To round off a fantastic year at Metadigm we are offering 12 FREE Gifts to celebrate the 12 Days of Christmas.
We will be giving away a complimentary gift daily. Surprises include theatre trips, bottles of bubbly and treats to cover all your IT needs.
Click here to view all 12 offers.
On behalf of Metadigm, we wish you a very Merry Christmas and a Happy New Year.
In IT security this week, Russian politics were targeted, during the general election currently taking place. Complaints have been received that hackers targeted websites alleging election violations. Golos, an election monitor financed by the west, and a news website Slon said they were both forced offline by hackers.
Also in the news, on Monday more than 4,000 websites may have been infected by a massive SQL injection attack. While this is just speculation at this time, several reports had been seen of sites being injected with a string that is inserted into several tables.
Mark Hofman, a handler from the SANS Internet Storm Centre, said that around 80 sites which originally showed up in a Google search increased to 200 sites around 12 hours later, and a few hours later than that it increased to 1,000 with the last check exceeding 4,000. Visitors to hacked sites are being redirected to pages trying to push rogue anti-virus programs or another payload.
This week Metadigm has kicked off CRYPTOCard’s ICE (In Case of Emergency) Campaign. While the festive period can be one of joy, it can also put a huge strain on businesses, with unpredictable weather employees can often not get into work. However, this does not have to be an issue this winter! CRYPTOCard ICE solution helps reduce the security risk during a business disruption by allowing staff to log in using two-factor authentication tokens rather than the standard password login method, which can lead your network open to hackers.
Please email info@metadigm.co.uk to request more information regarding Cryptocard’s ICE Token solution and how Metadigm can assist you generally for remote access options this winter.
Last week the Big Brother Watch (BBW) published a report whose findings were based on a Freedom of Information request sent to every council in the country covering the loss of personal information by council employees between August 2008 and August 2011.
“Despite having access to increasing amounts of data and being responsible for even more services, local authorities are simply not able to say our personal information is safe with them.” Nick Pickles, BBW’s Director.
A report published yesterday by the Big Brother Watch, based upon the Freedom of Information requests sent to every council in the country, found that Buckinghamshire County Council had the most number of breaches, a staggering 72 over a space of two years.
London councils, who are responsible for over 100 cases of data breach, including the loss of information of children in care. 18 of the capitals 33 councils admitted 113 cases of data loss, including the theft of more than 60 computers, and the loss of at least 3 USB sticks containing information of children in social services.
MP’s last month called for courts to have the power to jail those breaching the Data Protection Data
“The fact that only a tiny fraction of staff have been dismissed brings into question how seriously managers take protecting the privacy of their service users and residents.”
Is your company protected from a breach? Contact Metadigm and chat with one of our expert engineers to find out.
Check Point, one of Metadigm’s Premier Partners, released the results of a recent survey, which uncovered that nearly half of all UK public and private sector organisations are still risking data breaches, loss and potential leaks from their portable devices. A staggering 43% said they did not have encryption deployed and a further 5% admitted they did not even know if encryption was used.
This evidence shows that a huge proportion of businesses are still vulnerable to breaches from loss or theft of their devices. In addition, the survey also questioned the 130 UK IT managers and senior IT staff revealed that only half of their employees use data encryption to protect removable media such as USB memory sticks, removable drives and DVD’s.
A growing issue for businesses has become the number of employees that use smart phones or personal laptops for work purposes. The survey revealed that a staggering 42% of employees who use portable devices had no formal process for deploying security to those devices, leaving their company as a whole in jeopardy. What is even more disturbing is the realisation that only 17% of the organisations asked said they insisted on deploying security on personal devices used for work purposes. Terry Greer-King, Check Point’s UK Managing Director said:
“It’s encouraging that more UK firms are protecting their laptops and data, but the rate of growth is slow, and nearly half of organisations still do not secure data on portable computers and devices. At the same time, new threats such as consumerization and emerging, and many organisations haven’t established measures to secure the use of personal laptops and smartphones in the workplace”.
