skip to main content

Cyber
Security

Cyber Security

Whilst this section may seem a little worrisome and for some people simplistic, it is intended to highlight some of the more obvious risks of our increasingly digital world and advise what you can do to sensibly protect yourself, by taking a few simple precautions. Here’s an opening statement for you, there is no such thing as 100% reliable security when dealing over the internet. It seems that sometimes it is not a very safe environment, but with a little care and common-sense, it mostly works well.

We have just rebuilt this website, for example, to ensure it cannot be hacked, because there is no code online that can be accessed, it is the equivalent of a photo-copy and as such cannot be edited for nefarious purposes. Neither do we store any information about our clients on this site or behind it, so it cannot be stolen, because it is not present.

  • Older company websites can be hacked, and data can be stolen. It happens, thankfully not too often but it does, as we have all read about, from time to time. This is the digital equivalent of burglary or breaking and entering. It seems quite difficult to ensure you are 100% secure. Even if you think you are, as no doubt most of the big firms hacked thought they were, determined crooks might find a vulnerability.
  • When it does happen, the perpetrators very rarely get caught or prosecuted and it appears there is very little the authorities can do about it. Although it seems, see Note *1, that at last some progress is being made.
  • At great cost and inconvenience we restore from backups and carry on. Remember the NHS systems being compromised? Do you remember anyone being prosecuted? The only person arrested in regard to this worldwide fraud was the chap who found a way to stop it. He was subsequently accused of and charged with creating banking malware. Hero to villain in a moment, but the real culprits, in this instance, were never apprehended.
  • Take precautions, be careful out there. Use antivirus software to protect your devices, they work.
  • Make sure you keep the systems you use, up to date with new releases. When vulnerabilities are found, providers release patches to fix the problem. Apply the updates, it works.
  • Never give out your passwords, no matter who you think is calling or asking.
  • Don’t respond to unsolicited calls from people saying they are calling from Microsoft because of a problem with your computer, they are not, they are fraudsters. See Note *1
  • The same for other unsolicited calls offering all manner of things for all sorts of plausible reasons. For example, saying your internet is going to be cut off if you don’t do something, or anyone of several other scams.
  • Check emails purporting to be from your bank or building society very carefully. They will never ask you for security information in this way. If they ask you to call them or login, do not do it from any links or numbers in the email you received.
  • Ditto Robo calls, where a recorded voice gives a warning and requests action, all fraud.
  • The UK’s Telephone Preference Service was intended to stop unsolicited calls, it is mostly useless. Many of the calls received come from abroad which means TPS is bypassed. It doesn’t even work well in this country.
  • International co-operation to stop fraud, a popular political football, deemed very valuable but in terms of results, there doesn’t seem to be much to show. There are active overseas call centre operations perpetrating fraud, where’s the co-operation in that. You can imagine the scene; a hapless phone crook being berated by the call centre supervisor for not having hit their daily quota of telephone fraud results. See Note *1.
  • HTTPS, indicates a secure web address. If you are paying online, the web address of the site should start with HTTPS, if not, don’t.
  • Spoofing & Phishing, forms of malicious emails from you or to you. If someone says they’ve received a suspicious email from you then you have probably been hacked or spoofed, meaning someone(a crook) is pretending to be you, change your email password immediately. If you receive an email from a source you don’t recognise or the message and content seem off, delete it and never, ever, open any attachments.
  • Malware is malicious computer software placed on your computer for bad purposes, such as stealing your banking details, usernames and passwords. Phishing is often how it gets there.
  • Ransomware. Exactly what happened to the NHS. Computers were infected because of a phishing attack and made inoperable, unless a ransom was paid.
  • Botnecks, a flock of breached computers that can be remotely controlled by a malicious third party to launch denial of service attacks and phishing emails.
  • DDOS, distributed denial of service. A mechanism, using infected computers, for launching intensive attacks on computer service providers to prevent normal usage.
  • Identity theft. It happens, somehow crooks get hold of your data, account number, name and address, even passwords and try to setup new accounts, purchase things etc, all in your name, for all manner of things, which is fraud. When disposing of confidential documents shred them before binning them. When you become aware act immediately, notify your bank, credit card providers etc to help stop any further fraudulent activity on your behalf, contact providers of new services and tell them what you think has happened. It will be trying.

Thank you for reading we hope you found this helpful, rather than depressing.

Note *1:

21st October 2019, it has been reported in the news that a joint operation with the UK and Indian police and Microsoft has resulted in two criminal call centres in India being shutdown with the perpetrators arrested. The call centres were allegedly targeting the UK with calls pretending to be from Microsoft, with the intent to defraud their victims. It took four years. One must also wonder how much Microsoft financial support contributed to the success of this action as understandably they wanted to protect their hard-earned good name and whether without that support, anything would have been done.

It may have taken a long time, but good job, well done. Now dear authorities just find some more funding and start to tackle the rest.

Get in touch