Zoom finally rolls out two-factor authentication

Sabina Weston

11 Sep, 2020

Zoom has added two-factor authentication (2FA) to its video-conferencing platform in an effort to help organisations prevent identity theft and security breaches, as well as reduce security costs for businesses and schools.

Users who are part of an organisation can now use the additional security layer by choosing between one-time password (TOTP) apps, such as Google Authenticator and Microsoft Authenticator, or having Zoom send a code via SMS or phone call.

Admins can enable the tool by signing into the Zoom Dashboard, selecting Advanced, then Security, and enabling the “Sign in with Two-Factor Authentication” option.

They will then be able to enable 2FA for all users in their account, users with specific roles, or users belonging to specific groups, choosing the groups, and then clicking OK.

In a blog post announcing the update, the company outlined the benefits of the new tool, such as improved security, simplified credential management, being able to meet compliance obligations for sensitive data and customer information, as well as reduced costs of security.

“For small businesses and schools, it can be expensive to pay for an SSO service,” the company said. “Zoom’s 2FA provides a free and effective way to validate users and protect against security breaches.”

The announcement comes days after it was revealed that the company’s revenues were up 355% in the second quarter of 2020, making it one of the biggest beneficiaries of the global lockdown. The firm capitalised on the sudden need to communicate remotely with work, friends and family and averaged 148.4 million monthly active users in the second quarter, an increase of 4,700% year on year, according to CNBC.

However, its sudden success had also been plagued with security issues, such as the infamous Zoom-bombing trend, which recently affected the trial against the teenager accused of July’s mass Twitter hack.

The issue forced the company to improve encryption standards and password security, leading to the hire of former Salesforce and Microsoft security executive Jason Lee.

Red Hat and IBM launch OpenShift software marketplace

Keumars Afifi-Sabet

10 Sep, 2020

Red Hat and its parent company IBM have together launched a one-stop-shop marketplace for customers seeking to run OpenShift enterprise applications on their hybrid cloud infrastructures.

Red Hat Marketplace offers a broad catalogue of more than 50 open-source software, across a dozen categories, available for enterprises to purchase and deploy, including apps in the areas of AI and machine learning, security, and big data, among others.

The marketplace aims to deliver an ecosystem of software from independent vendors so enterprise customers can easily deploy new tools on their hybrid cloud infrastructures, based on Red Hat OpenShift’s container platform. Some of the vendors whose tools are available include CognitiveScale, MongoDB and StorageOS.

“We believe that removing the operational barriers to deploy and manage new tools and technologies can help organizations become more agile in hybrid multi-cloud environments,” said Red Hat’s senior director for technology partnerships, Lars Herrmann.

“The software available on Red Hat Marketplace is tested, certified and supported on Red Hat OpenShift to enable built-in management logic and streamline implementation processes. This helps customers run faster with automated deployments while enjoying the improved scalability, security, and orchestration capabilities of Kubernetes-native infrastructure.”

The companies have also launched a private form of the marketplace, dubbed Red Hat Marketplace Select, available at additional cost for enterprises that want more control and governance over purchases.

The private marketplace allows clients to provide their teams with easy access to curated, pre-approved software, and also tracks usage and spending by departments of all software deployed across hybrid cloud environments.

The marketplace has been devised especially for companies building cloud-native infrastructure and supports the wider drive to cut down on vendor lock-in. Programmes can essentially be deployed across the open hybrid cloud and operate in any environment.

Deployment is automated, too, and purchases will be readily accessible on Red Hat OpenShift consoles, with customers also being offered 24/7 support.

Enterprise customers can access the collection of open-source tools in a metered, pay-per-hour, fashion, with the platform offering a granular understanding of usage and spending patterns. Red Hat claims this payment model allows customers to experiment with an array of tools in early-stage development projects, given there’s no need to commit to any lengthy subscriptions.

Data centre provider Equinix hit by ransomware

Keumars Afifi-Sabet

10 Sep, 2020

US data centre provider Equinix has been rocked by a major security incident, with some of its internal company systems compromised by ransomware.

The company revealed yesterday that its security teams took immediate action against the threat, notified law enforcement agencies, and are continuing to investigate the nature and scale of the infection.

