You’re working away when a window pops up on your screen letting you know that there are new updates available. But you’re busy right now, so you hit the ‘remind me later’ button. But when later comes around and you get that reminder you asked for, you’re still busy, so you dismiss it again.

The thing is that these notifications are not just created to annoy us while we’re working. They are trying to tell us something incredibly important: that our software needs a new layer of protection, or that there are improvements or bug fixes you could be benefiting from.

What are software updates?

Software updates perform a wide range of tasks. Some are for individual software programs; others are for our operating systems. There are updates that clean up and get rid of outdated features, whilst others install new and improved ones. Some updates renew drivers and others fix annoying bugs. But perhaps the most important updates are the ones that deal with security flaws.
What is a security flaw and how does a software update resolve it?

Software flaws are weaknesses or holes in the security of an operating system or software program. Hackers are a dab hand at writing code to exploit these weaknesses via malware. The code gets them into your machine when you open a certain website or email or play infected videos.

Once malware has infected your machine, it has the ability to compromise data, take control of your PC or use software differently to how it should be.

Why should I install software updates?

Once an update is released, hackers worldwide will know there is a security flaw ready for the taking. As fast as software developers are coming up with ways to halt security attacks, so hackers are finding new ways in. The game just goes around and around.

You should be aware that your data and files are at risk unless you have installed the latest updates. Everything you store digitally: photos, videos, files, databases; it’s all potentially exposed to hackers. Certain strains of malware have the ability to completely wipe documents from a hard drive or copy them to a remote server. No one will forget the effects of the WannaCry epidemic that swept the nation and further afield in 2017 leading to personal data and company documents being held hostage until payment was made to release them. In a lot of cases, the systems that were compromised were not up to date.

Ensuring you update operating systems and keep software updated as and when it prompts you is vital if you want to avoid these types of threats.

What about legacy systems?

A large number of organisations are still using legacy infrastructure, mainly because it delivers continuity, but also because there is a belief that the cost and upheaval of migrating to new technology would be damaging both financially and in terms of productivity.

In actual fact what some organisations may not realise is that the cost of maintaining legacy systems could actually be higher than the long term gains made by updating.

Aside from hindering innovation, there are some extremely serious risks associated with sticking with a legacy system, malware being one of them. Windows XP for example is, according to Microsoft, six times more likely to be infected with malware than more recent versions of Windows.

Some legacy systems simply cannot be security patched, or there are no patches available at all.

With such high risks offering up the potential for reputation damage, reduced profitability and loss of competitive edge, and the fact that legacy systems are subject to expensive maintenance costs, it is clear to see that the most astute option would actually be to update to a system powered by today’s technologies and protected by modern security measures.

In Summary

Even though software updates may seem like an inconvenience, and the prospect of system upgrades may be a real worry, the fact is, both could actually save you from a host of serious issues.

So, the next time you see an updates notification, be sure to action it. And if you are ready for a system upgrade to move your legacy infrastructure into the 21st century, how about talking to IQ in IT? We offer a hands-on service whereby we’ll get to the bottom of your individual needs and then build a system around them so that you have the infrastructure you need to grow, and that does the best job possible in keeping your organisation safe and secure.

Living in a smart-enabled home? It certainly has its benefits. Ordering household supplies at the touch of a button on the cupboard or washing machine; turning the heating up via your phone before you even arrive home; issuing smart keys to tradespeople to access your property whilst you’re at work. We can switch the lights or TV on remotely to make it look like we’re home after dark, and we can even see what’s going on in the house when we’re out using cloud cams.

Our lives certainly seem to be getting so much easier and, you would think, more safeguarded thanks to smart technology. But have you stopped to consider how secure all these WiFi connected devices actually are?

Even children’s toys are connected to the internet these days. But worryingly these, and household devices that are remotely controlled over the web, are actually laying homeowners wide open to serious risks including break-ins and spying.

Lack of smart device security can lead to shocking consequences

Devices that are not adequately secured can open a home up to extremely shocking consequences. Often set with no password or a default, smart devices can provide a far too simple way for cyber criminals to obtain personal details from any web pages or apps that are not using secure encryption.

Kaspersky Lab’s Denis Makrushin has said, “Cyber-attacks conducted by seemingly harmless connected devices are no longer just the stuff of movies, or even of the future. They are a very real and current threat.

“As more devices have connectivity built-in, users urgently need to realise they must employ the same level of security for mobile phones and computers.”

The Mirror newspaper uncovered the calculating methods used by cyber criminals to acquire personal details. It also reported that whistleblowing website WikiLeaks has published documents which it claims revealed the range of hacking tools used by the CIA. These include techniques developed to transform everyday household gadgets such as smart TVs into spying devices.

The newspaper challenged First Base Technologies, the online security company used by financial institutions, supermarkets and the government to uncover holes in their online security systems. The response revealed major cause for concern.

Smart home devices spark major cause for concern

On attempting to access a British Gas Hive Active Heating system controlled by a mobile app, the company’s (legal) hacker, Rob Shapland, was able to access the device with ease. Worryingly, he managed to obtain the owner’s home address and holiday dates.

Hackers start their in-road with a name. They then search for social media accounts. Then, through the ‘forgot my password link’ and internet searches, they can work out an email address. All they then need is a password, which hackers can find easily by searching previous data hacks databases. These are logs of illegally harvested data shared by hackers in secret parts of the web. Because most people use the same passwords for all their accounts, this method is usually effective in revealing login information.

Mr Shapland’s key message was that passwords should ALWAYS be varied across different accounts and devices, even for devices that do not store financial information. Just bear in mind how dangerous it would prove to reveal your holiday dates: it’s almost as risky as leaving your front door unlocked.

Is your security camera protecting you, or spying on you?

Rob Shapland demonstrated how hackers could well be spying on you without you knowing. According to the Mirror newspaper, 100,000 British devices are believed to be at risk in this way. Even security cameras, designed to safeguard your home, could be putting you in a perilous position.

Some smart cameras are designed to be accessed using an app. Hackers access them using the default password. And how do they know when a camera only has the default password set? By using a piece of software intended for security analysts, hackers can see which webcams in any local areas are using the default setting of no password.

The advice here from Mr Shapland: “If you need to be able to access your webcam while you’re not at home, make sure it asks you for a password. Don’t use anything that doesn’t allow you to set a password.”

It is reckoned that by 2020, there will be 212 billion connected Internet of Things devices.

Already a widespread problem

Cyber-crime is estimated to net £34 billion per year, with six million people having become victims in just the past year alone. 1.4 million have reported computer virus attacks, and 650,000 email accounts and social media profiles have been compromised.

Hugh Simpson, security expert at Zyxel, says: “The more devices that integrate into the wireless network, the more risk and indeed the more that people know about you. So a balance between convenience and security is key.

“There are some basic practices that should be followed by everyone, from individual home users to the largest global enterprises. These include using strong different passwords, regularly checking for and installing software updates and implementing appropriate security software.”

Regular updates can prevent internet-connected devices falling prey to hackers and their continuously evolving attacks.

If you are in any way concerned over the security of your internet-connected devices whether at home or at work, why not seek the tailored advice of our experts here at IQ in IT?