All posts by Stewart Parkin

China counters US claims with own charges of cyber-espionage

On Tuesday China’s state controlled media released a report that stated that the Americans had hacked into over 1 million Chinese computers. The report said that during the past 2 months, 1.2 million computers had been hacked into by the Americans.

The report was released after America’s allegations on Monday, that five Chinese officials had stolen trade secrets from American companies. This is the first time America has tried to charge state funded hackers.

China said that the “fabricated” allegations are damaging their two countries relations. US officials have said that “the country will not tolerate the alleged sabotage of its companies.” China was very quick to deny the claims, saying that the Americans were being hypocritical.

Chinese government officials said that “China is a victim of severe U.S. Cyber Theft, wire tapping and surveillance activities.”

Many of the claimed targets of the American cyber attacks include: Chinese government departments, universities and major companies.

To ease tensions between the two nations and to resolve the security issues, the two nations have established a Chinese and US working group. But china’s foreign minister said that the group had been suspended due to “the US’s lack of sincerity.” China now demands a withdrawal of the US’s claims.

Tensions have been high between the two countries after Edward Snowdon’s claims that the US had been hacking into schools and companies based in mainland china, in his damaging report on the NSA. Many experts believe that this is to bring the alleged hacking, back into the spotlight and American officials believe that the cyber espionage preformed by the Chinese government will result in major job losses and have a damaging effect on the US economy. No official agreement has been made between the two countries to resolve the issue. This dispute is expected to go on into the future.

Hackers at the Bank of England?

It is the intention of the Bank of England to hire its own ethical or “White Hat” hackers to help them to test the security of 20 “major” financial institutions.  The action has been taken; it seems, as a response to the Waking Shark II exercise that took place in November 2013.

Charles Sweeney, CEO of web security firm Bloxx, believes that the Waking Shark programme was a great success but that it is important to continue to test your defences as attacks evolve and develop at a rapid rate.

Swenney stated, “Banks face a relentless onslaught of persistent and sophisticated attacks because they are considered to be highly prized targets for criminals. Last year’s Waking Shark programme was a great success, but attacks evolve and develop at a rapid pace so it is no surprise that the Bank of England wants to test defences again.”

Sweeney added, “It is great to see the UK leading the way in cyber protection programmes that can make a real difference to consumers, enterprises and the economy.”

Adrian Beck, Veracode’s security programme manager EMEA, is also in full support of the Bank of England’s decision to utilise ethical hacking as it is one of the best ways to expose any potential security weaknesses.

Beck declared, “It’s encouraging to see the Bank of England taking a lead on protecting the UK’s critical national infrastructure by overseeing ethical hacking programmes.

Beck added, “Ethical hacking, in the form of penetration testing, is one way to expose software coding errors in an organisation’s applications, along with other vulnerabilities that threaten critical data.  All businesses, whether in the public of private sector, should consider the benefits of investing in ethical hacking as part of an application security programme.”

MD of LogRhythm, Ross Brewer believes that it would be disastrous if the Bank of England was to suffer a serious data breach and that recent data breaches just show how disastrous they can be.

Brewer stated, “The financial sector is taking a positive step here, which many other organisations need to learn from.  As they play such a critical role in society, it would be disastrous for one of our leading banks to suffer a significant data breach.  We only have to look at the recent large-scale data breaches, such as Target in the US, to see just how devastating and long-lasting this can be.  Given the level of trust businesses and consumers place in banks, a successful attack on a financial firm would be even worse. ”

Do you think that it is a good idea to hire White Hat hackers? Do you think that organisations can do more to ensure that their security measures are up to scratch?

Scammer Swoop in on Windows XP

It didn’t take long, and was always inevitable but numerous scammers and con artists are out to make a quick buck by advertising extended support and compatibility solutions for Windows XP machines. Such adverts have started to appear on you-tube and websites.

Among the range of applications that are being pushed are “Media Centre” keygen tools designed to harm the performance of computers.

Christopher Boyd who is a Malware Intelligence Analyst at Malwarebytes and former Director of Research at FaceTime Security Labs and threat researcher at GFI Software believes that keygens should be avoided altogether as you never really know what you are downloading.

Boyd stated, “Keygens are something you should really avoid, as more often than not you never know quite what you’ll end up with. As for XP themed ‘setup files’, those links too us to the usual selection of surveys and ringtone offers.”

Boyd added “Take care with the last minute surge of XP themed downloads and offers – whether on social networks, forums or video sharing sites, a lot of what you’re going to see over the coming will probably not do you any favours. XP may be dead and gone in terms of updates, but that doesn’t mean pitfalls booby trap have followed suit.”

As Windows XP is no longer officially supported by Microsoft, no operating system upgrades will be released and therefore leaves the machine highly vulnerable. Virus warnings are still available but little can be done to protect the machine.

If you persist on using Windows XP rather than upgrading to a newer and supported version, it is advisable to be very careful with what you download. It is inevitable that more and more adverts claiming to offer extended support and compatibility solutions will start to appear in an attempt to fool people. Do not fall for these adverts and if you feel that you need to use a supported platform, upgrade your operating system to a newer version. This will give you a much better chance to ensure that your data remains safe and out of the hands of devious scammers and con artists.

Changing Production Environments to Match Backup Software Capabilities

Backup Technology has recently become a member of SpiceWorks, with the aim to help fellow IT professionals with any problems that they may be having with data backup and disaster recovery. It is always interesting to hear suggestions from other backup providers as to how their software would approach certain problems or environments. It is especially interesting to hear how other IT professionals have solved the backup conundrums they have faced.

