Debunqed

Tag: hacking

  • Digital vulnerabilities

    Digital vulnerabilities

    Global security breaches are on the rise and no one or country is safe. The acceleration of certain technologies has been rapid since the pandemic engulfed the world last year. But unfortunately, we’ve also become slack in the process.

    Once again, it has become apparent just how ‘at-risk’ our data is.

    Data hacks have been frantic and are now getting major press attention. It’s hard to know who each unwanted visitor is in each case but fingers are being pointed in perhaps familiar directions.

    Russian invaders back at it again

    In fact, throughout June, Russians have been blamed for a slew of hacks around the world.

    Microsoft in late May said a wave of Russian cyber-attacks had targeted government agencies and human rights groups in 24 countries, mostly in the US.

    It claimed that around 3000 email accounts of more than 150 different organizations, some of them international, were attacked in just one week.

    Allegedly, the group responsible was the same one that carried out 2020’s SolarWinds attacks, which the Russian Foreign Intelligence Service (SVR) was accused of orchestrating.

    But the Kremlin denied having any knowledge or anything to do with any cyber-attacks. It challenged Microsoft to how these attacks were linked to the European attacks.

    Nevertheless, authorities are now aggressively investigating cybercrime. In the first week of June, the US Justice Department recovered around $2.3m in cryptocurrency ransom money.

    Webscanner

    This was part of the funds paid by the Colonial Pipeline Company to Russian hackers in the most disruptive cyberattack on record in the country.

    The US deputy attorney general Lisa Monaco said investigators had seized 63.7 Bitcoins which was paid by the company after its systems were hacked, leading to massive shortages of petrol along the US’s East Coast. The department said it founded and recaptured the majority of the ransom.

    The hackers are believed to be a group called DarkSide, whose menace caused a multi-day shutdown in certain petrol stations and a spike in gas prices.

    The attack made international news and prompted the US’s White House to encourage business executives to improve security measures to avoid future cyberattacks whatever their nature, ransomware or otherwise.

    The FBI said DarkSide had also disrupted operations at a meatpacking company. As no one tends to be spared in the spillover effects, it is always a good idea to protect your company’s digital assets as a preventative measure.

    Not so sophisticated

    The attackers rather proved to be quite ‘amatuerish’ because they sent the Bitcoins to an online platform to convert it to fiat money – and that is how they got nabbed. Server-hosted (Online) crypto exchanges are obliged to keep customer data for compliance and anti-money laundering practices. So while your Crypto digital wallet does not reveal your identity, pairing it with an exchange will link it to all the other particulars you needed to provide to use the exchange.

    As long as you need cash to pay for things you will always need to switch your crypto in some way or another – unless your recipient agreed to take payment in Crypto as well. Keeping your digital assets on a hard-wallet or on your hard-drive keeps them “off-the-grid”. But also means you can’t actually spend them.

    Although the initial cyberattack was a smart manuever, the attackers proved to be rookies at the robbing game in the end.

    On a positive note: the ability to retrieve Bitcoins actually reinforces the need for a Blockchain-based financial system. This made it easier for the authorities to track movements of the ‘ransom-paid’ Bitcoins.

    Cuban for a bruising

    But politicians aren’t the only people who are urging businesses, civil society organizations, and other groups to improve security systems and be cognisant of an often-dark future.

    US Dollar billionaire Mark Cuban has also called for stricter cryptocurrency regulations.

    The owner of the Dallas Mavericks who has been investing in trading Bitcoin and other cryptocurrencies such as Ethereum said the world was in dire need of regulation for the burgeoning decentralized finance (DeFi) space.

    READ MORE ABOUT DEFI HERE

    Cuban said in an interview with Bloomberg that there “should be regulation to define what a Stablecoin is” in order for DeFi to be reliable and to prevent total collapses in investments.

    This comes after he saw his investments in a particular Stablecoin ‘went to zero’. Cuban claimed he had been scammed.

    Stablecoins are a type of cryptocurrency that is pegged to an underlying asset, or currency – usually the US dollar. They are the earliest forms of DeFi and the largest Stablecoin, Tether, is currently worth more than $62bn.

    DeFi has helped the price of Ethereum, the blockchain on which most DeFi projects are built, to also soar. But they can be highly risky investments.

    Investors try to create arbitrage opportunities and liquidity between coins but such a scheme collapsed for Cuban.

    “There should be regulation to define what a stable coin is and what collateralization is acceptable,” he said.

    trade cryptos
    Buy, Stake, and Trade Cryptos

    Strong words of caution

    Cuban hasn’t revealed how much money he lost but told a fellow DeFi investor via Twitter that regulation must be implemented- and quickly.

    It had been suggested that Cuban was “rugged” which refers to when a project’s liquidity dries up and investors cannot withdraw their cash.

    Mark Cuban is alleged to have 60% of his crypto holdings in Bitcoin, 30% in Ethereum, and 10% held in other coins. He likes to experiment with new financial tech investments.

    He added further in a recent blog post that banks should be scared of unregulated DeFi technology.

    All crypto-based investments remain highly risky as the technology around them develops. But there certainly needs to be global laws to prevent people from losing hefty amounts of their wealth/investment. Cryptocurrency is without a doubt a very lucrative investment vehicle that could make you an overnight millionaire. But that also makes it a perfect vehicle for scammers to clone projects to make away with your hard-earned cash.

    You must, therefore, be extra vigilant and scrutinize offers for instant riches. But more so, you would be quite negligent these days to navigate the Internet without any form of cyber-protection.

  • Be Digitally hack-proof

    Be Digitally hack-proof

    Why do people hack systems? Hacking is a technique used to compromise any digital device. Hackers want to get into your device to use your data for varied reasons – naturally, most of these motives are financially driven.

    A data breach is usually what leads to a hack. There is a difference even though both terms are used interchangeably.

