fva-630-skull-and-crossbones-computer-virus-hacking-credit-shutterstock-630w Compared to Windows PCs, Apple’s Mac computers have always been relatively virus free. However, a recent security attack has proved this is no longer true.

March 2016 saw a significant attack on Mac users which involved hijacking the Transmission BitTorrent app in order to deliver ransomware to its victims. It sounds like your stereotypical Windows attack, but why is it now happening to Macs? After all, the general consensus has been that they’re immune from viruses.

Seeing as Macs are very important to a huge number of businesses, I’m going to investigate this latest attack to analyze how it occurred and what it means for Mac users.

The Nature of the Mac Ransomware

computer-viruses

The unknown attackers used ransomware in their attack against Apple users and it’s a type of cyber-attack which is becoming increasingly popular. In this instance, the hackers were able to gain access to users’ systems through the Transmission BitTorrent app. This allowed the hackers to download malicious software onto the Macs. This software literally held the Mac users to ransom by encrypting their files and demanding $400 to release them.

How Did Apple’s Guard Drop?

For a very long time, Apple users were confident that Macs were safe from cyber-attacks. And for a long time this was generally true. This, however, wasn’t down to cutting edge security technology.

The truth is that hackers didn’t have much interest in targeting an Apple Mac. The reason for this is that Apple has a much smaller share of the market than Windows PCs. Why would a hacker want to spend their time writing software which could only target a small number of users?

This fact perhaps led to a sense of complacency on Apple’s part, so they weren’t expecting vulnerabilities in their operating system to be exploited so easily. Unfortunately, Apple’s Gatekeeper security software has, itself, been shown to contain numerous back doors through which hackers can cause chaos.

One of the main routes into Apple’s system is by tricking it to accept pre-approved developer certificates which have been faked. This allows users to download software which isn’t produced by who it says it is and, therefore, can’t be trusted. And this is exactly what happened with the Transmission BitTorrent app.

The Future for Apple Security

mac-shield

This recent attack is not the first security scandal to hit Apple. In 2014, there were around  10,000  – 70,000 attacks on Mac computers per month, but this rose dramatically in 2015 and is set to multiply significantly in 2016.

These figures are very startling for Apple, so it’s crucial that they take a look at Microsoft’s approach to internet security. Due to their dominance of the computer market, Microsoft has had to ensure their PCs are resistant to attacks. Steps taken have included:

  • Working with hackers to understand how they have attacked Windows
  • Offering cash rewards to anyone who finds new security flaws in Windows

It’s essential that Apple take a long hard look at their Gatekeeper software and evaluate how it can be improved. If they don’t they stand to alienate their customers if ransomware attacks continue.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


intel-logo

In response to a decline in PC sales, Intel has unveiled their new processor – 6th gen Core vPro – which promises to transform business computing.

PC sales fell by 10.6% during Q4 2015, so growth in the market appears to be slowing down. Naturally, this is the last thing that PC manufacturers want to hear, so will Intel’s new chip give the market a shot in the arm?

It’s an intriguing question and, to fully understand it, we need to take a look at why the market has slowed down and what Intel’s new processor can bring to the table.

Decrease in Sales

The number of new PCs sold in 2015 fell below 300 million and, whilst this sounds a huge amount, it’s actually the lowest number of yearly sales since 2008. Consumers, then, appear to be holding off on that glittering upgrade, but why is this?

Well, back in the early 00s, you could expect the cost of PC processors to fall every 18 months whilst the number of transistors would double – this was known as Moore’s law. The result was a cheaper, but more powerful processor. And businesses, keen to stay at the cutting edge of technology, were happy to upgrade to maintain an advantage over competitors.

However, as we’ll discover, Moore’s law has not remained constant and the speed increases are not what they once were.

Introducing the 6th Gen Core vPro

JL5l9pJ2g4zc.878x0.Z-Z96KYq

Intel’s latest processor hopes to offer businesses that little bit extra to convince them that an upgrade is necessary.

The question on most consumers’ lips – as ever – is “will this processor speed up our business operations?” and the answer is a resounding YES! However, although, the increase in speed is estimated to be around 2.5x faster, this is only when compared to a 2011 PC.

The increase in speed is relatively small compared to previous advancements in speed. Couple that with an increase in the cost of transistors and you can see why progress has slowed.