The severity of the attack at this stage is unclear, with the company pledging to release further details soon. Thankfully for its customers, however, Equinix data centres and services, including its managed services, remained fully operational during the period of the attack, according to a statement released by the company.

“Equinix is currently investigating a security incident we detected that involves ransomware [on] some of our internal systems,” the company said.

“Note that as most customers operate their own equipment within Equinix data centers, this incident has had no impact on their operations or the data on their equipment at Equinix.”

Equinix provides an array of data centre and networking services for businesses, including data centre design, as well as colocation, which is the practice of housing privately-owned equipment in third-party data centres.

With internal systems kept separate from those that run many of the external services and from customers’ equipment housed in its data centres, the risk of the attack spilling over is said to be minimal, according to Equinix. Services are largely operating as normal at the time of writing.

There have been a number of high profile ransomware attacks in recent months, with a swathe of IT services companies similarly on the receiving end, in addition to high profile organisations like Canon and Honda.

Industry giant Cognizant, for example, recently experienced service disruptions for some of its clients. The IT services firm was targeted with Maze ransomware in April, with the incident costing the company around $70 million.

The attack on Equinix has similar hallmarks to one on CyrusOne in December 2019. In that instance, the company did sustain a degree of service disruption, with the attack affecting six customers served from one data centre based in New York.

Hackers abusing legitimate cloud monitoring tool to infiltrate Linux environments

Keumars Afifi-Sabet

9 Sep, 2020

Cyber criminals are abusing a trusted Docker and Kubernetes cloud monitoring tool to map the networks of their victims and execute system commands.

Having previously been known to use malicious Docker images to infect victims’ servers, TeamTNT has now been observed using Weave Scope as an effective backdoor into the cloud networking infrastructure of its targets, according to analysis by Intezer.

Weave Scope is a trusted tool that gives users full access to their cloud environment, and is integrated with Docker, Kubernetes, the Distributed Cloud Operating System (DC/OS) and the AWS Elastic Compute Cloud (ECS). Hackers, however, have illicitly deployed this tool to map out the environments of prospective victims, and execute system commands without the need to deploy malicious code. 

“To our knowledge, this is the first time attackers have been caught using legitimate third party software to target cloud infrastructure,” said Intezer security researcher Nicole Fishbein. “When abused, Weave Scope gives the attacker full visibility and control over all assets in the victim’s cloud environment, essentially functioning as a backdoor.”

“By installing a legitimate tool such as Weave Scope the attackers reap all the benefits as if they had installed a backdoor on the server, with significantly less effort and without needing to use malware,” she adds. 

The open-source tool, developed by Weave Works, providers monitoring and visualisation over Docker and Kubernetes servers, with users gaining full control over the infrastructure through a dashboard accessible through a web browser.

When successfully abused, attackers are granted access to all information about the server environment, in addition to the ability to install applications, establish connections between cloud workloads, and start or stop or open interactive shells in containers. 

This degree of functionality is equivalent to an attacker having installed a backdoor on the server, with significantly less effort and without needing to use malware, Fishbein added.

To install Weave Scope, a hacker would need to use an exposed Docker API port and create a new privileged container with a clean Ubuntu image. This container would then be configured to mount the file system of the container to the file system of the victim server, and therefore grant attackers access to all files on the server. 

The initial command, as observed by Intezer, was to download and execute several cryptominers. The attacker then attempted to gain root access to the server by setting up a local privileged user on the host server, using this to connect back via Secure Shell (SSH). The attackers subsequently downloaded and installed Weave Scope, which, once launched, connected the cyber criminals with the Weave Scope dashboard via HTTP on port 4040.

From this dashboard, the hackers can see a visual map of the Docker runtime cloud environment and give shell commands without deploying any backdoor. This is the first time that an attacker, to Intezer’s knowledge, has downloaded legitimate software to be used as an admin tool on the Linux operating system.

The cyber security firm has recommended that organisations close any exposed Docker API ports to prevent the initial infiltration, given this attack takes advantage of a common misconfiguration of the Docker API. All Docker API ports should, therefore, be either closed or contain restricted access policies in the firewall.

Organisations should also block incoming connections to port 4040 given Weave Scope uses this as a default to make the dashboard accessible. This port should also be closed or restricted by the firewall.

