Understanding Cloud Security

The COVID-19 pandemic has resulted in an increase of employees working from home. Understanding cloud security when moving to the cloud for remote working is crucial. This sudden change means that remote access to software and data are important.

Read the latest UK Tech News article from their Editor Mark Baker.

Cloud computing provides employees with the ability to work from any location. As long as they have internet access, they can work within a virtual desktop or remote infrastructure. Some companies are reluctant to move towards remote working. However, others are following the trend in offering flexible working hours to their employees as an incentive – which can also be cost-effective. We would encourage our clients to implement cloud computing within their IT infrastructure.  It will enable them to enjoy the benefits of remote working and much more.

Understanding Cloud Security

Understanding the challenges of cloud security. Stay grounded as cloud security becomes more complicated. LIS are here to keep you protected and give you peace of mind.

Understanding Cloud Security provides flexibility

Cloud technology is what enables employees to work from any location. The main benefit is it gives them access via a virtual environment to the same information they would have in the office. Collaboration and communication tools ensure that your team can keep in touch with clients and their colleagues. This enables your staff to complete work at the same level as they would be able to from their office desktop.

Employees can access documents and data that they need by using specific credentials to maintain security. At the same time, it gives them flexibility to work from home or any other location. This can be useful when you have multiple office locations. Cloud technology provides a greater level of flexibility and shared access to information centrally accessible via a single server.

Increasing security for remote working

Do you have concerns about understanding cloud security? Cloud computing can actually work towards increasing your overall security levels as a business. Security measures can be put in place. Such as user-specific passwords and encryption of files when there are attempts to open these by unauthorised users. Additional security measures can be implemented in the event of mobile devices or laptops being lost or stolen. This helps to prevent a security breach. So, you do not need worry about cloud computing compromising high levels of security in favour of remote working capabilities.

Scalability for growing businesses – in the office and remotely

Cloud computing also enables your business to accommodate a large increase in a remote workforce. Since employees can use their own mobile devices and laptops without incurring additional hardware costs. They can also access internal information via the cloud wherever they choose to work, and on any device. As long as each user is provided with access details, employees can easily be granted access. All of the information that they need is at the touch of a button, without them ever having to visit the office. This is ideal when there is restricted physical office space and there is no restriction on the number of remote workers.

Cloud computing and the future

Cloud computing can offer a greater level of flexibility, security and scalability for any business. Contact the LIS Help Desk to discuss cloud setup and maintenance services. We offer support contracts for cloud support and advice on an ongoing basis if required.

Almost everything in the digital world is connected to the cloud in some way or another — unless it is kept in local storage for security reasons. As companies find new ways to organize, process and present data. Cloud computing will become a more and more integral part of our lives.

#CloudComputing #WFH #DeviceSecurity #CyberCrime

Hackers can cause injuries

Video games have been around for ages. However, technology has improved and games have become more sophisticated. More people than ever are playing especially online. Did you know hackers can cause injuries? Read this BBC report and make sure your devices are protected.

Bullets rained down from all angles but Abdelrhman Badr kept calm. Suddenly an enemy burst through a window. Abdelrhman swung round to face the soldier and save his team. He lined up his sights for a fatal shot and squeezed the trigger but… his screen went black.

All of a sudden his computer shut itself down without warning. The game he was playing had never caused problems before. He reached down and looked inside his computer, which he liked to leave open and on display in his bedroom.

Instinctively he touched one of the components, swore and pulled his hand back. The graphics card was so hot it had burned his fingers. The 18-year-old from Sheffield hadn’t realised it yet, but this minor injury was caused by crypto-jacking.

Hackers can cause injuries

Cybercriminals are always on the lookout for clever ways to turn new technology into money-making opportunities. Cryptojacking is one of their latest innovations

What is cryptojacking?

Crypto-jacking is the unauthorised and illegal use of someone’s computer to collect Bitcoin and other crypto-currencies. Criminals are using ransomware-like tactics and poisoned websites to get your employees’ computers to mine cryptocurrencies. Here’s what you can do to stop it.

Cryptojacking is the unauthorized use of someone else’s computer to mine cryptocurrency. Hackers do this by either getting the victim to click on a malicious link in an email that loads cryptomining code on the computer. They can also or infect a website or use an online advert with JavaScript code. This will auto-executes once loaded within the victim’s browser.

How cryptojacking works

Cryptojackers have more than one way to enslave your computer. One method works like classic malware. You click on a malicious link in an email and it loads cryptomining code directly onto your computer. Once your computer is infected, the cryptojacker starts working around the clock to mine cryptocurrency while staying hidden in the background. Because it resides on your PC, it’s local—a persistent threat that has infected the computer itself.

An alternative cryptojacking approach is sometimes called drive-by cryptomining. Similar to malicious advertising exploits, the scheme involves embedding a piece of JavaScript code into a Web page. After that, it performs cryptocurrency mining on user machines that visit the page.

