’ Sensors

The team from the university’s School of Computing Science believe that the many (typically 25+) silent sensors such as gyroscopes, rotation sensors, and accelerometers that are included in today’s smart-phones, tablets and wearables could provide a way for criminals to use malware-loaded web pages (viewed through your mobile browser) to spy on what we type in.

The fact that the sensors in one device are made by many different companies is also thought to increase the risk of being spied upon.

Mobile Browser Flaw Means No Permission Needed

The researchers found that a security deficiency in all major mobile browsers (including Safari, Chrome, Opera and Firefox) means that embedded JavaScript code in a web page is able to access the motion and orientation sensors on a mobile phone without requiring any user permission.

Tilting Danger

One very interesting aspect of the research is that it was possible to work out which part of a web page that a smart-phone user is clicking on, and what they are typing in by the way that their smart-phone is tilted at the time.

The researchers (who were able to obtain 4-digt Android pins with 70% accuracy on the first guess and 100% on the 5th) have said that this was made possible using a known web page loaded with spyware program, coupled with each person’s unique way of holding (and tilting) a smart phone. This unique, personal phone holding / tapping pattern could be obtained from the sensor information in the phone.

Sounds A Bit Complicated

It has been reported that the vulnerability identified by the researchers is something that phone manufacturers are aware of, but have not yet figured out how to fix (or deemed the risk pressing enough to commit significant resources to).

What Does This Mean For Your Business?

Even though the particular risk identified in this research appears to be one of the less obvious ones, and one for which there is no fix / patch as yet, taking general security precautions with your business mobile devices is important anyway. For example, keep security software current, delete the apps you no longer use, use strong passwords, use security and privacy settings on websites and apps, disable WiFi and Bluetooth when not in use, beware of fraudulent text messages / calls / voicemails, and be careful about what personal information you store on the device or give out  through apps and websites.

Each week we bring you the latest tech news and tips that may relate to your business, re-written in an techy free style. 

Archives