A new strain of ransomware, named ‘Bad Rabbit’ has been found spreading in Russia and the Ukraine. The malware has affected systems at three Russian websites, an airport in Ukraine and an underground railway in the capital city of Kiev.
Bad Rabbit bears similarities to the WannaCry and Petya outbreaks earlier this year. It is not yet known just how far this malware will be able to spread. US officials said they had received multiple reports of Bad Rabbit ransomware infections in many countries (such as Turkey and Germany) around the world.
The US computer emergency readiness team said it “discourages individuals and organisations from paying the ransom, as this does not guarantee that access will be restored”.
A privately owned Russian news agency, Interfax, was particularly hit hard. Its website displayed the ‘our service is temporary unavailable’ message for over twenty-four hours.
On the morning of 25 October, it transpired that Russian banks had also been targeted but, luckily, were not compromised.
Bad Rabbit encrypts the contents of a computer and asks for a payment – in this case 0.05 bitcoins, or about $280 (£213).
Cyber-security firms, including Russia-based Kaspersky, have said they are monitoring the attack.
www.bbc.co.uk/technews (25th October 17)
The Norwegian Consumer Council (NCC) has warned that some smartwatches designed for children have security flaws that make them susceptible to hackers. Watches from brands including Gator and GPS were tested and it was discovered that attackers could track, eavesdrop or even communicate with the users. The smartwatches serve as basic smartphones, allowing parents to communicate with their children as well as track their location. Some of the watches include an SOS feature that allows the child to instantly call their parents.
The NCC said it was concerned that Gator and GPS kid’s watches transmitted and stored data without encryption. This means that strangers could track children as they moved, or could make a child appear to be in a completely different location.
Consumer rights watchdog Which? criticised the watches and said that parents would be shocked if they knew the risks. ‘Safety and security should be the absolute priority – if that cannot be guaranteed then the products should not be sold,’ said spokeswoman Alex Neill.
As a precautionary measure, John Lewis has withdrawn one of the named smartwatch models from sale in response and is waiting for further advice and reassurance from the supplier.
GPS for Kids said it had resolved the security flaws for new watches and that existing customers were being offered an upgrade.
The UK distributor of the Gator watch said it had moved its data to a new encrypted server and was developing a new, more secure app for customers.
www.bbc.co.uk (19th October 17)
Coventry University has reached number 44 in the Times and Sunday Times Good University Guide for 2018 – maintaining its top 50 position for the 5th year in a row.
The University did really well in the student experience and teaching quality measures and was recently awarded a Gold rating in the government’s Teaching Excellence Framework (TEF), which measures the quality of teaching at higher education institutions across England. Coventry also performs very well in the graduate prospects category.
Vice-Chancellor John Latham said: ‘Coming on the heels of our excellent showing in the Teaching Excellence Framework, the guide is yet another reflection of the university’s positive progress and of our continued sector-leading performance when it comes to teaching. Our focus on employability and ability to give our students an international experience are ensuring that Coventry continues to be a destination of choice for talented individuals from across the world.”
It is also the top-placed modern university in both the Guardian Good University Guide – in which it ranks 12th overall – and the Complete University Guide.
Coventry Chamber of Commerce News (16th October 2017)
Many carmakers are adopting ‘over the air’ (OTA) software for their increasingly connected and autonomous cars. Does this mean that there is increase in the risk of hacker hijackers?
Two years ago, hackers showed that they could remotely take control of a Chrysler Jeep. Earlier this year, Tesla boss Elon Musk warned about the dangers of hackers potentially taking control of thousands of driverless cars. Speaking at a National Governors Association meeting he said, ‘ I think one of the biggest concerns for autonomous vehicles is somebody achieving a fleet-wide hack. In principle, if someone was to hack all the autonomous Teslas they could send them all to Rhode Island as a prank. That would be the end of Tesla, and there would be a lot of angry people in Rhode Island.’
Mr Musk was quick to insist that a kill switch would ensure that the driver was able to gain control of the car and cut any links to the servers.
As cars become more sophisticated, incorporating features such as lane keeping, automatic braking and self parking, their systems are connected to the internet and the amount of software needed to control these systems is increasing. Also, It is much easier to use online updates – rather than repair-shop visits – for both automakers and customers.
OTA updates give manufacturers the ability to respond quickly as problems arise. Chrysler was criticised for sending out USB sticks with updates to patch the Jeep. Critics pointed out that criminals could easily intercept the USB sticks and infect them with malware.
Research consultancy IHS Markit estimates that by 2022, 160 million vehicles globally will have the capability to upgrade their onboard computer systems over the air.
‘Ultimately, as cars have become more connected, it does potentially create a bigger target and hackers have always altered their techniques as technology changes,’ said Robert Moran, an expert in car connectivity and security at NXP Semiconductors. ‘The fact that we can provide over-the-air updates is a security feature in itself, as it gives us the ability to respond and make changes’
Consumer trust is crucial, so security is paramount.
www.bbc.co.uk./technews (6th October)
Microsoft appears to have abandoned its smartphone operating system ambitions after Joe Belfiore (chief of the company’s Windows 10) sent a tweet stating that developing new features and hardware for the Mobile version of the OS was no longer a focus. He also added that he had also switched to Android himself.
Mr Belfiore said that Microsoft would support the many companies that had adopted the platform in terms of bug fixes, security updates, etc.
Windows 10 Mobile tried to attract users by letting them run the same ‘universal apps’ on both their PCs and handsets, but the concept failed to catch on. It has been reported that there wasn’t a wide range of devices running Windows 10 Mobile thus making it unattractive to retailers or operators. Consumers had reported that the operating system didn’t provide as good an experience as Android or iOS.
Mr Belfiore posted Microsoft had tried “very hard” to incentivise other companies to release universal apps – even writing their software for them in some cases – but the number of users had been too low for most to bother.
bbc.co.uk/technews (10th October 2017)
Microsoft has confirmed that some users of Outlook are unable to send emails or access their accounts.
Hundreds of users from around Europe have commented on the website Downdetector that they have been affected by the problem.
A common issue seems to be that emails remain in the draft folder and are not being delivered to recipients.
‘Intermittent connectivity is affecting customers in some European countries, which we are working to resolve as soon as possible,’ said a Microsoft representative. They are monitoring the environment while connectivity recovers.
www.bbc.technews (19th September)