    A data breach happens when data that is left vulnerable in an unsecured environment gets viewed by someone who shouldn’t have access to it.

    While hacks are the result of malicious behavior, breaches happen as a result of negligence, human error, or other non-malicious behavior that creates a security vulnerability.

    Hackers may access your device just to say they could or for financial gain, to protest, or to gather sensitive information.

    So what makes a hacker?

    In the past, a hacker may have been a whiz kid or specialized programmer but in the modern-day, hacking has become easier and more people are becoming hackers. As more people shop online and use computers for everyday tasks, they become the prey of hackers worldwide.

    Actual hacking is technical in nature – the hacker does not communicate with the person whose PC they are hacking into.

    But they can also use psychology to trick the user into clicking on a malicious attachment or providing personal data. These tactics are referred to as social engineering.

    Your cellphone too can be hacked

    While most associate hacking with Windows computers, the Android operating system also offers an inviting target for hackers. That means millions of people who use Samsung phones can be hacked.

    Some fifty years ago, there was a name for hackers who obsessively explored low-tech methods for getting around the secure telecommunication networks and expensive long-distance calls. they were called phreaks.

    This was a portmanteau of the words phone and freaks. They were a defined subculture in the 1970s, and their activity was called phreaking.

    Phreakers have now evolved out of the ‘analog technology era’ to become hackers in the digital world. They are beyond a sub-culture and have become a genuine threat to the safety of our information and data.

    Mobile phone hackers currently use a variety of methods to access your mobile phone and can intercept phone calls, voicemails, text messages, and even the phone’s microphone and camera, all without your permission or even knowledge.

    iPhones are not safe either

    In 2020, many journalists working for Al Jazeera were victims of a sophisticated zero-click spyware attack.

    The Toronto-based internet watchdog group Citizen Lab was asked to look into the attacks, which took place in July and August, and they released their findings at the end of December.

    The report found that 36 journalists, producers, anchors, and executives had their iPhones compromised by Pegasus spyware. The spyware, developed and sold by an Israeli-based firm called NSO Group, targets security vulnerabilities in the iMessage app.

    The so-called “zero-click” exploit deploys without any user interaction. Once installed, it can record ambient sound and phone conversations, take pictures, and access user credentials. It sounds like science fiction but it’s very much real!

    Types of hacks

    Malware

    People can use hardware to sneak malware into your PC. In offices, hackers will infiltrate networks by giving staff members infected USB sticks, dodgy USB cables, and mouse chords.

    It is crucial to always think before plugging anything into your work or personal device with access to confidential data.

    Educate your staff about being careful before plugging anything into their PCs.

    Malware infections generally occur when users interact with dangerous code by clicking on a URL or downloading malicious software disguised as an authentic program. But zero-click spyware penetrates devices without any user interaction.

    Citizen recommends making sure that your mobile OS is updated to the latest version. Identified vulnerabilities in previous versions of iOS were patched in the iOS 14 update.

    Practicing good digital hygiene is always important for the security of your mobile devices.

    Use sites like haveibeenpwned.com and breachalarm.com to see if your email credentials have been compromised. Use strong passwords on any apps that contain sensitive data and delete any apps that you do not regularly use.

    Missing security patches

    Always remember to update your security tools. Too many people ignore update notifications or security patches, leaving themselves vulnerable. It’s not just antivirus software that needs patching.

    Tell your staff to ensure that all their antivirus and applications are routinely updated as security patches become available. This task is usually the job of your IT department if you have one in the first place.

    Getting your password information

    Hackers can obtain your credentials through several means, but commonly they do so through a practice called keystroke logging or keylogging.

    Can you believe that the most common password is “123456”? Hopefully, yours isn’t so, or any of the most hacked passwords in the last 10 years.

    Through a social engineering attack, you could accidentally download software that records your keystrokes, saving your usernames and passwords as you enter them.

    This and other forms of spyware are malware that tracks your activity until a hacker has what they need to break into your system.

    Attackers can deploy malware on a user’s machine if they are in your environment and capture your credentials via keylogging too.

    Hackers also use password cracking programs that can run letter and character combinations, guessing passwords in a matter of minutes, or even seconds.

    To get around this, use a password management tool that securely houses your company’s credentials. These tools can often auto-generate lengthy, diverse character passwords that are difficult for hackers to guess. They can also autofill for your employees for easy access to their tools.

    Encryption and multi-factor authentication methods also offer more layers of protection.

    Distributed Denial-of-Service (DDoS)

    Acunetix

    This technique involves taking down a website so that a user cannot access it or deliver their service. DoS attacks take place when hackers inundate a target’s server with large influxes of traffic. The amount is so frequent and high that it overloads the server by giving it more requests than it can handle. This crashes your server and your company’s website.

    Larger businesses can get hit by a Distributed Denial of Service (DDoS) attack, which is a synchronized attack on more than one server or website, potentially taking down numerous online assets. 

    A good method to fight DDoS attacks is to use cloud protection services to spot them – like Acunetix or Netsparker.

    Social Engineering & Phishing

    This is where hackers try to get your personal information, often by impersonating a legitimate and maybe trusted source.

    Many types of social engineering bait come in the form of phishing emails.

    A hacker sends you a message that looks like it’s from someone you know, asking you to do something, like wire them money, or to click or download an infected attachment to see more. 

    Here is a hilarious example of a phishing Email

    “The top malicious email attachment types are .doc and .dot which make up 37%. The next highest is .exe at 19.5%,” according to a report by Symantec. Always be cautious of opening these types of attachments.

    Warn your employees to never give out private business information over email, to think before opening any attachments, and educate them on mail scams.

    Use email software that scans for phishing. Microsoft 365 and Google’s Business packages come equipped with such. Google’s tech uses AI to scan the content and find things such as spelling errors and dodgy URLs. This enables the system to block them before they even hit your inbox.

