FFT news digest  Jun 1 2018

Email risks

Complying with the EU's new data protection regulation means focussing on the basics, and nowhere is this more relevant than with email. Data from the UK Information Commissioner's Office shows the most common technology-related incidents last year weren't caused by hacking but by simple mistakes in using email. These included sending messages to the wrong person and failing to use the blind copy function to hide recipients' email addresses. Ad-blocking company, Ghostery, provided a vivid illustration of this type of mistake by sending users an email with more than 500 addresses in the "To" field. With delightful irony, the message assured recipients that it had "implemented measures to reinforce security and ensure compliance with all aspects of the EU legislation."

Insider risks (again)

Last week we reported on the number of staff using unapproved services at work. This week there's a reminder about the risk of insiders taking data away with them. In a letter, Coca-Cola said a former employee had been found with a hard drive containing personal information of 8,000 staff. In a similar incident this year, Sun Trust Bank revealed that a former employee had stolen contact lists potentially exposing personal details of up to 1.5 million customers. PwC's Global State of Information Security Survey 2018 showed that insider threats remain the main source of security incidents and multiple surveys show that it is common for employees to take data with them when they leave a job.

Router basics

The FBI says turn it off and turn it on again, and they're not joking. The advice follows last week's alert accusing a Russian-linked group of using a tool called VPNFilter to target home and small office routers. Cisco's Talos Lab said at least 500,000 devices from Linksys, Netgear, MikroTik, TP-Link and QNAP were among those affected. They have advised users to update the firmware on their devices, but the FBI's recommendations are worth reading by anyone with a router. As well as rebooting it, you should turn off remote management and change the default administrator password. Even if your device isn't from one of the affected brands, you should also check to make sure you are using the most up to date firmware. Unless you take those steps, there's not much point turning it off and on again.

North Korea 

Frantic efforts to set up a presidential summit appear to have done nothing to stop North Korean cyber attacks. According to a US government bulletin, a group sponsored by Pyongyang is targeting businesses in the US and elsewhere. The US Computer Emergency Readiness Team (US-CERT) said two tools are being used. One, known as Brambul, is a brute-force tool that spreads through Server Message Block (SMB), which is the protocol that enables shared access to files on a Windows network. The second is a Remote Access Trojan dubbed Joanap which gives the attacker wide-ranging controls over an infected machine. Protection requires keeping systems updated, implementing firewalls, scanning emails and downloads, and restricting user permissions.

Encrypted email

Following reports of vulnerabilities in encrypted email, patches have been released and advice is available for how to use it safely. The Electronic Frontier Foundation's key recommendation is to avoid using PGP with email clients that display HTML email. The EFF says you should turn that feature off and, if you can't, use a standalone application to decrypt and encrypt email. While some clients have been updated and are now considered safe to use, others are not. The EFF warns against GPGTools and Apple Mail because it has been shown to be vulnerable. There's also a reminder that your email security depends on everyone you're communicating with so it's essential they follow best practices as well. As the EFF points out, while these issues are frustrating, the real problem is a more fundamental one with email itself.

Internet trends

Renowned venture capitalist, Mary Meeker, has released her annual Internet Trends report and, if you don't have time to read it, here are some highlights.     
- Almost half the world's population - about 3.6 billion people - are now on the internet, many of them thanks to the spread of wifi and cheap Android phones.
- Voice technology has reached an inflection point with 95% accuracy and a rise in Amazon Echo sales from 10 to 30 million inn 2017.
- Americans spent 5.9 hours consuming digital media in 2017. In 2008, the figure was 2.7 hours.
- 9 of the 20 largest Internet companies are Chinese.

In brief

The UK was the most breached country in Europe last year, according to research from Thales. Its report found 37% of UK businesses experienced data breaches in 2017.

Unsurprisingly, there's been a rise in phishing attacks exploiting the World Cup. Kaspersky says ticket sales, fake lottery winnings, and advertising spam are all being used.

The Canadian hacker who helped Russian agents break into thousands of Yahoo accounts has been sentenced to 5 years in jail by a court in California. Ultimately, all 3 billion of Yahoo's user accounts were breached.

Following its ban in Russia, messaging service, Telegram, has accused Apple of imposing a global block on updates to the app. This means some functions won't work under the latest iOS version.

Updates

Apple: iOS 11.4 includes Messages in iCloud. This stores all messages in the cloud and syncs them across all devices. This means that when you delete a message on one device, it is deleted everywhere.

Firefox: Mozilla is rolling out support for two-factor authentication using apps such as Google Authenticator.

Chrome: Google releases version 67.0.3396.62 for Windows, Mac, and Linux. It addresses vulnerabilities that a remote attacker could exploit to take control of an affected system and also extends support for password-free logins.

Atlassian: A bug in products including Jira and Confluence exposed private server keys. Users are advised to ensure they are using latest version.

Full Frame Technology

What we do 
Who we are 
Need to know
Privacy Notice
Website terms

Address

152-160 City Road
London, EC1V 2NX

Contacts
Email: info@fullframetech.com
Phone: +44 (0) 20 3290 2205
Support: +44 (0) 20 3290 2207

Company registration no. 10243217

© Copyright 2021 Full Frame Technology - All Rights Reserved