Don’t let Cybercriminals catch you offside this World Cup

No Comments

As the World Cup buzz (thankfully not that of the notorious Vuvuzela’s) gets louder make sure you can protect your employees, students or other web users and most importantly yourself, from phishing, scams and other dangerous nasty stuff during and likely lingering after, this year’s World Cup in Brazil.

Phishing, malware

Kaspersky Lab’s Senior Security Researcher, Fabio Assolini revealed that in Brazil alone there are 50-60 new phishing domains detected and blocked each day. World Cup hype of course spreads far beyond the country hosting this year’s much anticipated event, resulting in multi-national concern for user safety.

Sophisticated design presents legitimate-looking web pages– often using recognisable brand graphics, such as Mastercard/Visa etc, photos of well-known personalities – prompting users to enter personal details or download malicious files. These sites can appear to be safe by using  ‘https’, the ‘S’ standing for secure is unfortunately a metric we can no longer fully trust, as cyber criminals can now purchase ‘valid’ SSL certificates from certification authorities including Comodo, EssentialSSL, Starfield and more.

Further reinforcing the impressive work of the phishers, these ‘ligit’ looking sites are also served up in mobile format, risking mobile users who click a link on their smartphone or other device. Kaspersky’s Assolini has a few good examples of these risky sites sporting professional design in his blog.

West Spam United

After nabbing a few tips to identify a devious webpage, you may think an email with your full name, address, DOB and mother’s maiden name must be the real deal, I mean they know all of this about you.

Well, unfortunately, you’d be wrong. Breached databases are spilling out from News rooms everywhere, occurring anywhere from huge organisations to SMEs. The stolen data is bought by cybercriminals who gain a wealth of personal information, and can use this to obtain a user’s trust. According to Kaspersky this is one strategy adopted by spammers, an email may state ‘You have won a ticket’ and prompt the user to download a PDF with Trojan banker.

The second option is to send an ‘Impersonal email’, again with a subject hinting at World Cup ticket prizes, or the like. These tend to direct the user to a webpage - via a link in the email – which would contain digitally-signed malware. For example, “To ‘claim’ your ticket print it off” and when clicked the link will point to a digitally-signed Trojan banker.

Send the criminals offside!!

You may think that because you’re not going to Brazil, and you’re not buying any tickets, that you are safe. Unfortunately you are wrong…very wrong. Web users whether in your home, or workplace can be at risk of malware-infected phishing sites and spam emails, these steps can help keep you right.

Interacting with ‘World Cup’ impersonating webpages in an attempt to view online content such as streaming services, can present huge risk to the network and also put great strain on bandwidth. If pages such as these are left running in the background, in a corporate or educational environment, the impact on bandwidth can impinge on business-critical tasks.

To keep Web users secure from spam and phishing this World Cup we can promote (and embrace yourself) here’s some simple tips,

1. *Broken-record-moment* Do NOT click on a link in an email if you are (even slightly) unsure as to who it was sent from, the same goes for opening attachments.

2. Websites with ‘httpS’ are generally more secure than ‘http’ but cannot necessarily be fully trusted.

3. Ensure anti-malware is installed, ensure it blacklists phishing sites, and ENSURE (most importantly) it is up-to-date.

4. Any Web or Email filter must be categorizing in real-time ensuring dangerous sites and emails (both personal and business) are blocked at the point-of-request, and the filter must offer bandwidth control.

Please excuse the Football-related puns, I couldn’t resist

Unravelling the confusion around Net Neutrality

No Comments

Recent news headlines (Business Insider) can provide us with a little intro into what ‘Network Neutrality’ (the topic in question) is, and more importantly what difference it will, or will not make to our connected online lives.

The FCC Just Approved a Proposal That Will Completely Change the Internet As We Know It

“Ignore the Complaints of Netflix’s CEO, the Internet Isn’t Ruined … Yet”

What’s it all really about?!

Net neutrality in essence is the belief that the Internet should be a free and open platform, without discrimination based on what you choose to use your bandwidth on.

I feel this is more than fair enough… it is our broadband aka our Internet after all, so I will do with it what I wish (as long as I stay within the law, again fair enough). To put this in perspective, I would not expect to have the power cut/slowed for my Xbox One, purely because my electricity provider prefers Sony and the PS4?!

