Category Archives: IT Security News

how good is my password

How Secure Is My Password? | Are passwords enough on their own?

The importance of having secure passwords and, if 2-factor authentication is an option, turning it on cannot be overstated.

This week, I had the opportunity to see firsthand just how frustrating it is to deal with an account hijack.

On Friday, the customer contacted me, as one of the retired partners had unfortunately been victim to a hijacked personal email account.

Password strength,

The hijacking was discovered when spam was sent from the compromised account, some of which was directed toward the retired partner’s old company.

Taking back control

First, I had to regain control of the hijacked accounts. Fortunately, the recovery mobile hadn’t been changed, so I could easily regain access.

If the hackers had updated the recovery options, it would have been challenging to regain control.

The hijackers changed the Reply-to address to a Hotmail address they controlled. Fortunately, this was relatively easy to spot and rectify.

Contact us for a free Dark Web privacy assessment.

It’s worth highlighting that all emails sent during the period under the hijacker’s control would have come from the legitimate account holder, and anyone who had responded would have responded to the hijacker’s account, ideal if you are planning a Phishing attack.

Less obvious was that the hijacker had created a rule labelled (..), which forwarded all emails sent to the legitimate account to the hijacker.

Fortunately, they had neglected to tick the box saying to leave a copy in the inbox, so new emails didn’t appear. So, it was evident that something was going on, and we removed the rule.

However, the hijacker received a copy of all incoming emails for the period the account was under their control.

It would have been infinitely worse had they hijacked a Microsoft, Dropbox or Google user, as they also have data access.

Remember this ploy: a more subtle hacker who managed to control the account without being spotted using a compromised password and the fact that 2-factor Authentication isn’t in place could have used this technique to receive any emails that came in intended for the victim for a longer period.

It is not a stretch of the imagination to see how this could have resulted in a severe data breach if it had been a compromised business user’s email, Microsoft.

Password strength, usernames, tool, password,

Know your password strength, password best practices

  1. The password used by our customer appeared in a list of known security breaches.
  2. Use strong passwords. Longer passwords using special characters and symbols such as $%&* are better. Don’t ever use weak passwords. In this case, it was too simple.
  3. Reusing passwords: The client didn’t have unique passwords, and passwords had been reused across multiple sites.
  4. The customer had not strengthened their security by turning on 2-factor authentication.
  5. Passwords are not an effective deterrent, but an account with 2FA enabled will be secure against all but the most determined hackers.

    As a result, other services using the breached password, including Facebook, Apple ID, and a Microsoft personal subscription, were also at risk of being hijacked by the hacker.

How To Create Secure Passwords and Increase Password Strength.

Hopefully, everyone now realises that password strength is related to complexity and length. Good habits and a few rules are enough to make a strong password, but passwords alone aren’t enough to secure accounts.

How good is my password? In isolation, the answer in almost all cases is not good enough.

Most passwords will take a few minutes to a few hours to crack using modern processing.

Without additional security, accounts using 16-character passwords will be cracked in a few hours, and as it’s a process known as brute force, it won’t get bored and go away.

See this article from the Daily Mail online to see exactly how quickly passwords are cracked.

password strength, unique passwords, use long passwords, lowercase charachters and symbols

I recommend Keeper Password Manager. Keeper creates secure passwords quickly.

The password checker monitors for compromised passwords and will let you know if your password has been reused.

This is usually the case early on when you first adopt a password manager, as Keeper has a really effective import function that pulls stored credentials from your browser.

password strength, keeper password, access passwords, keeper software, password hackers,

Keeper will even notify you of data breaches if a credential belonging to you appears on a known compromised password list.

Monitoring for data breaches and credential theft is easy to implement and cost-effective.

Don't use Common passwords like 123456, monitor data breach, password strength,

We provide a monitoring service that checks our customers’ domains and reports on any data breaches containing sensitive customer information, such as compromised passwords.

Why Is Strong Password Security Important?

Password Security is the first link in the security chain we create to protect our digital lives.

