Skype Shuts Down
As discussed at the Club in March/April, the Skype service closed on the 5th May.
M&S – Ransomware Attack
Ransomware has come to prominence recently in the UK due to the attack on Marks and Spencer which brought large parts of their operations to a halt. Online sales were stopped for days and supplies of products in the stores ran low. According to Bleeping Computer, the attack was perpetrated by a group known as Scattered Spider – see the article for more:-
https://www.bleepingcomputer.com/news/security/marks-and-spencer-breach-linked-to-scattered-spider-ransomware-attack/
Ransomware attacks are probably the most common form of hacking aimed at companies and large organisations. The main aim of the attackers is to extort money by two means:-
- The organisation’s data is encrypted and a ransom is demanded to get the key to decrypt it.
- The organisation’s data is exfiltrated (i.e. copies of data are stolen) and again, a ransom demand is made to prevent that data being published. Such data may include personal details relating to employees or customers.
Some companies are believed to have paid the ransom as they are desperate to get their systems up and running again. However, this is a bad idea. It just finances the bad guys and encourages them to do more attacks. Also, as these hackers are crooks, there is no guarantee that they will provide the decryption key or return exfiltrated data when the ransom is paid!
In addition to M&S, the Co-op has also been a victim of hackers and customer data was stolen. More recently, M&S announced that data has been stolen in their attack – see this Bleeping Computer article from yesterday:-
https://www.bleepingcomputer.com/news/security/mands-says-customer-data-stolen-in-cyberattack-forces-password-resets/
Which? offers some advice if you are concerned about these or any similar hacks:-
https://www.which.co.uk/news/article/what-to-do-if-youre-worried-about-the-co-op-and-marks-and-spencer-hacks-asrvB1U7al4n
M&S have now issued emails to all their customers explaining that data has been stolen including email and postal addresses, phone numbers and order history. There is no indication that passwords have been stolen, but it is a wise precaution to change your M&S password and you will now be prompted to do this when you next sign in.
Sign-In Activity
For your main online accounts such as Microsoft, Google or Apple you should have a fairly long, unique password and 2-Factor Authentication (2FA). From time to time, and especially if there has been any suspicious activity, you might want to look at login activity on your account. How you can do that is described below. Note, you may be asked to sign in with your password and 2FA as you go through the process.
Microsoft
Go to account.microsoft.com
Select Security
Then View my sign-in activity
We looked at my Microsoft Account which showed sign-in attempts from around the world, all were unsuccessful due to using the wrong password. Even if they did have my password, the sign-in attempt would still have failed because I use 2FA.
Google
Go to accounts.google.com
Select Security
Then Review security events
Apple
Apple do not provide a list of failed login attempts. However, you can see a list of where you are signed in by doing the following on your mobile device:-
Select the Settings app.
Tap on your name.
Scroll down (if necessary) to see a list of signed in devices.
You can tap on any of these for more details or to remove that device from your account.
Alternatively, use a browser to go to account.apple.com
Select Devices
This will show the same device list you would see on your mobile device. You can click on any one of them for more details or to remove the device.
Your Microsoft, Google and Apple accounts are places where you should definitely have 2FA set up. If you are unsure how to do this, you can search for instructions. Basically, use the instructions above to go to account security and look for 2-Factor Authentication or 2-Step Verification (same thing, some companies use different names).
Here is an article from Windows Central on setting up 2FA on your Microsoft Account:-
https://www.windowscentral.com/how-set-two-step-verification-microsoft-accounts
You may only need the second factor when you sign in for the first time on a new device/browser/app. You may have the option to "trust this device" so that it won't require 2FA again on that device.
Dave pointed out that if you lose the device you are using for 2FA, someone else my be able to use it. However, it still adds an extra layer of defence beyond just a password. Most attacks are from remote operators, maybe in Russia or China and these people would clearly NOT have any of your devices, so 2FA does provide considerable protection. Nothing, of course, is perfect!
It is important that you set up several 2FA options, e.g. SMS to mobile phone, code to email address(es), code from authenticator app, etc. Different accounts offer a different range of 2FA options, and I would suggest you set up as many as you can.
Allan pointed out that you often get an email when you have signed in, especially from a new device. If this was not you, you have the option to try to do something about it. However, as Dave pointed out, this would be closing the stable door after the horse has gone down the road!
