HP report reveals nearly half of cyber-attacks are already known about

In its 2015 report published by the enterprise security division of HP, nearly 50% of all cyber-attacks are down to system vulnerabilities that have been known about for up to four years.

The data breaches that were analysed to collate the findings for the report during 2014 found that as much as 44 percent of the attacks were caused by problems that were flagged up anywhere between two and four years, but were not fixed.

Protecting business data

The report states that "Businesses should employ a comprehensive patching strategy to ensure systems are up to date with the latest security protections to reduce the likelihood of these attacks succeeding.

"While newer exploits may have garnered more attention in the press, attacks from years gone by still pose a significant threat to enterprise security.”

General manager and senior vice president and for enterprise security products at HP, Art Gilliland, said;

 "Our researchers saw that despite new technologies and fresh investments from both adversaries and defenders alike, the security realm is still encumbered by the same problems - even in some cases by the very same bugs - that the industry has been battling for years.

"Well-known attacks were still distressingly effective, and misconfiguration of core technologies continued to plague systems that should have been far more stable and secure than they in fact proved to be.

"We are, in other words, still in the middle of old problems and known issues even as the pace of the security world quickens around us.

"We can't lose sight of defending against these known vulnerabilities by entrusting security to the next silver bullet technology; rather, organizations must employ fundamental security tactics to address known vulnerabilities and in turn, eliminate significant amounts of risk.”

Be vigilant with company security protocols

The conclusion was that businesses and organisations must be vigilant when it comes to following basic security protocols, and be aware of the risks that could expose them by devices like smartphones and wearables.

The report stated:

“As physical devices become connected through the Internet of Things (IoT), the diverse nature of these technologies gives rise to concerns regarding security, and privacy in particular.

"To help protect against new avenues of attack, enterprises should understand and know how to mitigate the risk being introduced to a network prior to the adoption of new technologies.”

Does your business take enough notice of cyber-security? If not, perhaps now is the time to consider taking action – that is where ACE Computer Support can help provide advice and guidance to help stop any data breaches that could put your systems in jeopardy.

Call us today for an initial consultation on 01902 375304 or contact us by clicking here. 

Autonomous vehicles get the go ahead for UK road testing

If we had written this report some ten years ago, it is likely that many of us would simply not believe it. Driverless cars could become a reality – and the UK could be a world leader when it comes to getting them on the roads.

Of course, advanced computerisation is at the heart of the technology that could save lives and transform our roads completely in the future.

The current Government has taken a very progressive approach to the regulation of autonomous cars, and has today affirmed that it will be going ahead with testing them on our roads. This testing is of major importance as many wonder how auto-cars will drive alongside regular ones, as well as questions of hacking and who is to blame if they crash.

It is claimed that driverless cars could reduce human error accidents, help lower emissions and increase productivity.

Vince Cable said;

“'The UK is at the cutting edge of automotive technology - from the all-electric cars built in Sunderland, to the Formula 1 expertise in the Midlands.

 “It’s important for jobs, growth and society that we keep at the forefront of innovation, that’s why I launched a competition to research and develop driverless cars.”

The four cities that win the competition will receive £19m funding power. The trial vehicles will include the Greenwich Meridian Shuttle and the “pods” that have been developed by Coventry’s RDM (both pictured).

Across the pond, Google has been experimenting with driverless vehicles and Audi also recently trialled its A7 concept on a 550 mile journey from San Francisco to Las Vegas.

What do you think about driverless cars? Do autonomous vehicles really have a future in the UK, and across the world? Would they be a good thing or have you reservations?

Do let us know what your thoughts are on Twitter @AceComputerSup or join in the conversation on Facebook – we’d love to hear from you!

Images credit: Department for Transport

Part of Edsac pioneering computer found in US

An original part of the Edsac –one of the UK's pioneering computers - has been found in America. Previously to this, it is thought that it was sold at auction back in the 1950s.

Until now, it was not known where the parts of the Edsac was after it was dismantled following decommission in the 1950s.

The machine was built in Cambridge back in the 1940s for scientists at the university; the piece that has been discovered is reported to be quite significant in size.

The reason for its discovery is down to awareness because of publicity surrounding an effort to rebuild the famous computer. The find has been donated to the rebuild project and will be built into the finished machine.

The Electronic Delay Storage Automatic Calculator unbelievably ran its first programs in 1949 and helped many scientists with experimental data analysis.

Dr Andrew Herbert, who is head of the reconstruction project at the National Museum of Computing, said that there could be some other parts in existence “in the Cambridge area stored away in lofts, garden sheds and garages”.

The newly discovered piece (Chassis 1A) was in the US after being bought by Pennsylvanian resident, Robert Little. The part was acquired by Dr Robert Clarke, a Cambridge scientist in 1969, who had bought several Edsac pieces in the auction (he was originally planning to make them into bookshelves!)

You will be glad to know that reconstruction of Edsac is due to be completed by the end of 2015 – watch this space for more updates and let us know what you think about this fabulous find on Twitter @ACEComputerSup and Facebook!

Are Google right to abandon security fixes on Androids older than KitKat?

Amidst much controversy, Google is sticking to its guns regarding their decision to cease providing fix patches for versions of necessary software that is used in versions of Android prior to 4.4 "KitKat". This means that Android 4.3 and earlier devices are vulnerable to security breaches.

The patch relates to WebView - an extension of Android's general view coding class that allows applications to show web pages as part of a screen layout.  WebKit uses the rendering engine WebView to do what it needs to do, and it's with this software that the problem is said to occur.

Adrian Ludwig of Android Security posted on his Google+ blog;

"Keeping software up to date is one of the greatest challenges in security [and while Google] invests heavily in making sure Android and Chrome are as a safe as possible [this means frequent updates are required].

He also mentioned that the WebKit on its own is "over five million lines of code" and "hundreds of developers are adding thousands of new commits every month". Ludwig said that going backwards to a "two-plus year-old branch of WebKit required changes to significant portions of the code and was no longer practical to do safely".

Ludwig also said;

"With the advances in Android 4.4, the number of users that are potentially affected by legacy WebKit security issues is shrinking every day as more and more people upgrade or get new devices."

However, AppBrain.com has reported that 49.9 percent of its current users are still using Android versions 4.1 - 4.3, and 36.5 percent are running Android 4.4. In fact, only 0.5 per cent have upgraded to 5.0 “Lollipop”.

Only 40 per cent of Android users would be running an Android that is suitable for a fully weakness-patched build of WebView, if Google continue to deny support.

What do you think about Google’s decision? Will customers feel that they have no choice but to upgrade to avoid security breaches?

Talk to us on Twitter @AceComputerSup or like us on Facebook – if you need any help with any form of device or advice with any aspect of your business or home computing then please don’t hesitate to get in touch!