Superfast IT

Solve Your IT Problems

Cyber Security Archive

"Everybody has something of value to a hacker". It's now more important than ever to implement even the most basic Cyber Security measures.

Take a look at our latest articles on Cyber Security including guides with actionable advice, latest news of major cyber attacks and how we're helping our clients stay protected.

What is CAPTCHA?

By 1 Comment

CAPTCHA

Have you ever filled out a form on a web page and before you submit the form had to decode a series of jumbled up letters and numbers? This is known as CAPTCHA. Standing for Completely Automated Public Turning test to tell Computers and Humans Apart (CAPTCHA) the forms have played a big part in cyber security. Here at Superfast IT with over 15 years of IT support we’ve seen CAPTCHA become an essential part of online security.

History

CAPTCHA was first seen in the early 2000’s with PayPal being one of the first major sites to introduce the forms. The main reason for the introduction of the forms was due to the rise in computer spam in the early 2000’s as people were learning quickly how to exploit websites. Over the years CAPTCHA has become an essential part of online forms to help tell the difference between humans and machines.

Why CAPTCHA is needed

The main reason for the introduction of CAPTCHA was due to the rise of computer spam at the turn of the century. Adding CAPTCHA to a form would stop any automated submissions going through. Not only has it helped with spam it has also become a benchmark for AI problem-solving.

How it works and characteristics

It may look like a mix of random letters and numbers, but there is an algorithm to CAPTCHA. Due to there being things computers cannot tell apart CAPTCHA follows these rules;

The variation of letters and numbers

Each letter or number can be written in an infinite number of ways. Humans can tell the differences between these infinite ways easily, but artificial intelligence isn’t able to do this. While humans have learned how to distinguish between letters and numbers at high speed to teach a computer to do this is complicated.

Separating joined letters

Most CAPTCHA forms will have letters and numbers that are all joined. Humans can distinguish this and can pull apart the text into different sections easily. With the characters, close together and overlapping it makes it difficult for computers to tell them apart.

Context

This is where humans can excel at solving things such as CAPTCHA. Due to the capability of being able to keep different scenarios alive and pick the correct path to follow, humans take on average just 10 seconds to solve a CAPTCHA form. For example a human can quickly distinguish between ‘i’, ‘I’, ‘l’, ‘L’ and ‘1’ where as artificial intelligence cannot.

Controversy

It’s hard to imagine that a thing that stops online spam can draw any controversy to itself, yet CAPTCHA has done this since its creation. Instead of designing software that could solve or bypass the forms people started to create ‘CAPTCHA farms’ which would pay minimal amounts for people to solve thousands of CAPTCHA forms.
Its biggest criticism has come from people who suffer from poor vision and/or hearing. CAPTCHA offers an audio version of the mixed-up letters and numbers for people who struggle with their sight. Not only is this a less safe method of cyber security it’s also difficult for people with poor vision to find and access. People who struggle with their sight will often use an on screen reader to help them navigate web pages. On screen readers are unable to read CAPTCHA forms are often leaving people without access to some of the world’s biggest sites.

The future

New CAPTCHA

Despite the world becoming connected more and more by technology CAPTCHA has survived the test of time and is still used today. On criticism of it was it takes too long to solve and was taking up too much time in people’s days. To counteract this a more modern version of CAPTCHA has been introduced. Rather than a mix of letters/numbers, there will be either a series of images or a simple maths equation displayed. The image will then ask you an easy question such as ‘click on the dog’ or ‘click every image that contains the colour blue’. This updated version of CAPTCHA has been met with good reviews but have been criticised by cyber security professionals for being too easy to solve.

What do you think of CAPTCHA?

We hope this guide has helped when it comes to understanding CAPTCHA and why it is used. What are your thoughts on the form protection application, should a more modern alternative be used or is it okay how it is? Let us know down in the comments below.

