NHS could be in breach of Data Protection Act over Ransomware attack

NHS ransomware

The recent ransomware attack on the NHS may leave the organisation open to prosecution under data protection laws.

Rumours are circulating that NHS Trusts across the UK are still using the outdated and unsupported Windows XP operating system, for which the creators – Microsoft – ended support in April 2014. Windows XP no longer receives updates from Microsoft including the crucial MS17-02 update which the company said “resolves vulnerabilities in Microsoft Windows” the “most severe of the vulnerabilities could allow remote code execution if an attacker runs a specially crafted application”.

In effect, the NHS have left some computers open to attack by using outdated, old and insecure software.

Possible breach of the Data Protection Act

Under the laws of the Data Protection Act (DPA), Data Holders (in this case NHS bosses) are obliged to ensure that any personal data held in relation to patients is kept safe and secure to prevent it falling into the wrong hands.

If a computer system is vulnerable enough to allow hackers to encrypt data within it, then it may also be possible for hackers to obtain personal data about individual members of the public from that system. If personal information was to fall into the wrong hands it would be considered a breach of the DPA an leave the organisation open to prosecution. Historically, large fines have been issued by the Information Commissioners Office (ICO) such as those issued against 11 large charities in April 2017.

ICO warned users of XP about data protection laws in 2014

The ICO warned companies against using Windows XP in 2014 in a press release. Simon Rice of the ICO said organisation should migrate away from old systems as quickly as possible as “failure to do so will leave your organisation’s network increasingly vulnerable over time and increases the risk of a serious data breach that your actions could have prevented”.

It seems that some NHS bosses failed to understand the seriousness of the threat.

How the NHS Ransomware attack occurred and how to prevent it

NHS ransomware

On 12th May 2017 the NHS was hit by a ransomware attack which bought many hospitals, GP surgeries and Accident & Emergency departments to their knees. The cyber attack locked thousands of NHS staff members out of computer systems and encrypted data so that records, emails and other documents could not be accessed. By the end of the day, one IT software company said that it had observed over 75,000 infections in 99 countries.

The attack had been predicted by computer experts for years and older technology used in the NHS system left it vulnerable to attack. The hackers initially used spy tool stolen from the United States called ‘Eternal Blue’ to deploy the ransomware.

What is Ransomware?

Ransomware is a computer program which is inadvertently installed onto a computer running the Windows Operating System, usually by a user unknowingly opening an attachment in an email containing the ransomware, downloading it from an email link or by installing software from an untrusted source.

Once allowed onto the computer, the ransomware (in the case of the NHS called WannaCry, WanaCrypt0r 2.0, WannaCry and WCry, encrypts all of the users files and prevents access to the computer. It then attempts to move across a computer network and can infect other computers and file servers on the network as it goes.

Why did the NHS ransomware attack occur?

The cyber attack on the NHS was caused mainly by the use of out-of-date Microsoft Windows operating systems on computers across the country. Although the fight against the hackers who write ransomeware programs is often retrospective, Microsoft did release a security patch to prevent vulnerabilities within their operating system some months ago. However, the patch is unlikely to have been installed on all computers and left those machines open to attack.

This wasn’t a targeted attack; but it was entirely avoidable.

How is ransomware removed?

There are three methods of removing ransomware:

  1. Pay the scammers who installed the software – usually around $300 USD or £230 per infected computer to un-encrypted your files – a bad idea as will be discussed
  2. Remove the ransomeware manually – can be very difficult but is possible
  3. Format the computer’s hard disk entirely and re-install the Operating System from fresh – meaning any files which haven’t been backed-up will be lost

Paying the criminals who write the ransomware is a bad idea for a number of reasons.

Firstly, you have no idea who you are paying and what the funds will be used for. Sure, it might be going to a spotty 20 year old student but you might also be funding illegal activity.

Secondly, paying to have the malicious program removed this time will make you a target for the future; once the hackers know they can get you once they’ll try and get you again. There is also no guarantee that the criminals will remove the encryption once you pay.

Thirdly, there are people out their who can help you remove the ransomeware and you may even be able to do it yourself with a little research, time and effort.

