CCNnews

Welcome to our first Monthly Blog Post where we will be discussing recent Cyber Attacks, Cyber Security and Recent Security Updates for commonly used programs.

Google Chrome HTTPS Update

Google Chrome have recently rolled out an update across all there browsers & apps that will label any site without a valid SSL Certificate as ‘Unsecure’. The warning will apply to all internet facing websites as well as all private intranet websites.

Unsecure Websites are insecure for various reasons such as:

• Customer information, like credit card numbers is NOT encrypted and can be intercepted.
• Visitors can not verify the identity of the website

Moving forward CCN recommends all users to NOT access any websites that are prompted as ‘Unsecure’ to ensure your own safety

Ransomware Attack Hits Bristol Airport

On September 19^th, Bristol Airport suffered a ransomware attack that led to all displays displaying as Out of Service. This was the result of poor Cyber Security by Bristol Airport that allowed malicious attacks to encrypt all there back-end systems.

While this breach did not directly impact anyone’s confidential data it still had a detrimental effect on the operations of Bristol Airport, it also further displayed that Cyber Attacks are REAL and will pose a threat to organisations moving forward.

British Airways Data Breach

On September 6^th, British Airways announced that the personal and payment details such as names, email addresses and credit card information was compromised and stolen in a data breach.

British Airways said the hack compromised 382000 transactions that were carried out between the 21^st August & 5^th September.

The breach has now been resolved but British Airways advises that anyone who processed a transaction during this time frame to change their passwords across all services.

How to Protect Yourself from Cyber Attacks

Following the above mentioned Cyber Attacks it is important that end-users take the necessary steps to protect themselves if they are involved in a Cyber Attack/Data Breach on a company. There are various steps you can take to protect yourself;

2FA (2 Factor Authentication)

2 Factor Authentication is a security method that involves a end-user requiring numerous methods of authentication to log into a service, for example;

1. A User Enters their Password followed by a SMS Message Code
2. A User logs into a company’s Intranet with their password followed by scanning a smart card.

2FA Authentication is extremely important as it means if your password is compromised in a data breach an attack can not just simply log into your accounts as they will not have access to your secondary method of authentication.

Password Strength and Reuse

As well 2FA it is also highly important that end-users do NOT reuse platforms across platforms, it is also highly recommended that all passwords should be between 16-24 characters combined with password being constructed of random characters & symbols.

1. It is advised that end-users now utilize the use of password managers such as
   1. 1Password
   2. LastPass
2. Password Managers are secure vaults protected by 2-4 layers of authentication that can store your passwords and sensitive passwords & pins etc.

Regularly Update all your Devices

The final step I am going to talk about today is why it is important to regularly update your devices.

There are currently whitehat hackers all around the globe actively ‘hacking’ all internet enabled devices to find vulnerabilities which are then reported to the software companies before malicious hackers find the vulnerabilities.

There vulnerabilities are then typically patched in all those annoying windows updates that Microsoft now force on you in Windows 10.

Apple also now FORCE you to update your iPhones, iPads – If you fail to update sometimes you may be at risk of SEVERE security updates that could put yourself at risk as well as your personal information such as credit card numbers etc.