At the start of March 2023, a new National Cybersecurity Strategy was launched by the Biden administration. And it promises big things. 

The previous National Cybersecurity Strategy was released by the Trump administration in 2018. However, since then, the world and the internet has changed significantly. An updated strategy makes sense. But what exactly does it seek to change about the way in which we access and navigate our way through the internet? Well, for one thing, it starts by stating that the Biden administration will be investing $65 million in order to provide every American with access to high-speed internet. 

In terms of cybersecurity, however, the 2023 strategy tackles a much broader range of problems

The Ins and Outs of the 2023 National Cybersecurity Strategy 

The paper which outlines the 2023 National Cybersecurity Strategy is 35 pages long. It’s also a complex read. But this doesn’t mean the main takeaways are exclusive to high-level IT experts. This is why we’ve decided to help you by breaking down the five pillars that the paper covers: 

  1. One of the major priorities of the 2023 strategy is to secure our critical infrastructures. This means that essential systems and networks – such as energy grids and water supply systems – are at risk from cyberattacks. And, just imagine, if a group of threat actors disrupted power supplies, it would result in a major catastrophe. Therefore, the Biden administration is aiming to foster collaboration between government agencies and other stakeholders to identify and protect against any vulnerabilities. 
  1. Strengthening our cyber defenses and disrupting threat actors has been identified as a major area for the 2023 strategy to cover. This involves developing strong cybersecurity policies, ones which can quickly detect and respond to cyber-attacks. Once developed, these policies need to be implemented as seamlessly as possible to protect our networks. Naturally, investment in technology and skilled staff will feature heavily in the success of this second pillar. 
  1. The third pillar of the new National Cybersecurity Strategy seeks to make market forces drive security and resilience. This means that companies which own personal data will be expected to develop more secure storage systems, and existing laws will be updated to protect users against the risk of software vulnerabilities. The aim of this pillar is to ensure that developers need to foster higher standards of care. The result will be a safer digital landscape. 
  1. Investment is crucial in any area seeking to make improvements, and the internet always needs improvements. Accordingly, the Biden administration is seeking to improve three key areas: computing technology, clean energy technology and biotechnology/biomanufacturing. This pillar is also concerned with strengthening the US cyber workforce through enhanced education and digital awareness. 
  1. The final pillar in the 2023 strategy focusses on the importance of international partnerships to pursue shared goals. After all, the US alone cannot stop the rise of cybercrime. Common threats need to be addressed by sharing resources and pooling knowledge. The end objective is to deliver higher levels of assurance that digital systems and platforms are safe and secure. 

The latest National Cybersecurity Strategy continues the excellent foundations put in place over the last two decades. It’s a responsible step for the Biden administration to take and, at the very least, will provide peace of mind that the internet remains, on the whole, safe to use. 

For more ways to secure and optimize your business technology, contact your local IT professionals. 

Read More


Browsing online is a part of almost everyone’s daily routine, but the web can be a dangerous place. Therefore, you need to know how to browse online safely.

Malware, ransomware and viruses are just three of the nasty surprises you can find lurking online. These all have the potential to damage your PCs as well as compromising any data contained within them. It’s an unpredictable landscape, but one that can be navigated safely if you know what you are doing.

And we want to keep you safe. That’s why we’ve put together a list of the best ways to browse online safely:

  • Use a Secure Browser: To browse the internet you need to use an internet browser. And this browser needs to be secure. The most common browsers to be found in use on PCs are Chrome, Firefox and Internet Explorer. The good news is that all three are relatively secure. But this security can be tightened further by changing the browser’s safety parameters. So, to make things that little bit securer, turn off any autofill options (to avoid personal data being stolen) and turn cookies off (to enhance your privacy). 
  • Browse with a VPN: A virtual private network (VPN) is a sure fire method of maximizing your privacy online. A VPN will encrypt your data and conceal your location to make sure your privacy is maintained. This method of protection is most useful when you are browsing online through the use of public WiFi. Notoriously unsafe, public WiFi opens your connection up to numerous vulnerabilities. But, with a VPN in place, you can rest assured that you’re as safe as possible. We recommend Private Internet Access as a VPN service.
  • Always Check for HTTPS: The best site to browse safely is a secure site. But how you do you know if a site is secure? Well, the answer can easily be found in the address bar of your browser. A site’s security can instantly be assessed by checking to see if the URL starts with HTTPS or if there’s a padlock icon. If this is present then it means that any data sent to this site is private and secure. Otherwise, you should avoid submitting any data. 
  • Download from Trusted Sources: There are countless malicious websites online which have the potential to cause great damage. Visiting these websites is a dangerous step in itself, but downloading from them is a major mistake. A good rule of thumb for browsing online is that you should only ever download from a trusted source. And, if you’re even just 1% unsure, you should always get an IT professional to verify any potential downloads. 
  • Change Your Passwords Regularly: Passwords for online services are one of the best ways to enhance your security. But you need to change these regularly. A password which is frequently changed minimizes the risk of it being cracked or hacked. Ideally your passwords should be changed every 28 days to keep you one step ahead of any hackers. 