Other Ways To Protect Yourself Online

Heimdal database of known bad Internet websites protects your browser

We create a layered approach to security, starting with educating the client on what constitutes a strong password.

How good is my password?

Use a complex password of at least 12 characters long, but 14 or more is better. A combination of uppercase letters, lowercase letters, numbers, and symbols.

Don’t use a word that can be found in a dictionary or the name of a person, character, product, or organisation; don’t use the same password for multiple online accounts.

When browsing the Internet, it is vital to recognise risky situations and practices, but we are all fallible.

Hence, we implement technical solutions such as Heimdals web filtering solution and Conceal Browse that intervene if we accidentally visit a dangerous website.

The Impact of Stolen Passwords.

Stolen passwords are the most common cause of account compromise. Compromised accounts are often used in phishing campaigns and to send spam.

 

Introducing The Valimail DMARC Report Analyzer Service

The Email ecosystem is having something of an upgrade next month; the reason for the upgrade is simple and compelling. The fact is that it is too easy to spoof or fake email addresses.

For more information, see the NCSC’s in-depth explanation of the new DMARC rules

All of us have seen emails in our inbox that are trying to induce us into clicking on a link and lots of emails advertising things we aren’t interested in. The unwanted, unsolicited advertising emails are what we refer to as Spam, a subset of carefully targeted and crafted emails that directly target you as an individual. These are the dangerous ones that we refer to as Phishing. When they are successful, sadly, they have often put into train a series of events that can end up with cybercriminals gaining access to your system and, ultimately, your data.

The techniques often employed to trick users by impersonating legitimate, trusted sources of email that often originate from compromised email accounts are called Business Email Compromise. (BEC).

Fake emails put your company at risk. BEC is responsible for 60% of fraud (tamitesecureit.com) because if I can send an email and it looks like it came from an internal email address or someone you trust, you are more likely to act on it.

The changes are focusing on making it more difficult to impersonate valid email addresses

The approach being put into place by Yahoo, Google, and the rest in February employs a system of checks on records that DMARC Domain-based Message Authentication, Reporting and Conformance employ. DMARC is an email authentication protocol. It is designed to give email domain owners the ability to protect their domain from unauthorized use, so the solution lies in the DNS records that every domain (your.com) uses to perform various technical functions.

To find out if you are DMARC compliant. Get a free evaluation using our DMARC report analyzer.

The need to implement DMARC

Being DMARC compliant involves setting up and monitoring a group of DNS records that perform the vital function of verifying that the email received originates from the purported sender.

DMARC is all about putting in a mechanism to prevent criminals and spammers from being able to create emails that look as if they come from a domain but are fake.

You may have read that the DMARC requirement being rolled out by Yahoo and Google only applies to large mail senders (Over 5,000 per day), but here is the rub.

The threshold will inevitably be reduced, and because larger companies will have complied with DMARC, making faking their email difficult for the Cybercriminals, as a result, inevitably, Cybercriminals will shift their focus to companies who aren’t DMARC compliant, the SMEs.

So my advice is that less Spam is a good thing, and making life more complicated for cybercriminals is in everyone’s interest, whatever size of business we run.

See how we can make your business DMARC-compliant and keep it compliant. Get a free evaluation using our DMARC report analyzer.

 

email delivery

Mail Authentication. (The technical stuff)

The first policy update affects your domain architecture. You now must use SPF (Sender Policy Framework), DKIM (DomainKeys Identified Mail), and DMARC (Domain-based Message Authentication, Reporting, and Conformance) to authenticate your emails and prove they’re coming from a legitimate source.

SPF

SPF is an email authentication protocol that allows the owner of a domain to specify which mail servers they use to send mail from that domain. SPF records are published in DNS (Domain Name System) records and are used to verify that incoming mail from a domain comes from an IP address authorized by that domain’s administrators.

DKIM

DKIM is another email authentication protocol that allows the owner of a domain to attach a digital signature to outgoing emails. The signature is verified by the recipient’s mail server, which checks the signature against the public key published in the domain’s DNS records.

