All posts by Paul Stradling

News

Job phishing: How to protect yourself from employment scams

Job phishing – using fraudulent job adverts to scam genuine jobseekers – is on the rise. Here, we look at how fraudsters operate and the steps you can take to protect yourself.

What Is Job Phishing? 

Job phishing refers to recruitment/employment scams where fraudsters pose as recruitment agents or reputable companies.

The fraudsters post fake job adverts and information about their businesses on fake websites and social accounts. But they even post on legitimate job websites.

They use a range of different media – from job adverts to emails and letters – and even set up fake job interviews to lure victims in. These fake positions are often “dream jobs”, with high salaries, great career opportunities and often the chance for overseas work. But all is not what it may seem.

Each scam is designed to prey on victims’ hopes in order to extract money and personal details from them. Fraudsters then use those details to steal a victim’s identity and spend their money. Some scammers have even gone as far as taking out loans in their victims’ names.

Who? 

Action Fraud reports that job seekers aged between 18 and 24 are the most likely to be targeted by job scams. Victims lose around £4,000 on average.

Many of those targeted are young people looking for their first job and are particularly allured to the exciting prospects conjured by fraudsters.

But it isn’t just young people being targeted. A Safer Jobs survey found 98% of people would apply for a job, despite any suspicions around its legitimacy.

Example 

Here’s an example of how these scams typically work, although there are variations:

  • The victim places their CV or personal details on internet job sites for potential employers to see, or the victim responds to a fictitious job advert on a fake website that looks like the real thing.
  • The victim is then contacted by someone claiming to be an employer or an employer’s agent to say they are being considered for a position.
  • They are then asked to complete a questionnaire, attend a phone interview, or are referred to the bogus employer’s website for further information.
  • A job offer is then received.

The next part of the scam involves fees or costs incurred by the victim. For example:

  • If the fake job was advertised as being overseas, the fraudsters then contact the victim about arranging travel, accommodation and visas. Many victims are then referred to a fake agency website to transfer fees.
  • More fees are requested, such as for accommodation deposits. The fraudsters may also ask for bank account details to set up salary payments.
  • Some fraudsters may even ask the victim to pay a fee in order to apply for a job.

In reality, all the money goes to the fraudsters and no arrangements are made on behalf of the victim for travel, accommodation etc.

Some common aspects of these scams include:

  • Victims are asked for one or more fees.
  • The ‘hiring’ process almost always happens remotely.
  • The job offers and the employers seem too good to be true.

Ways To Protect Yourself 

There are number of ways that people can protect themselves against the threat of falling victim to job phishing scams. These include:

  • Make sure that your CV sells your skills to a potential employer but doesn’t provide too much personal information.
  • Be suspicious of the use of popular free platform email addresses being used by an employer or agent, e.g. @yahoo or @hotmail @gmail.
  • Check correspondence for poor grammar and spelling – this is a common signal of online fraud.
  • Check official records on websites, e.g. companies house or overseas registries to confirm the business/organisation making the job offer actually exists. Contact real organisations directly through officially listed contact details to confirm the job’s authenticity.
  • If the job being offered is overseas, check with the embassy representing that country how to obtain a visa and how much it costs and check this information against the information supplied by the potential employer.
  • Inform the employer that you will make your own travel and accommodation arrangements and beware if they try to dissuade you from doing so or say that you must use the agency they’ve referred you to.
  • Use recruitment fraud information websites if you are suspicious or believe that you may have fallen victim to recruitment fraud. For example, see Jobs Aware, or Action Fraud.

What Next? 

If you have fallen victim to job phishing:

  • Firstly, stop all communication with the fraudster immediately. Make a note of their details and report it to Action Fraud as soon as possible.
  • Contact the bank immediately if you have sent fraudsters any money, and don’t carry out any further transactions.
  • Inform the website where the advert was found that their site is being used by fraudsters.

What Does This Mean For Your Business? 

These types of scams exploit the hopes of those people legitimately seeking work or a change of job/career and can lead to these people losing thousands of pounds. They also waste time, destroy hopes and can even lead people to quit existing work.

Legitimate job boards and websites should be more thorough in screening what is posted by potential employers. This includes being more alert to danger signs and removing scam adverts on their discovery. You should then report any examples you find.

