Tech Tip: Reversing a Bad Update
If you’re using Windows 10 and your computer starts to experience problems resulting from a bad (cumulative) update, there is a way you can roll back your computer to before that update:
Click Start > Settings > Update & security.
On the left-hand side of the screen, choose Windows Update. On the right, click the link to Update history. A list of all the Windows cumulative updates and other updates will be displayed.
Click the link to Uninstall updates at the top of the list. This will display a Control Panel-style list of updates.
Double-click on the patch you want to uninstall. When the dialog box appears, choose Uninstall.
Tech Tip: Easily Switch Audio Sources
If you’re tired of having to go into the Control Panel to switch from your speakers to your headphones, Windows 10 now makes it much easier with handy in-taskbar volume controls
To switch audio sources in Windows 10, it’s simply a case of:
1 – Going to the task-bar.
2 – Click the audio device name in the volume controls.
3 – See the list of all connected audio outputs.
4 – Switch from your headphones to your speakers (and back again) as and when.
Greater Protection From IoT Hacks Needed Say Cyber Security Experts
There have been renewed warnings from cyber security experts that much more needs to be done to provide adequate protection from the potentially devastating effects of hacks involving IoT devices.
What Are IoT Devices?
IoT devices are those devices that are now present in most offices and homes that have a connection to the Internet and are, therefore, ‘smart’ and inter-connected. These devices could be anything from white goods and smart thermostats to CCTV cameras, medical implants and even industrial controllers.
What Are the Risks?
The fact that they have a connection to the Internet, are prevalent, and are often overlooked in security planning (and are therefore likely left unguarded) means that they are vulnerable to hacks and attacks.
What makes the risks physically greater, more immediate and more complicated is that the vast number of IoT devices now deployed worldwide tend to be connected to (or in control of) physical objects. These objects could be elevators, doors, heating or fire safety systems in office buildings … the list is long. This means that a hack / breach could mean that there is a real risk of human casualties or fatalities, as opposed to the lesser, traditional, lower impact but still serious risks associated with hacks such as data loss and fines.
IoT devices are also deployed in many systems that link to and are supplied by major utilities e.g. smart meters in homes. This means that a large scale attack on these systems could affect the economy.
Hackers have also shown that they can take over large numbers of IoT devices at once and use them as a botnet to attack other systems. An example of this happened in October 2016 when the ‘Mirai’ attack used thousands of household IoT devices as a botnet to launch an online distributed denial of service (DDoS) attack (on the DNS service ‘Dyn’) with global consequences.
The devices included things like white goods, CCTV cameras and printers, and the major platforms that were put out of action by the attack included Twitter, Spotify, and Reddit.
No Risk Assessment & No Universal Standard
Technology commentators have noted that the true extent of the risks posed by IoT device vulnerabilities are unknown because the devices are so widely distributed globally, and large organisations have tended not to include them in risk assessments for devices, code, data, and infrastructure.
It has also been noted by many commentators that not only is it difficult for businesses to ascertain whether all their hardware, software, and service partners are maintaining effective IoT security, but there is also still no universal, certifiable standard for IoT security.
What Does This Mean For Your Business?
For businesses, one first step may be to conduct an audit and risk assessment for known IoT devices that are used in the business. One basic security measure is to make sure that any default username and passwords in these devices are changed as soon as possible.
Security experts also suggest that anyone deploying IoT devices in any environment should require the supply chain to provide evidence of adherence to a well-written set of procurement guidelines that relate to some kind of specific and measurable criteria.
Microsoft has also compiled a checklist of IoT security best practice. This highlights the different areas of security that need to be addressed by the organisations involved throughout the lifecycle of an IoT system e.g. manufacturing and integration, software development, deployment, and operations.
UK Schools Targeted With Ransomware
UK police have issued a warning to educational establishments to be vigilant, following an alert by ‘Action Fraud’ that fraudsters are targeting UK schools with ransomware in order to demand big payments.