How does an organisation the size of the NHS cope with a ransomeware attack?

The priority for the NHS will obviously be to get computers clear of the infection and files restored as quickly as possible. Presumably the NHS will already have a contingency plan in place for such an attack. If not, someone’s head needs to roll, because an attack of this type has been predicted for many years.

Going forward, every NHS trust will need to look closely at how it implements policies for preventing further attacks, including improving staff training and awareness, ensuring the operating systems are updated as soon as new patches become available and also by considering moving away from Windows operating systems in the future to a more secure system.

How to prevent ransomeware attacks

Ransomware attacks are avoidable and it’s actually very simple to avoid them. By following good computing practice you can protect yourself from becoming the victim of ransomeware:

  • Always ensure that you install the very latest in Windows Updates from Microsoft. Windows 7, 8, 8.1 and 10 should do this automatically but you can turn updates on manually – Microsoft released an update to prevent ransomware attacks in March 2017 but some users failed to install it
  • Do not use legacy versions of Windows such as XP which are no longer supported, especially of that computer is on a network on has access to the Internet
  • Use antivirus software – there are plenty of free applications available that offer a good level of protect – see do I need to pay for antivirus for more information
  • If you’re techie, consider using a different operating system such as Apple’s OSX or an open-source Linux system such as Ubuntu which are much more resilient to cyber attacks

Hoaey shower head review – the cheapest way to transform your shower

Hoaey shower head review

When I first read about the Hoaey shower head I was very skeptical about the claims made by the manufacturer. However, once I read the reviews, I figured that hundreds of positive comments couldn’t be wrong.

Our old Triton enrich really wasn’t up to producing decent pressure anymore

My electric shower was a few years old but like many cold-feed showers was pretty useless. I had thought about fitting a power shower but this would involve lots of new pipework in the bathroom as well as the installation of an electric pump. I could probably manage this myself, but to be honest, I couldn’t be bothered.

So when I saw the Hoaey (and bearing in mind Amazon’s really easy returns policy), I thought I’d give it a go. At the price is seemed a no-brainer not to.

What the manufacturers say

The manufacturer claims that the Hoaey shower head can do lots of things. It claims ionic beads which can remove the chlorine from water and all sorts of other things about better skin.

The Hoaey shower head appears to improve water foaming

I can’t be completely certain about this, but I feel that the Hoaey shower head improved the foaming action of my shampoo. I live in a hard water area where it’s known that certain products struggle to foam, but I feel that there has been an improvement.

Pressure feels much better

Changing the shower head hasn’t altered the pressure that the shower pumps out, but it has improved how the shower feels. And that’s what it’s all about, right? The holes on the Hoaey are much finer than the conventional shower head and that contributes to the perceived pressure feeling much more improved.

Hoaey shower head

Does the Hoaey shower head work on electric showers?

Yes, it does. I found fitting the Hoaey shower head to my Triton Enrich really improved the perceived pressure and gave a much better spread of water. You can also use it on a mixer shower if you have one.

Easy to fit

It’s really easy to fit the Hoaey shower head – it just twists on to the existing pipe with a standard thread and all washers are provided.

Summary

If you’re looking for a low-cost and effected method of imrpoving your shower experience, or looking at a way to update your tired old shower, you need to buy a Hoaey shower head. They really are worth the money.

Gig Bag – Suggestions and reviews for Performers & Techs

As a musician, singer and occasional sound engineer, I find I have to carry lots of equipment with me to gigs. I had various bags (one for a microphone and various leads, one for my Macbook Pro) and another with various bits and pieces in it. What I wanted was a Gig Bag – just one bag that I could keep all my staple gig items in from one show to the next regardless of whether that day I’d be singer or sound teching for a show. You know, things like some spare leads, a couple of mics, a few tools, a lead tester…that kind of stuff. Something I can just grab and go without the need of packing each gig but based around music unlike my Everyday Carry.