Jobseekers should approach adverts with a healthy dose of scepticism and carry out research. All should be wary of positions that require “fees” or seem out of the ordinary. Above all, remember –things appearing to be too good to be true often are exactly that.

For more information on how to keep your business safe from scams, speak to the SMY IT Services team on 01473 557203.

 

News

Tech Insight: Calendly Vs Microsoft Bookings

In this insight, we take a brief look at Calendy contrasted against Microsoft Bookings and highlight some of the pros and cons of each.

Calendy 

Founded in 2013, Calendy is a SaaS meeting and event scheduling app for website, Chrome extension or mobile app, which has 100+ partner integrations, and has 10 million users worldwide. Users can send their availability with a Calendly link so that the invitees can book a time that suits them, and Calendly will round robin the meeting by availability or priority automatically.

Users can choose event-types that will suit their individual or multi-person scheduling needs. For example, meetings or events can be scheduled one-on-one, for a group (e.g. training sessions or webinars), collectively by schedule across a team’s calendars for events the organiser co-hosts with others, or round-robin balancing hosting responsibilities for the team automatically.

Microsoft Bookings 

Microsoft Bookings is the meetings and appointments scheduling tool that’s integrated with the Microsoft 365 or Office 365 calendar. With Microsoft Bookings in Teams, users can track, manage, and organise the team’s appointments and calendars all in one place. Also, users can create a Bookings calendar and add team members to it, build new appointment types, and create and manage in-person and virtual visits for staff and attendees.

Comparison

There are many different features and aspects of each app that could be compared, but here are a few of the main popular areas of comparison:

– A big plus for Microsoft Bookings is that it integrates with the hugely popular Outlook calendar and Office suite which enables simple booking, and users can schedule appointments one at a time.

– Microsoft Bookings comes free with your license whereas with Calendy costs $8, $12, 16$ /seat /month  for Essentials, Professional, and Teams. There is also an Enterprise price that is not advertised. A basic version of Calendly is free, with rather limited features.

– Calendly uses time-zone detection, so invitees can automatically see a user’s available times translated to their time zone whereas the booking page on Microsoft Bookings uses the host’s time zone and language.

– Calendy is intuitive and user-friendly, and Microsoft Bookings is easy to implement with step-by-step guides.

– Calendy works across many different calendar apps like Microsoft, Google, and Apple, and allows meeting buffers to be added. Microsoft Bookings only works with the Office calendar.

– Microsoft Bookings works with Teams video conferencing whereas Calendy integrates with Zoom, Webex, GoToMeeting, Google Meet, and Microsoft Teams. On the general subject of integration, Microsoft Bookings only integrates with other Microsoft tools whereas Calendy integrates with many different tools. However, Microsoft Bookings integrates seamlessly with Microsoft products, and with Microsoft 365 being used by more than one million companies worldwide and widely regarded as the best online collaboration tool, and with Teams being the most popular business communications tool in the world, seamless integration with Microsoft’s products is a big bonus and advantage in itself.

– Calendly and Microsoft Bookings both have meeting confirmation and email reminders, and both offer reporting to gain insights into meetings.

– Both Calendly and Microsoft Bookings share notable features like scheduling pages that prevent double booking.

– Calendly allows new users to register without entering credit card or proof of identification which has led to criticism that it may be leaving the platform open to abuse. This could be one of the reasons why phishing actors were found to be actively abusing Calendly back in March this year.

– Microsoft Bookings won’t automate the meeting workflow in the same way that Calendy will. Calendy enables automated workflow such as automatically sending messages to invitees before or after booked and automatically performing tasks specified in condition the users sets. It also has a Zapier integration to allow the creation of tasks from new events, sending Slack messages with new calendar invites, and more.

– Some commentators have said that Bookings involves a learning curve, although many would disagree by saying that Microsoft products are familiar, lots of instructions are available, and with the wide usage of Teams, fuelled by remote and hybrid working, most users are well able to operate Bookings.

What Does This Mean For Your Business? 