So why should ISPs, for example Comcast (famously against net neutrality) have the power to decide if Netflix, for instance, is a priority, and reduce bandwidth speeds based on how they are choosing to distribute. Comcast’s affiliate company NBC could be given top priority and run like a dream, and if they choose to, they can force Netflix to run very, very slowly. Alternatively in the worst case scenario (yes there really is a worse scenario than a SLOW streaming service) they could force users to pay extra to even gain access to the sites and content they desire.

The site linked below, offers a great visual scroll-through of what ISPs give us now, with a neutral Internet, and what would happen to the way our bandwidth is served up should this open, free Internet be swiped from beneath our terrified little feet. http://www.theopeninter.net/

Changes such as these to the Internet we all know and - let’s be honest - love, we do really, could affect numerous aspects to our lives. I do not feel I am being melo-dramatic about this either, hear a thought-provoking take on net neutrality from ‘The Woz’ himself back in 2010.

“If I had to pay for each bit I used on my 6502 microprocessor, I would not have been able to build my own computers anyway. What if we paid for our roads per mile that we drove?”

And his views now?

“The early Internet was so accidental, it also was free and open in this sense… Please, I beg you, open your senses to the will of the people to keep the Internet as free as possible.” The Register, Steve Wozniak, 2014

This link will take you to an image which could be a pretty scary glimpse into what ISPs may be offering in their service packages, should Comcast and others’ get their way, note this is an exaggerated projection, yet remains horribly believable as to what could become our future broadband bill….

Charges for each different type of content you want? Not nice is it?!

So now we need to focus on the most recent dispute on net neutrality - there have been a few - and what this means for us. From what I can identify we have two options/scenarios/things that will happen anyway, out-with our control… but I will lay these out (in plain ol’ English) so we are all on the same page. Simply put by the Guardian, “The proposal either protects or undermines net neutrality, depending on how much you trust the FCC.”

1. Apply an ‘effective competition test’ in which there would be a bar where any deal must provide evidence of being “commercially reasonable” and ISPs have to achieve this level in order to prioritize specific traffic.

2. The FCC declare the Internet to be a utility, such as water or electricity, i.e. data is transmitted at an equal rate, mirroring the way our power travels across the grid, in a neutralway. This was how broadband was treated until 2002 when George W Bush separated telecoms communications from “information services”.

Unravelling the confusion around Net Neutrality

No Comments

Recent news headlines (Business Insider) can provide us with a little intro into what ‘Network Neutrality’ (the topic in question) is, and more importantly what difference it will, or will not make to our connected online lives.

The FCC Just Approved a Proposal That Will Completely Change the Internet As We Know It

“Ignore the Complaints of Netflix’s CEO, the Internet Isn’t Ruined … Yet”

What’s it all really about?!

Net neutrality in essence is the belief that the Internet should be a free and open platform, without discrimination based on what you choose to use your bandwidth on.

I feel this is more than fair enough… it is our broadband aka our Internet after all, so I will do with it what I wish (as long as I stay within the law, again fair enough). To put this in perspective, I would not expect to have the power cut/slowed for my Xbox One, purely because my electricity provider prefers Sony and the PS4?!

So why should ISPs, for example Comcast (famously against net neutrality) have the power to decide if Netflix, for instance, is a priority, and reduce bandwidth speeds based on how they are choosing to distribute. Comcast’s affiliate company NBC could be given top priority and run like a dream, and if they choose to, they can force Netflix to run very, very slowly. Alternatively in the worst case scenario (yes there really is a worse scenario than a SLOW streaming service) they could force users to pay extra to even gain access to the sites and content they desire.

The site linked below, offers a great visual scroll-through of what ISPs give us now, with a neutral Internet, and what would happen to the way our bandwidth is served up should this open, free Internet be swiped from beneath our terrified little feet. http://www.theopeninter.net/

Changes such as these to the Internet we all know and - let’s be honest - love, we do really, could affect numerous aspects to our lives. I do not feel I am being melo-dramatic about this either, hear a thought-provoking take on net neutrality from ‘The Woz’ himself back in 2010.

“If I had to pay for each bit I used on my 6502 microprocessor, I would not have been able to build my own computers anyway. What if we paid for our roads per mile that we drove?”