Action Fraud Alert
The UK’s fraud and cybercrime centre ‘Action Fraud’ issued an alert recently that schools are being targeted by fraudsters using a form of malware known ‘ransomware’.
What is Ransomware?
Ransomware is a form of malware that typically encrypts important files on the victim’s computer. The victim is then given a ransom demand, the payment of which should mean that the encrypted files can be released. In reality, some types of ransomware delete many important files anyway, and paying the ransom does not guarantee that any files will be released.
Targeting Schools
The Action Fraud alert and police warning relate to recent attempts by criminals to cold-call schools, claiming to be from the Department of Education. The object of the calls has been to obtain the email address of the head teacher / a senior staff member, with the excuse that forms containing sensitive information need to be sent to them. According to Action Fraud, the types of forms that fraudsters have claimed they need to send have varied; anything from exam guidance to mental health assessments.
Step Two – The Malware (Ransomware)
Once the email address of the head teacher / senior staff member has been obtained, a legitimate looking email is then sent that contains a zip file attachment which has been masked as an Excel or Word document. The attachment contains the ransomware. If the attachment is downloaded, key files on the computer are encrypted files (and often deleted, sometimes at timed intervals) and a demand for money is sent to the school to unlock the files. This type of attack is doubly disastrous for schools due to their data protection responsibilities and the fact that the data relates to children / vulnerable young people.
Example From America
An example of a very similar attack which took place at a Los Angeles School on New Year’s Eve resulted in unknown attackers using ransomware to encrypt hundreds of thousands of files affecting much of the campus’ 1,800 staff and 20,000 students. The school, in this case, paid US$28,000 (in bitcoin currency) to release files.
2016 Was Ransomware Year
2016 was a huge year for ransomware attacks globally. For example, Kaspersky Labs estimated that in the 3rd quarter of 2016 a ransomware infection occurred every 30 seconds. Intel Security also reported that infections rose by more than a quarter in the first 3 months of the year.
What Does This Mean For Your Business?
For schools and businesses alike, it’s a case of always being on the lookout for suspicious emails, keeping security software up to date and regularly backing up critical data.
In order to provide maximum protection against more prevalent and varied threats this year, businesses should now adopt multi-layered security solutions. Businesses should accept that there is a real likelihood that they will be targeted and therefore prepare for this by implementing the most up to date security solutions, virtual patching and education of employees in order to mitigate risks from as many angles (‘vectors’) as possible.
Having workable and well communicated Disaster Recovery and Business Continuity Plans in place is now also an important requirement.
TV Accidentally Sets Off Amazon Gadget
Amazon Echo’ gadgets in homes across the city of San Diego on the West Coast of the US were activated by a comment make by a TV presenter.
What is Amazon Echo?
Amazon Echo is a 23.5cm tall, cylindrical, smart ‘hands-free’, voice operated speaker. The product, which was developed by Amazon and is also known as Doppler or Project D, contains a 7 piece array of microphones to allow it to receive and respond to requests from the operator.
The Echo connects to the Alexa Voice Service, and the user can ask the Echo to play music, provide information and news, sports scores, weather and more.
What Happened?
CW6 TV presenter Jim Patton was reporting on a news item about a 6-year-old child called Brooke Neitzel from Dallas who accidentally ordered a doll’s house for herself while talking during play to the family’s Amazon Echo Dot / Alexa Voice Service. The young girl’s request is reported to have resulted in a new doll’s house and a large tin of cookies turning up at the family’s home the following morning.
Brooke’s mother Megan’s subsequent investigation into the surprise delivery revealed what really happened.
A news item was then produced and aired about the incident by channel CW6 in the San Diego area. As part of this news the presenter, Mr. Patton used the phrase “I love the little girl saying ‘Alexa ordered me a dollhouse’.” Many Amazon Echo devices in viewers’ homes across the city of San Diego then picked up and responded to the comment as if it was a request from their users. The result was an attempt by many Echo devices to wake up and actually order a doll’s house.