It got me looking around for options. As you’ll already be aware bags come in different shapes and sizes from small handbags to large suitcases. Prices also vary significantly. So what are the best options for a gig bag? These suggestions link to Amazon for ease of use:

24″ foolsGold® Holdall – from £12.99 – my recommendation

This gig bag is actually the cheapest of the bunch and the one I settled on. It’s a reasonable size but not so big it will take up too much space in the van or car. I was attracted to the many pockets on the outside of the bag which are great for organising leads or smaller items in. It’s a robust bag that I can also sling a few clothes in and my Macbook. Simple and strong. Recommended. >>See more here<<

20″ Clearwater compartment bag – from £19.99

This is the gig bag for the person who really want to compartmentalise their gear.  With 8 adjustable compartments, the bag provides the travelling musician with lots of scope to organise items into sections. >>See more here<<

 

Max IP67 Hard Waterproof case – from £30

Smaller than the others, but packing a punch in terms of the durability, is the Max IP67. It’s hard and waterproof. Ideal for travelling on a plane or somewhere that your gear might be thrown around. It also boasts a pressure relief valve. >>See more here<<

FlyGear 32 Inch Large Folding Wheeled Holdall – from £11.99

Looking for something with wheels? Then check out the FlyGear 32 Inch Folding Wheeled Holdall. Sadly this bag doesn’t have many external pockets but it does have the added advantage of being easily folded away when not in use – ideal for someone with limited storage space. It’s also the largest of the bags reviewed here. >>See more here<<

Got your own suggestions for a Gig Bag? Disagree with something I’ve said? Then please leave your comment below and I’ll be sure to reply.

Using 4G as a business Internet solution

When my company recently moved premises, we found a great plot of land. Previously a farm, it had plenty of space for our expanding business, lots of storage and plenty of space for a new purpose built office. The problem was that the BT Broadband connection was a maximum of 1.2MB due to the distance from the Exchange, which was never going to be suitable for 8 users checking email and carrying out their daily activities.

Like most businesses, our company had grown use to high-speed internet so we needed to find an alternative to the poor-quality speeds provided by the BT infrastructure. Satellite Internet was an expensive and slow option, so we turned to 4G for options.

4G has become much more widely available in the UK recently with speeds and coverage increasing all the time. Unfortunately, the coverage information provided by Ofcom and the mobile phone networks in relation to data coverage is poor and not very accurate which can make it a bit of a lottery when trying to decipher where there is a good 4G signal. To find out I asked a number of staff with mobile phones on different networks to visit the new location. I asked them to download the Speedtest app onto their smartphones and we then checked each networks speed in the area. In my case it was EE and 3 with the strongest signal and faster speeds.

Adding the router to the network (LAN)

It was important for me that I could integrate the 4G internet connection into my companies Local Area Network (LAN) and I wanted the router to be the DHCP server. To do this I decided I would purchase a 4G router and after some research settled on the Asus 4G-N12.

The N12 console is very straight forward to use

Getting the system up-and-running was fairly simple. I ordered a SIM from EE and plugged it into the slot on the side of the router. Once the router was on I logged into the Asus control panel by going to the IP address 192.168.1.1 and using the username admin and the password admin. Once I was logged in the router’s admin screen the firmware automatically ran me through the setup process. All I needed was the SIM PIN which was written on the packet (you may need to call your mobile provider for this). In my case it was 1111. Once all connected I was instantly able to connect to the building in wifi option of the router.

Locating the router

One of the disadvantages of the router I purchased (and the problem with most in the price range) is that there is no option for adding an additional 4G antenna. I could already get a reasonable signal with the router on my desk but I knew I’d increase it if I could get the device higher up. So, I added a longer ethernet cable to the router and placed it on top of the false ceiling in our office. Up there I was able to achieve 25mb speeds very easily which was a considerable improvement on the BT connection.

After speaking to our handyman, we decided we could probably improve this even more if we could build a tower and locate this to the roof of the building, thus improving the line-of-sight to the nearest 4G mast. As the router is 12v, we discussed perhaps making a simple 12v solar-powered system for it, but for now it was good enough.

4G router up high
Can you see me? We placed the router up high above the false ceiling to improve reception.