    Most people or companies that get hacked or suffer from a data breach do so mainly due to negligence. Many do not prioritize beefing up their security systems before it is too late. Hacks are, however, completely avoidable so don’t fall victim to them.

    Other ways to protect yourself

    • Download a reliable anti-malware product that can both detect and neutralize malware and block connections to malicious phishing websites.
    • Of course, whether you are on Windows, Android, a Mac, an iPhone, or in a business network, you must always use layered protection wherever you can.
    • Only download phone apps from the legitimate marketplaces that police themselves for malware-carrying apps, such as Google Play and the Apple/Amazon Appstore.
    • Check the ratings and reviews first. If it has a low rating and barely any downloads, it might be best to avoid that app.
    • Use long and complex passwords. Don’t use numbers in sequence. You can also use mixes of letters that can be remembered through rhymes.
    • Consider using a password manager.
    Advert
  • Banking on Crypto

    Banking on Crypto

    The world is slowly realizing that it needs to rely less on old systems in order to manage its way out of financial crises. One of the oldest systems which saw the US dollar as the vehicular currency of the world may be slowly coming to an end.

    Enter the Bitcoin: the brainchild of cryptocurrency, a means of exchange that is less regulated and which is built on the Blockchain, a technology that is supposedly difficult to hack into.

    A quick recap for those of you not familiar with the tech: A Bitcoin is a computer file that can be stored in a ‘digital wallet’ app on your smartphone or computer. With this technology, every single transaction you make is recorded in a public list or publicly distributed ledger.

    This makes it easier for authorities to track and record your transactions but not you personally. We will not, however, get into the potential abuse of such anonymity in this article.

    Adoption

    We have been very slow to adopt new financial technologies for two reasons. First, there are many regulations that help maintain the US dollar as the vehicular currency, used by central banks and other financial institutions to secure assets. Second, many developers of the technology are hesitant to throw it upon us – yet.

    But this will change as the robustness and reliability of cryptocurrencies is proved study by study and case by case. One method is by using cryptology.

    Cryptology is used to protect your information from hackers. In fact, the protection of your data is more important than ever before. We have made our lives more public thanks to social media.

    While you may not mind so much if hackers get unauthorized access to your pictures and social media profiles, some information is actually valuable. This includes your banking details, birth certificate, licenses, and intellectual property.

    The Covid-19 pandemic has forced us all to work from home. Those employees of numerous companies are accessing commercial information using personal computers instead of office computers. But personal computers might lack anti-virus software, firewalls, and other security measures.

    Right now, cybercrime is costing companies at least $45bn a year worldwide.

    This is why now is cryptology’s time to shine. It will also be used to protect your online purchases made using cryptocurrencies instead of traditional money. It will help ensure that funds go from your bank account to a retailer’s quickly but securely.

    Using Crypto for daily activities

    Digital Cash

    Let’s face it, we are going to use Blockchain for shopping: Lamborghini already accepts purchases in Bitcoin. The concept might still be difficult for you to grasp, but they are still being developed and soon it will be near impossible to live without them.

    Read more about Distributed Applications ‘DApps’ here

    Gaming companies are already embracing cryptocurrencies. Fortnite, a popular online game, with more than 250-million players, allows you to buy in-game products using cryptocurrencies.

    Beyond regular shopping, you could soon buy a house using a cryptocurrency. Blockchain technology and the underlying distributed ledger technology is being used to increase transparency in real estate transactions using smart contracts.

    To reiterate the use case for Crypto, many countries like Germany are relaxing laws and giving licenses to allow ‘Crypto Banks’ to operate. This is one effort to ensure that your Cryptos are properly taxed when used for investment purposes.

    One such bank, Bitwala, allows you to purchase Bitcoins or Etheruem securely and quickly from a charges-free bank account which they provide.

    Your transactions are then documented so that you can seamlessly submit reports of the purchases to the local tax authorities (Finazamt) to avoid penalties. You can do this all directly from the Bitwala App.

    The blockchain and cryptocurrency are even being explored on national levels: China is allegedly creating its own national digital currency.

    The way forward

    Monetary systems will continue to be tested every day. Banks the world over are spending big bucks to protect themselves from hacks. But one day, a hacker could throw them into turmoil.

    When that happens, you might be unable to withdraw your money. A central bank’s database could be hacked making it difficult for it to work with other banks. In the meantime, alternatives to classic monetary systems need to be developed.

    Cryptocurrencies backed by cryptology could be a very strong alternative. There are also some valid cases for using Bitcoin as a global currency. This, however, will only become a reality if it shakes off its high trading volatility to become more stable.

    We live in a world where we need to be cognisant of our health and how viruses can spread easily and quickly like wildfire. It equally is imperative to realize that cyber attackers could get and infect our data just as swiftly. Using modern technologies can help prevent these intruders from creating a ‘digital security collapse’ pandemic.

  • Ethical hacking

    Ethical hacking

    Maybe you should encourage your kids to become hackers. When you open Twitter handles and Linkedin profiles, it’s not unlikely that you’ll find people listing hacking as a skill.

    Parents used to tell their kids to become doctors, lawyers, and accountants. Later, they advised them to learn about computers. These kids have now grown to become hardware specialists and then software specialists today.

    In the past 10 to twelve years, we have seen ourselves thrown into the fourth industrial revolution. In it, technology affects our lives through social media and augmented reality.

    We share a lot of our personal information with more people, companies, and institutions every day, willingly and are often blasé about it. This has tempted people to steal this information by hacking it. 

    Hacking background

    Since the advent of personal computers in the 1980s hackers have become prolific, initially in ‘first-world’ countries that had an advanced infrastructure. There were numerous cases in the US but as computer technology permeated the world, hackers followed suit. 