Alerted By Complaints
Not long after the report was aired on the morning show, CW6 viewers phoned to complain that Mr. Patton’s on-air comment had woken up their Amazon Echo devices.
Echoes of 2014
This is not the first time that home devices have been activated by comments made on the TV. Back in June 2014, an advert featured Breaking Bad actor Aaron Paul who used the phrase “Xbox On”. This prompted complaints from Xbox One owners that the on-air comment had activated the voice recognition software on their own consoles, and turned them on.
Preventing Unwanted Activation
Technical commentators have stated that Amazon Echo voice-driven buying is enabled by default. Users should, therefore disable voice purchasing or enable a four-digit confirmation code to prevent any accidental purchases.
What Does This Mean For Your Business?
This is an example of how the introduction of smart devices and AI to our homes and workplaces is still in the relatively early stages and is resulting in some unforeseen consequences as a result.
It demonstrates how voice activated systems are causing some concern and are displaying vulnerabilities. Recently, for example, concerns were raised about a voice manipulation software system from Adobe that has the potential to possibly fool bank voice recognition authentication systems, thus leaving it open to abuse by pranksters or criminals.
The general advice with IoT / smart devices should be, therefore, to change any default passwords or settings to ensure that you at least have basic protection.
Obama Retaliates By Expelling 35 Russian ‘Spy’ Diplomats
The outgoing US President Obama has commenced the public aspects of retaliation for the alleged Russian hacking of (and interference with) the US presidential election by expelling 35 Russian diplomats from the country.
What Happened?
The US government under President Obama claim that Russia took part in state-sponsored interference in the US presidential election, with the apparent intention of helping Donald Trump make it to the White House. Suspicions of the activities were voiced back in August 2016, even though more details of the alleged hacking didn’t appear until October.
One of the main alleged state-sponsored data theft and disclosure activities was the hacking of Hillary Clintons’ emails. Additionally, the (alleged) state-sponsored activities included hacking of emails from the account of Mrs. Clinton’s campaign chairman, leaked emails forcing the D.N.C. chairwoman to resign, leaked documents stolen from the Democratic Congressional Campaign Committee, and outlets created by hackers on the internet to make the Democratic documents public.
Statement Orders Actions.
A statement by President Obama was posted on the White House website on 29th December outlining some of the actions that the U.S. plans to take in response to what has been described as “malicious cyber activity and harassment”.
In the statement, President Obama talks about data theft and disclosure activities that he believes “could only have been directed by the highest levels of the Russian government”, as well as describing the harassment of U.S. diplomats in Moscow by Russian security services and police in recent times.
The Expulsion.
In Obama’s statement, he outlined the sanctioning of 9 entities and individuals. This was followed by the expulsion from the US of 35 “intelligence operatives” who were declared “persona non grata” and then given 72 hours to leave the country.
The Response.
In addition to Mr Trump’s denial that his campaign was helped by Russian interference, one apparent response has been the closure of the Anglo-American School of Moscow which serves children of US, British and Canadian embassy personnel. Its closure means that it would more difficult for the US to post diplomats and their families in Moscow.
Lame Duck.
One public and derisory response also came from the Russian Embassy in London which tweeted a picture of duck with the word LAME written across the bottom and it described President Obama as “hapless”. The tweet stated “President Obama expels 35 (Russian flag) diplomats in Cold War déjà vu. As everybody, incl (US flag) people, will be glad to see the last of this hapless Adm”.
What Does This Mean For Your Business?
One thing that this story should do for businesses is to act as reminder of the importance of keeping IT, cyber and data security measures up to date. Although these were allegedly ‘state sponsored’ hackers, it demonstrates that not even governments and secure state institutions are completely safe from cyber crime. State-sponsored cyber attacks could also take the form of other disruptions to business and the economy.
If the allegations are true and if the alleged Russian hacking changed the outcome of the election, one of the biggest changes for businesses will be the changes to the US business environment and trade relations with a potentially more inward-looking US that a country under President-elect Trump and his Republican administration will bring.