Speed has increased, though, and Intel’s new chip has plenty more to tempt businesses into parting with their cash.

Intel has also improved the efficiency of their conference connectivity software Intel Unite to provide smoother connections between the myriad of different adapters and connections. This will sound like an absolute dream for anyone who’s ever tried to set up video conferencing!

Also at the forefront of Intel’s sale pitch is their strong focus on security. We live in a world where the potential for cyber-attacks seems to increase by the day, so Intel is moving into hardware based security. Utilizing multi factor authentication, Intel Authenticate will aim to reduce current data security threats by around 25%.

And this will involve much more sophisticated methods than SMS authentication or old fashioned passwords. Intel is moving into the 21st century with fingerprint scanning and smartphone/PC proximity checks.

Will PC Sales Increase?

it_photo_151033

Intel is certainly putting all it’s got into making sure the 6th gen Core vPro succeeds and I think they’ve got a good chance of achieving this. The increase in speed – although smaller than is historically expected – will be a real boon for businesses as will the enhanced security in an unsecure landscape.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


skype-lockAside from when video connections drop out, is a useful piece of software for businesses. However, the T9000 trojan is compromising Skype’s security.

Skype is an amazingly innovative app which has helped make the world that little bit smaller and cost effective. The days of having to pay extortionate rates to call people on the other side of the globe are over. And you can even throw in video conferencing as an added bonus!

Unfortunately, hackers are also innovative and if they discover there’s even a minuscule opportunity to breach a piece of software they’ll pounce upon it. Researchers at Palo Alto Networks have discovered that this is exactly what is happening with Skype and the T9000 trojan.

As Skype is an essential business tool, it was crucial to look through what the T9000 is capable of and how to protect yourself.

The Hard Facts about the T9000

Virus Detected

The T9000 trojan is actually an upgrade of the T5000 trojan which was first spotted in 2013/14. The delivery route of the T9000 trojan appears to be through spear phishing emails in the form of infected Rich Text Format (RTF) files which contain exploits for Microsoft Office controls.

Once the malware contained within these RTF files is activated, the following processes take place:

  • The first step the malware takes is to check for the presence of the 24 most common security products e.g. Kaspersky, AVG and McAfee
  • The malware is then installed onto the system’s hard drive and performs a number of checks which allow the T9000 trojan to relay information about the user’s system to the control and command centre supporting the attack
  • Three plugins (tyeu.dat, vnkd.dat and qhnj.dat) are then decompressed and executed on the infected system
  • The tyeu.dat plugin is the one which will hijack Skype through a user prompt next time Skype is started

If this user prompt is authorized then the T9000 can begin spying on the user’s Skype sessions.  This allows the T9000 the perfect opportunity to steal screenshots, audio and video data from the infected system.

The vnkd.dat plugin also works away in the background with its main intent being to steal files from the hard drive or any removable devices. Finally, the qhnj.dat plugin gives the control and command center the opportunity to send commands to the infected computers and spy on any user activity.

Protecting yourself from the T9000

virus_protection

The T9000 trojan is a very sophisticated piece of malware which threatens the security of your system on a number of different levels. The key to avoiding infection, as ever, is to practice good security methods.

Training staff on the dangers of unknown and unusual attachments is paramount, but your staff are only human and mistakes will no doubt be made. The T9000, however, is not infallible, so if your business has professional network security in place the threat will be limited or stopped in its tracks.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


email-threatsMalware causes many security concerns, but, just recently, hackers have been targeting the Ukraine’s electric distributors to bring havoc to power supplies.

Instead of merely targeting secure data such as financial and classified information, the authors behind the malware – known as Black Energy – are infiltrating the systems at leading energy suppliers to cause widespread disruption.

To better understand the serious risk that this can bring to a business, we decided to investigate exactly how the hackers are executing this attack.

What’s a Spear Phishing Email?

The malware attacks in the Ukraine have been carried out with the help of a spear phishing email, but what exactly is this?

Well, it’s pretty similar to your standard phishing email, but a little more sophisticated.

A spear phishing email attempts to deceive you by demonstrating a level of familiarity. For example, instead of starting with Dear Sir/Madam, it’s likely to use your actual name e.g. Dear Ben. And it’s also likely to make a reference, in some way, to an event in your life e.g. marriage, online purchase etc.