Blackberry to open new GDPR and EECC-compliant data centres

Sabina Weston

9 Sep, 2020

Blackberry will open additional data centres in France and the Netherlands as well as expanding its existing data centre in the UK to help customers comply with EU data protection regulations and the upcoming Public Warning directives.

The new Directive on the European Electronic Communications Code (EECC), which was adopted in 2018, is to ensure that all EU member states establish a public warning system to protect citizens in cases such as natural disasters or terrorist attacks. 

The data centres will be used to store the personal data of citizens, ensuring that it is compliant with the EU’s General Data Protection Regulation (GDPR).

Using its emergency mass notification system AtHoc, Blackberry aims to provide organisations with a secure way of communicating emergencies to their workforce. Staff will be able to be notified with the help of mobile apps, desktops, sirens, and building systems such as fire panels. 

Adam Enterkin, senior VP of EMEA at BlackBerry, said it’s vital for Blackberry to “adhere to new and existing EU data residency requirements per the General Data Protection Regulation (GDPR)”.

“With BlackBerry AtHoc’s new EU based data centres we are able to scale our infrastructure to better support our customers’ needs over a secure and reliable network,” he said, adding that “empowering [Blackberry’s] customers with the most secure communication platform for increasing resiliency and communicating swiftly is critical in a crisis”.

In July, the company announced that it was partnering with Vodafone to offer the BlackBerry AtHoc platform as a crisis communications solution for UK emergency services.

The mobile app is already used by military, government, and commercial organisations in order to provide their workforce with physical security, force protection, as well as personnel accountability. 

Greater Manchester Police and Greater Manchester Fire and Rescue Service were the first two clients to benefit from the partnership, with the Greater Manchester Police inspector Darren Spurgeon saying that the system was chosen to allow the police “to share and receive real time information across our business and police operations”.

“BlackBerry AtHoc will help us rapidly respond to internal operational issues and ensure accurate information is shared across multiple police departments and personnel using both analog and digital channels,” he added.

HPE announces next-generation Modular Smart Array

Sarah Brennan

9 Sep, 2020

Today, Hewlett Packard Enterprise (HPE) announced its next-generation HPE Modular Smart Array (MSA), the HPE MSA Gen 6. Designed to help small and medium-sized businesses (SMBs) focus on growing their business, this entry-level hybrid-flash storage solution aims to deliver performance and automation without breaking the bank.

Tech spending is limited for most SMBs. With MSA Gen 6, HPE says SMBs can get the most bang for their buck with an updated entry storage solution. 

Able to secure their most valuable data while also making it easily accessible to employees, the HPE MSA Gen 6 also allows users who run on-demand businesses to manage their distributed applications and workloads easily.

A slew of updates to HPE MSA help satisfy the SMBs’ needs, including:

  • Hands-free tiering that delivers workload efficiency with improved performance and lower latencies
  • MSA Data Protection Plus (MSA DP+), which spans all drives to improve overall system efficiency
  • Enhanced MSA Health Check tool to eliminate common causes of downtime 
  • HPE Cloud Volumes Backup integration to provide users a low-priced route to cloud-based data protection

“HPE has continually built on and refined the MSA product family for six generations, focusing on the balance between performance and affordability, as well as looking at the simplicity and customer experience,” said Chris Powers, VP and GM for Big Data and Collaborative Platform Development and HPE. 

“HPE MSA is helping SMBs by delivering the performance and automation they need to keep their businesses running. We take pride in providing our customers with a reliable and fast solution at an affordable price so that their businesses can serve their clients efficiently,” Powers continued.

Sky Cumming, product manager at Dicker Data, an IT distributor and HPE channel partner, added, “The HPE MSA is ideal for the clients we serve whose businesses require a reliable, simple and low-cost storage solution that can match today’s workloads, and scale as their performance and capacity needs grow.”

Cumming continued, “The auto tiering capabilities provide the performance needed to power their applications, and the archive storage provides a flexible enterprise-grade storage solution at an entry-level price point. The new HPE MSA Health Check tool protects against attacks and predicts failures before they happen so small businesses can focus on making their business thrive without an IT headache.”

The HPE MSA Gen 6 is now available for order through channel partners starting under $7,000.