    A hacking group called MOD, Masters of Deception, in the 1980s allegedly stole passwords and technical data from Nynex, and other telephone companies as well as several big credit agencies and two major universities.

    The damage caused was extensive and one company, Southwestern Bell said it suffered losses of $370,000 alone. These days the damages, though not always publically announced, can run into a few millions of dollars.

    READ MORE about the Online Threats hackers use here

    All this has paved the way for a special information technology (IT) vocation. A security hacker is someone who explores methods for breaching defenses and exploiting weaknesses in a computer system and networks. They break into systems they aren’t authorized to, and tend to break seamlessly into email and banking systems.

    Advertisment

    Hacking as a career

    Ben Wilson works as an ethical hacker. He has more than ten years of experience and worked in London where he received on-the-job training. He now works remotely in South Africa servicing UK clients.

    “I test websites for clients and look for vulnerabilities in the systems. I have done a lot of work for banks lately but my work is across industries.” 

    “Energy companies are using my services more and more,” he says.

    Wilson says he worked in a permanent position for six years. Right now he contracts for five clients regularly.

    Ethical hackers are the knights who test how permeable these systems are.

     

    “The majority of my work is for British clients. The UK pound is strong and I like to earn pounds. I’d say the best computer security consultants in the world are in the UK. The US is strong too but the UK consultants are sophisticated and the best.”

    Vulnerabilities

    The most common way in which people hack information is through email contacts; especially personal Gmail accounts.

    People think that their information is safe because it sits with one of the largest companies in the world. But this is exactly why it isn’t safe.

    Gmail and other third-party free email accounts are regularly hacked. If you want to protect especially valuable information you should either upgrade it to the business/enterprise level, use a different email service, or perhaps the one connected to your employer. 

    Nowadays companies use services to protect themselves against hacks and unauthorized access. These monthly or annual service providers might employ ethical hackers to check the companies’ systems.

    Hacking, however, isn’t just something that happens to big companies or in blockbuster movies. Here are some reality checks:

    • All websites are under threat;
    • So are applications (Apps) on your phone;
    • People can also program artificial intelligence (AI) to hack into systems. This has become a big concern and theme for security experts.

    Ways to proactively prevent a hack 

    Fortunately, there are several ways of protecting yourself and your information from hacking; starting with your emails. Be wary of “phishing” emails asking you to update your information, especially for bogus databases that you have never heard of.

    Use a spam filter – Avoid opening attachments from senders you don’t know – Update your passwords regularly – It helps to have authentication methods, such as a smartphone-linked and email-linked authentication (2FA) or security keys like Yubico – Do not click on any ad – period! Back up your files regularly – it’s always a good idea – Don’t allow ransomware bullies to bully you.

    • If you get sent communication saying that people have your files and want money or they’ll release the files; ignore them.
    • They can’t threaten you forever and might eventually move onto another target especially if your information loses its value over time.

    Anti-hacking software

    As a business, use tools like those from cybersecurity experts Acunetix. More than 4 000 companies protect their web applications from vulnerabilities using its powerful web scanner.

    Its penetration testing software prevents potential attacks by identifying holes in your websites’ coding. This is where hackers usually plant their complex code which allows them to extract data such as contact details, credit card details, and in worse cases, company-sensitive data like patents and blueprints.

    Naturally, it also scans networks to find gateway loopholes that could lead to crashes and downtime-related losses. A bank’s website going down for a few hours can cost it several thousand or even millions in lost revenue.

    Despite having firewalls, VPNs, and other Internet security systems in place, your websites and apps being developed are still vulnerable to cyber-attacks or a hack.

    The most commonly known hack used is a DDoS attack. Basically, it works like a traffic jam clogging up a highway, preventing regular traffic from arriving at its desired destination. Incidentally, only a few days ago, Amazon was hit by a DDoS Attack.

    So, how would you know or find out if you are vulnerable?  By conducting regular scans on your websites and apps to see where vulnerabilities lie.

    Avoiding a hack requires common sense

    Be aware and don’t fall into scams. It’s unlikely you’ve won 120-million Euros in a lottery. You should know by now that you are not the descendant of a king!

    In addition, if someone says they have a sex tape with you in it and they want your salary, unless you know you made a sex tape, they’re probably lying.

    Unless of course, a scorned lover of yours tricked you – but you can’t blame technology or a hacker for that.

     

  • The Online Threats of 2019

    The Online Threats of 2019

    How you can stop them from happening.

    Like a biological virus mutates – as technology advances so do the complexity of phishing and identity theft schemes. With major services adopting cloud technologies and storing private data online, anyone is vulnerable to hacking.

    To make matters worse, hackers continue to come up with some pretty creative ways to profit from stolen information.

    Without wasting time, these are the things you should already be doing to avoid being exposed to hackers in the first place:

    In order to keep these cyber-criminals out of your lives and computers, let’s take a look at some of the actual schemes to watch out for in 2019.

    Hacking

    We all know what hacking is by now – the term has almost become synonymous with internet security. So a question is: do you love watching movies on Netflix or jamming out to your summer playlist on Spotify? If the answer is yes, then you’re at a pretty high risk of getting hacked.

    DynaRisk, a UK cybersecurity firm, recently found that cybercriminals most commonly target these brands, along with adult-oriented sites (you know what we mean) and then, online gaming services.

    Identity Theft

    A few weeks ago, authorities caught a New York-based gang who had used identity theft to steal over $19 million worth of iPhones. Quartz reported that this operation ran for seven years.

    So-called “Top Dogs,” the ring leaders, would organize lower level members of their organization to steal identities and create clone credit and identity cards. Then, affiliates fanned across the nation, signing up for mobile phone plans to acquire iPhones, which were later sold for a profit by the Top Dogs.