However, just recently I’ve started to wonder if customers are being coerced into changing how they operate their production environments, just so that a specific vendor wins the deal. A very recent, and pertinent example of this was for an environment with a mix of Physical and Virtual servers. This poses significant challenges for Virtualisation specific backup software.

To my dismay and surprise, not one but 4 of the suggestions were that the user, who had a 60TB estate, should virtualise the rest of his environment, just so he could use the Virtualisation specific backup software Veeam.

An enterprise backup solution should be able to integrate fully into any environment, physical or virtual and give the customer the ability to protect their entire environment without alteration! It is after all the production environment that matters the most and if a backup solution is unable to protect that environment, the product is not a correct fit!

There are plenty of backup solutions available on the market to fit every clients requirements and just because the trendy solution doesn’t fit, doesn’t mean you should be trying to shoe horn it in!

Have you altered your production environment to fit a backup solution? Have people recommended that you alter your production environment so that their backup solution will fit?

Sentrum Colo joins forces with Backup Technology

HAYES, UK, 27 September 2012 – Sentrum Colo has partnered up with one of their clients, Backup Technology (BTL), enabling them to offer their customers backup and disaster recovery services.

With a large number of organisations going out of business after suffering a major computing and IT disaster, business continuity and disaster recovery plans are extremely important to safeguard the future of a business. This new partnership allows Sentrum Colo’s customers to plan ahead by using this offering to protect highly sensitive and critical data, ranging from 50GB to more than 100TB and enabling customers to be fully FAS, PCI and Freedom of Information compliant. Sentrum Colo also offers customers dedicated, secure office and business continuity suites, providing segregated network and private WAN access whilst working offsite at Sentrum Colo’s data centre in Hayes.

“When an IT disaster occurs within an organisation we know that the first point of action is salvaging all critical data and getting the business up and running again. Disaster recovery and business continuity plans are essential to overcome the effects of a critical event by allowing organisations to continue all normal business activities almost immediately after the incident occurs. For this reason we are extremely pleased that we are able to offer our customers backup and disaster recovery services through this partnership with Backup Technology,” said Graham Monro, Sales Director at Sentrum Colo.

Backup Technology’s main Southern England site is situated in Sentrum Colo’s List-X rated, Tier III+ data centre in Hayes, near Heathrow where they are currently hosting 5 racks with that number expected to grow significantly over the next 12 months.

“Companies are realising the cost and security benefits of our backup, disaster recovery and business continuity solutions. Our customers benefit from reliability, security, efficiency and performance and a peace of mind that their data is safe. In addition our solutions help Compliance and Information Security Officers meet regulations imposed by governing bodies, said Simon Chappell, CEO, Backup technology. “Sentrum Colo’s customers are now able to easily take advantage of our solutions and quickly implement an effective backup and disaster recovery strategy that will safeguard their data from disasters, whether they are natural or caused by human error.”

About Backup Technology

In 2005 Backup Technology was formed specialising in business and enterprise level Online Backup and Disaster Recovery Solutions.  By utilising a market leading technology, BTL has quickly established itself as one of the World’s leading Backup and Disaster Recovery providers.

Backup Technology has a strong global presence, from their head office in Leeds in the UK; they have expanded to offices and data centres in the US, as well as establishing partnerships in Europe and Australia. BTL’s core business has been built around their partnership with the world’s leading software provider for Online Backup, Asigra. Backup Technology became Asigra’s first ever Global Partner of the Year in 2008 and then became Asigra’s first European 3D Hybrid Partner later that year. Other awards include Best Competitive Takeout (2010), Best Hybrid Cloud Implementation (2011) Best Vertical Enterprise Cloud Marketing (2011) and Best Enterprise Cloud Implementation (2012).  The company has also received many industry awards and had articles featured in publications such as the Financial Times, the Independent and Computing Magazine.

BTL are fully ISO 9001 (April 2010) and ISO 27001 (May 2010) certified, ensuring consistent quality management procedures are in place and all security processes are followed and documented. BS EN 25999-2 certification has also been achieved (January 2011), meaning BTL has an independently audited Business Continuity Management system in place to offer additional peace of mind for its customers. With individual customer data sizes ranging from 100GB to over 500TB, they currently protect well over 10 Petabytes.

For more information visit www.backup-technology.com.

About Sentrum Colo

Sentrum Colo operates a List-X, tier III+ data centre facility in Hayes which includes technical space and disaster recovery facilities.  Working with companies of all sizes, the team of specialists collaborate with customers to remove the complexity of colocation via scalable solutions with flexible terms, and offer excellent connectivity with multiple carriers including Colt, Level 3 and Virgin Media.  It is an environmentally conscious company using 100% renewable electricity.

For more information please visit: www.sentrumcolo.com

Our Customers

  • ATOS
  • Age UK
  • Alliance Pharma
  • Liverpool Football Club
  • CSC
  • Centrica
  • Citizens Advice
  • City of London
  • Fujitsu
  • Government Offices
  • HCL
  • LK Bennett
  • Lambretta Clothing
  • Leicester City
  • Lloyds Register
  • Logica
  • Meadowvale
  • National Farmers Union
  • Network Rail
  • PKR

Sales question? Need support? Start a chat session with one of our experts!

For support, call the 24-hour hotline:

UK: 0800 999 3600
US: 800-220-7013

Or, if you've been given a screen sharing code:

Existing customer?

Click below to login to our secure enterprise Portal and view the real-time status of your data protection.

Login to Portal