For the desperate, the cloud is there, but the hardware is not

Bobby Hellard

10 Sep, 2020

In 2009, during the most brutal part of the recession caused by the global financial crisis, I found myself unemployed, unqualified and without a laptop. 

For six months, my life was held together through financial support from family, job recommendations from friends and daily trips to the local library for a mere hour on the internet. 

Although I fondly remember it as the year I decided to embark on a career in journalism, I can’t help but think myself extremely lucky to have been able to access cloud services through the library. Because without that my life might have gone in a very grim direction.

With those precious internet hours, I did career research, CV workshops, job applications and even some social media networking. Those were the slow and frustrating initial steps I needed to take to get off the bottom and into a career. The first job was horrendous, but when my first payday came I bought a very basic laptop for £200. It served me well, helping me gradually move up the job ladder over the near decade I owned it, as well as seeing me through a number of online courses. And while I can’t remember the brand, nor would I likely recognise it if I saw it, it will always have a special place in my heart.  

You see, while the cloud is free and you pretty much get all you need to get started when you sign up to a Gmail account, the hardware to access it isn’t. For many, particularly the types of people who make up little library communities, limited access to computers is a barrier to a better life.  

It’s not just job-seekers who face this problem, either. According to research by the National Union of Students (NUS), a third of university students were unable to access online learning during the coronavirus lockdown, with disabled students and those from poor backgrounds being worst affected. Among the reasons for this were insufficient course materials, poor internet connections and (surprise, surprise) a lack of IT equipment and software. 

There used to be a government scheme that acknowledged this problem and sought to remedy it by providing low-income households with £500 to put towards a home computer and broadband access. It was launched in 2008 and reportedly helped around 270,000 families over the course of its existence. But with the arrival of the new Conservative government in 2010 and its focus on austerity, the programme was axed and we’ve seen nothing like it since.

Right now, as we begin a new cycle of recession and the government tries to find ways of getting people back to work in the new normal, a £500 handout could feasibly pay for a laptop and some decent internet access. Hell, it could arguably get you an entry-level or second-hand smartphone, too. With these tools, the possibilities are only limited by the imagination. 

For me, getting the hardware I needed accelerated my route into journalism, for others it can be the first step on the path to becoming an entrepreneur.

Laptops and phones are also essential tools for remote working, which may be a barrier to some businesses right now. The cost of kitting out your small operation might be too much and it can turn into a decision to furlough staff, make them redundant or even close down your business if it can’t operate in these difficult times. However, with a little help from some hardware schemes, the government can accelerate some aspects of digital transformation. 

When I see the almost daily reports of mass job cuts now as a result of COVID-19, I can’t help but reflect on my own experience of unemployment. With the coronavirus still lurking, a trip to the library or an increasingly rare internet cafe might not be safe, but help for people to buy the hardware themselves could do wonders for equality and maybe even the economy.

IBM and Red Hat to build oil and gas industry hybrid cloud

Bobby Hellard

9 Sep, 2020

Schlumberger, IBM and Red Hat have joined forces to accelerate digital transformation across the oil and gas industry. 

The collaboration will initially focus on private, hybrid and multi-cloud deployments for Schlumberger’s own services with Red Hat OpenShift. This will then hopefully lead to the delivery of the first hybrid cloud implementation for the OSDU – an open data standard for the oil and gas industry. 

Schlumberger has committed to exclusively using Red Hat Openshift with the container platform deploying applications across all of its infrastructure, from traditional data centres to multiple clouds – including private and public. 

The organisation’s DELFI cognitive exploration and product (E&P) environment is a secure, cloud-based platform that uses data on all aspects of its value chain. It incorporates data analytics and AI, drawing upon multiple sources and automating workflows for seamless collaboration for its domain teams. 

The collaboration with IBM and Red Hat will allow many more oil and gas operators, suppliers and partners to work from the industry’s digital environment where they can ‘write once and run everywhere’, according to Schlumberger. 

The hope is that this new way of hosting will offer the possibility to use multiple cloud providers, addressing critical issues and facilitating in-country deployments in compliance with local regulations and data residency requirements.