Related Content

The A-Z of Cyber Security

How to Stay Protected from Phishing Attacks

The A-Z of Cyber Security

By Leave a Comment

Cyber Security

Cyber Security can seem complicated to get your head around. There are hundreds of different terms surrounding cyber security but, if you get a better understanding of these terms, it’s only going to benefit you and your cyber security. At Superfast IT we’ve been helping business and users with their cyber security for over 15 years. We not only includes creating strategic plans with business grade defences but also educate our clients on cyber security terminology. We’ve come up with an A-Z guide on cyber security terms and topics surrounding it with definitions to help give you a better understanding.

Did we miss a term? Let us know down in the comments below, and we’ll be sure to add it!

A – Anti-virus

Everybody should have some form of anti-virus installed on their system/network. Anti-virus software will scan for malicious software and either alert you to the problem or fix it behind the scenes. There are both free and paid versions of anti-virus software so make sure you compare what the software offers.

B – Banking

As we do more and more banking online, we must make sure we’re doing it securely. Ensure that you have login alerts and a secure password. Always check your statements match up to your online banking. Whenever you make a purchase online, you should check your online banking straight away.

Additional Reading:

Six ways to stay protected while banking online

C – CAPTCHA

Ever been filling in a form on a website and you’ve had to decode a complex mix of lettering and numbers this is known as a CAPTCHA form. Standing for ’Completely Automated Public Turing test to tell Computers and Humans Apart’, created in the early 2000’s the test allows to determine if a user is human or a machine. CAPTCHA helps stops a lot of spam that’s often part of wide-scale cyber-attacks.

Additional Reading:

What is CAPTCHA?

D – Downloads

One of the easiest way to for cyber criminals to infect devices is by malicious downloads. Always check a website is legitimate before downloading any files from it (see HTTPS) if it isn’t, make sure you avoid it. If you’re browsing the web and a file automatically downloads without any warning, it’s imperative that you don’t open it. Only ever download field you need.

Additional Reading:

What is a good download speed?

What is download speed?

E – E-mail

E-mails are one of the most popular places for cyber-attacks to take place. Always be wary when opening E-mails and check the senders’ address. One of the main rules when it comes to E-mail cyber security is never to click links in E-mails unless you are 100% sure they’re legitimate. Always be aware of phishing too.

Additional Reading:

Can you recover deleted E-mails in Outlook?

How to stay protected from phishing attacks

F – Firewalls

In short, a firewall can be either a piece of hardware or software on your network that runs monitoring checks on incoming and outgoing traffic to a user defined protocol. The firewall acts as a barrier between your computer and the internet which traffic flows through and gets checked. If any traffic both incoming or outgoing goes against the predetermined set of rules, it will not be given access to the network. This can include blocked websites, viruses or malicious attacks.

Additional Reading:

What is a firewall and why do I need one for my business?

G – Government

One of the easiest ways to see how much of an issue cyber security has become is to look at the Governments cyber security website. They have also announced a £1.9bn budget to help with cyber security over the next five years.

H – HTTPS

Ever seen a little green lock next to a website URL? This is good! The green lock means a site is safe and secure. Whenever making a transaction online make sure you’re using an HTTPS site, so your payment is secure. If you click the green lock, you’re able to see details of the security certificate that the site has been given.

I – Identity Theft

Years ago, identity theft came from letters and bank statements; now it’s far more popular online. Whenever filling out forms online never store your information for next time. Take the extra 60 seconds and fill it out from scratch. A big part of identity theft also comes from social media. Make sure your privacy settings are secure and always think before you post. Would you tell this information to a stranger on the street?

J – JavaScript (Coding)

For fighting cyber-attacks, people get paid thousands of pounds to help protect some of the biggest businesses worldwide. JavaScript is one of the hundreds of codes available for cyber security experts to create patches to help fight malware.

K – Kill Chain

The kill chain is the stages of a cyber-attack. There are numerous versions of this chain, but in most attacks, there are four main stages;

  • Survey – The scouting of potential networks for the cyber attack
  • Delivery – The process of sending the attack hoping to breach the system
  • Breach – When the system gets breached it reaches this stage
  • Attack – The stage where the damages gets done

L – LastPass (Password Managers)

You should never use the same password twice, but it can seem daunting to remember all the different secure passwords. This is where applications such as LastPass come in. These are online password managers who can not only securely store passwords for various accounts but create secure passwords for you to use. You can then also share passwords to allow people access to files and accounts. Great for businesses!