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


Each time that malware evolves it becomes more dangerous. And our data becomes less secure. A case in point is the Reductor malware.

We’re used to malware being used to download malicious files and open up remote access to infected PCs, but Reductor is different. It’s new and it does things differently. And it’s this unfamiliarity which makes it all the more dangerous. Focusing its target on web traffic, Reductor brings a new threat to data security. Combating it is crucial, but to do this you need to understand how Reductor works.

It’s not easy to understand how a new piece of malware operates, so let’s drill down into its core and see what we can discover.

The Basics behind Reductor

Reductor, which has only recently been uncovered by Kaspersky, is a sophisticated piece of malware. Its main objective is to compromise encrypted web traffic. But what does this mean? And how does Reductor achieve this? Well, when a website is secure it will use Hypertext Transfer Protocol Secure (HTTPS) to securely transmit data. And this allows sensitive data such as login and credit card details to be encrypted into nonsensical code. Anyone attempting to view this encrypted data will be unable to make use of it.

But Reductor allows hackers to view all of this sensitive data before it’s encrypted. It does this by compromising the Transport Layer Security (TLS) and manipulating the associated security certificates. Reductor also patches the pseudo random number generator (PRNG) to establish how the corresponding data will be encrypted. It’s then possible to decrypt any resulting data with ease. And, despite all this activity taking place, the web traffic does not exhibit any signs of having been altered. Therefore, Reductor is unlikely to arouse the suspicious of any infected users.

Staying Safe from Reductor

Web traffic contains such an immense amount of data that concealing it from prying eyes is crucial. Reductor aims to remove these barriers and exploit as much data as it can. But you can protect yourself by taking note of the following:

  • Run any downloaded files through anti-malware software to limit the risk of executing carefully concealed malware.

Thankfully, following the discovery of Reductor, the majority of anti-malware manufacturers now offer protection against Reductor and the ability to block it.

Final Thoughts

Privacy concerns have become a major issue over the last decade with malware being at the forefront of this rise. And Reductor is only going to fan these flames further. It’s likely that malware will evolve into something even more sophisticated over the next couple of years, so it’s important to take note of any developments in malware. As ever, proceed with caution online and, most importantly, if something looks suspicious do not click it.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


facebook-messenger

Facebook has 2 billion users, so it’s more than likely that the majority of your employees use it. However, did you know that Facebook can spread malware?

Malicious links – which appear to be for video files – are now being sent to users by their friends, but these links are highly deceptive. The main aim seems to be to collect login credentials and it doesn’t appear to download any malicious software such as ransomware. So, it may not be the most dangerous piece of malware, but it’s certainly a nuisance and indicates that a major malware attack could easily spread through millions, if not billions of systems.

Social media is an important sector of the business world now, so we’re going to take a look at exactly what’s happened in Facebook messenger and the best practices to avoid falling victim.

Click This Link…

The malicious messages arrive in users’ inbox and start with the user’s first name and simply say ‘video’ followed by a link which uses either a bit.ly or t.cn address. The link will then take the user to a Google Docs document which mimics a landing page and appears to house a playable video.

What’s interesting about clicking the video in question is that the destination it takes the user to is dependent on their web browser. Chrome users are taken to a fake YouTube page which downloads a malicious Chrome extension and Firefox users are redirected to a page requesting a download of malware disguised as a Flash player install. The malware delivered to Firefox users appears to consist of adware, so this indicates a financial motive, but the Chrome extension’s objective isn’t entirely clear.

Although there doesn’t appear to be any major damage caused by this malware campaign, it’s still considered a massive threat as it’s believed the malicious links are being spread by hijacked accounts. And this ensures that more and more spam is spread across Facebook and more login credentials are harvested along the way.