DMARC

DMARC is a protocol that works with SPF and DKIM to authenticate email senders and prevent spoofing and Phishing. Once set up, DMARC ensures that the destination email systems trust messages sent from your domain. Using DMARC with SPF and DKIM gives organizations more protection against spoofing and phishing emails.

Find out if you are DMARC compliant. Get a free evaluation using our DMARC report analyzer.

Improving email security by implementing DMARC, SPF, and DKIM can leave you with the problem of what to do with DMARC reports.

 

DMARC reporting analyzer, dmarc record, xml feedback, xml files

The UK National Cyber Security Centre provides helpful guidance (Email security and anti-spoofing) on the records you should implement to be compliant and avoid using your domain for spamming and Phishing campaigns.

If you have created a DMARC record, you will know that DMARC provides reports in an XML format that should be monitored to ensure smooth operation.

Valimail DMARC Report Analyzer.

 

dmarc reporting, dmarc analyzer, dmarc record, dmarc aggregate reports, email deliverability, dmarc check

DMARC report analyzer tools continuously monitor DMARC XML reports to ensure proper authentication of legitimate emails. Large providers, such as Gmail, Outlook, Yahoo, etc., are already implementing DMARC. Your mail servers can receive reports from domains that show the email traffic, including the pass/fail rate of DMARC evaluation, email sources, and other relevant data.

Contact us to arrange your trial

Shadow IT?

One of the issues customers often experience is being unaware of all the email sources working on and within the business.

Often, Invoices or credit control are being performed for the business by a supplier or contractor; you may use Mailgun or Mailchimp for email mailshots.

These sources are often forgotten or were set up by a team within the business without the IT department’s knowledge, a practice known as Shadow IT.

Monitoring is the first step.

When using multiple email-sending sources, each will require its own SPF mechanism to be included in your SPF record; you can quickly exceed the lookups limit and cause a “perm error” result.

By using our DMARC service to manage DMARC and SPF, you can:

  • Have unlimited SPF DNS lookups
  • Optimise your SPF record
  • Add, remove, and update unlimited email service providers
  • Mitigate and avoid outgoing email loss caused by “permerror.”

The answer to what to do with DMARC reports.

Managed DMARC

With Managed DMARC, you can control your DMARC record(s) from your DMARC portal.

With Managed DMARC report analyzer, you can:

  • Manage the DMARC policy of your domains and subdomains on our platform simply and effectively.
  • Manage your RUA and RUF tags. (These reports are converted into data on your dashboard).
  • Manage your SPF and DKIM alignment mode.
  • Investigate what DMARC policy will be applied to your email.
  • Get a configuration overview with email authentication from your email-sending services. DMARC report analyzer tools continuously monitor DMARC XML reports to ensure proper authentication of legitimate emails. 

    Valimail, dmarc report analyzer, dmarc reports, dmarc analyzer, dmarc compliance, domain's dmarc record, dmarc failures

The Impact of DMARC Changes on Spam Filtering:

We can expect the world of Spam filtering to benefit from the changes being made to the landscape of email authentication protocols, specifically the upcoming changes to Domain-based Message Authentication, Reporting, & Conformance (DMARC), which are poised to impact how spam filtering solutions handle email significantly.

Enhanced Email Security:

DMARC’s stricter alignment policies will force senders to authenticate their emails using SPF, DKIM, or both. This significantly tightens the security net, making it harder for spammers to spoof legitimate domains and infiltrate inboxes. Spam filters can leverage these stricter checks to identify and block unauthorized emails more accurately, potentially reducing spam volume.

Improved User Experience:

DMARC changes can enhance user trust and email engagement by reducing spam influx. Fewer unwanted messages translate to cleaner, safer inboxes, streamlining communication and boosting productivity. Additionally, with increased sender accountability, users can feel more confident about the legitimacy of their emails.

Challenges and Considerations:

While DMARC promises a cleaner email ecosystem, its implementation presents particular challenges. The stricter policies might initially increase email bounce rates for legitimate senders who haven’t properly configured their DMARC records. Additionally, spammers will target smaller organisations that haven’t implemented DMARC. Cybercriminals might resort to more sophisticated techniques to bypass authentication protocols, necessitating continuous adaptation and improvement from spam filtering solutions.