And his views now?

“The early Internet was so accidental, it also was free and open in this sense… Please, I beg you, open your senses to the will of the people to keep the Internet as free as possible.” The Register, Steve Wozniak, 2014

This link will take you to an image which could be a pretty scary glimpse into what ISPs may be offering in their service packages, should Comcast and others’ get their way, note this is an exaggerated projection, yet remains horribly believable as to what could become our future broadband bill….

Charges for each different type of content you want? Not nice is it?!

So now we need to focus on the most recent dispute on net neutrality - there have been a few - and what this means for us. From what I can identify we have two options/scenarios/things that will happen anyway, out-with our control… but I will lay these out (in plain ol’ English) so we are all on the same page. Simply put by the Guardian, “The proposal either protects or undermines net neutrality, depending on how much you trust the FCC.”

1. Apply an ‘effective competition test’ in which there would be a bar where any deal must provide evidence of being “commercially reasonable” and ISPs have to achieve this level in order to prioritize specific traffic.

2. The FCC declare the Internet to be a utility, such as water or electricity, i.e. data is transmitted at an equal rate, mirroring the way our power travels across the grid, in a neutral way. This was how broadband was treated until 2002 when George W Bush separated telecoms communications from “information services”.

What’s all this hype about the ‘Deep Web’?

No Comments

Bloxx CEO Charles Sweeney recently wrote for Tech Radar, “What is the Deep Web and why should you care about it?” this leading tech discussion site covers IT insights from a business point of view.

The Deep Web, or as it’s sometimes referred to, the Dark Web, is something of a hot topic at the moment. Businesses must ensure they are doing the utmost to protect their network from the bad guys, but also from their own employees and in many cases – unintentionally – even themselves. Knowledge on what is out there and the risks that could be presented to organisations as a result, is the secret to taking the first steps toward improving defences against cyber threats.

The Dark Web is not identifiable by any search engine, this being the primary intention of these sites, the content within these is not indexed by Google and the other search engine tools. The web you can search – the web we know – which you may think is vast, and extensive, is really just the ‘tip of the iceberg’. Earlier this year we created our ‘Big Web’ infographic which gives you a visual low-down of this concept, and a stack of facts about other nasties on the darker side of the Internet.
Many recent stories have cast a new bout of interest on the Deep Web, you may have picked up on news of the website ‘Silk Road’ being shut down. If not - don’t worry you are probably not alone - the short of it is, effectively this was a ‘black market’ website used within a network on the Dark Web to trade – mainly – illegal goods and services. Eventually the creator was arrested and forced to shut it down, however replicate versions of this type of site easily, and quickly go live to replace the predecessor.

This site existed on the open-source network, ‘Tor’ (The Onion Router), a tool previously rarely discussed outside of the tech community, but now features regularly on mainstream media, and causes a few headaches for the NSA. The creators of this network shun accusations it solely provides a platform for malicious and/or illegal activity, and present their argument with lists of legitimate users their service is beneficial to, including journalists and whistleblowers etc. Their claim is that this is a service to escape the surveillance we hear so much of, allowing users to browse anonymously, hence the NSA’s annoyance.

We can’t see it, so we’re not worried…

When a business thinks about Internet Security, the Web they may have never been on, and that Google cannot find, may not be a priority in their Web filtering concerns or cyber security strategy. However as discussed by Sweeney from an enterprise perspective the Deep Web presents key challenges.

Organisations require a Web content filter that controls any use of anonymous proxies, by using real-time categorization and not relying on any URL lists, to ensure employees don’t access the Deep Web at work, on purpose or accidentally (and yes, it is possible!). In addition the Tech Radar article highlights the difficulties in ‘keeping the bad guys out’, of something you cannot see.

Why the Dark Web was created, and however it is being used, it exists, so do you know all you need to know about the Internet’s malicious big brother?

_________________________________________

Download the Bloxx Infographic here.

Read the full article by Charles Sweeney, on Tech Radar.

Why cybercriminals pay more for your Social Media passwords, than your credit card details…

No Comments

With the incredible boom in social media the number of websites we are signed-up to, is constantly rising, from Facebook, to EduGeek, online banking to shopping etc, it is near impossible to remember all the different passwords, usernames and security questions. So the simple solution? Make them all the same of course.