Calendy’s growth, like other platforms, was hugely accelerated and boosted by the pandemic and the move to home and hybrid working, bringing it half the scheduling apps market share in the US, and turning it into a $3+ billion business. Users like its minimalist design, its simple focus on solving the problem of identifying and matching availability between two people, and its breadth of integrations. Microsoft Bookings, however, integrates and syncs seamlessly with other Microsoft products and tools, it already comes as part of a user’s subscription thereby saving costs, and it has the backing of the Microsoft brand and their market dominating OS and collaborative working tools. Reports vary about how user-friendly Calendy is, depending on the needs of the user, but for many people the convenience and compatibility of Bookings with their existing use of Microsoft products across their wider team is likely to retain their loyalty and discourage serious thoughts of switching.

News

Tech News : Excel Collaboration Now Easier

Microsoft Excel’s new @mentions feature allows users to create, assign, and track tasks in a workbook, thereby making collaboration in Excel easier.

Added To Roadmap 2020 

The @mentions feature, which was added to Excel for the web in 2020 and added to the Microsoft 365 roadmap in January 2021, has been made popular through its use within Teams. Along with comments and tasks, @mentions is a way to give feedback, communicate with collaborators, and guide them to a specific part of the document. It works in a document in the following way:

– Right mouse click to add a comment to part of a shared document – in this case, a cell in an Excel spreadsheet.

– Type ‘@mention,’ select he co-worker to send the comment to, type the comment, and select the arrow to post it.

– The selected co-worker receives an email notification letting them know that they need to act. They can respond from the email or select the link to go to the comment in the document.

Hyperlinks Can Be Included Too 

As of January, Microsoft announced that, following an update, users would be able to put hyperlinks into comments added to spreadsheets.

@mentions General Availability In October 

Desktop Excel users are the first to get the @mentions feature, although Microsoft says that it has been added to the rolling out cycle with general availability scheduled for October 2022

Google Has @mentions 

Microsoft’s competitors have long supported the ability to tag other users. In Google Workspace, for example, @mentions enables users to tag their colleagues and co-workers whether they are within or outside an organisation. The ability to tag other users is also present in Slack and Atlassian.

What Does This Mean For Your Business? 

Enabling this feature in Excel is a widening of Microsoft’s plan to introduce more features across its 365 apps that make collaborative working easier, thereby meeting the needs of the many businesses that now operate home/remote and hybrid working. It also helps Microsoft to keep up with competing platforms that already use @mentions and tagging, e.g. Google Workspace. Microsoft has been introducing many features and even new apps, (e.g. Loop) over the last year to help make collaborative working easier for users. The Excel app specifically has also been boosted with improvements for collaborative working. In 2021, for example, it was given new capabilities including co-authoring, Dynamic Arrays, XLOOKUP, and LET functions to allow users to collaboratively work with others and analyse data easily.

News

Tech News : Climate Change Affecting Data Centres

A Google data centre going offline in July due to a cooling related failure is just one of a slew of challenges posed by climate change that the big tech companies are facing.

Heatwave Knocks London Data Centre Offline 

The heatwave in July caused outages due to cooling problems at a London data centre used by Google and Oracle Corp. With predictions of hotter summers to come, some see this as a challenge that the big tech companies will have to quickly find new and effective solutions for going forward.

Almost Half Of All Data Centres 

An Uptime Institute study from 2021 showed that 45 percent of data centres have experienced an extreme weather event that threatened their continuous operation, with nearly one in 10 respondents (8.8 per cent) reporting an outage or significant service disruption as a result. Based on these figures, extreme weather is now one of the top causes of outages or disruption.

The Problem With Many Data Centres 

With rising temperatures in the future likely to bring regular (summer) temperatures of 37 / 38 degrees and above, the problem with many data centres is that their cooling systems have only been designed with peak outdoor temperatures 32 degrees in mind. Although most don’t operate near full capacity and are, therefore, better able to cope with heat, this may be sorely tested in future with higher temperatures compounded by a growing number of devices and data, e.g. the IoT.

Other Challenges 

Other Challenges that data centres face are:

– Climate change influenced weather events other than heat threatening data centre operation. For example, a flood in 2016 at the Vodafone data centre in Leeds resulted in customers getting only intermittent services of voice and data.

– The high costs of building new data centres (or refitting and changing existing ones) to cope with much higher temperatures, and current guidelines and regulations for heating, refrigerating and air conditioning being based upon lower temperature figures.

– Rising temperatures, increasing humidity and causing the atmosphere to absorb more water vapour, which in turn can affect data centre operations and interfere with tech equipment, affect the strength of wireless signals, and cause slower broadband connection speeds.

