Cyber Security Briefing: Google has the key... a USB
As one of the world’s top tech firms and the guardian of much of the world’s data, Google could be described as something of a target for unscrupulous cyber criminals.
And with 85,000 employees, the chances are that someone, somewhere will click on a malicious link and give up access to their work-related login details.
Yet Google has not suffered a single phishing attack since introducing a basic security measure last year – a physical key.
Having to plug in the USB key to access your online accounts – alongside the password, of course – means that hackers cannot guess your passwords from a remote location or trick you via an email into giving them up.
Even better is that anyone who wishes to introduce this two-factor authentication themselves can do so for their Google, Facebook, Twitter accounts and more – and it’s absolutely free.
They are available for as little as £8 on Amazon (other eCommerce providers are available) – so what are you waiting for?
Google Chrome targets insecure websites
The latest version of Google's web browser Chrome 68, released today, is targeting unencrypted websites.
Any sites that do not use Hypertext Transfer Protocol Secure (HTTPS) by default will be marked as insecure by Chrome – and also face having their search ranking downgraded.
When you browse on sites which use the inferior Hypertext Transfer Protocol (HTTP), the data being transferred from your device to the site in unencrypted and therefore can be intercepted by third-parties.
Expect to see a message next to the URL in the search bar saying "not secure" whenever you visit a HTTP website from today.
Legal firms ‘a top target for cyber criminals’
Legal firms are increasingly being targeted with cyber attacks, according to a report from the National Cyber Security Centre.
Criminals have stolen more than £11m from clients of legal firms in the past 12 months. A whopping 60 per cent of legal firms have reported attacks, compared with 42 per cent in 2014.
The nature of the information held by legal firms and the amount of funds they handle makes them a top target, according to the report.
The NCSC has called for greater cyber security in the sector.
Government too mellow with Trello
Do you use a project management tool at work?
We at BusinessCloud use Trello, a web-based app which allows the team to see who is working on what and share relevant information such as images and other media.
When you create the ‘boards’ you use to collaborate on, you can either set them to public or private – and private is the default option. We keep them private, of course – but the government, it seems, has not always made that rather obvious choice.
According to a Sunday Telegraph investigation, hundreds of sensitive documents from the Cabinet Office and Home Office – including details of anti-terrorism tools, instructions for how to go about obtaining entry passes for government buildings and the personal data of top civil servants – were placed on public boards.
Public boards are available to search engines, potentially leaving these figures open to phishing attacks.