How to prevent cryptojacking and make sure your secure

We are unable to help you level up or give you any tips to improve your gaming. We would recommend that you do not touch any parts of your computer systems. The story above illustrates, hackers cause you injuries. Leave it to the experts.

However, contact the LIS Help Desk to make sure your business systems are protected. We offer the latest Anti-Virus, Anti-Spam and Office 365 Security packages. Protect your company with our IT support contract. This gives you peace of mind to enjoy your pastimes – or maybe the latest online game 😀.

#CyberCrime #burn #HotDevices

Twitter accounts hacked

The news broke recently that major US Twitter accounts were hacked in a Bitcoin scam.

The Twitter accounts of notable billionaires were hacked, on Wednesday afternoon. These included Amazon founder Jeff Bezos, Tesla founder Elon Musk, rapper Kanye West, Microsoft founder Bill Gates, and former New York Mayor Michael Bloomberg. Politicians’ accounts, including Joe Biden and Barack Obama, were also affected soon after. “I am giving back to the community,” the tweets read. “All Bitcoin sent to the address below will be sent back doubled!”. The link to the Bitcoin wallet is consistent throughout all the tweets, suggesting a cryptocurrency scam.

The bulk of the messages have been deleted, though screenshots remain of several affected accounts:

Twitter has acknowledged the problem, but we are still very short on detail. The Biden campaign stated that the platform locked his account immediately after the breach, and removed the tweet. As part of the Twitter’s effort to solve the problem, verified accounts were restricted from tweeting for several periods on Wednesday night. The internet was alive to rumours of the removal of the verification badge.

Twitter accounts hacked

What’s the scam?

Hackers broke into the high-profile Twitter accounts and sent fake tweets offering $2,000 for every $1,000 sent to an anonymous Bitcoin address.

For instance, the message sent from  Elon Musk’s account said, “All bitcoins sent to my address below will be sent back double the amount. If you send $1,000, I will send back $2,000.” Likewise, information spread from Bill Gates’ Twitter handle said: “Everyone is asking me to give back, and now is the time.”

How did they do it?

Whilst there has been no official announcement of the method the hackers used, there are strong and consistent rumours originating from those who should know the truth. It appears that high level administration accounts were compromised, possibly through some form of social engineering, phishing or some say an ex-employee. Doubtless the truth will out. Either way this is a timely remind to lockdown your admin accounts!

Lessons for us from Twitter accounts hacked

There are no free lunches and no easy money. As an investor, you should always doubt information or schemes that offer to you an opportunity to make quick money in a very short period. The financial victims were just greedy. The other victim is the end user who places their trust in a large organization that we should be able to be rely upon to secure our data.

“Hackers had complete access to Twitter. They could post anything from any account. But they chose to seek bitcoins through false promises. People should be more careful. Most crypto giveaways that ask for contributions are scams. We hope this brings awareness, and Twitter users do not fall for these kinds of scams again,” said Arjun Vijay, Co-Founder and COO, Giottus Cryptocurrency Exchange.

Emergency response

Twitter earlier had to take the extraordinary step of stopping many verified accounts marked with blue ticks from tweeting altogether. Password reset requests were also being denied and some other “account functions” disabled. You may be sure that behind closed doors the Twitter investigation with the assistance of the FBI will be exhaustive. The reputational damage from the Twitter accounts hacked can not be over estimated.

Does your business also need an emergency response?

We would strongly urge you to review who has adminstrator rights to your world. Are you immune to this cyber threat? At the end of the day Twitter suffered from poor house keeping by a large corporate.

Protect your business with LIS

With immediate effect, we will add our Office 365 Security package to all our customers, at no cost. Amongst other benefits this gives you a monthly review of all users with administrator access and alert/approval for any changes that may occur. Irrespective of whether the change came about through staff action, hacking or some form of social engineering. We would offer it to Twitter but that horse has bolted 😀.

A strong defence against cyber-crime is essential for your business. Protect your business data and sensitive information as it flows across your organisation. Our solutions enable us to understand where you are vulnerable. We can take proactive steps to help prevent and respond to threats, in order to reduce the potential risk to your business.

Contact the LIS Help Desk to migrate to Office 365 if you don’t already subscribe. Take advantage of our Office 365 Security Package special offer. Make sure your data and email are fully protected.

Our Office 365 Security Package is a bundle of software tools, that includes:

Finally, if you need them our managed anti-virus and anti-spam protection services can be deployed within minutes. LIS provides essential protection for your business, defending you from email viruses, spam and malware.

Do not gamble with your business security – we give you peace of mind!

Covid-19 accelerates digital

Covid-19 accelerates digital transformation efforts by over five years. Digital transformation in the B2B sector is being fast-tracked to address immediate needs due to the pandemic. With a majority of those surveyed (54%) saying that their customer relations were strained, developing or non-existent. 41% said that selling directly to customers online is the most significant opportunity in the next year. While another 36% wanted to provide their sales teams with the right digital sales tools.