Water 

Another growing challenge for data centres is how much water they need to use. For example, back in 2019, it was reported (from public records and online legal filings) that Google requested/was granted, more than 2.3 billion gallons of water for data centres in three different states. Also, in 2020 in early 2020 in Red Oak, just south of Dallas, a legal filing indicated that that Google may have needed as much as 1.46 billion gallons of water a year for its data centre by 2021. This has led to Google, Microsoft, and Facebook pledging ‘water stewardship’ targets to replenish more water than they consume.

Action 

All this has means that data centres around the world are now taking new measures to protect themselves from extreme weather that can cause damage and disruption to services. Examples of just some methods that data centres are using include:

– In 2018, Microsoft’s Project Natick involved putting a data centre 117 feet down onto the seafloor of the Northern Isles of Scotland and monitoring its performance and reliability for the next two years with a view to expanding the idea if successful.

– After concluding that air cooling is no longer enough to prevent the chips from malfunctioning, Microsoft opted for two-phase immersion cooling for servers (April 2021). This involves immersing servers in tanks filled with an engineered fluid (from 3M) which boils at 122 degrees Fahrenheit (90 degrees lower than the boiling point of water) and this boiling effect, generated by the work the servers are doing, removes heat from the computer processors whilst the low-temperature boil enables the servers to operate continuously at full power without risk of failure due to overheating. The second phase of this two-phase process refers to the vapour rising from the tanks making contact with a cooled condenser in the tank lid, thereby changing it back to liquid that rains back onto the immersed servers, creating a closed-loop cooling system.

– Google building super-efficient servers and using DeepMind AI to help, plus Google NL switching to surface water for its datacentre cooling by building a plant that processes canal water.

What Does This Mean For Your Business? 

The central part that data, the Internet, and the IoT now play in so many businesses mean that outages resulting from cooling issues at data centres could have huge and costly knock-on effects if the big tech companies aren’t able to tackle the problem at scale. There are, of course, challenges such as the cost of refitting and changing aspects of older data centres to cope with revised temperature ranges in the light of climate change, and to protect them from other related weather events, e.g. flooding. Liquid-cooling dramatically improves the efficiency of data centres to cope better with extremes of heat, while ideas such as seabed data centres offer some hope, nevertheless the message is that the big tech companies need to quickly think beyond existing cooling technologies and be creative with and invest in new cooling ideas.

News

Sustainability In-Tech : Last-Mile Drone Parcel Delivery Offers Sustainability Benefits

Researchers from US Carnegie Mellon University have concluded that quadcopter drones produce much less greenhouse gas emissions than traditional alternatives for last-mile delivery.

The Problem 

The point of the research was to shine a light on the energy productivity of freight transportation, which has traditionally been a real challenge in an overwhelmingly petroleum-powered transport sector where medium and heavy trucks (in the US) comprise 24 per cent of transportation energy use. Sadly, this sector creates 37 per cent transportation-related greenhouse gas (GHG) emissions. Also, light-duty vehicles produce 57 per cent of transportation GHG emissions and are responsible for 64 per cent of transportation energy use. Freight transportation is also a large source of nitrogen oxides (NOxs) and other air pollutants.

Research 

The researchers compared per package energy consumption of quadcopter drones against diesel and electric medium-duty trucks, small vans, and electric cargo bicycles for last-mile package delivery. The last-mile refers to the last leg of a journey which comprises the movement of the parcel from the transportation hub to the destination / delivery address.

Findings 

The researchers found that delivery drones can have up to 94 per cent lower energy consumption per package than other vehicles for last-mile delivery, with only electric cargo bicycles providing lower GHGs/package.

The researchers also found that that the greenhouse gas emissions of package delivery by drone depend on both the total electricity needed for the delivery and the emissions intensity of the regional electricity grid. For example, some areas may be more carbon-intensive or have cleaner grid mixes.

Other Factors

Othe factors to consider when looking at the research results, however, include:

– Restrictions on where commercial drones are allowed to fly over urban areas could mean longer routes and, therefore, more drone energy consumption and GHG emissions per package delivered.

– A small drone that can only carry one package may not be as efficient as another delivery vehicle e.g., an eCargo bike with a trailer that can carry lots of packages in one trip.