Data allowance – the major obstacle with 4G internet packages

The problem with using a 4G network for an office internet connection is the cost. Although some networks claim to offer ‘unlimited’ internet connections, my research discovered that none actually do. The networks either cap your usage under a fair usage policy or they throttle your speeds. This means that you are somewhat limited to how much you can use the internet before you begin to occur some expensive additional charges.

I had to enforce some new rules in the office. One was to stop one of my colleagues streaming their favourite radio station. Another was to block access to Youtube, Vimeo and Facebook (which of course they shouldn’t be using at work anyway, right?)

What I did notice was just how much data was used for even basic Internet usage and the checking of email. I also discovered that Microsoft Windows 10 (which is what all of our computers run) uses a surprising amount of data just checking for updates.

Obviously some of these issues needed to be resolved if we were going to truly use 4G as a real alternative to BT fibre.

4G Reliability was a problem at first

Our first few days weren’t too great when it came to reliability.

Is your tech spying on you?

As more and more products incorporate voice control and facial reignition, so does the required to hand over personal information to make these devices work. But did you know that your tech might be spying on you?

It’s now an accepted fact that Big Brother may be monitoring you in your very own home after evidence was uploaded to the Wikileaks website which proved that the CIA, in coordination with MI5, could hack Samsung televisions into bugging devices.

Voice recognition is constantly monitoring your conversations

Look at the example of a voice controlled Smart TV, which can change channel by voice control. For the system to work correctly it needs to be constantly listening out for your command.

You might think this is harmless. In fact, there is evidence to show a more dark and secretive force at work.

Government departments can turn your tech into bugging devices

Now consider your phone. It’s with you almost all the time, and if you’re an Android or iPhone users there’s a chance you make use of Google Home or Siri. If you do, it means that your phone is constantly listening out for your command; which means it’s quite possible that it too could be turned into a bug. No longer do the spy agencies need to tap your line: they can listen to you whenever they like.

And how about Alexa? She’s listening out for you, too. What is there to stop a software expert from getting your tech spying on you?

Your laptop may be spying on you

Most modern laptops and Macbooks are provided with built-in cameras. There are many stories regarding hackers installing malware into your computers enabling them to secretly take over control of your camera. Known as ‘webcam hacking’, Antivirus giant Norton have warned for some time about the risks.

Nothing to hide – nothing to fear?

Of course, there is a strong argument to say that if you’re not engaging in illegal activity you have nothing to worry about. In effect, you’re trading your privacy for the convenience of using such devices.

Are with sleepwalking towards George Orwell’s 1984?

The fact is that we can now be monitored by the State. It’s fact, no longer fiction.

You may trust this current government, but what would happen if a new crazy government took over who you didn’t trust and wants to monitor your beliefs? What if the bugging technology fell into the hands of our enemies?

How to avoid tech spying on you

The simply way is to switch off the voice recognition systems on these devices. After all, is using a remote control really so difficult to change the TV channel?

Another simply tool is to place some black electrical tape over the camera lens on laptops and tablets.

 

 

MacBook Pro gets hot | How to keep your MacBook cool

MacBook Pro gets hot

My MacBook Pro gets hot at times, usually when I’m trying to do something which requires a lot of processing power. As I’m typing this article it’s perfectly fine, but as soon as I run iMovie or Garage Band and start doing something heavy, the Mac gets very hot, especially just above the F keys. I’ve also noticed that the black strip at the bottom of the screen also gets very warm (it’s directly in front of the air vents).

Why a MacBook Pro gets hot

Unless it’s a hardware issue, the MacBook Pro gets hot because it’s having to do a lot of things at the same time. This is a common issue with any computer equipment. In my case I know for certain that there is no hardware fault as I’ve taken the computer apart and checked.