Conclusion:

The DMARC changes represent a significant step towards a more secure and reliable email environment. While initial challenges exist, the long-term benefits for users and email service providers are undeniable. Spam filtering solutions must evolve to adapt to the stricter authentication protocols. Still, the resulting reduced Spam and improved user experience promise a brighter future for email communication.

Contact us to arrange your trial

 

Valimail monitoring dmarc compliance, xml files, dmarc reports, dmarc analyzer

Tamite – Valimail Automated solution

Valimail is a cloud-based email authentication platform that fully automates DMARC configuration and policy management. With Valimail, you can enforce DMARC quickly and painlessly without needing an internal IT staff. Our email authentication platform replaces manual effort and guesswork with automation.

Automated solution

Valimail takes on most of the workload, so you don’t have to worry about identifying services or changing your DNS configuration. You can get free visibility into the services by sending emails as you do and taking quick action based on easy-to-do lists and automated workflows on the platform. Our DMARC solution will notify you of any concerns so you can relax knowing your domains are protected.

The Valimail approach

To get started, you only need to make a single DNS update to point your DMARC record to the Valimail Sender Identity Platform. Valimail’s interactive interface displays email-sending services by name, making identifying and managing them easy. You can select the sending services you want to allow to send as your domain and make changes in the drop-down menu if needed. We can even help you find the legitimate owners of the services that we discover. Remember, you are either at full DMARC enforcement or you aren’t, and there is no middle ground in keeping your domains protected.

what to do with DMARC reports

The requirement to implement DMARC on domains is going to cause lots of companies difficulties as only a fraction, less than 70%, are compliant, and once you set DMARC in place, you are faced with the necessity of dealing with the data, what to do with DMARC reports?

Do you know if your domains are DMARC compliant and what to do with DMARC reports?

Make no mistake, this is a good and necessary move, and as a result, Email security is about to get better with the rollout of stricter DMARC compliance by major email platforms such as Google and Yahoo, and supported by many corporations.

In summary, DMARC is a powerful tool that helps protect your domain from being spoofed (impersonated) by verifying the authenticity of email messages sent from your domain and preventing unauthorized access to your email accounts.

Without a strict and accurate reject policy, attackers can easily:

  • Spoof customer emails
  • Send convincing phishing messages using your domain
  • Steal data and credentials

what to do with dmarc check

An alarmingly high number of cyber breaches use spoofed domains to help them to trick their victims.

The reason for this update is simple – it is too easy for cybercriminals to impersonate legitimate domains and send us illegitimate emails that appear to be from legitimate businesses.

DMARC compliance provides us with additional proof that the emails we receive are legitimate and will prevent our brands from being hijacked to carry out phishing attacks on our customers and suppliers.

If you’re not sure whether you’re DMARC compliant, we can check for you. DMARC settings are designed to verify sender identity and prevent unauthorized emails from domains from being delivered.

Without a strict and accurate reject policy, attackers can easily spoof customer emails, send convincing phishing messages, and steal data and credentials.

Google and Microsoft will start blocking all non-DMARC emails on the 1st of February to clamp down on threats initially for high-volume email senders, but this is only the first phase, and they will extend the update to cover everyone in the near future.

“We have expertise in resolving email issues and also offer our customers a DMARC report management service.” Get your free DMARC compliance report. 

 

DMARC check, monitor and report

The Email spam rules for Google and Yahoo are being updated and considerably tightened in February for most businesses; this will mean getting your IT or Webhost to do an SPF, DKIM and DMARC check and review your DNS settings or for a free check, contact us.

According to the announcement from this February, Google and Yahoo will begin enforcing new requirements for bulk email senders. The guidelines primarily focus on the authentication of outgoing emails, reported spam rates, and the ability to unsubscribe from email lists easily.

Get your business ready for the changes.

Interestingly, we have noticed that other providers and organisations have tightened their criteria over the last six months, resulting in message failures even for organisations that don’t meet the bulk sender criteria.  Even if you don’t send bulk emails, getting SPF and DMARC checks is essential to ensure your message gets to your intended recipients.

