Todas las entradas hechas por Sabina Weston

Google secures deal with the US Department of Defense


Sabina Weston

21 May, 2020

Google has announced that it has secured a contract with the United States Department of Defense in order to aid in the detection and countering of cyber threats.

The Google Cloud Console is to manage the applications run by the Defense Innovation Unit across platforms such as Google Cloud, Amazon Web Services (AWS), and Microsoft Azure.

Although no specific sum has been disclosed, the contract is valued at “seven figures”, according to Axios.

«Multi-cloud is the future,» Google Cloud VP of public sector Mike Daniels told the publication. «This is now coming to the federal government as well.»

The “seven figure” deal is significantly less than the $10bn JEDI contract which involves almost 80% of the Department of Defence’s IT systems being migrated to the cloud that could last 10 years. The deal had garnered headlines for the past two years, with multiple cloud vendors, including AWS, Oracle, IBM, and Microsoft, battling to be chosen by the US government. 

In December 2018, Google announced that it would «not be bidding on the JEDI contract because first, we couldn’t be assured that it would align with our AI Principles, and second, we determined that there were portions of the contract that were out of scope with our current government certifications”.

However, the announcement of the new deal with the US Department of Defense might signify that Google has since earned those certifications.

The news comes a month after an internal investigation by the Department of Defence (DoD) found that the October 2019 decision to award the JEDI contract to Microsoft was administered fairly, despite widespread reports of political interference.

The JEDI project was halted in February in order to determine whether Department of Defence improperly evaluated a Microsoft storage price scenario. Prior to that, AWS filed an appeal claiming that «political influence» led the Pentagon to award the $10bn contract to Microsoft. Although it was believed at the time that AWS was «likely to succeed» in the court challenge, that was not the case.

Hundreds of thousands of Android users hit by Google Play spyware


Sabina Weston

15 May, 2020

A prolific form of Android spying malware was left undetected in the Google Play store for four years and is likely to have affected hundreds of thousands of users, according to the team of researchers who discovered it.

The team from cyber security firm Bitdefender discovered the «highly sophisticated Android espionage platform» earlier this year, although they believe it had been active since 2016, first targeting Android users in Australia and then users in the Americas and Europe, including the UK.

The malware has been further defined as a strain of spyware, which allowed its authors to snoop on any user that downloaded infected apps and access personal data, such as device preferences, the contents of their address books and messages, as well as device usage data and inactivity times.

Researchers have named the spyware ‘Mandrake’, as the criminals behind it were found to be using names of toxic plants for their development branches.

The team also found that Mandrake conducted phishing attacks on applications including Amazon, Gmail, PayPal, Google Chrome, as well as popular cryptocurrency wallet apps such as Lunoor, Coinbase and numerous banking apps from around the world. UK banks were not listed by Bitdefender among the victims.

The creators of the malware attempted to gain a strong presence on the app market and circumvent Google Play security by publishing their own malicious apps, such as OfficeScanner and CoinCast, and generated fake comments and downloads in order to ensure that their application made it to the trending section of Google Play.

The malware developers went to great lengths to ensure their apps came across as legitimate software, including by engaging with negative reviews and comments, and delivering fixes to the apps.

The marketing behind the malicious apps was so extensive that CoinCast not only had an official website, but also a strong social media presence on Facebook, Twitter, Reddit, and YouTube.

Hackers even tried to evoke trust among its potential victims by listing an address for its  OfficeScanner app on its Facebook page, namely the Engineering and Mathematical Sciences Building in Milwaukee, Wisconsin.

Alongside CoinCast and OfficeScanner, Bitdefender also listed Abfix, SnapTune Vid, Currency XE Converter, Horoskope, and Car News as other malicious applications developed by Mandrake operators.

The Bitdefender team estimates «the number of victims in the tens of thousands for the current wave, and probably hundreds of thousands throughout the full 4-year period».

«We can also extrapolate that every victim of Mandrake has most probably been exposed to some form of data theft,» they said.

The discovery made by Bitdefender comes weeks after a group of cyber security experts from Cybereason Nocturnus found that a mobile-based trojan was capable of compromising Android’s accessibility features in order to steal user data from banking applications and read user’s SMS messages, allowing the malware to bypass two-factor authentication.