Microsoft Goes Passwordless
One way to stop hackers stealing or just trying to guess your password is to go passwordless. This can be done, for example, by using passkeys which we have discussed several times before or the Microsoft app on your mobile device. Microsoft has now announced that all new accounts will be passwordless by default. Existing users can delete their passwords in account settings (accounts.google.com). This Bleeping Computer article from 2nd May has more:-
https://www.bleepingcomputer.com/news/microsoft/microsoft-makes-all-new-accounts-passwordless-by-default/
We have talked about passkeys before. You can go to my website at:-
bit.ly/rogersdocs
Click on the Computer Club tab and then select the Passkeys document to see the previous discussions on the topic.
Dave pointed out that you can use a Windows PC without having a Microsoft Account (MSA), although you will not have access to things like OneDrive or M365 apps. It is increasingly difficult to set up a new Windows 11 PC without a MSA. However, this can be done by using a temporary MSA to set up the PC, then setting a Local Account and setting it as Administrator. The MSA can then be removed from the PC. I would personally recommend using a free MSA or even a M365 paid account, but you can avoid this if you want to.
Changing Your Router
We briefly touched on this in March when Linda mentioned changing her ISP from BT to EE. Your new ISP will supply a new router. This is pre-programmed by the ISP with your broadband username and password – you may not even know what these are, but they may have been mentioned in one of the emails you had from the new ISP. If you stick with the ISP-supplied router, you don’t need to know what these are.
The new router will have a different network name, also known as the SSID, and a new wi-fi password (sometimes called a wi-fi encryption key). In the March blog, I linked to an article by Jennifer Pattison Tuohy who is a technology journalist specialising in smart home technology currently working for The Verge. Here is the link again to that article:-
https://www.theverge.com/23453354/keep-smart-home-devices-online-replace-wifi-router-how-to
This article explains that it might be easier to change the SSID and wi-fi password in the new router so they are exactly the same as the old one. Then, your devices should be able to connect to the new router. If you have dozens of internet-connected devices, this approach is much easier than going round all of them to change the SSID and wi-fi password in each one.
Programming Your Router
There are 2 possible ways to access the settings in your router:-
- Using a web browser, or
- Using a dedicated app for your router.
To use the web browser method, you will need to know the IP number of your router. There are a number of ways to find the IP. On a Windows PC, right-click on the Start button and select either Terminal, Windows Powershell or Command Prompt. In the box that pops up, type:-
ipconfig
and press Enter.
Look for Default Gateway under either the Wireless LAN or Ethernet heading, depending whether your PC is connected by wi-fi or cable.
You can also use your mobile device or an Apple Mac to find the IP Number – see this article for details:-
https://www.howtogeek.com/233952/how-to-find-your-routers-ip-address-on-any-computer-smartphone-or-tablet/
Typically, the IP address will be something like 192.168.x.x or 10.0.x.x. This page lists the default IP addresses for lots of routers:-
https://www.softwaretestinghelp.com/default-router-ip-address-list/
Enter the IP number for your router in the Address Bar of your browser. This should bring up a logon page of your router. You will need to enter the Admin username (not always required) and the Admin password. The Admin password can usually be found on the label on the back or base of the router. Don’t confuse the Admin password with the wi-fi password (or the broadband password which you probably don’t know anyway!).
This should take you to the router settings which vary from router to router, but you should find the Wireless LAN details (SSID and wi-fi password) and be able to change them. When you have done that, re-boot the router.
If there is an app on your smartphone for your router, then use that to change the SSID and wi-fi password.
It might be helpful to google for specific instructions for your make and model of router. For example, this is a page from EE explaining how to change these details on their routers using the EE app or using the browser method:-
https://ee.co.uk/help/broadband/manage-use/change-wifi-admin-password
Dave pointed out that if you retain the wi-fi name and password as described, anyone you ever gave this to (e.g. a visiting workman) will still be able to connect to the new router. A number of modern routers have a Guest Network which has a different name and password to the main network. This is ideal if you need to allows visitor to access the internet. In future, you can change the name or password of the Guest Network without having any effect on all your own devices.
Next Session
Wed 11th June at 2pm by Zoom