– Drones deliver direct to the recipient who comes out to receive the package. Other last-mile delivery modes may require different mixes of activity e.g., having to park, walk, and post a delivery, or climb stairs. This makes comparisons more complicated.

What Does This Mean For Your Business? 

Freight currently accounts for a massive amount of transportation energy use, emissions, other dangerous air pollution. The research highlights the point that creative but practical and clean methods of last-mile delivery need to be found to replace the current polluting options such as diesel courier vans. Although the small parcel drones studied compare well per package on green factors and sustainability, the reality is that this would need to scaled up dramatically to realistically be able to deliver the volume of parcels and other freight that are transported on last-mile journeys daily. Electric vehicles may be a more realistic option in the shorter term for cleaner last-mile deliveries although a mix of other options can help in crowded city areas. Delivery robots are another interesting method that’s been trialled in recent years in urban areas, and it is likely that more testing and investment will be focused on drones in the coming years to develop their wider potential.

News

Tech Tip – How To Use Notepad To Test Your Antivirus

Here’s a simple tip using Notepad to check if your antivirus is working as it should:

– Open Notepad.

– Type X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H* into notepad.

– Save the file as either e.g., test.exe or test.bat (cyber criminals often exploit bat as well as exe files to launch malicious scripts).

– Scan the file with your antivirus and if it detects the file as a virus, this is good sign that it is working as it should. However, that doesn’t mean you can always 100% trust it and should nevertheless still observe the usual levels of security and hygeine – this is just a quick test!

News

Tech Insight : What Is Microsoft Azure?

In this insight, we look at what Microsoft Azure is, plus what it offers businesses.

Azure 

Microsoft Azure (formerly Windows Azure) is Microsoft’s public cloud computing platform. Public cloud refers to cloud computing services offered over the public Internet and available to anyone, i.e. the services are shared with multiple customers rather than just controlled and used by one (i.e. private cloud). Azure is the second most popular cloud provider globally, lagging behind Amazon Web Services (AWS), yet ahead of Google Cloud Platform (GCP) and IBM. It is used by over 55 per cent of all Fortune 500 companies.

Hybrid 

Microsoft’s Azure is also a hybrid cloud – it used its on-premises datacentre (a private cloud) alongside a public cloud and allows data and applications to be shared between them. Microsoft says its “seamless” hybrid arrangement is on-premises, across multiple clouds, and at the ‘edge.’ Edge computing refers to a computing architecture and distributed computing framework where computing and data storage is done near the source of the data.

Services 

Microsoft Azure offers users Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS) and serverless cloud computing.

Within these options, Azure offers a range of services to users which they can choose from or run existing applications in the public cloud. Some of the services that Azure offers include:

– Compute – users can deploy and manage Virtual Machines (VM), containers and batch jobs, and support remote application access.

– Mobile – Developers can use these products help to build cloud applications for mobile devices.

– Web – Services supporting the development and deployment of web applications and features for search, content delivery, API management, notification, and reporting.

– Storage – Scalable cloud storage for structured and unstructured data, also big data projects, persistent storage, and archival storage.

– Analytics – Distributed analytics and storage services, and features for real-time analytics, big data analytics, machine learning (ML), business intelligence (BI), internet of things (IoT), and more.

Other Azure services include ‘Networking’ (virtual networking and gateways), ‘Media’ and content delivery network (CDN) such as on-demand streaming, ‘Integration’ for backup and site recovery, ‘Identity’ to help with encryption keys and other sensitive information, the IoT, and ‘DevOps’ software development processes. Also, Azure offers ‘Development’ for app developers, e.g. code sharing, ‘Security,’ AI, and ML services, ‘Containers’ (packages all dependencies of a software component and runs them in an isolated environment), ‘Databases,’ ‘Migration,’ ‘Management’ and governance, mixed reality, ‘Blockchain,’ and ‘Microsoft InTune.’ Third-party software is also available through Azure.

How? 

To use all the Azure services, customers sign up to a monthly, pay-as-you-go subscription for one of several different support plans ranging from basic to premier. There are also situations where there is different tiering pricing depending on requirements.

How Does It Compare To AWS? 

Opinions vary about the comparison. Although Azure’s history of outages has been noted, it is considered to have more functionality and be easier to use than AWS, and uses familiar technologies like Windows, Active Directory and Linux.