Twitter will let employees work from home indefinitely


Sabina Weston

13 May, 2020

Twitter has told employees that they can choose to work from home forever if they wish as the coronavirus lockdown continues to shape the new normal in working culture.

The San Francisco-based company has also announced that they will not be reopening their offices before September, «with very few exceptions». Even when offices do reopen, the staff will be able to choose whether they want to return to them.

In a blog post detailing the decision, Twitter’s People VP Jennifer Christie said that although Twitter «was one of the first companies to go to a work from home model in the face of COVID-19», the company does «not anticipate being one of the first to return to offices».

«Opening offices will be our decision, when and if our employees come back, will be theirs,» she said.

The decision was made after Twitter has found that their 4,600 employees can work from home in a successful manner. Nevertheless, Christie emphasised that staff who prefer working from the offices will be able to do so: «Our offices will be their warm and welcoming selves, with some additional precautions, when we feel it’s safe to return.»

The company also announced a ban on business travel before September, as well in-person company events for the rest of the year. Events scheduled for 2021 are to be assessed by the end of 2020.

Commenting on Twitter’s announcement, Saka Nuru, head of product marketing for Fintech Eco Systems and Payments at Intuit Quickbooks, said that «we will no doubt see more [companies] follow in Twitter’s footsteps in the months to come».

«The fact that Twitter can commit to this promise, is an indication of how adept our technology solutions have been at facilitating remote working. Cloud-enabled Software-as-a-Service solutions as well as video conferencing service have evidently been a huge success when transitioning to a largely at-home environment, even for larger companies,» he said.

Twitter’s unprecedented announcement comes days after Facebook and Google confirmed that they will continue to allow employees to work from home for the rest of the year. Apple, on the other hand, is reportedly planning to allow some employees back into its global offices soon, including its Apple Park headquarters in Cupertino, California. 

Zoom clamps down on hackers with latest security update


Sabina Weston

7 May, 2020

Zoom will implement new security measures for its free users in response to a growing number of ‘Zoom-bombing’ incidents.

The company said on Wednesday it will be updating default password settings for all account types and it will also require that users set passwords for meetings and webinars, including events which were scheduled before 9 May, when the new measures are set to be implemented.

Zoom will also make its Waiting Room feature enabled by default for the Personal Meeting ID for all account types.

In a move which is likely a response to the numerous ‘Zoom-bombing’ incidents, where hackers crash a meeting to share offensive content, the company also announced that their Screen sharing feature will be limited to the host exclusively. With this, even if hackers manage to join a video conference, they will not be able to show other users offensive content from their screens.

While all free/basic accounts will see the changes implemented this week, Pro, API, Business, Education, and Enterprise accounts will receive the update on 30 May.

The announcement comes after an online tasting event, hosted by a Prestwich-based wine merchant, was hacked by a ‘Zoom-bomber’, who shared child porn material to the 60-70 unsuspecting participants.

Last month, Zoom’s stock price dropped nearly 14.5%, as numerous school systems, including the New York City Department of Education, moved to ban Zoom entirely. The video conferencing platform has also been outlawed by Google, SpaceX, and the FBI.

Zoom also announced on Wednesday the appointment of a new independent director on Zoom’s Board of Directors, the role being given to former US National Security Advisor Lieutenant General Herbert Raymond “H.R.” McMaster. The company also chose Jonathan “Josh” Kallmer to take over as the head of Global Public Policy and Government Relations, starting 26 May.

Last week, Zoom quietly edited a blog post claiming the number of daily users the platform had. The company stated earlier this month that it had “more than 300 million daily users” and “more than 300 million people around the world are using Zoom during this challenging time”. These claims have since been deleted, and the company now says it has “300 million daily Zoom meeting participants.”

NetApp acquires virtual desktop firm CloudJumper


Sabina Weston

30 Apr, 2020

Cloud data services provider NetApp has announced the acquisition of CloudJumper, a leading player in the remote desktop services (RDS) and virtual desktop infrastructure (VDI) markets.

The acquisition is said to have resulted in a new NetApp Virtual Desktop Service (VDS) which aims to resolve the most demanding issues faced in virtual desktop services and application management.

It is also said to provide customers with a total solution on the public cloud of their choice in order to deploy, manage, and monitor applications, as well as optimisation, the company explained.