71% of digital leaders also agreed that their company’s digital experiences do not meet their client expectations. This means that consequently, 85% of these leaders expect their digital experience budgets to increase, economic downturn notwithstanding.

Apprehensions around digitisation remain, with 61% of B2B leaders fearing that AI will replace human workers within five years. But, 82% expected AI to make them better at their job in the next two years. Read the full article about how Covid-19 accelerates digital transformation on the YouGov website.

Covid-19 Accelerates Digital Transformation-01

During the pandemic, businesses are turning a negative into a positive. They are looking to streamline their operations and how they do business.

5 reasons how Covid-19 accelerates digital efforts for businesses

1. Enhancing employee collaboration during the COVID-19 outbreak

Remote work has come, and it’s here to stay. Experts and business leaders agree that companies across the globe will keep supporting remote work even after this crisis is done.

This situation where employees are physically separated has completely changed the way our employees collaborate and work together.

The key business impact trigger will be a result of the quarantines, travel restrictions, school closures and sick family members. However, many organizations have already realized that technology can help organizations better adapt to the current changing situation.

2. Ensuring the right flow of information

In times of crisis such as the coronavirus pandemic, your internal communication should be clear, transparent, and easy to understand. What’s more, it is extremely important to be able to reach the right employees at the right time with the right message.

This is the time when employers, leaders and internal communicators should drastically improve their communication efforts.
3. Maintaining employee productivity during the crisis

Most companies have made arrangements to accommodate remote working  already at the beginning of the coronavirus outbreak. Indeed, their priority was to protect their employees and help reduce the spread of the virus.

Businesses are now looking for solutions to maintain employees’ productivity while working from home during the pandemic.

4. Enabling leaders for success

During these times, it is crucial that business leaders and managers demonstrate good leadership skills in order to increase business resilience and prepare for rebound and future growth.

5. Planning for business continuity

Business leaders have to plan for post-pandemic recovery already now. They need to implement the right strategy and tools now to limit damages on their business.

How can LIS help your business?

The benefits of having the right digital tools in place during a crisis such as COVID-19 are obvious and significant. As the way we do business has drastically changed in the last few months. Only the companies that adapt to these changes can succeed.

Contact the LIS Help Desk to discuss your IT support options. Office 365, email, domain names, hosting, security, anti-spam, antivirus and telecoms. Our friendly and knowledgeable team will be happy to assist you.

E-commerce Website Security

Is your e-commerce website security up to date?

Protect against web-skimming and client-side attacks. A campaign discovered by Malwarebytes Labs in mid-April has lifted credentials from a number of e-commerce portals. Read the full article by Threat Post. Businesses need to understand the main types of e-commerce threats and e-commerce website security should be taken seriously.

What is a credit card skimmer?

Credit card skimming is a type of credit card theft. Cyber criminals use a small device to steal credit card information in an otherwise legitimate credit or debit card transaction. When a credit or debit card is swiped through a skimmer, the device captures and stores all the details stored in the card’s magnetic stripe. The web equivalent is a piece of software that diverts your credit card details to criminals but allows the genuine transaction to go through, so no-one knows any different.

Mitigate client-side risks before they happen. Make sure your website is secure and up to date. Start protecting your online shoppers right now.

Safe shopping experience

Securing your e-commerce business website is critical. This will maintain your reputation, consumer satisfaction and revenue. This is especially true in the current climate. Businesses are moving quickly towards online sales. Consumer habits are changing rapidly. Hackers are working hard to take advantage.

E-commerce Website Security

Ecommerce sites can be popular targets for hackers because they work with sensitive and personal information. This means cyber criminals have a lot to gain from getting in to the system.

Outdated techniques lead to some blind-sided attacks?

Third-party codes, such as JavaScript and embedded iFrames, mean the code is running outside of your control on your site. If the comprised code can invisibly intercept each transaction, steal the data or modify it without you being aware.

These client-side attacks, like web skimming, can cause customer’s data stealing directly from their browser. As a result, leading to sensitive information and payment data theft. Malicious code could be on your website, typically for in excess of 30 days. These types of attacks are a serious threat to online business and will damage your reputation.

Case study

In March 2020, the household brand Tupperware, known for its plastic food container products, was infiltrated by hackers. Using digital skimming code that compromised personal and financial information of almost a million monthly visitors.

The hackers were able to place malicious code on Tupperware’s website to collect details of payment cards that buyers filled in while making purchases. The malicious code discovered hiding in Tupperware’s website on March 20th 2020 was active for at least five days, according to Malwarebytes. Read the full article published by Teiss.

How can you secure your website?

Make sure all updates are installed as quickly as possible with a managed process. Contact the LIS Help Desk and talk to one of our team. We can provide managed hosting solutions and can look after your website security.

#WebsiteSecurity #WebSkimming #ECommerce