How to prevent a MacBook Pro getting hot

Whilst you’re going to want to keep on using your Mac for producing great movies and music, you’re going to want to keep it as cool as possible. Presuming that you’ve ruled out any hardware problems, you might want to consider the following ideas for keep your MacBook cool:

  • don’t use your MacBook directly on your lap – the heat from your body will prevent it from cooling and clothing may block the air vents required for cooling
  • never use your MacBook on a duvet or bed clothes
  • use a laptop tray to place your Mac onto – you’ll also find this more comfortable when using your MacBook
  • consider buying a laptop cooling tray – they run little fans on USB power and are excellent at cooling down any laptop when it’s working hard (and they can be used as a stand)
  • make sure the air vents are clear of obstructions and dust to keep your MacBook cool
  • if you’re handy with a screwdriver, have a look at the internal fan and make sure it’s not blocked with dust as this can considerably reduce cooling capability (refer to your warranty before doing this as you may void it)
  • don’t charge the MacBook whilst carrying our processor intensive activities like watching a movie or exporting large files

The benefits of keeping your MacBook cool

Overheating computer components reduces their lifespan, so keeping you machine cool will help prolong it’s life. If you keep your MacBook cool you’ll find it lasts longer.

Cooling the components also help the processor to deal with information faster, and whilst you probably won’t notice a difference in general use, your MacBook will export videos and music much faster.

Best NAS of 2017 – Network Attached Storage comparisons

best NAS 2017

If you’re here it’s because you’ll already know the many benefits Network Attached Stoage (NAS) can bring to your home or small business, but choosing the best NAS can be a minefield. So what is the best NAS of 2017?

Editors note: to save you time you can go straight to what we believe to be the best NAS of 2017 – the Synology DS715 with 2x3TB Seagate hard drives. Not the cheapest, but the best network attached storage system pound-per-pound. It’s solid, with good firmware, excellent cloud and mobile apps and supports multiple backup methods out of the box.

How the NAS comparison works

There are many different factors to consider when buying a NAS, from storage capacity to firmware. It would be far to complicated for the majority of people if we were to go into every minute detail, so for the sake of this article, we’ve concentrated on the most common.

RAID? Cloud software? Maximum capacity Wireless capability? Works out-of-the box? Processor Read/Write speed Cost
Synology DS715

best NAS 2017

All versions Yes (including mobile apps, grouping, security and Dropbox sync) Unlimited Yes (with additional USB dongle, not supplied) Once hard disks are installed (not  included) 1.4GHz Quad Core 216.1 MB/s reading speed and 142.5 MB/s writing speed from £249
TerraMaster F2-220

RAID 0, RAID 1, JBOD, SINGLE No (but can be synchronised with Dropbox) 8TB No (ethernet only) Once hard disks are installed (not  included) Celeron 2.41GHz with 2GB RAM 100MB/sec from £159.99

WD My Cloud

Unknown (not advertised by manufacturer) Yes 8TB No (ethernet only) Yes Unknown Not advertised from £109
Buffalo LinkStation 200 0/1/JBOD No 4TB No (ethernet only) Yes 800MHz ARM with 236Mb RAM No clear information  provided from £95

Why we believe the DS715 is the best NAS of 2017

When comparing the NAS available it was clear that there way a huge difference in the software options available. The DS715 hosts a huge number of installable applications, including web server, media server, remote access, cloud access, databases, MySQL and PhpMyAdmin. All of these options, plus it’s dual ethernet sockets and USB 3.0 (making external hard drives another option) make it by far the best NAS of 2017 in our opinion. This is a NAS that can be used at home or for small businesses. In fact, there’s no reason a small business couldn’t completely ditch their old file server and use the DS715 as a full solution; it really is that good.

Runner up of the best NAS of 2017

The position of second best goes to the TerraMaster, which offers a lot of the options of the DS715 but on a budget. It’s reasonably fast and can be upgraded to 8TB as your data needs increase. It’s not the best NAS of 2017, but it’s definitely a runner up.

You get what you pay for

As a user of the DS715, we know how excellent the manufacturers, Synology, are at updating firmware. They are regularly releasing new security patched and updated the built-in antivirus software.

If you can afford it, go for the DS715. Unless you’re a homeowner, we recommend you avoid the Buffalo and LinStation options.

Lima Cloud Storage Review | Could be much better

Lima Cloud

Lima cloud has been touted as the next best thing for those looking at a cloud solution on a budget. So is this new cloud solution really as good as it sounds?