    Because phone payment plans take the shape of nominal fees over the course of several years, victims often wouldn’t notice the fraud until it was too late. Learn how another scheme dubbed sim port attack works in the diagram below:

    Ransomware

    Hacking can happen to anyone – including our favorite bands. In early June, a hacker managed to steal the minidisk archive of Thom Yorke, the lead singer of Radiohead. This included previously unreleased demos and audio material from around the time of “OK Computer,” the band’s 1997 worldwide hit album. The hacker then demanded $150,000 on the threat of releasing it.

    Holding files for ransom is so common nowadays that it even has its own name: “Ransomware.” Either pay over the ransom or lose your files—or, even worse, have them released onto the unforgiving Internet.

    In response, Radiohead released all 18 hours of material on Bandcamp themselves, winning against these ransom hackers.

    Most security experts recommend the same route as Radiohead—never pay the ransom, because there’s no guarantee you’ll recover files or prevent their release.

    Sextortion

    If you think ransomware is bad, there’s an entire subgroup of it aimed to profit off sexual shame. Cheekily named “Sextortion,” some hackers creatively upgraded the classic email phishing scam to scare victims into handing over Bitcoin.

    According to Fortune, hackers have already racked up over $900,000 with sextortion. In these phishing emails, the sender claims to have spied on you while you watched porn—and has webcam footage of the salacious deeds. The message then demands a Bitcoin ransom, or else face the social and professional consequences of this lewd video getting sent to all your contacts.

    To make the threat even more believable, the sender references a previous password tied to the user’s email account. According to Krebson Security, a sextortion phishing message might look a little like what’s written in the sidebox.

    In rare cases, the threats are real—and hackers get their hands on some sexually explicit photos. Recently, American actress Bella Thorne fell victim to sextortion. Last Saturday, she took a similar, albeit more risqué, route as Radiohead, opting to release her nude photographs on Twitter in order to take the power away from her hacker.

    Last thoughts

    So, what’s the best way to avoid your personal, or, business from costing thousands in virtual currency? Since most of these emails are fake, you can just avoid them with a spam filter. And you should probably buy a webcam cover…just to be safe. When it comes to general browsing- we suggest using a VPN.

    Read more about VPNs here

    There are now more secure anti-hacking tools that use the Blockchain and offer great protection, especially against identity theft. Have a look at our feature on Tokenisation.

    Most online services now like mobile banks, offer App-based 2-factor authentication. This should now be regarded as the minimum security for ANY online account or App.

    To avoid hacking or phishing scams in general, optimizing your cybersecurity and using online common sense will save you loads of time, trouble and money.

    Cybersecurity by Acunetix
  • Open Banking – too exposed?

    Open Banking – too exposed?

    As a human race, we are constantly striving for easier ways of doing things: simpler, faster, and more practical. Thanks to better tech, you can now interact with people globally and instantly with the click of a few buttons.

    Likewise, you can also physically move quickly due to advances in transportation technology. When it comes to the age-old practice of banking – the same is now happening.

    Provided you have the necessities, a passport, residential address and a mobile phone, you can now open a bank account within minutes. This is brought about by a Fintech offering better known as Open Banking.

    Open banking uses APIs that enable third-party developers to build applications and services around the financial institution.

    Wikipedia

    It is ultimately about giving you a better, secure, and flawless service experience. This comes with the opportunity to gain access to excellent financial products.

    Online security expert and Chairwoman of Zortrex, Susan Brown reflects on the advent of the new offering:

    “Just over a year ago when Open Banking came into the limelight for the Fintech world. CMA9 were effectively mandated to make their banking platform accessible for third party companies.”

    A comprehensive global report commissioned by Accenture emphatically highlighted growth and talking points about the emerging industry in 2017.

    MS Office package

    This is all wonderful, innovative, and promotes transparency within the financial services market. There is only one drawback:

    “Consumers really do not know what Open Banking means, there has been a lot published about the benefits that are to be had from Open Banking. At the same time, consumers have become very aware of the negative aspects around sharing their data.”

    Scourge of hacks & breaches

    Daily, you hear more and more about hacks, and data compromises. With the UK’s Lloyds Bank breach last year; the trust by its consumers to share their financial and personal information, some would say, is completely gone.

    In addition, you go onto a site to review products and before you know it, you are bombarded with adverts on the products that you have been looking at elsewhere. This has led some consumers to abandon shopping carts and refrain from using online retailers.

    If not adequately protected, the newly established Fintech system might suffer a similar data breaches.

    Visa and Mastercard for one, are among the established firms threatened by Open (Mobile) Banking. And so, they should be according to Brown.

    “As consumers knowledge grows about their data and the security around their financial data has not been secure as shown with the Marriott hack.”

    Naturally, new systems pose a huge threat for banks. They become the digital gateway channel connection to the financial sector. This eliminates the direct relationship between consumers and banks.

    This is not a bad thing as banks are overwhelmed and cannot always keep in touch with everyone.

    An added layer of protection

    The solution for failing global acceptance would be for a new Fintech company to gain the trust of its new customers. They would naturally also be able to chip away at the market share of other expensive financial institutions.

    What you as a consumer know and want is privacy and security. Currently, only banks can make this happen – but at a high cost.

    With a new digital tokenisation system like Zortrex vault, you can concurrently let your consumers reap the awards on their transactions.

    They can as a result, gain redeemable tokens for patronising your services. This can occur while both you and your partners offer them products globally.

    “Don’t be a gateway for the challenger banks be in control of your omni channel for your consumers,” Brown advises

    Read more about Zortrex’s solution to privacy here.

    This contains excerpts from Susan Brown about Open Banking initially published on her LinkedIn page.  

     

     

     

  • Get a vault for your data!

    Get a vault for your data!

    It’s not often that we readily endorse a product or company. However, when the nature of work they engage in is considered ground-breaking and has a positive impact on our lives – it most certainly warrants a mention.