What Does This Mean For Your Business? 

Effective use of the cloud is now important for a wide range of businesses and offers a range of benefits. Microsoft’s Azure offers users a hybrid environment with a wide range of services. It also offers the benefit of familiar technologies and the confidence of the Microsoft brand, plus the fact that it’s the second most popular cloud provider that’s also trusted by most Fortune 500 companies. Usage of the cloud offers businesses greater scope, scalability, security, and flexibility and has become particularly valued with remote and hybrid working, so Azure can provide UK business with many of the tools they need to be more competitive. That said, it’s not the only option, with many businesses also choosing other big cloud providers like AWS, Google, and IBM.

News

Tech News : Major NHS Supplier Hit By Ransomware Attack

Advanced, an IT supplier to the NHS, has been hit by a ransomware attack that could take a month to recover from.

What Happened? 

Birmingham-based ‘Advance’ provides digital services to the NHS such as patient check-in and NHS 111. The company’s Adastra software works with 85 per cent of NHS 111 services.

Advanced reported spotting a hack at 07:00 BST on 4 August, followed by a number of outages, before confirming in a statement on August 5 that the incident was linked to a cyber-attack.

Outages 

Advanced described the outages as the result of “a cybersecurity incident” caused by ransomware which caused “an issue on infrastructure hosting products used by our Health & Care customers. Those products identified as being affected are Adastra, Caresys, Carenotes, Cross Care and Staff Plan.”  These services are:

Adastra – clinical patient management software with records relating to 40 million patients.

Caresys – care home management software used by over 1,000 care organisations.

Carenotes – electronic patient record software used by over 40,000 clinicians.

Crosscare – a clinical management system for hospices and private practice used by 70 adult and children’s hospices across the UK.

Staffplan – care management software used by over 1,000 care organisations.

Financially Motivated 

Advanced has reported in its FAQs about the incident that, based on the intelligence it had received, the “threat actor” who carried out the ransomware was “purely financially motivated” rather than being a state sponsored attacker, for example.

Services Offline 

The ransomware attack, which Advanced says was contained to “a small number of servers”, meant that affected services had to be taken offline. Customers were, therefore, unable to access their systems and had to rely upon contingency measures. An NHS England spokesperson has reported that “While Advanced has confirmed that the incident impacting their software is ransomware, the NHS has tried and tested contingency plans in place including robust defences to protect our own networks, as we work with the National Cyber Security Centre to fully understand the impact.”   

Working With Other Agencies 

Advanced has said that it is working with forensic partners including Mandiant and the Microsoft DART teams to conduct an investigation, and is in contact with the NHS, NCSC, other governmental entities, and has contacted the ICO.

3 to 4 Weeks 

Advanced reports that for NHS 111 and other urgent care customers using Adastra and NHS Trusts using eFinancials, services would be back online in a few days, but for its other NHS customers and Care organisations it will be “necessary to maintain existing contingency plans for at least three to four more weeks”. 

Fears For Data Security 

It is not clear from reports whether any ransom has been paid, with Advanced simply saying “our investigation is underway.” Bearing in mind the vast numbers of patient records and the sensitivity of that data there are now serious fears about whether data has been stolen and what the consequences could be.

Health Organisations A Target 

Health services around the world are often targets for cyber-attacks, and a Kroll study has reported that the number of health organisations (globally) targeted by cyber-attacks rose by 90 per cent in the three months to 30 June compared with the first quarter of 2022. Examples of health services being targeted include:

– In 2017, North Korean attackers hit the NHS with ransomware, severely disrupting more than 80 hospital trusts and 8 percent of GP practices, costing the NHS an estimated £92m through services lost during the attack and IT costs in the aftermath.

– In October 2020, Philadelphia company eResearchTechnology (which made software used to try and develop COVID-19 vaccines and treatments) was hit by a ransomware attack. Employees were locked out of systems and the attack had a knock-on effect that was felt by IQVIA, the research organisation helping with AstraZeneca’s Covid vaccine trial, and Bristol Myers Squibb, a drug-maker involved in the development of a quick test for COVID-19.

– Emsisoft’s Brett Callow has reported that, in 2020 and 2021 in the US, there were at least 168 ransomware attacks affecting 1,763 clinics, hospitals and health care organisations.