And you’ve just made your first mistake. I made it too, and I’m sure we’re not alone.  So why is it important to be cautious with your passwords?  Well, your Social Media passwords are valuable, especially to cyber criminals

So how can my Social Media log in details be given a value?

Every time a data breach occurs it influences the black market. When Target Corp systems were compromised it caused an influx of credit card details to the online ‘underground’ market – with the number of details stolen, rumoured to be around the 40million mark (not including the additional 70million or so, names and addresses which were stolen).

Breaches like this cause a surge of data which overloads the black market with credit card information and as the rule of supply and demand goes, this reduces the value to cyber criminals. While once described as ‘the currency of the black market’ the value of credit card information now decreases very quickly. The telegraph reports that the price attached to such data tends to range from $20-$40 when ‘fresh’ but rapidly drops to around $2 once deemed ‘stale’.

In contrast, social networking log-in credentials can be valued from around $16 up to a shocking - $325, according to the Telegraph. The reason being, cyber criminals can obtain far more information about an individual from their social networks, and this is reflected in the monetary value. The amount of data social networking sites hold about you is substantial, and can be used for the theft of your identity -worryingly this doesn’t just affect you, the cyber criminals will also gain trusted access to all your contacts too.

I may be painting the picture for a somewhat dangerous, bleak, online future?

Well, it doesn’t have to be.

According to The Independent Press there is no guarantee that you can be 100% safe from cybercrime, but if you follow these simple steps you will – at the least – reduce the risk of becoming a cyber-victim;

- Alternate passwords between accounts, use a capital letter, and possibly add a symbol at the end, further reinforcing it

- You could alternate the symbol from one account to the next, so you will only have that one symbol to remember for each account, i.e. BlaBlaBla789! – Facebook

- Do not use your email as a username, this streamlines the process for cyber criminals to connect the dots of your additional accounts using that email address.

- Get a firewall, keep it up-to-date.

- NEVER click on a link in an email, EVEN if you think you trust the sender, direct yourself to the URL independently on your browser.

- Bookmark your known online banking page, go there first, or call your bank directly. DON’T click the link, just to reiterate… again.

- Ensure all of your mobile devices are password-secured, or locked in some way, and protected so if stolen thieves will not have full access to all your synced accounts (i.e. social networking, email, banking…)

- Be wary of apps and WiFi hotspots, both have reduced security levels, and can easily mask criminal activity.

All the brilliant sites and resources available online are there to be enjoyed, but stay safe and secure so your data doesn’t end up in the wrong hands…..oh and don’t forget to tell your friends too, easily share this blog with the buttons below.

Join the conversation on Twitter - @Bloxx

Bypassing that annoying Web filter? It’s not just the organisation’s network being put at risk.

No Comments

Bloxx recently carried out research with over 200 education organisations in the UK and USA, investigating how they cope with the ever-challenging issue of Anonymous Proxies, and the level of non-IT staff awareness on the relating issues.

So, what actually is an ‘Anonymous Proxy’?

1. The most popular way for Internet users to bypass Web filtering restrictions. Essentially they are websites which allow the user to bypass a filtering restriction and ‘anonymously’ connect them to their desired site, e.g. Facebook at school, or a shopping site in the office.

2. Anonymous Proxy sites themselves may not always be malicious, but as our survey highlights, many of them are used to access inappropriate content. Regardless of user intentions, due to the ‘anonymous’ nature, the site destination could contain inappropriate or malicious material.

3. The availability of proxy sites has increased dramatically in the past few years due to the simplicity in creating one, or ease of learning how to. Web filters that rely on URL lists to block access to new proxy sites, are no longer efficient or effective.

As you can imagine these sites can create concern for organisations of any type, however where educational institutions are concerned the safety of the students is paramount. Accessing inappropriate content for any amount of time could result in various problems, so the faster IT identifies and blocks access the better. When a new anonymous proxy becomes available, you can bet that word spreads across campus very quickly, further enhancing the need for swift action.

Are these still a problem?

Across all respondents, 67% stated that they still struggle to deal with Anonymous Proxies. Of this group 13% highlighted the issue was either, a ‘fairly serious’ or ‘major’ problem in their organisation, and spent a considerable amount of time controlling the issue.