Additional Reading:

How to create the perfect password

M – Malware

Malware is anything bad when it comes to cyber-attacks. Viruses, worms, ransomware and anything malicious gets classed as malware. To protect yourself from malware being cyber secure and having software such as anti-virus.

N – Next-Generation Cyber Security

Cyber security is ever changing, and as more things become connected by technology, attacks are becoming bigger and harder to fix. As we mention in ‘X’ more and more items are now vulnerable to cyber-attacks. Webcams, ATM’s even kids toys can now get hacked into!

O – Out/Insider Threat

When protecting yourself from cyber attacks, it’s important to focus on both out and insider threats. Outside threats are usually untargeted and are difficult to track. They can be paid cyber criminals looking for weak systems. Insider threats will be from inside your organisation. These can either be done on purpose or by mistake usually from inexperienced computer users.

P – Passwords

Secure passwords are now more important than ever. They should be secure and sophisticated, but as we mentioned earlier, they should never be used twice. For the most complex and hardest to crack passwords we recommend following these rules;

  • At least eight characters in length
  • A mix of numbers and letters (both upper and lower case)
  • A policy to change your passwords around every three months

Additional Reading:

The 25 most commonly used passwords

Q – Quarantine

We’re getting more spam E-mails than ever before, and they’re getting harder to tell apart from real ones. To help counteract this, there are applications you can install to help sift through your E-mails. If it appears that an E-mail is spam, it will be then held in a quarantine where you can choose settings such as blocking domains sending you E-mails or releasing them into your inbox.

R – Ransomware

Ransomware is where a user will get blocked from accessing their data or locked out of their account. The hackers will usually demand a fee to be paid by bank transfer or in bitcoin for the data to be released. Although, security experts say you should never pay the fee and report any attacks to the police.

S – Social Media

Social Media is one of people’s biggest downfalls when it comes to cyber security. Always think before you post on any social media platform. Is there any personal information in your post? If there is then do not post it. Only ever connect with people you know and never accept request off strangers. With a host of personal information available on these platforms, you should constantly be checking your privacy settings.

T – Tampering

Tampering can come from inside or outside threats. This is where a piece of software such as a router or firewall will be tampered with to either cause or open the gateway for a cyber-attack.

U – Updates

We know how annoying it can be to get constant pop ups telling you to update your machine or device, but you must update as soon as you see these alerts. Providers will release these updates for a reason, and quite often they will be plugging security flaws that have been discovered. On several devices, you can set up auto-updates which will automatically update your device as soon as it is available.

V – Viruses

Falling under the umbrella of ‘malware’ viruses are probably the best-known form of cyber-attacks. First reported in the 1970’s viruses have become more popular and sophisticated over the years. One of the best ways to stay protected from viruses is to have anti-virus software installed.

W – Wi-Fi

Wi-Fi has now become an essential part of our lives but are you being cyber secure while using Wi-Fi? Always be wary when using unprotected public Wi-Fi and never use it when logging into any accounts. At home or in your business you should always change the default passwords on your router to a more secure password.

X – X-ray Machines

You’re probably wondering what X-ray machines have to do with cyber security. As the world becomes more connected by technology, it opens a new world for cyber criminals. In spring 2017 a wide scale attack took place on the NHS in Britain. Not only did the virus dubbed ‘WannaCry’ see users locked out of machines but it also allowed them to access machines connected to the network such as X-ray machines!

Additional Reading:

Seven facts about the 2017 WannaCry ransomware and NHS cyber attacks

How can I protect myself from WannaCry/Cyber Attacks/Ransomware?

Y – Y2K (The year 2000 Problem)

The Y2K bug was one of the most famous computer bugs of all time. Taking place at the turn of the millennium the problem arose due to most software only representing years by changing the final two digits rather than the four. So, when the clocks turned into the year, 2000 many systems ended up displaying 1900. The next problem is set to next arise in 2038.