    The rationale for considering such tech-driven projects as highly significant is neither due to ‘gut feeling’. Nor that it is simply because it is fascinating and therefore must be an excellent product. This project actually has a value proposition for you!

    We are indeed well into the information age and while we have written extensively about data, its importance to marketers, and its fragility when used and abused by unscrupulous third-parties for their financial gain.

    The issue of data security is, however, quite a serious one. You just need to pay attention to the news to become even more aware.

    Data breach incidents

    In Europe, where security is supposedly more advanced, we have seen the likes of renowned airline British Airways, being hacked. Several hundreds of thousands of customers’ personal data compromised.

    These were followed by hacks on other major airlines such as Cathay Pacific.  Aside from airlines, other business outfits have suffered a similar fate.

    The perpetrators are getting a lot more brazen and very recently, a cable car, used as public transport in Moscow was hacked. This left vulnerable passengers terrified and stuck high up in the air. And all this happened probably to the amusement of the pranksters (hackers).  

    Can you imagine the chaos and commotion that would be caused if their control systems of driverless cars were to be hacked? 

    The digital intrusion gets even more sophisticated...

    This time affecting the very wealthy:  private yachts are now being hacked and taken into the pirate waters, all via uniquely coded signals, reading data from their antennas!

    Data security 

    On the issue of data security, you often hear about extra protection but not just anti-virus and anti-phishing software. The more secure and heavily encrypted Blockchain technology is, however, making waves in the digital sphere.

    It is mainly for the escalation of its once shining star by-product designed for discreet transacting – Bitcoin.

    Blockchain technology has also triggered several other technologies based on its digital cryptology technology. The aim is to ensure that your information is kept safe from prying eyes while stored, used, or transferred online.

    Blockchain products such as cryptocurrencies, however, are not completely safe from hackers.

    A solution

    Zortrex400x400

    The company we chose to highlight uses a unique vault system and is called Zortrex. It has adopted one of such Blockchain technologies dubbed tokenization. It will be using it to ensure that your highly sensitive data online is kept safe.

    “Our tokenised solution would have protected their customers’ personal identification information (PII) details. Instead the hackers ran off with the date of birth; passport numbers; financial data etc,” says Susan Brown, Chairperson of Zortrex – relating to the British Airways incident.

    Tokenization is the process of converting rights to real-world assets into a digital token on a blockchain.

    Brown’s background in data privacy systems as well as her devoted passion for the protection of PII, financial and healthcare data led her to start up and chair Zortrex. 

    The law on data

    Thanks to new laws like the European GDPR law, which enforces the protection of data, breaches are now met with hefty financial penalties.

    “Companies have disrespected your data for over 25 years, and if left unattended, there will be nothing left to protect,” Browns says.

    Companies now have to think twice about getting your consent and how to use and share your data digitally. But is it enough? The simple answer is no.  

    The authorities just do not have the resources to investigate every complaint nor to actively enforce all data breaches.

    We have ingeniously invented systems that automatically align with financial messaging, payments and securing information. All of which require data. 

    “However, we need to go a step further to secure all the PII details with tokenization. This is so that in the event of a hack, the cookies and trackers will only be following a ‘useless’ token will be no real identification on it,” Brown explains.

    Zortrex would naturally like to tokenize all healthcare data. This way, vulnerable those of you living outside of major cities can also feel assured that your privacy is protected.

    Using Blockchain

    The application of the all-powerful blockchain is not limited to use in the financial sector and will be applied via the supply chain to all industries that deal with your data – especially the most sensitive ones.

    A business angel or any investor for that matter looking to get onto the next best thing since Amazon would therefore be unwise to pass up the opportunity to back the Zortrex venture given its scope.

    Furthermore, regulations are currently being implemented primarily in the pharmaceutical sector.

    A tokenized supply chain such as what Zortrex offers would be ideal for this new law which is planned to be implemented by 2023.  A judiciary blockchain, for instance, would allow the police to “talk” to the prison service. They,  in turn, will communicate with the legal sector or public health institutions (NHS).

    Forensic evidence would in such instances be tokenized and kept secure (away from tampering) during legal hearings.  In another practical scenario, Smart Contracts (which could replace some lawyers) can spark off legal aid assistance to you.

    Your court cases will be heard quicker and be more efficient.  Protection registers can also be guarded using tokenization – rendering them more secure.

    Blockchain technology offers quality assurance making sure that no shortcuts are taken.

    This will enable the monitoring and tracking if any of your data is shared with third parties once tokenized. The third-party apps would only gain access to your data once the trigger has been activated.

    Like other pioneers and visionaries, Brown’s futuristic hope that every child being born will have their name, date of birth, blood type data being tokenized, might seem far-fetched.

    Zortrex wants to use its technology to put the hackers out of business! 

    Tokenisation cannot be mathematically reversed and thus it will least it will keep the hackers busy for a while.

    Scalability

    For such high ambitions, the creators of Zortrex’s software have adequately ensured that the technology used is fully scalable. One stumbling block many Blockchain projects now face is what is referred to as scalability. This is the ability of a network or software to grow and manage increased usage.

    This image has an empty alt attribute; its file name is 250x250.gif

    Cryptocurrencies like Bitcoin and Ethereum specifically – which is used to build a lot of Distributed Applications, however, have massive scalability issues.

    The growth in demand for DApps is also crippling (slowing down) those systems. They need to investigate the incorporation of alternative technologies, upgrade or split their platforms to cope with such high demand.

    Someone must take the first step in securing this data forever. You should be able to purchase what you want without being harassed by trackers and cookies.

    The need for tokenization is endless and further, down the line, celebrities and government official’s PII can be secured by it to protect them from damaging schemes, ‘bad press’, and scandals.