It will also be worth being on top of your Spam quarantine as more mail will potentially be marked as spam.

Google defined bulk senders in an early-October announcement as “those who send more than 5,000 messages to Gmail addresses in one day,” which caught the attention of email marketers in both B2B and B2C circles.

For further reading, Google Sender Guidelines

what to do with dmarc check

DKIM, DMARC checks and correct implementation of SPF are the email authentication requirements for bulk senders.

The two companies will require bulk email senders to use what Google calls “well-established best practices” to authenticate the sender.

Under the present recommendations, three mechanisms work together to create a cohesive approach to email authentication:

  • Sender Policy Framework (SPF) is designed to prevent domain spoofing by allowing the sender to identify the email servers permitted to send emails from or on behalf of their domain.
  • DomainKeys Identified Mail (DKIM) is potentially the most problematic as not all hosting providers support DKIM. DKIM requires a domain record to be put in place, effectively adding a digital signature to outgoing email, which verifies the message was sent by an authorised sender and wasn’t tampered with along the way.
  • Domain-based Message Authentication, Reporting and Conformance (DMARC): this DNS record allows domain owners to specify which actions to take when an email fails authentication. Such as quarantine, reject or even none; it also enables reporting on email authentication results and defines where the results will be sent.
  • DMARC’s reporting element for many businesses further complicates dealing with the resulting reports.

Google and Yahoo will require bulk senders to set up all three mechanisms by 1st February 2024. Still, as I mentioned earlier, we have already noticed a trend for messages to be treated as spam if the mechanisms aren’t present. Most suppliers will almost certainly follow Google and Yahoo, so it is probably as well to get on with it.

At Tamite Secure IT, we have been implementing the changes for all our business customers and offer monitoring of Domain records as a standard part of our service.

Booking.com – are you asking the question how strong is my password?

The latest problems at Booking.com illustrate the issues around password security and will have many people asking the question how strong is my password?

A strong password is only part of the answer; passwords can be brute forced, so where possible, adopt Multifactor Factor Authentication as well.

See the Guidance from the National Cyber Security Centre – How secure is my password

Password & Multifactor Authentication (MFA) Policy

To ensure better password hygiene, create a company password policy with the following guidelines:

  1. Use passwords that are at least eight characters long and include a combination of letters, numbers, and symbols. If you don’t use a password manager, adopt passphrases instead.
  2. Avoid using personal or company-specific words, names, or addresses in your passwords.
  3. Use a unique password for every service you use.
  4. Never write passwords on paper or in an insecure digital form. To manage your passwords, use a password manager. This will securely store and manage all your passwords in one place.

Use Multi-Factor Authentication. MFA reduces the likelihood of a breach by orders of magnitude. It uses your mobile device as a second security check for those who don’t know.

How strong is my password, and how can I better manage it in future?

We recommend our customers use Keeper Password ManagerKeeper Password Generator & Manager as it will store passwords, create strong passwords, manage multifactor authentication and check your existing passwords to ensure they aren’t reused or have been leaked in known data breaches.

Keeper Security business password manager software

So what is happening at Booking.com

More details on the problems presently being experienced at Booking.com are found in this article on the BBC. It looks as though passwords are only part of the issue; the other half of the task facing the security teams is managing accounts with admin rights, especially those used by suppliers.

Monitoring your accounts with admin rights and highlighting unused and redundant accounts is something that needs to be done across a company’s services, especially those that are cloud-based, so these days, that’s most of them.

Many of you will be looking at putting Microsoft’s Copilot in place to take advantage of the many benefits it will bring regarding productivity; who doesn’t need a virtual assistant?

One of your early priorities should be to ensure your M365 environment is secure, as the potential for inadvertently giving access to data and worse will be amplified by AI.

Much of the work towards a secure environment revolves around improving your Microsoft Secure Score, which can be done within your M365 tenant; we prefer to use our preferred management tool, Octiga 365, as it also highlights areas where security can be improved.