And where do they pull this information from? It’s pretty simple, social media sites and pretty much anywhere online where you may upload personal information.

By demonstrating some familiarity with yourself, the hacker is able to lower your defenses and increase their chances of extracting information and potential access to your system.

How Did Black Energy Gain Access?

Powerlines_2

The Black Energy malware attack involves a spear phishing email which contains a seemingly innocent Excel document. Once this document is opened, the recipient is advised to enable macros, but this is a big mistake!

Once the macros are enabled, the Trojan downloader loads up malware which is capable of executing files, keylogging secure data and taking screenshots. This backdoor into the infected system is operated through a Gmail account and contributes to the difficulty in tracing the hackers.

 

The Effect on Power Companies

Ukrainian power companies such as Prykarpattyaoblenergo and Kyivoblenergo have been attacked by Black Energy and suffered widespread disruption to their operations. The biggest impact of this has been the resulting outages in power for local regions.

Although it’s not been confirmed or denied, it’s unlikely that the Black Energy creators were actively involved in flicking the power switch off. It’s more likely that infected systems struggled to operate and are unable to boot correctly or freeze.

The cumulative effect of these symptoms is that the energy companies are unable to run their system as intended and things start to go wrong. In several cases, this has resulted in the reported power outages.

Obviously, energy is essential everyone in the surrounding community, so this threat is being taken very seriously.

Combating Spear Phishing Emails

fake-email

Spear phishing emails appear very genuine, but their deceptive power should not be underestimated as the Ukraine has learned. Business staff need to remain vigilant of all emails coming into their business in order to maintain security.

The authors behind Black Energy are yet to be identified, so the threat of them (and others like them) striking again remains a very real risk.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


windows-10-hero-official-wallpaper-

Many people have resisted migrating from Windows 7 and 8.1 to Windows 10, but Microsoft has now announced that new processors will only run on Windows 10.

You might have noticed, last summer, that windows were popping up on your PC encouraging you to switch to Microsoft’s latest operating system (OS) – Windows 10. However, a high percentage of users avoided hitting the ‘INSTALL’ button.

You see, Windows 8 was somewhat of a disaster for Microsoft, both technically and aesthetically. As a result, consumers were reticent to take up Microsoft’s offer of a free upgrade as they had no idea what would be waiting for them.

These fears were further compounded when story after story emerged of issues with Windows 10 e.g. security flaws and Microsoft actively forcing installs onto users’ systems. As I’m sure you’ll agree, though, progress is always necessary, so you were probably going to give in at some point.

Microsoft has decided to try and force your hand a little sooner with their announcement that new processors will only be compatible with Windows 10, so let’s take a look at what this means for you and your business.

What Exactly Has Microsoft Announced?

Microsoft is keen for the latest processors being designed to use the most up to date Windows OS. This means that new processors released by AMD, Intel and Qualcomm will only work on PCs running Windows 10. If you’re running an old OS, they simply won’t work. And when Windows 11 comes around, the exact same procedure will be put in place.

Why is Microsoft Making This Policy Change?

Windows-10-Free-Upgrade-Windows-10-Free-Insider-Program-Windows-10-how-Can-Upgrade-How-to-Upgrade-Windows-10-586338

Upgrading previous versions of Windows always had a financial pinch for consumers, but Windows 10 is completely free. This is all part of Microsoft’s plan to market Windows 10 as a service rather than a costly product.

Microsoft wants everyone to adopt it, so ensuring that Windows 10 is essential for new processors means there will be no choice but to upgrade.

It’s also a move which will keep hardware developers for Microsoft happy as they will no longer have to outlay huge amounts of cash on making their processors backwards compatible.

Does This Mean You Have to Upgrade Immediately?

Microsoft-Upgrade-Your-World-Windows-10-600x360-600x330

You might be concerned that Windows is forcing you to not only upgrade to Windows 10, but also to upgrade to one of the new processors. However, this couldn’t be further from the truth.

Windows 7 and 8.1 will still receive essential security and application updates for several years, so, as long as your hardware stays the same, your OS will remain supported.

However, remaining on an ‘antiquated’ OS is not the best way for your business to stay competitive and work to its full potential. That’s why it seems as though it’s only going to get harder and harder to resist the upgrade to Windows 10.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More