    In a previous blog, we “prophesized” that data is the new commodity – like gold or oil. However, the actual value with that data will lie in its privacy, the ability to store it securely and unlock it only with legal permission by its rightful owner.

  • Get a vault for your data!

    Get a vault for your data!

    It’s not often that we readily endorse a product or company. However, when the type of work they engage in is considered groundbreaking – and one with the potential to have a massively, positive impact on our livelihoods, it most certainly warrants a mention.

    The rationale for considering such tech-driven projects as highly significant is neither due to ‘gut feeling’ nor that it is cutting-edge/fascinating and therefore must be an excellent product – it actually has a value proposition for everyday people!

    We are indeed well into the information age and while we have written extensively about data, its importance to marketers and its fragility when used and abused by unscrupulous third-parties for their financial gain, the issue of data security is quite a serious issue – we must just pay attention to the news to become even more aware.

    In Europe, the where security is supposedly more advanced, we have seen the likes of renowned airline British Airways, being hacked – with several hundreds of thousands of customers’ personal data compromised. This was followed by hacks on other major airlines such as Cathay Pacific.  Aside from airlines, other business outfits have suffered a similar fate.

    The perpetrators are getting a lot more brazen and very recently, a cable car, used as public transport in Moscow was hacked, leaving vulnerable passengers terrified and stuck high up in the air – probably to the amusement of the pranksters (hackers).  We all know about driverless buses and cars coming to the market soon.

    Can you imagine the chaos and commotion that would be caused if their control systems were to be hacked?  The hacks get even more sophisticated: this time, affecting the very wealthy –  private yachts are being hacked and taken into the pirate waters, all via uniquely coded signals, reading data from their antennas!

    On the issue of data security (with almost full anonymity); we have also heard about extra protection (and not just anti-virus and anti-phishing software) but the more secure and heavily encrypted Blockchain technology that is making waves in the digital sphere. Mainly for the escalation of its once shining star by-product designed for discreet transacting – the Bitcoin.

    It has also triggered several other technologies based on its digital cryptology technology to ensure that information is kept safe from prying eyes while stored, used or transferred online.

    Zortrex400x400The company we chose to highlight uses a unique vault system and is called Zortrex. It has adopted one of such Blockchain technologies dubbed tokenization – and will be using it to initially ensure that highly sensitive data online is kept safe.

    “Our tokenised solution would have protected their customers’ personal identification information (PII) details, instead the hackers ran off with the date of birth, passport numbers, financial data etc,” says Susan Brown, Chairperson of Zortrex – relating to the British Airways incident.

    “Tokenization is the process of converting rights to real-world assets into a digital token on a blockchain.”

    The establishment of this start-up company was due to Brown’s background in data privacy systems as well as her devoted passion for the protection of PII and financial/healthcare data.  In her view, companies have disrespected their customer data for over 25 years, and if left unattended, there will be nothing left to protect.

    Thanks to new laws like the European GDPR law which is now imposing the data protection; data breaches and abuse of customer data is now met with hefty financial penalties. Companies now think twice about consent and how to use and share customer’s data digitally – but is it enough? The simple answer is a no.  The authorities just do not have the resources to investigate every complaint nor to actively enforce all data breaches – yet.

    “We have ingeniously invented systems that automatically align with financial messaging, payments and securing information, all of which require data. However, we should and need to go a step further to secure all the PII details with tokenisation so that in the event of a hack, the cookies and trackers will only be following a useless token as there is no real identification on it,” Brown explains.

    Zortrex would naturally like to tokenise all healthcare data so that vulnerable people living outside of major cities can also feel assured that their privacy is protected. In a previous blog, we wrote about the new Internet of things (IoT). For all those devices being built for it, their IP addresses and the serial numbers can be tokenised to avoid the terrifying thought of the whole Internet being compromised.

    N26_banner-160x600-EN

    The application of the all-powerful Blockchain is not limited to use in the financial sector and will be applied via the supply chain to all industries that deal with customer data – especially the most sensitive ones.

    An angel investor or any investor for that matter looking to get onto the next best thing since Amazon would therefore be unwise to pass up the opportunity to back the Zortrex venture given its scope!

    Furthermore, regulations are currently being implemented primarily in the pharmaceutical sector and a tokenised supply chain such as what Zortrex offers would be ideal for this new law which is planned to be implemented by 2023.  A judiciary blockchain, for instance, would enable the police to “talk” to the prison service,  who in turn, will communicate with the legal sector and public health institutions such as the UK’s NHS.

    Forensic evidence would in such instances be tokenised and kept secure (away from tampering) during legal hearings.  In another practical scenario, Smart Contracts (which are touted to replace lawyers) can spark off legal aid assistance, so that court cases can be heard quicker, more efficient than currently pertains.  Protection registers can also be protected with tokenisation rendering it more secure.

    Blockchain technology offers quality assurance with every process being undertaken making sure that no shortcuts happen; as the smart contracts trigger any possible malfeasance. This will enable the monitoring/tracking of any data sharing to third parties once it is tokenised. The third party apps would only gain access to the data once the trigger has been activated.

    The company will be providing numerous business blockchain platforms; Asset Chain, Supply Chain, Accountancy Chain, Debt Chain, Life Cycle Management Chain, Outsourced Worker Chain; the list is endless, and all will be adequately secured.

    Like other pioneers and visionaries, Brown’s futuristic hope that every child being born will have their name, date of birth, blood type data being tokenised, might seem farfetched – but may we remind you of the need for data protection taking into consideration the growth rate of massive data breaches.

    Zortrex is aiming high and wants to use their technology to put the hackers out of business!  Tokenisation cannot be mathematically reversed and thus it will least it will stop the hackers for a while.

    Brown explains further that as they move with their education; other information can be added on to the token, as with all their healthcare; any allergies tokenised; what injections they have had right through their life cycle until the day no more data can be tokenised.