“By expanding market access to the DELFI environment we take a major step forward on the journey to establishing the open and flexible digital environment our industry needs,” said Olivier Le Peuch, CEO of Schlumberger. 
“Our collaboration with IBM and Red Hat complements our established digital partnerships to produce an industry-first solution to overcome our customers’ challenges,” he added. “Together, we are enabling seamless access to a hybrid cloud platform in all countries across the globe for deployment in any basin, for any operator.”

Remote workers swap commute for productivity

Sabina Weston

7 Sep, 2020

More than half (60%) of small business employees who are working from home due to the pandemic are using the time they would be spending on their commute as work time, a new study by Vodafone has found.

According to the research, which was conducted by Atomik Research and surveyed 1,003 UK adults from SME companies, 40% of employees who are working from home have put in an average of 642 additional hours, equal to 26 extra days, since lockdown began back in March.

A quarter (25%) of the surveyed homeworkers are also contributing to their local economy on a daily basis by swapping major coffee retailers such as Starbucks or Pret a Manger for smaller cafes and coffee shops.

According to Vodafone UK business director Anne Sheehan, “the Covid-19 pandemic has reshaped the working world, seemingly for the long-term”. 

“Workers are now contributing more where they live, and that will be a boost to local businesses during these difficult times,” she said.

The report follows the UK government’s campaign aiming to encourage employees to return to their offices and prevent city centres from becoming “ghost towns“.

However, research conducted by Cardiff and Southampton Universities found that nine in 10 people in the UK who worked remotely during the pandemic want to continue to stay away from the office. Between 6,000 and 7,000 UK residents were questioned in the survey, with 88% saying they would like to continue working remotely in some capacity, with 46% wanting to do so often or all of the time.

According to the Evening Standard, the government might try to convince homeworkers to return to the offices by providing them with free bus and train credit, as using public transport systems and its potential health implications is believed to be one of the main factors driving employees away from coming back into the cities. 

Google expands no-code tools and automation for “citizen developers”

Nicole Kobie

8 Sep, 2020

Google wants to make it easier to accelerate digital transformation by “citizen developers” with no-code business apps, automation and API management.

The Business Application Platform, announced today, builds on Google Cloud’s acquisition of Apigee API management, as well as its efforts in AppSheet no-code application development, said Amit Zavery, vice president of Business Application Platform at Google Cloud, in a blog post.

“We’ll be adding new features in these areas that leverage Google Cloud’s expertise in hybrid and multi cloud architectures, artificial intelligence and machine learning, lifecycle management, security, and productivity and collaboration,” said Zavery.

The first of three launches is a beta release of API Gateway, a managed service for Google Cloud workloads and serverless backends that includes authentication, key validation, and rate limiting.

“Serverless workloads are becoming more popular with developers, who are increasingly packaging their serverless applications as APIs, both to share them with other teams and to expose them publicly over the web,” said Zavery. “API Gateway lets developers secure and manage their APIs built on Compute Engine, GKE, App Engine, and serverless backends (Cloud Functions and Cloud Run), all without having to write code for different endpoints or worry about any of the infrastructure configuration or scaling.”

The second launch is an early access release for AppSheet Automation, a tool that lets non-technical users pull in data to automate processes, be they human centric, document based, or something else. Security is built in, and AppSheet Automaton uses natural language inputs and an intuitive interface so anyone in a business can automate a process.

“When business processes rely on manual actions, valuable time is often wasted updating systems instead of focusing on work that drives the enterprise forward,” Zavery said. “Moreover, opportunities for mistakes or communication lapses are abundant. Line-of-business workers are closest to these challenges, so empowering them to optimise and automate processes is an important area of enterprise innovation.”

Google also announced general availability of Apigee as a datasource for AppSheet, so users can pull in data from Apigee APIs for no-code apps. Google AppSheet lets businesses build applications without any coding — hence the name “no-code” — pulling in data from sources such as G Suite, mySQL and Salesforce.

That is now being expanded via a system called Data Source for AppSheet, which will let “citizen developers” pull in a wider range of information to automate business tasks, beginning with Apigee.

“By enabling employees to build apps that leverage Apigee APIs and require no coding, enterprises can both empower line-of-business employees without technical experience to create innovative apps and reduce traditional IT backlog,” said Zavery.

Google pointed to recent figures from analyst firm Gartner showing that by 2023 there will be four times as many active citizen developers at large enterprises than professional developers.