Additional Reading:

Five of the biggest cyber attacks of all time

Z – Zero day

In cyber security, the term zero-day refers to an attack that contains something such as malware. These attacks will be unannounced and have no patch or security measures to combat them thus giving cyber security experts zero days of warning. These attacks are usually some of the worst attacks due to them having no quick fix.

We hope this guide has helped when it comes to cyber security terminology. Are you worried about cyber security when it comes to your business? Take a look at our wide range of Cyber Security Services.

Seven facts about the 2017 WannaCry Ransomware and NHS Cyber Attacks

By Leave a Comment

WannaCry

On Friday 12th May 2017, the WannaCry malware attack swept across the world hitting some of the biggest organisations in the world including the NHS in Britain. While we’re still in the aftermath of the attack, there’s still hundreds of unanswered questions regarding WannaCry malware and NHS cyber attacks. Take a look below at seven facts regarding the attacks.

It wasn’t just the NHS that was hit by the attacks

While it was the National Health Service that got the most coverage of the attacks in the UK the WannaCry malware hit worldwide. Delivery service FedEx in the USA, Renault in France and Russia’s Internal Affairs Government were all affected by the attacks. Countries such as Australia, Brazil, Sweden and India also reported instances of the WannaCry malware. Reports suggest that 150 countries and over 200,000 machines were affected.

It doesn’t appear to be a targeted attack

Despite it affecting some of the world’s biggest organisations, it seems that the WannaCry attacks weren’t targeting specific businesses. The attackers went into this blind and appeared to have just gotten lucky by finding unprotected devices. It shows the danger of modern cyber-attacks that no matter who you are you’re never 100% protected.

Microsoft released a patch for the malware back in March 2017

So how did the attack end up being successful? Microsoft XP machines stopped being supported back in April 2014. The lack of support meant that any users on the XP operating system wouldn’t have received the critical security patch released earlier this year. If users on newer operating systems didn’t apply the updates from Microsoft, they were also vulnerable. The lesson is to always keep your tech up to date.

The attackers wanted the money transferred in Bitcoins

Bitcoin is a digital currency and is becoming more and more popular. Cyber criminals use Bitcoins due to them being tough to track. Asking for at least £300 for users to get their data back many people ended up paying the ransom although it’s reported that they didn’t get their data back.

But, the attackers didn’t get that much money in the grand scheme of things

Reports suggest that over £70,000 was sent to unlock accounts that had been locked out by the WannaCry virus. While it may seem a significant amount when you consider that the virus hit over 200,000 machines, it could have been a lot worse.

The WannaCry attack got halted for a short time for less than £10

It’s surprising that a British IT expert temporary stopped one of the biggest cyber attacks in history by buying a domain name for less than £10. The person wanting to be identified as ‘MalwareTech’ found the kill switch for the WannaCry virus by looking through the code. With the domain activated the WannaCry virus was unable to encrypt any files.

A variation of the WannaCry virus got released with no kill switch

Shortly after the British IT expert found the kill switch experts feared a modified version of the virus would be released. While there was an alternative WannaCry virus released the patches that Microsoft released manage to stop a further spread of the virus.

Were you affected by the WannaCry virus? What was the most shocking fact you heard? Let us know down in the comments below and take a look at more of our content on cyber security.

Related Content;

How can I Protect Myself from WannaCry/Cyber Attack/Ransomware?

101 of the Best Cyber Security Tips, Tricks, Hints and Facts

Five of the Biggest Cyber Attacks in History

How can I Protect Myself from WannaCry/Cyber Attacks/Ransomware?

By Leave a Comment

WannaCry

Demanding locked out users to pay up to £300, the WannaCry cyber-attack has infected over 200,000 computers worldwide. The attack made global news with the likes of the UK National Health Service, FedEx, and the Ministry of Internal Affairs in Russia all being heavily affected.

Read on to find out how to protect against WannaCry and other ransomware attacks.