As mentioned, the length of time an Anonymous Proxy site is live on a network can be crucial in determining the severity of the outcome from a student accessing a website that would normally be blocked. Following these words of warning, worryingly 33% of those surveyed claimed it took ‘a few days’ or a ‘week or more’ to identify and block access to new proxy sites.

This may suggest success for the 65% who said they deal with these sites within a few hours, but this small amount of time can still be incredibly detrimental. If a student finds a proxy site and accesses inappropriate content, even for minutes, the material could still be shared once the site is blocked, via ‘screen shots’, emails or even sharing photographs taken of the screen.

Don’t worry, all this ‘doom and gloom’ doesn’t mean your network has to be open to vulnerabilities.

Aside from implementing a Web filter which does not rely on a URL list, but identifies and blocks proxies in real-time, there are various steps organisations can take to help secure their network, and possibly more importantly their students.

One key point highlighted in our research regarding the management of these sites was that 63% of respondents questioned, identified that non-IT staff had either ‘little understanding’, or simply ‘basic knowledge’ of Anonymous Proxies and the risks they carry. Educating staff on Anonymous Proxies could provide a basis for working with students to ensure all parties understand the risks, ideally this should include parents or guardians too.

Students are more than likely well aware of the Acceptable Use Policy (AUP) which should state that using these sites is not allowed. However, it is less likely that these students will have any idea that by using these sites that the login and password details they enter through the proxy site could be captured by the Anonymous Proxy’s creator.

Login credentials being stolen can significantly reduce network security of the entire establishment, furthermore it risks putting their own personal details in the hands of potentially malicious individuals or groups. As these details may be concerning minors, and/or sensitive information this should be one of the key concerns for all involved. Our survey, surprisingly, identified that just 9% stated that theft of confidential data was a main concern.

_______________________________________________________

Download our Helpsheet: “Anonymous Proxies, 5 Facts You Need to Know”,
great for teachers, parents and students alike.


You can also download the full Survey Results Report PDF here.

_______________________________________________________


Got your own opinions on Anonymous Proxies, a personal experience of them,
get in touch and join the conversation with @Bloxx on Twitter.


5 Security Predictions from Bloxx for 2014

No Comments

As 2013 draws to a close, it is only natural that we start to look to the year ahead and what developments it might bring. Charles Sweeney, CEO, Bloxx outlines five trends he thinks will dominate the security agenda in 2014:

1. Privacy

Snowden’s revelations about NSA and the alleged extent to which corporations such as Microsoft have supposedly complied have reverberated around the world. Not only are diplomatic international relations at an all time low, but so is trust in the ‘big machine.’ In a bid to reassure enterprises and consumers alike both Yahoo and Google have announced measures to help them defeat NSA surveillance. Companies spend millions of pounds each year securing themselves from hackers, online criminals and the unknown, but little did they realise that potentially they were being spied on from within.

What will be interesting in 2014 is whether these revelations will impact how companies communicate, via what channels, whether they start to question larger vendors about their relationships with national security programmes and if we’ll see spend on encryption rise next year.

2. Shining a light on the dark web

How do you keep track of the rise of the Internet? 97 new websites are added every minute and last year 51 million websites joined the online community. By 2017 every three minutes the amount of data equivalent to every single movie ever made will cross the Internet. Mind boggling. So it’s therefore no surprise that the number of indexed pages has seen an impressive 50 per cent growth since 2008.

But it’s just the surface web that can be indexed by search engines - the deep web cannot. And this is a big problem because the deep web is 500 times the size of the surface web. The deep web is the dark side of the Internet where fraud, unauthorised leaks of information, copyright infringement and child abuse images are hidden. The dark web might be a formidable opponent, but in 2014 corporates, organisations and Government’s will become more committed to shining a light into the darker side of the web and will invest to make it more transparent.

3. Will 2014 be the year the desktop finally dies?

You might be thinking that this is a bit of an old one, after all we all know that PC sales are in decline and that tablets and smartphones is where it’s at. But whilst the desktop might be dying and BYOD (or CYOD, select the acronym of you choice) might be on the rise, mobility brings with it some serious questions. After all it’s a lot harder to steal a desktop then it is to pinch someone’s tablet. There has been much talk about how companies need to secure mobile devices but less chatter about what this transition actually means for security. The two are very different.