Also in the news this week Facebook has fallen victim to yet another hack, this time the culprit posting pornographic and indecent images, and is vowing to seek legal action for those responsible. The multi-billion pound company has blamed the hack on a ‘self-XSS vulnerability in the browser” that tricked users into pasting and executing malicious JavaScript in their address bars which cause them to unknowingly share this offensive content.
This week saw the release of the Norton Cybercrime Report 2011, claiming that our reliance and newfound addiction to the smartphone has led to a colossal rise in cyber crime. While smartphones are viewed as a wonder of technology, they are ultimately “a fully fledged computer that’s sitting in your pocket”, and one that can ultimately deceive you.
The smartphone is used by the average person to store emails, bank details, twitter and Facebook accounts. However, Cryptocard’s Jason Hart opened up about how smartphones will in fact be the downfall of technology. Mr Hart described how all a criminal would have to do it set up an ‘evil-twin’ Wi-Fi connection and if people connect to it, within seconds their passwords and other sensitive data could be compromised.
Cyber criminals are now starting to focus on mobile devices not only because people are using them more for personal transactions such on online banking and shopping, but also because people are unaware of the evolving threats and lack of security on a mobile device, therefore they are extremely easy to hack in to. Consumers often forget simple things such as having a strong password, regular backups of their data, using secure wireless connections, and general vigilance.
“The proliferation of ‘smart’ mobile devices with access to the Internet has widened the cyber criminals playground and given them more avenues to launch malicious attacks”.
Cyber crime is real, and in no way different from offline crime. In the real world, we are cautious about sharing information with strangers, and we should be no different when using mobile technology.
So what can you do to prevent cyber crime on your mobile device? Contact Metadigm who can help you eliminate threats before hackers cause you any harm!
In the last week two educational institutions have been found breaking the Data Protection Act after failing to adequately protect laptops, which were subsequently stolen. Both The ‘Association of School and College leaders” and a school in Barnet had laptops stolen, both of them holding data which was unencrypted. Information located on each stolen laptop included pupils names, addresses, exam grades and information relating to their physical and mental health.
An investigation by the Information ‘Commissioner’s Office’ (ICO) led to the discovery that the correct data protection prevention methods were not in place. Sally Anne Poole from the ICO said the fact the laptops were not encrypted was “inexcusable”. The incident at the school in Barnet led Surrey Council being fined £120,000.
The Barnet School now claims steps have been taken to prevent any future data breaches. “We have learnt from this experience and hope other schools will as well.”
Are you an educational establishment or a County Council worried about whether your technology is secure? Contact Metadigm today to find out!
Betfair established that the theft included not only the payment card details of most of its customers but also 3.15m account usernames with encrypted security questions, 2.9m usernames with one or more addresses, and almost 90,000 account usernames with bank account details.
The company Betfair were forced to inform authorities including the UK Serious Organised Crime Agency and Royal Bank of Scotland – the lender responsible for accepting credit and debit card payments made via Betfair.
However, what is considerably more alarming, and what is leading experts to suggest this will become the poster child for how a company completely fails in security and breach response is the fact that the company sat on the fence and decided not to inform any of its customers.
Betfair prides itself in being a technology-based company, handling more than 5m transactions per day. A worrying claim considering the volume and sensitivity of data stolen.
Also in the news this week a watchdog has stated NHS data security breaches are just ‘plain daft’ and are ‘as bad as gossiping about patients down the pub’. Jonathan Bamford, the head of strategic liaison at the information Commissioner’s Office, claims that NHS staff should be more aware of data security risks as patient confidentiality “Is at the heart of what they do”.
“The conundrum for me is that those very same people who wouldn’t dream of chatting about patient information at Costa Coffee or down the curry house are the very same people who are losing memory sticks with lots of information on it, who are doing daft things with people’s personal information.”
Bamford used the example of the Dartford and Gravesham NHS trust, which recently mistakenly destroyed 10,000 health records that were left in a destruction room, because the archiving room was full. This type of breach occurs when someone logs into a computer then allows other colleagues to use the same address.
It is generally the case that these NHS security breaches are occurring not because of hackers, but because staff are not properly informed. Get in contact with Metadigm today, and one of our expert engineers will help with education and services to put your company’s worries to rest!