 

Keeper Password Generator & Manager

This article from the BBC graphically demonstrates the need for us to use a password generator to create secure credentials; left to ourselves, we (humans) are just not up to the task of creating unique, complex credentials.

23andMe data leak article
It also looks like the companies we rely on to secure our data are often not up to the task; in this case, the genetic testing firm 23andMe could have insisted. They presumably manage the services their customers log onto and so should have set up policies to stop customers from using simple passwords.

23andMe, in effect, could have insisted customers adhered to safe password practices, used an in-page password generator to choose a password and used multifactor authentication, but instead, they preferred to point the finger at irresponsible customers who re-used passwords.

We recommend our customers use the Keeper Password Manager.

Contact Us

password generator

Password & Multifactor Authentication (MFA) Policy

To ensure better password hygiene, create a company password policy with the following guidelines:
1. Use passwords that are at least eight characters long and include a combination of letters, numbers, and symbols. If you don’t use a password manager, adopt passphrases instead.
2. Avoid using personal or company-specific words, names, or addresses in your passwords.
3. Use a unique password for every service you use.
4. Never write passwords on paper or in an insecure digital form. To manage your passwords,  when creating passwords, use a password generator and adopt a password manager. This will securely store and manage all your passwords in one place.
Use Multi-Factor Authentication. MFA reduces the likelihood of a breach by orders of magnitude. It uses your mobile device as a second security check for those who don’t know.
We provide the business Password Manager. Keeper SecurityKeeper Security – business password manager manages all of your logins, suggests improvements, monitors for leaks of old passwords and alerts you to potential issues.

30 years of web browser security threats and 20 years of Cyber Awareness Month

Web browser security threats probably go back at least 30 years to 1994 and the advent of Microsoft Internet Explorer.

This year 2023, marks 20 years of Cybersecurity Awareness Month, so let’s spread a little awareness.

These days, children are given lessons at school about staying safe on the web, but many of us adults probably weren’t.

When you consider that most office-based workers spend 70-80% of their time on the web, it’s clear that companies should be training their staff and giving them the basics. That’s why Cyber Awareness Month is so important.

Before we talk about any technical layers of security that should be put in place, let us be clear that a lack of awareness can undo any efforts we make with the other security layers.

In the ever-evolving landscape of cybersecurity, some things remain constant. One of those is that over 70% of security issues are related to users accessing harmful content on the web – either directly through a web browser or indirectly by clicking on a link in an email.

IT Security Training protects against web browser security threats

It’s crucial to address the three primary threats that can compromise your online safety. These threats can be broadly categorized into three main areas:

  1. Web Browsing Security: The first layer of defence is your web browser. The internet is a vast realm, and what you click on and interact with can significantly impact your cybersecurity. Defending against web browser security threats such as malicious websites, phishing attempts, and unsafe downloads all pose potential risks. It’s imperative to exercise caution when browsing the web and avoid clicking on suspicious links.
  2.  Email Vulnerabilities: The second layer of vulnerability often intersects with web browsing – it’s what comes in over your email. Phishing emails, malware-laden attachments, and social engineering attacks can all infiltrate your inbox. Email filtering solutions are crucial in identifying and quarantining such threats before they reach your inbox.
  3. Social Media Interactions: The 2.5 layer refers to what and who you interact with through social media. Cybercriminals often exploit personal information shared on social media platforms to craft convincing phishing attempts or impersonate trusted contacts. Being cautious about sharing sensitive information and scrutinising friend requests and messages is vital.

To protect against these threats, three layers of security are essential:

  • Human Firewall: The first and most critical layer is the one inside your head – your knowledge and awareness. Cybersecurity education and training are paramount. This awareness extends to understanding the potential risks and how to respond when facing a suspicious situation.
  • DNS Web Filtering: Implementing DNS web filtering solutions to tackle web browser security threats by helping prevent access to malicious or inappropriate websites. This layer of protection acts as a barrier to keep users away from dangerous online territories.
  • Email Filtering: Email filtering solutions, powered by advanced algorithms and threat intelligence, can identify and quarantine potentially harmful emails. This layer is indispensable in preventing phishing attempts and malware distribution via email.