Data leakage is a serious issue and according to the Information Commissioner’s Office the majority of sensitive data finds itself into the wrong hands the good old fashioned way; i.e. a council sold some laptops and forgot to wipe the hard drive. How much more prolific - and unmanageable - is that problem when it is exacerbated across tablets, smartphones and other connected devices? As the desktop continues to die out in 2014, many organisations may well find themselves lacking the 360-degree view they need to ensure that there aren’t any security blind spots in their network.

4. Compliance

Compliance is monolithic monster that just seems to get bigger and bigger each year. Whereas previously organisations could pay a certain amount of lip service to regulations, austerity has bought with it a renewed focus on corporate governance and whether you are in the public sector of the financial services industry, you can be sure regulators are becoming more fastidious. The problem is that in the past companies have either been compliant or secure, but continued tough market conditions and an increasingly sophisticated attacks mean that in 2014 they’ll need to be both.

5. Has security stopped innovating?

It would be easy to think that as one big brand after another has its customers details or other sensitive information stolen, that the security industry is destined to be forever one step behind the hackers. But this isn’t the case at all. 2013 saw a lot of interesting start up activity in the security space and I believe that will continue into 2014. Smaller companies often bring with them fresh approaches to established problems. Whilst the larger vendors might have the big research and development budgets, they don’t have the agility to move quickly in order to integrate new technologies or the boldness to deploy them in different ways.

In 2014, I think the smaller companies will steal a march on the larger vendors as their innovations catch the eye of big enterprises and public sector organisations who cannot deny they need a fresh - and more cost effective approach.

What could your HTTPS traffic be hiding?

No Comments

Netcraft has reported a recent phishing attack on the Malaysian Government’s secured police website. The fake PayPal site uses the valid SSL certificate from the site to trick potential victims that the site is legitimate so that they will provide sensitive information such as usernames and passwords. Most users will assume that if they see HTTPS and a green Padlock then the site is “legitimate” and “safe” without checking the URL matches the site in front of their eyes.

In fact I’ve seen and heard this specific advice given to the public on at least four occasions over the past month – if the address begins with HTTPS and has as padlock then the site is safe. However, the obvious fact that is often omitted is that you also need to check that the URL in the address bar actually corresponds to the site in question. You need the correct URL + a valid certificate for that URL.

For example if the site you think you are connecting to is Paypal, then the address needs to begin https://www.paypal and not https://www.paypalnow, or https://www.fakepaypalsite. Ok the last one is a bit too obvious, but it’s amazing how much trust people put into a URL they have clicked after being sent a phishing email.

The police website had been compromised by the criminals as this much easier than obtaining a domain and hosting the phishing site. Though choosing a law enforcement site has a beautiful irony somehow.

The SSL certificate itself was valid but the certificate authority, in this case Symantec, had not revoked the certificate through a Certificate Revocation list or by using on-demand OSCP responses. However some browsers don’t handle revocation

For example, according to Netcraft, in this instance, as the certificate does not contain an OCSP URL it is irrevocable in Firefox.

The good news is that if your Web filter includes anti-phishing protection as standard, then these phishing attacks are normally detected and blocked on the outbound URL request, thereby minimizing the risk to your network and users.

Empowering Learning with BYOD - new ebook!

No Comments

Bring Your Own Device (BYOD) is the simple idea that students and staff can bring their own Internet-enabled device onto campus and use it to help them learn or work. But there are challenges and barriers that need to be overcome for a BYOD program to succeed.

Key questions around any roll out include:

- Why go BYOD?
- Which model should you adopt?
- What are the organizational, financial and pedagogical implications?
- What issues need taken into account?

All of these, and more, are discussed in our brand new ebook. Authored by award-winning teacher and educational technologist Ollie Bray, this is a must read for anyone involved in education.

To download your free copy of Empowering Learning with BYOD visit http://tinyurl.com/qejovyd

Plans for U.K’s Web access to be filtered in public areas

1 Comment

This highly debated issue was once again raised a few weeks ago, but may not be as simple as planned.

Read more…