Anthony Lye, senior vice president and general manager of NetApp’s Cloud Data Services business unit, said that providing “a consistent virtual desktop experience at scale while keeping data available and secure without sacrificing performance has always been important and is especially critical in today’s unprecedented environment”.

“NetApp and CloudJumper provide a simplified management platform for delivering virtual desktop infrastructure, storage and data management across Microsoft Azure, AWS and Google Cloud with best in class virtual desktop management combined with best in class storage and data services,” he added.

NetApp is said to contribute to the existing CloudJumper channel partner program by providing resources to strengthen the capabilities of MSP, VAR, SI, and ISV partners in order to resolve customer issues and expand their businesses.

NetApp VDS will also provide CloudJumper’s customers with flexible and adaptable data storage, according to NetApp, which includes features such as global file caching and backup, which will assist businesses in moving their operations to the cloud

NetApp VDS is available immediately on the NetApp Cloud Central site. It will also be integrated with Azure NetApp Files and Cloud Volumes in the near future.

Cloud services have, to an extent, escaped the economic consequences of the coronavirus pandemic and subsequent lockdown. Google Cloud has experienced a 52% year-on-year surge in revenue for the first quarter of 2020, while Microsoft beat Wall Street expectations on Wednesday following increased demand in its cloud-based services such as Teams and Xbox.

Google says all advertisers will now be subject to verification checks


Sabina Weston

24 Apr, 2020

Google has announced that, starting this summer, all advertisers will have to be verified before they are allowed to buy ad space on the search engine’s platform.

The announcement is Google’s latest effort to make their advertising practices more transparent, following the recent surge in online coronavirus scams, which take advantage of users’ fear of contracting the virus by selling fake medical masks. Earlier this week, the NCSC reported that it had taken down 2,000 online scams, of which 471 were from fake online shops.

Director of Product Management, Ads Integrity John Canfield, said that “advertisers will be required to complete a verification program in order to buy ads on our network”.

“Advertisers will need to submit personal identification, business incorporation documents or other information that proves who they are and the country in which they operate. Beginning this summer, users will start to see disclosures that list this information about the advertiser behind the ads they see,” he explained.

Prior to this decision, only political advertisers had to be verified by Google in order to run election ads on their platform. Since introducing the programme in 2018, Google has verified political advertisers in 30 countries.

As part of the new initiative, Google will start verifying advertisers in phases in the United States, before expanding the programme worldwide. The tech giant predicts that the process will take a few years to complete.

“This change will make it easier for people to understand who the advertiser is behind the ads they see from Google and help them make more informed decisions when using our advertising controls,” wrote Canfield. «It will also help support the health of the digital advertising ecosystem by detecting bad actors and limiting their attempts to misrepresent themselves.”

Life under lockdown – why we miss office work culture


Sabina Weston

23 Apr, 2020

On 23 March, Prime Minister Boris Johnson announced new measures were being introduced in an attempt to slow down the spread of the highly-infectious COVID-19 virus. Daily life changed from one day to another. As hospitals filled with new patients, offices were abandoned. Restaurants and cafes closed. Many public transport stations became completely empty for the first time in decades, if not centuries. For the employees who have been lucky enough to keep their jobs and work from home, life went on, one way or another.  And while there are many social media posts extolling the virtues of working in tracksuit bottoms all day, other people have found their work/life balance has suffered tremendously. 

To mark the first full month since Britain went into lockdown, we spoke to some workers who are feeling the downsides to working from home and asked why they are looking forward to returning to the office.

Productivity – lost in communication?

Working from home can be isolating, especially for those who are used to spending up to 40 hours a week in a busy environment with an abundance of social interaction. Charlie Worrall, Digital Marketing Executive at web design agency Imaginaire Digital, misses the simplicity of face-to-face communication with colleagues.

«Having never had to work from home before, this has all been a new experience for me. It’s really come to make me appreciate how good our office really is,” Worrall tells IT Pro. From his perspective, shifting the day-to-day conversations to a digital sphere has heavily impacted the quality of communication.

“I find that the simplest of conversations tend to become drawn out, for example, instead of just asking the person next to me a question, I instead use the likes of email, Whatsapp or Slack to contact them. If they don’t reply for a while I might call them and eventually get the answers I needed. All of this just creates an inconvenience, however, I completely understand why we need to go through the process of a lockdown and take social distancing very seriously.”