As we celebrate the 20th anniversary of Cybersecurity Awareness Month in 2023, it’s evident that a well-rounded approach to cybersecurity is necessary. While technical security layers are vital, they are less effective without the crucial human firewall. Therefore, individuals and organisations must invest in cyber awareness training, informing themselves about the latest threats and best practices. Combining technical defences with an educated and vigilant user base can significantly reduce the risks posed by the ever-evolving threat landscape.

Grasping AI, the opportunity to supercharge your business efficiency and Office Microsoft 365 plans business security.

Microsoft 365 plans business security
Clippy’s back, and this time he’s got muscles

Grasping AI, the opportunity to supercharge your business efficiency, Microsoft 365 plans business security.

Microsoft 365 plans business security and efficiency with AI.

Presuming Artificial Intelligence (AI) doesn’t go rogue and decide to put an end to humanity or enslave us, it is likely that we will see AI becoming increasingly involved with our work and home lives.

Over the next few years, many of us will see AI within the products we know and love assisting us and doing stuff on our behalf.

Goldman Sachs predicts an increase in Global GDP of 7% over the next decade due to improvements in productivity due to Artificial Intelligence.

At some point in the future, we will all have personalised assistants (Alexa on steroids). Still, before that comes to pass, we can expect AI to be bolted onto all sorts of things we are already familiar with. So what will these integrations look like? And what will it mean for me?

Predictably technology companies such as Microsoft are early adopters; AI is poised to revolutionise information technology (IT), offering innovative solutions that enhance productivity, streamline processes, and optimise operations. Microsoft’s integrations with Microsoft 365 (formerly known as Office 365) exemplify how AI is harnessed to improve and assist us in various IT aspects.

Microsoft 365 plans business security and efficiency with future AI updates.

  1. Virtual IT Assistants and Chatbots: Integrating AI-powered chatbots into M365 environments allows employees to receive instant IT support and assistance. These virtual assistants can guide users through troubleshooting steps, provide solutions to common IT problems, and even automate routine tasks such as password resets, reducing the burden on IT helpdesks.
  2. Natural Language Processing for Documentation and Collaboration: AI-driven natural language processing can be used to improve collaboration and knowledge management within M365. For example, AI can automatically extract essential information from documents and emails, categorise content, and recommend relevant files to users, making finding and sharing information easier.
  3. Intelligent Data Analysis and Insights: AI-driven analytics tools within M365 can analyse large datasets to extract valuable insights. For instance, AI algorithms can identify trends in user behaviour, helping organisations understand how employees interact with their tools and applications. This information can be used to optimise workflows and improve user experience.
  4. Automated Threat Detection and Response: AI-powered security solutions integrated with M365 can monitor network traffic, identify unusual patterns, and detect potential security breaches in real-time. These systems can automatically respond to threats by isolating compromised devices or quarantining suspicious files, thus enhancing the overall security posture of an organisation.
  5. Predictive Maintenance for Infrastructure: AI can be employed to monitor the health and performance of IT infrastructure, such as servers and network components. By analysing data from these systems, AI algorithms can predict when hardware failures are likely to occur, enabling proactive maintenance and minimising downtime.

 

Data backup is vital as Government raise Ransomware to tier 1 threat

The UK Government has effectively raised the stakes for businesses that don’t adequately look after the multiple threats posed by Cyber Criminals; we recommend a layered approach that includes data backup to cover all your bases.

In early February, Foreign Secretary James Cleverly announced the NCA (National Crime Agency) crackdown on perpetrators of Ransomware, potentially affecting how businesses deal with Ransomware incidents.

UK Gov Elevates Ransomware to Highest threat status

The UK government have given Ransomware Tier 1 threat status, elevating it to the highest level and demonstrating government fears of the damage done to UK businesses and institutions.

Simultaneously the announcement of seven Russian nationals who have had assets frozen and travel bans imposed.

UK cracks down on ransomware actors – GOV.UK (www.gov.uk)

The reason for the elevation of Ransomware to tier 1 national security threat coincides with attacks against businesses and public sector organisations becoming increasingly common.