The manufacturers of Lima, Lima Technology Inc., claim that Lima will “will protect your files and make them available to you on all your devices remotely”. The device was produced using a kickstarter campaign

However, after hundreds of reviews on Amazon, it appears Lima isn’t as straight forward to use as the manufacturers would have you believe. In fact, on the day of writing this post, 39% of reviews gave Lima just one star. Common complaints including the device failing to recognise drives, poor customer service from Lima and connection failures.

Advantages of Lima

  • one-off cost with no monthly subscription
  • your data is kept by you, so no chance of data mining
  • easy to upgrade storage capacity
  • Apple Air Play and Google Chromecast compatible
  • it’s small

Disadvantages of Lima

  • there is only one backup of your files (unlike more expensive cloud solutions which offer two hard-disks working as a RAID solution)
  • if the hard drive connected to your Lima is damaged, the files are unlikely to be irretrievable
  • No support for Linux

Suspicious advertising?

When I first looked into Lima cloud, the official website claimed that the waiting list was already 97% full and I needed to enter my email address quickly or risk losing the chance to sign up “due to high demand”. Meretriciously, the next day I received an email telling me I was one of the lucky people that had been selected to buy Lima. Two weeks on, the website still says the same. Mmmm……

I’m also concerned about some of the claims made by the manufacturers on the Amazon page. One selling point of the device claims “both your computer & smartphone can hold up several terabytes!”. Actually, that not true. Whilst your phone may have access to terabytes of data (subject to the size of the hard drive you attach) your phone doesn’t actually store the data; it just retrieves it.

Summary

At $99 Lima seems expensive, especially for the problems that many users have reported. The concept is good, but Lima doesn’t seem ready for prime time just yet.

To truly improve, the company will need to up its game in terms of customer service. An additional USB port to allow RAID would also be an improvement as would wifi capability.

My recommendation

Whilst more expensive, Synology offer some of the best NAS devices with cloud storage available. The hardware is quality, especially when combined with Western Digital Red hard drives. The apps are all very stable and the software provided is top quality.

Expensive, yes. But then when you consider the price of your data, how much is too much?

On a budget? Then check out the WD 3TB personal cloud solution.

Thinking of getting Sky Q? Don’t bother just yet

Sky Q

Sky Q is being pushed heavily by the company as the new way to watch Sky TV, with Ultra HD 4K availability and allowing people in different rooms to watch different TV channels at the same time. But, as this article will explain, Sky Q still has many teething problems.

Sky Engineer advised me not to buy Sky Q for at least 12 months

I recently had a visit from a Sky Engineer to replace some damaged cable in my house. While he was visiting, I asked him what he thought of Sky Q.

“Don’t bother mate” he said.

He then went on to tell me that there were far to many teething problems with the service and that he believed it shouldn’t have been released to the public so soon.

So what are the problems with Sky Q?

The most common issues being reported by Sky customers with the service are:

  • the new menu system (known in the industry and the Electronic Program Guide (EPG) is accused by many traditional Sky users as being clunky and somewhat laggy
  • the blue light on the front of the Sky Q box is too bright and distracting and can’t be permanently switched off
  • problem with software updates
  • a persistent “You can’t watch TV right now as there is a connectivity problem” error

Why are Sky keen to push Sky Q?

Sky Q relies heavily on broadband internet and local area networking to download programs. It is a move towards streaming services and away from the traditional satellite system used by BSkyB for many years.

In addition, the Sky boxes produced by Samsung have been expensive for Sky to buy, whereas the Sky Q and additional Sky Mini boxes are cheaper to manufacture without the need for engineers to run lots of cables from room to room for those who require Sky Multiroom.

The future of Sky Q

There’s no doubt that Sky Q is on it’s way to being an awesome TV service, but right now it just isn’t quite up to scratch. That said, Sky have invested heavily in the technology and the company will only push to make sure it’s improve.

Verdict: definitely a service that traditional Sky customers will eventually want to upgrade to, but perhaps not until the bugs have been ironed out.