Do not use your machine if it is still running Windows XP

Before the WannaCry attacks, Microsoft had stopped releasing security patches for Windows XP devices. The last update that came out was over three years ago in April 2014 making machines running Windows XP extremely vulnerable. Microsoft has since backtracked and released a security patch for Windows XP machines to help deal with the WannaCry attacks. Security experts are recommending that if you are still using the Windows XP operating system to update to a newer OS immediately.

Make sure your machine is updated

Even if you’re running a newer operating system than XP, it’s crucial that you keep your machine up to date. WannaCry will still affect computers with later versions of Windows that are not up to date with security patches.

Always be aware of phishing attacks and do not click external links in emails and messages

Be extra vigilant when checking and reading emails. While it’s not the only way the malicious software can infect your machine, it’s the most popular way. Phishing attacks are usually emails that try to trick you into clicking links and downloading viruses. If it looks dodgy, then it more than likely is.
Clicking external links in emails is one of the most common mistakes people makes. You should always have the utmost caution when you receive an email containing an external link even if the email is from someone you know.

Related Content

Keep a regular backup of your data

Keeping a regular backup of your data is more important than ever. Can you afford to lose months or even years of data and risk not getting it back? Keep a regular backup of your data externally and set time aside each week to make sure you have the latest version of your data stored.

Note: WannaCry is also known as WannCrypt, WanaCrypt0r, and Wanna Decryptor.

Do you have any questions about the WannaCry attacks, Cyber Security or Ransomware? Ask away in the comments below, and we’ll be sure to help you!

What is a Firewall and why do I need one for my Business?

By Leave a Comment

Here at Superfast IT we’ve helped design and implement networks for businesses for over 15 years regularly informing clients what they need and why. One of the most common questions we get asked is about firewalls such as what they do and why they’re needed for businesses. Firewalls are becoming an essential part of any business network. Offering a critical layer of protection, it should now be standard practise to have a firewall implemented in your network. Look at our guide as we list at what a firewall is, what it does and why you need one for your business.

What is a Firewall and what does it do?

In short, a firewall can be either a piece of hardware or software on your network that runs monitoring checks on incoming and outgoing traffic to a user defined protocol. The firewall acts as a barrier between your computer and the internet which traffic flows through and is checked. If any traffic both incoming or outgoing goes against the predetermined set of rules, it will not be given access to the network. This can include blocked websites, viruses or malicious attacks.

As stated earlier there are hardware and software versions of firewalls. Usually, software versions aren’t as complex as hardware firewalls meaning they’re cheaper in price. For personal use software versions of firewalls should be fine. If you’re looking to implement a firewall into a business network, then you should consider a hardware version.

Why do I need a Firewall in my Business Network?

It’s becoming more important than ever to make sure your business is cyber secure. Having a firewall implemented is a step that every business should take. Businesses are a big target for cyber criminals due to the host of personal information stored by companies. As previously stated, in business networks firewalls will usually be hardware located on the site.

Traditional firewalls will be basic packet filtering firewalls and monitor both incoming and outgoing traffic which is essential for businesses. Whenever you load a website, send an E-mail or anything similar a packet of data will be passed through the network and in turn pass through the firewall. If the packet of incoming data passes the protocol set by the user, it will be forwarded through the firewall. If there is a discrepancy between the rules, the packet of data will be dropped and blocked by the firewall.

Businesses will transfer confidential information on a regular basis, so it’s of utmost importance to have a firewall in place. Newer and more sophisticated firewalls will always be updating to help you stay protected from various things, but it shouldn’t be the only line of defence you have. Things such as anti-virus software and being educated when it comes to cyber security will also help you be cyber secure.

We hope this guide has helped when it comes to firewalls and why you need them in your business network.

Related Content

What Remote Monitoring Checks do Superfast IT carry out on Clients’ Systems?

How to Stay Protected from Phishing Attacks

Connect With Us

Superfast IT,
Suite 2, Winwood Court,
Norton Road,
Stourbridge,
DY8 2AE

T: 0121 309 0090

Customer Satisfaction Score

Remote Support Tool

Please use the button below when requested to by one of our IT support team.

Remote Support Tool

Accreditations

Superfast Accreditations