Category: Technical Issues

European Law Strong Authentication

In September 2019, the second Payment Services Directive (PSD2), specifically the requirement for Strong Customer Authentication (SCA) for remote payments came into effect.

These requirements will impact the way consumers in Europe access their Internet banking applications, pay for e-commerce purchases, and use new financial services provided through Open Banking.

The starting point for any financial transaction must be to establish the identity of the parties involved. In person, a valid ID card may be sufficient  and digitally, using a login and password is usually enough.

However, when interactions are happening remotely through multiple channels and multiple partners, there is often a need to use multiple factors of authentication e.g. a login and password plus a pin number.

PSD2

PSD2 is increasing the security level for authentication to financial services across the whole of Europe, and is harmonizing the strength of authentication processes for financial applications. Because of PSD2, financial institutions have been phasing out weak authentication methods.

PSD2 ensures that advanced authentication concepts, such as dynamic linking, device binding for mobile apps, mobile application shielding and transaction risk analysis become standard security tools in financial services.

PSD2 is also accelerating the adoption of adaptive authentication methods, which adjust the way in which the user is authenticated to the risk of what the user wants to do.

Deadline for banks to implement SCA for Internet banking: 14 September 2019, except in the UK where the deadline is set as 14 March 2020

Deadline for banks to offer Open Banking interfaces: 14 September 2019

Do enter your email address and click on the subscribe button on top right to keep up to date with new posts.

Fightback Ninja Signature

Dublin’s Tram System Website Ransomed

The website for Dublin’s tram system (Luas) was hacked and the attacker demanded a ransom of just one bitcoin (worth about $4000).

The attacker wasn’t after money but to teach the authorities a lesson for ignoring her advice after warnings about weaknesses in their security.

“You are hacked,” the message read. “Some time ago I wrote that you have serious security holes.

You didn’t reply.

The next time someone talks to you, press the reply button.

You must pay one bitcoin in five days.

“Otherwise I will publish all data and send emails to your users.”

It then listed an address to send the bitcoin. The message was subsequently removed.

The company tweeted: “The Luas website was compromised this morning, and a malicious message was put on the home page. The website has been taken down by the IT company who manage it, and their technicians are working on it.

“We apologises to all Luas customers for the inconvenience,” Luas added on Twitter.

Luas carried 37.6 million people in 2017 and transports 100,000 passengers on average daily.

A ransomware attacker with a soul. Let’s hope the authorities take notice of the security weaknesses and don’t get caught out again.

Do you have an opinion on this matter? Please comment in the box below.

Fightback Ninja Signature

Paypal Security Warnings

The title of the email is “Important Update: Upgrade Your Browser”

The message starts with a warning in large letters.

Action required to continue accessing PayPal.co.uk.

This could easily be a scammer’s email trying to get you to click on a link supposedly to PayPal but in fact to a scammer’s page.

However, these warnings are real. The email is from PayPal and the links are to PayPal pages.

Why the warning?

There is a standard called “The Payment Card Industry Data Security Standard (PCI DSS)” and it is an information security standard for organizations that handle credit cards from the major card schemes.

They have upped their security requirements from 30th June 2018 and payment takers including PayPal want to meet that new standard.

The message from PayPal says upgrade your browser but you have to click to get more detailed information on what needs to be changed.

PayPal want to ensure everyone using PayPal in the UK uses TLS 1.1 or better still TLS 1.2 rather than the original TLS 1.0 in their browser. TLS is about how the data is encrypted.

How to Upgrade

This is different for each browser but for Chrome means going to Settings then System then Advanced then finding TLS on the list and ensuring only TLS 1.2 is enabled and TLS 1.0 is off.

The PayPal messages contain links for detailed information on each browser.

How to Check Your PayPal Email is Genuine

Scammers will notice these emails going out from PayPal and likely try to replicate them but with links to their own fake pages.

  1. Check the email is from PayPal.co.uk and not any other domain
  2. Check the links do go to PayPal pages (hover the cursor over the link to see where it will go)
  3. You don’t need to login to anything to make the changes as it’s just the browser settings you will change.
  4. Do I have to follow PayPal’s instructions? Only if you want to keep using PayPal payments.