It was announced this week that Check Point, currently recognised as a worldwide leader in securing the Internet, now also features in the ‘leaders’ quadrant in Gartner’s recent Magic Quadrant for Mobile Data Protection 2011.
Check Point is recognised by those in the industry for its thorough endpoint solutions that secure data on mobile platforms such as laptops, smartphones and removable media. These endpoint solutions help customers avoid the loss, theft and unauthorized access of information. Companies who suffer the most from security breaches are those who have laptops and removable devices stolen or lost. This makes securing mobile endpoints a top priority for companies, and Metadigm can do this for you!
Juliette Sultan, head of global marketing at Check Point Software Technologies stated, “We believe our positioning in the Magic Quadrant affirms our strategic vision and the extremely high ratings we get from out customers in this area. We will continue to deliver the best technology solutions to protect their mobile data.”
Also in the press this week is yet another NHS Trust in trouble, the Eastern and Coastal Kent Primary Trust lost 1.6 million patients information, including addresses, date of births and NHS numbers. The information was held on a CD and was lost in the process of moving office premises. While attempts to retrieve the CD were made, it is yet to be found.
Dr Trefor Roscoe, a GP and former medical IT consultant said on the issue, “This is what happens when people who don’t know what they are doing are allowed to alter details on a computer”.
If your anxious your company is not sufficiently secure, contact Metadigm, and let us do the worrying for you!
According to a report released last week the cost of cyber crime reaches a total of a staggering £27 billion. The report, carried out by the Cabinet Office and Detica, the cyber division of BAE Systems, led to the conclusion that the Government now considers cybercrime as one of the four main threats to national security, with the other three being terrorist attack, natural disasters and attack by foreign power.
The industrial sector most affected by cybercrime is pharmaceuticals, costing £18 billion last year alone. The next most vulnerable were software and electronics companies.
Many businesses make the assumption that a firewall or basic anti-virus software is sufficient protection, however this is not the case. To reverse this line of thought, the Cabinet Office is expected to imminently release its latest strategy on cybercrime, informing companies to upgrade their protection and outline details of how government and industry can work side-by-side to reduce the threat.
“Intellectual property theft is just like someone going through your safe. Except that you don’t know it’s happened.” Tom Burton, Detica.
However, recent reports show that there is a serious disconnect is how people view the threat posed by cybercrime, with companies not doing enough to protect themselves. . Despite 74% of people claiming they are aware of cybercrime, 41% of those do not have an up-to-date security software package.
Also in the press this week, a Senator in the United States has released details of a new legislation entitled the ‘Personal Data Protection and Breach Accountability Act of 2011’ which will protect individuals personal information from data theft and additionally penalize companies that do not secure their customers information sufficiently.
The bill holds that any business with over 10,000 customers complies with ‘appropriate minimum security plans’ and failure to meet such standards will result in a fine. Of course from a moral perspective, companies should already be doing everything then can to protect their customers and employees data, but if such a law were introduced in the UK are you confident your company is doing all it can to protect itself?
Get in contact with Metadigm today to talk to one of our expert engineers and find out whether your company is taking the precautions it should be.
Last week Turkish hackers who call themselves ‘Turkish Security’ hijacked several high profile websites, redirecting those who logged on to a page that claimed it was ‘World Hackers Day’ and made claims such as “hacking is not a crime”. Companies targeted involved Vodafone and The Daily Telegraph.
The hackers did not infiltrate the website themselves, but the DNS servers operated by NetNames, used to direct computers to correct web page. The group, who have claimed several attacks since 2008 suggest that they carry out attacks ‘for fun’.
A spokesperson for security firm Sophos said “I think these guys are basically showing off that this was possible and highlighting that whoever controlled the entries for these websites was not keeping them properly secured”.
Aziz Maakaroun from web security experts Outpost24 UK added: “Had [the hackers] chosen to link to a site that serves up malware, the ramifications could have been enormous for innocent Internet users.
Cases such as this emphasize the need for companies to protect their networks. Make sure your company is protected, contact Metadigm NOW!