Now-Hackers-Can-Hack-Facebook-Messenger-App-To-Read-Or-Alter-Messages

Avoiding Facebook Malware

While email still packs a major punch in the world of malware, hacking messenger software is a natural progression due to its shift in popularity for communicating. And the Facebook Messenger malware demonstrates that there’s a possibility it could evolve into something much more dangerous. Therefore, it’s important that you take the following precautions to protect your organization’s networks:

  • Social media – on a personal level – access should be restricted, if not entirely banned, as it’s considered a huge distraction to workers. And, with this latest malware campaign, it would appear that it will soon become a popular access point for hackers to exploit – in fact, this isn’t the first Facebook hack to make headlines.
  • Employees need to be educated about the danger of clicking random links even if they’re sent by close friends. It only takes one click of a link for a hacker to gain access to every PC on your network, so this danger needs to be emphasized to all employees as part of their IT induction.
  • The importance of good password security should regularly be communicated to your staff. Facebook, for example, contains a vast amount of personal information such as where users works and, coupled with stolen login credentials, this could give hackers a head start on infiltrating your organizations network; this risk is magnified if passwords are not personalized for different applications.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More


Computer Keyboard with symbolic padlock key

Almost every business has a daily need to go online and interact with the internet, but to do this safely you need a little bit of browsing know-how.

Whilst most websites are relatively secure, it’s difficult to guarantee just how secure they are. And seeing as even government websites can be hacked, how do you know that, for example, that customer maintenance portal you have to log on to daily hasn’t been hacked for dubious means?

Avoiding this sort of scenario is crucial for your business to run smoothly, so I’ve prepared 6 tips to help you browse online safely and securely.

1. Use HTTPS Security

If a website is truly secure then its web URL should start “HTTPS:” and the “S” at the end stands for secure – provided by secure sockets layer (SSL) security. Conversely, if the web URL only starts “HTTP:” then the security behind it will be much less and can’t be taken for granted.

2. Avoid Public WiFi

NEW YORK, NY - JULY 11: A free Wi-Fi hotspot beams broadband internet from atop a public phone booth on July 11, 2012 in Manhattan, New York City. New York City launched a pilot program Wednesday to provide free public Wi-Fi at public phone booths around the five boroughs. The first ten booths were lit up with Wi-Fi routers attached to the top of existing phone booths, with six booths in Manhattan, two in Brooklyn, and one in Queens. Additional locations, including ones in the Bronx and Staten Island, are to be added soon. (Photo by John Moore/Getty Images)

Public WiFi may provide a fantastic service and serve many happy consumers, but unfortunately these networks have a less than amazing level of security protecting them. And hackers are able to easily infiltrate these networks with basic software to hijack the personal data of those accessing the public network.

3. Don’t Click on Phishing Websites

Phishing is a contemporary threat to your data and appears to be showing no signs of going away soon. This is why you need to be on your guard about phishing websites as they can be deceptive beasts at the best of times.

Links to these websites are usually emailed, but whilst the link may appear to seem innocent, it’s possible to engineer a link which reads www.amazon.com but redirects you to a different (and more dangerous) website.

This puts you at risk of infection and having your networks breached, so double check any suspicious links by hovering your mouse cursor over them to get a preview of the true web address.

4. Update Your Browser

Keeping your software up to date is vital to ensure that you’re well protected against hackers who have discovered vulnerabilities in that piece of software. And web browsers are no different, in fact, once support for out-dated web browsers is discontinued, hackers will discover vulnerabilities very quickly.

Therefore, it’s essential that you install all patches and updates as soon as possible to keep your browsing activity protected.

5. Disable Stored Passwords

Although activating the ‘store your passwords’ option may feel as though it’s going to make forgotten passwords a thing of the past, it can actually cause more trouble than it’s worth. You see, if your system becomes compromised by hackers, they can then access all your store passwords.

And the best way to avoid this is to work on a little bit of memory training to remember your passwords!

6. Have a Strong Arsenal

maxresdefault

Perhaps the best way to browse online safely and securely is to arm yourself with the best defenses possible. And the more defenses the better.

So, instead of just securing your network with a state of the art firewall, why not try adding in state of the art email filtering? And, you know what, if you also install web filtering software on top of that, you’re going to find your data becomes safer than ever before.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More