Stay Safe

Do click on the Facebook or Twitter icons on top right to follow Fight Back Ninja.

Fightback Ninja Signature

The Impact of Cyber Attacks on Business

The impact of cyber-attacks can be bruising for a business with both short and long term effects to consider.

A 2016 survey of 428 businesses that have suffered cyber-attacks in the previous months.

You can see from the statistics above for 2016, that the biggest impact reported by businesses that have suffered from cyber-attacks is the provision of new measures to prevent further attacks. This can be costly but is essential to protect against further attacks.

There are the short term issues:-

  • Bringing in expert technical staff to find out how the attack happened
  • Technical expertise needed to start to build defences against further such attacks
  • Extra staff to deal with recovery, communications with customers, legal ramifications etc.
  • Disruption to staff and service to customers

Then there are the long term effects:-

  • Reputation damage
  • Steps needed to restore reputation and customer confidence
  • Share price

It is better to build strong defences against cyber-attacks than simply trust to luck.

It is prudent to have plans in place for how to deal with such attacks as the FBI now say that it’s not a question of whether any organisation will be attacked, but simply when.

Do Share this post on social media – click on the post title then scroll down to the social media share buttons.

Fightback Ninja Signature

SEO Backlinks and Expired Websites

SEO is Search Engine Optimisation which means how to make a website rank highly on search engines so more people can find it easily and hence go to that website.

There are many techniques used in SEO including use of keywords, headings, quality content, meta-data for pictures etc. and lots more.

One old fashioned approach to SEO was to get as many backlinks to your site from other sites as possible.

Google keep their exact algorithms for calculating ranking a secret but links to your website from other quality high ranked sites is going to help.

Recently emails have started to appear offering huge numbers of backlinks. One email offers to get up to 500,000 backlinks from their inventory of websites (many in your niche).

500,000 backlinks from poor sites is not a good idea.

You should always try to have quality content on your site to attract people and that includes only having backlinks from other quality sites.

Another variant on this is the idea of purchasing expired websites that still have an entry on Google. You buy the expired website and create links from there to your website.  There are businesses that specialise in finding and buying such expired websites then selling them on under the guise of SEO.

These are unpleasant practices. Do not be fooled into believing there is a magic answer to endless traffic.

To get visitors – create the best content you can, get links from sites that can appreciate your work, use social media, articles etc. There are lots of worthwhile methods available rather than attempting to cheat.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.

Fightback Ninja Signature

The Virus Checker Website

The website VirusTotal at https://www.virustotal.com was created to help people identify computer viruses. It does this by analysing infected files or URLs supplied to it and it’s a free service.

VirusTotal inspects items by using 70+ antivirus scanners and URL/domain blacklisting services, plus a range of tools to extract signals from the studied content.

How to use the Website

You can select a file on your computer and upload it to VirusTotal in your browser.

There is also the option of desktop uploaders, browser extensions and a programmatic API if this is to become a regular practice.

As with files, URLs can be submitted via several different means including the VirusTotal webpage, browser extensions and the API.

How Does the Virus Checker Work?

A submitted file or URL is scanned and the results shown on screen. The data and results are shared with VirusTotal partners who use the results to improve their own systems. As a result, by submitting files, URLs, domains, etc. to VirusTotal you are contributing to raise the global IT security level.

Scanning reports produced by VirusTotal are shared with the public VirusTotal community. Users can contribute comments and vote on whether particular content is harmful. In this way, users help to deepen the community’s collective understanding of potentially harmful content and identify false positives (i.e. harmless items detected as malicious by one or more scanners).

Commercial Service

The service provides qualified customers and anti-virus partners with tools to perform complex criteria-based searches to identify and access harmful files samples for further study. This helps organizations discover and analyse new threats and fashion new mitigations and defences.

VirusTotal not only tells you whether a given antivirus solution detected a submitted file as malicious, but also displays each engine’s detection label (e.g., I-Worm.Allaple.gen).

This is a valuable resource in the fight against computer viruses.

Do leave a comment on this post – click on the post title then scroll down to leave your comment.