Recent victims include UK schools, local authorities and firms.

The new campaign of concerted action actively coordinated with the US; thus far, 149 British victims of Ransomware known as Conti and Ryuk have been identified by the National Crime Agency (NCA)

The threat according to the National Cyber Security Centre

NCSC Chief Executive Officer Lindy Cameron said:

“Ransomware is the most acute cyber threat facing the UK, and attacks by criminal groups show just how devastating its impact can be”.

“The NCSC is working with partners to bear down on ransomware attacks and those responsible, helping to prevent incidents and improve our collective resilience”.

“It is vital organisations take immediate steps to limit their risk by following the NCSC’s advice on how to put robust defences in place to protect their networks”.

Tamite Secure IT recommend layered security, including a robust approach to data backup

*What do the NCSC mean by robust defences? The most common approach is what is termed layered security and should include data backup.

Victims of ransomware attacks should use the UK government’s Cyber Incident Signposting Site as soon as possible after an attack.

The UK’s Office of Financial Sanctions Implementation (OFSI) is also publishing new public guidance that sets out these new sanctions’ implications in ransomware cases.

The individuals designated today are:

  • Vitaliy Kovalev
  • Valery Sedletski
  • Valentin Karyagin
  • Maksim Mikhailov
  • Dmitry Pleshevskiy
  • Mikhail Iskritskiy
  • Ivan Vakhromeyev

Paying the ransom could make you guilty of of breaching the sanctions

Making funds available to the individuals such as paying ransomware, including in crypto assets, is prohibited under these sanctions. Organisations should have or should put in place robust cyber security and incident management systems in place to prevent and manage serious cyber incidents.

The cost of a successful ransomware incident to your business far outweighs the costs of implementing a Data Security Strategy. Therefore, we often recommend Acronis Cyber Protect to our SME customers as part of the strategy.

Data Backup & Disaster recovery

The reason is simple, Acronis are known for its data backup capabilities and online backup pricing; however, we have been impressed by the Cyber security functions built into the product, including Ransomware Protection.

 

 

Lessons to be learned from Schools hit by data leak after Cyber Attack

Learning from the mistakes made by others is a valuable way of evaluating your Cyber Security Plans.

Fourteen schools in the UK appear to be victims of the Cyber Crime group known as the Vice Society.

It’s always worth looking at these incidents as they highlight weaknesses in our Cyber Security plans.

The take-outs from this incident would appear that GDPR guidelines around not holding information for longer than necessary are eminently sensible.

At first sight, I would say data seems to have been held onto longer than necessary.

Unfortunately, this all too easily happens unless you have strict routines for purging outdated data records; this should be a part of your Cyber Security Plan; sometimes, data just gets forgotten and lurks about potentially posing an unnecessary risk forever.

A word on encryption, it’s relatively easy & cheap to put in place.

Not enough companies employ encryption to ensure data is safe on your PC or server and when it is in transit.

Email encryption and secure data vaults like the Acronis File Share are valuable tools that help exchange sensitive data securely.

Below is a list of affected schools identified so far.

Carmel College, St Helens

Durham Johnston Comprehensive School

Frances King School of English, London/Dublin

Gateway College, Hamilton, Leicester

Holy Family RC + CE College, Heywood

Lampton School, Hounslow, London

Mossbourne Federation, London

Pilton Community College, Barnstaple

Samuel Ryder Academy, St Albans

School of Oriental and African Studies, London

St Paul’s Catholic College, Sunbury-on-Thames

Test Valley School, Stockbridge

The De Montfort School, Evesham

One of the positive things you can do is monitor the dark web to see if data relating to your business is present.

leaked password database

Are your credentials & passwords being advertised for sale on the Dark Web?

We are very excited by the capabilities of our new product Trillion’s leaked password and credential reporting tool.

Trillion’s database and algorithms provide an unrivalled ability to detect data breaches and give you a vital early warning of a potential data leak in your organisation.

Would you like us to provide you with a free report?

Contact Us for a free report to demonstrate how we can protect you and your business.