What Does This Mean For Your Business? 

It may be the case that health services are often targeted because there are many different suppliers plus services are vital, so there may be a better chance of extracting a ransom, also there is a lot of potentially valuable data to steal and health services are often playing catch-up with cybersecurity.

Ransomware attacks tend to be initiated using phishing emails, so it is important that all staff are aware of the dangers of clicking on suspicious links. This story also highlights the importance of making sure that data is regularly and securely backed up (to a secure cloud-based service) and that disaster recovery and business continuity plans have procedures for ransomware attacks built-in to them. Businesses should also note that paying the ransom is a high-risk option and certainly offers no guarantee that any files will be unlocked/returned.

Other precautions that businesses can take to guard against these ransomware attacks include keeping antivirus software and Operating Systems up to date and patched (and re-starting the computer at least once per week), using a modern and secure browser, using detection and recovery software, e.g. Microsoft 365 protection and Windows Security.

News

Tech News : New WhatsApp Feature : Leave Silently

New privacy features being rolled out this month mean that WhatsApp users can now leave group chats silently.

Three New Privacy Features 

WhatsApp has announced the introduction of three new privacy features: Leave Groups Silently, Choose Who Can See When You’re Online, and Screenshot Blocking For View Once Messages.

  1. Leave Groups Silently – For users of group chats. Now, instead of notifying the full group when leaving (which can be a little awkward), it’s only a case of the group admins needing to be notified.
  2. Choose Who Can See When You’re Online – Although WhatsApp says “: Seeing when friends or family are online helps us feel connected to one another” it acknowledges that there are times when users would prefer to keep their online presence private. This new feature gives users the ability to select who can and can’t see when they’re online.
  3. Screenshot Blocking For View Once Messages – WhatsApp says this feature is essentially an added layer of protection to what already “an incredibly popular” privacy feature. WhatsApp says it is currently testing this feature.

Privacy 

WhatsApp is keen to remind users that these features are in a long line of steps designed to protect their privacy, which have recently included disappearing messages that self-destruct, end-to-end encrypted backups when users want to save their chat history, 2-step verification, and the ability to block and report unwanted chats.

Snapchat 

On the same day as WhatsApp’s new privacy features were announced, competitor Snapchat announced its new ‘Family Centre’ child safety tool which allows parents to see their children’s friend list and who is communicating with them. Snapchat’s new tool to provide “insights” into teen users’ lives (rather than oversight of them) requires the teen’s account to agree to link up with an account belonging to someone over 25.

Back in May, WhatsApp introduced emojis and the ability to share files within WhatsApp up to 2GB as part of a push by Facebook/Meta to stay at the top of the free encrypted messaging app market and compete with rivals like Snapchat. For example, in January, Snapchat announced a major update (for iOS) which included improved calling, ‘Chat Replies,’ Bitmoji Reactions (to allow for more expression), and Poll Stickers to enable emoji-powered polls in Snaps and Stories to survey friends. Meta also wants to consolidate and leverage the power of its other popular apps by integrating and making Messenger, WhatsApp, and Instagram interoperable.

Online Safety Bill and WhatsApp 

With WhatsApp being one of the end-to-end encrypted apps that’s been the target of UK government pressure for ‘back doors’ for monitoring messages to be introduced, along with the Online Safety Bill threatening to weaken encryption, WhatsApp’s made it clear that it won’t be pressured. For example, in recent a BBC interview, WhatsApp’s CEO, Will Cathcart, said that the platform’s security wouldn’t be weakened on government orders, and these new privacy features are one of the many that WhatsApp has been letting users know that the privacy of the app is non-negotiable in a way that benefits users.

What Does This Mean For Your Business? 

With WhatsApp being Meta-owned, plus being under pressure by the government to weaken encryption, as well as having to compete with Snapchat, it’s no surprise that its new features are privacy-based and a way of emphasising to users that it’s not going to compromise on privacy and security. For example, WhatsApp used the same announcement to say, “we’re also kicking off a campaign to educate people about the new features and our continued commitment to protecting your private conversations on WhatsApp.”  That said, features such as being able to ‘silently’ leave a group are going to make using WhatsApp a more comfortable user experience, which is increasingly important to WhatsApp as it tries to continue wooing business users.