Kerry Sheahan, Head of Content & PR at FSE Digital, a digital agency specialising in search marketing, counts technical difficulties and the change in coworker interactions as the main downsides to working from home during the lockdown.

“We’re a digital agency, so obviously we’re all well-versed in using digital tools, but sometimes people forget there’s a difference between using digital tools for marketing, and general IT knowledge. I could write you an essay on the intricacies of on-page SEO elements, but if my Outlook stops working I’m FaceTiming our IT guys,” she says.

“The other thing for me, is that while we’re all making an effort to stay connected, you don’t see people’s initial reaction to your ideas. We all tend to be polite over email, and if we jump on a call, we’ve normally had a quick brief on what we’re going to cover. For me, someone’s honest opinions to new marketing ideas we’re bouncing around comes in that split-second reaction they can’t control when you first share your ideas.”

Her colleague, head of SEO Sam Mead, agrees. “Even though we are using technology to stay connected, we’re missing that ability to shout across the office or just approach somebody for an update or catch up. Ultimately this is leading to certain aspects of projects being slowed down, and reducing productivity in some ways,” he says.

Security is everything

According to a new survey from Atlas Cloud, a UK-based managed service provider that specialises in managed cloud services and hosting solutions, more than half of homeworkers (57%) believe their company should be doing more to help them be more productive. While four in five office workers (79%) now based at home believe the lockdown has proven they can work efficiently in such an environment, around a fifth (19%) said they need their company to act urgently to enable them to work productively during the lockdown.

Atlas Cloud CEO, Pete Watson, thinks the current situation is “the largest overnight change in British working habits since the outbreak of the Second World War”. 

“Our research shows that the majority of office workers believe they need more help from their employers to cope with the technological challenges of working from home,” he says. 

A third of workers (34%) said their work was being hampered by the poor performance of their home internet connection, while 24% complained of having to log in to too many separate software packages and apps while working from home. One in five respondents said they could not access the computer files they need while working from home (22%) or complained that the quality of the laptop, desktop or tablet they were using to work on from home was negatively affecting their work productivity (20%).

Using your work tech at home also creates a security nightmare. According to Watson, “office workers may not be working from home as safely, from a business and cyber security [perspective], as they could be”.

A quarter of employees are using a personal laptop for home working, with half of them admitting to storing work files on their personal device, which raises considerable concerns about the security of business information.

Cyber security is an issue that businesses will have to deal with if working from home is here to stay. In only one month, the coronavirus lockdown has already drastically changed the traditional working landscape, showing everyone that a meeting really can be an email. In fact, it might mark the end of office culture as we know it, with employees never returning en masse to their desks. But despite the slog of a commute or annoying lack of soy milk in the cafeteria fridge, many people miss the experience of working together in person: priceless social interactions, a quick nod to approve a decision, the sound of laughter at an inside joke, or some priceless gossip by the coffee machine. Dear Office, we miss you.

Google’s Meet to be integrated with Gmail


Sabina Weston

17 Apr, 2020

Google has added the option for its Gmail business and education users to take calls through its video conferencing tool Meet, following a demand for more secure video conferencing tools.

Google Meet is available only to schools, businesses, and governments, as opposed to its more consumer-focused Hangouts platform, which can be joined by anybody with a Google account.

The integration of Gmail and Meets is the first of several other functionalities that are to be added later this month. Google vice president Javier Soltero told Reuters that the company has also decided to roll out several other features ahead of schedule due to the surge in demand for video conferencing tools.

The move is likely to capitalise on Google’s reputation for providing secure tools, as many are becoming wary of video conferencing security breaches such as ‘Zoom-bombing’.

Meet is also set to offer a Zoom-like layout displaying up to 16 call participants at once, as well as improving video quality in dim lighting and the ability to filter background noise such as keyboard clicks.

Google Meet usage has surged 25 times amid the coronavirus pandemic and earlier this month Soltero revealed that Google Meet was adding over 2 million new users every day.

“They’re spending over 2 billion minutes together – that’s more than 3,800 years of secure meetings in a single day,” he wrote in a blog post.

Google has also announced that it would be extending the free availability of advanced Google Meet video-conferencing capabilities for all G Suite and G Suite for Education customers until 30 September 2020.