    For such high ambitions, the creators of Zortrex’s software have adequately ensured that the technology used is fully scalable. One stumbling block many Blockchain projects now face is what is referred to as scalability – which in tech terms, is the ability of a network or software to grow and manage increased demand.

    This image has an empty alt attribute; its file name is 250x250.gif

    Cryptocurrencies like Bitcoin and Ethereum specifically – which is used to build a lot of Distributed Applications, has massive scalability issues. The growth in demand for DApps is crippling those systems and they are having to investigate the incorporation of alternative technologies, upgrade or split their platforms and accompanying cryptocurrencies to cope with such high demand.

    Someone must take the first step in securing this data forever. Citizens should be able to purchase what they want without being harassed by trackers and cookies. The need for tokenisation is endless and further, down the line, celebrities and government official’s PII can also be secured to protect them from damaging schemes, ‘bad press’ and scandals.

    In another previous blog, we “prophesized” that data is the new commodity – like gold or oil. However, the actual value with that data will lie in its privacy, the ability to store it securely and unlock it only with legal permission by its rightful owner.

  • Anonymous Surfing

    Anonymous Surfing

    You don’t have to be an online arsonist, hacker, or international cyber-terrorist to hide your online identity. Likewise, concealing your PC’s web address or your Internet Protocol address (IP address), making it unknown to the public, does not necessarily mean you are up to no good online.


    We will, therefore,  build a case for why it is important at times to conceal your private online location using VPNs (Virtual Private Networks).


    A VPN is a connection method used to add security and privacy to your private and public networks. This includes your Wi-fi Hotspots and access to the Internet. They are most often used by corporations to protect sensitive data but now also by people like yourselves for the same purpose.

    VPN-Protect-you

    Click on the image to view a quick video


    Let’s get back to the importance of your IP address. It is probably something you rarely think about but is crucial to your online lifestyle even as an individual. How so? You might still ask.


    Well, without an IP address, you wouldn’t be able to get the current weather, check the latest news, or view videos (streaming) online for instance.

    The uses of VPNs

    Your IP is also used to access every online service you partake in including very private things like your internet/mobile banking or online trading activity.  Think of it as your physical address and how important it is when getting things delivered by post or using it when you need to make applications for loans, jobs, etc.

    “Without a public IP address, online service providers like Netflix, BBC, or Amazon wouldn’t know where to send the information you asked for. They wouldn’t be able to get it to your computer.”


    Imagine how naked you must feel if you have nothing to protect this address from the advent of a hack without adequate data encryption.  Also the just the haggling by overzealous online marketers, spam, malware, and even ‘419 scammers’!


    Now the argument for whether using VPNs is illegal is highly debatable for some of the valid reasons highlighted above. It should, however, be a given right to be able to use it. And even though it is commonly used by cyber-thugs to mask their clandestine and often dark activities, it should not be outlawed altogether.

    The case for VPN

    The legitimacy of VPNs debate, therefore, carries on into a grey area.
    We will, however, investigate a few VPN providers that are ‘paid for services’ and even offered by established companies such as AVG (which primarily offers Antivirus protection).


    The directive is to help the everyday consumer surf the web without ‘virtual’ salespeople bombarding them with offers based on personal information gathered in an ‘unsolicited’ manner.


    Policies like the European-based GDPR law were put in place to protect consumers from the non-consensus use of their data. Even your Internet Service Providers (ISPs) can track your online activities via your IP and sell your browsing habits.


    Some forward-thinking people and companies, however, have long been shielding themselves manually using VPNs.


    One direct benefit for you as a consumer is the ability to access content (information, products, and services) from different servers. A good VPN service can enable you to obtain access to other geo-locational content despite being on a different continent.

    It is perfectly legal provided you are paying for the service. The burden falls on the provider of the service and not you if it came down to a legal “scrap”.

    Rationale for using them

    If you perform these tasks frequently, you need a VPN:

    • Hide your IP address (to enable anonymity from marketers and hackers)
    • Change your IP address (to avoid identity theft)
    • Encrypt data transfers (private and financial data)
    • Mask your location (to access other services)
    • Access blocked websites
    250x250

    A word of caution when navigating websites blocked by governments with a VPN. Unless you are a high-profile journalist working on a case and backed by good legal aid – it’s not a wise thing to do.
    Do some research if you are not sure because accessing such sites could land you in some hot water. Rather use a known privacy service like Tor to ensure full anonymity to gain access to restricted sites if you really must.

    Top Virtual Private Network Protocols

    VPN protocols and available security features are numerous. The most common (best) protocols are:
    ExpressVPNthe acclaimed best offshore VPN for privacy and unblocking.
    IPVanish great for P2P and Torrenting.
    VyprVPNthe best choice for those looking for security.
    NordVPNsecurity is its middle name.
    TunnelBeardubbed the easiest VPN to use.
    Windscribea VPN which gives you unlimited connections.
    Hotspot Shieldan awesome solution for online browsing.
    KeepSolid VPN Unlimitedthe jack of all trades of VPNs.
    CyberGhostrich clients and ease of reconfiguring.
    ZenMateuser-friendly VPN that caters to the newbies to VPN.
    PureVPNtake advantage of easy to use apps and access to many servers.

    Source: www.itproportal.com, PureVpn

    Making the choice

    Picking a VPN service can be a daunting task as there are now literally hundreds of them to choose from. Landing the right one means striking the right balance between what you are offered, the ease of use, and naturally, the price.

    Some providers offer free you VPN services while some like AVG charges for their VPN service. Paid VPN providers, however, are preferred to the free service providers as they offer robust gateways, proven security, additional free software, and unmatched speed.

    The key is to find the best VPN that meets your immediate needs while matching your budget.

Translate »

This website uses cookies. By continuing to use this site, you accept our use of cookies.