This follows the news that Microsoft pledged to work with the 27,000 schools in the UK, helping them run lessons remotely using Microsoft Teams, Office 365, as well as software such as Minecraft: Education Edition, Flipgrid, Skype in the Classroom and InTune.

Google Cloud to join Rolls-Royce coronavirus alliance


Sabina Weston

16 Apr, 2020

Google Cloud has announced that it will be joining a new alliance of data analytics companies that aims to support businesses and governments in recovering from the coronavirus pandemic.

Emer2gent is set to combine traditional economic, business, travel and retail data sets with behaviour and sentiment data, in order to facilitate the global economic recovery from the downturn caused by the coronavirus pandemic. It describes itself as “an alliance of partners sharing data and expertise to build economic resilience”.

Led by Rolls-Royce, it already counts IBM, Leeds Institute for Data Analytics, The Data City, Truata, and ODI Leeds as its members.

Google Cloud is the latest to join the group and will provide its Public Datasets and BigQuery cloud data warehouse, which aims to assist businesses in making informed decisions quickly and ease their transformation.

Google Cloud’s manufacturing and industrial lead for the UK and Ireland, Rajh Das, said that the company is “proud to be involved in such an important project as we all work together to support business globally during these extraordinary times”.

IBM is to provide its public cloud, the IBM Cloud Pak for Data, and high-performance computing, as well as subject matter expertise from its Data Science Elite team.

“IBM looks forward to joining our existing partners and valued clients in this initiative,” said Andrew Brown, general manager for IBM Cloud & Cognitive Software Europe. “It is hoped IBM’s contribution will help accomplish the identification of proven use cases, to assist where recovery indicators emerge for countries, governments, state agencies and supporting companies to best respond to the next phase of the improvement in the pandemic.”

Caroline Gorski, global director for R2 Data Labs, the Rolls-Royce data innovation catalyst behind the alliance, expressed her hopes for the swift recovery of the world economy.

“Our data innovation community can help do this and is at its best when it comes together for the common good,” she said. “People, businesses and governments around the world have changed the way they spend, move, communicate and travel because of COVID-19 and we can use that insight, along with other data, to provide the basis for identifying what new insights and trends may emerge that signify the world’s adjustment to a new normal after the pandemic.”

Google Cloud’s announcement comes a month after the news that the company had joined Lloyd’s digital transformation project which aims to upgrade the UK bank’s IT systems to compete in the increasingly digitised world of finance.

Standard Chartered bans Zoom and Google Hangouts


Sabina Weston

15 Apr, 2020

Standard Chartered has become the first major bank to ban the use of Zoom and Google Hangouts among its employees due to cybersecurity concerns.

In a memo seen by Reuters, CEO Bill Winters told managers not to use the popular video communication services, joining an array of companies and governments who have banned Zoom in the last weeks.

A Standard Chartered spokeswoman told Reuters that cyber security remains a top priority and that staff can use several authorized tools for audio and video conferencing.

Winters’ decision to warn employees against using Google Hangouts is rather unprecedented, as Alphabet’s platform for virtual gatherings has not earned the same reputation for cybersecurity issues as Zoom.

Zoom has been plagued by security concerns since it saw a surge in users following COVID-19 remote working boom. It’s been revealed that the company doesn’t use end-to-end encryption, despite specifically stating that it does on its website, while incidents of ‘Zoom-bombing’ have forced governments, businesses and schools alike to ban the use of the platform.

Last week, Zoom founder Eric Yuan told CNN that the company had «moved too fast» and should have done more to enforce password and meeting room security.

Neither Google Hangouts nor Zoom boasts the same level of encryption as more secure business-oriented communication platforms, such as Cisco WebEx or Microsoft Teams. Two employees who were not authorized to speak on the matter told Reuters that Standard Chartered uses the latter.

However, even the most secure platforms are not immune to security threats. The Cofense Phishing Defense Center recently discovered a new phishing campaign that aims to harvest WebEx credentials using a security warning for the application. The campaign has managed to successfully avert Cisco’s own Secure Email Gateway.

Last month, Microsoft Teams went down across Europe for two hours, causing mass frustration for the many remote workers who had begun remote working amid the coronavirus pandemic. The platform had gained 12 million users in just one week following a surge of remote working.