Today @ St Luke’s Church Holbeck

Need help with your phone, tablet or laptop?

Free IT Support evey Monday from 1 pm to 3pm.

Individual Behaviours and Human Error affects our Exposure to Cybercrime Risk

The final GTT Cybercrime Prevention Hour Workshop discussed one of the most important aspects of cybercrime risk. Over several months the GTT workshops have covered many aspects cybercrime and concluded that devices and networks all have vulnerabilities that can be exploited, but the greatest weakness in our online security was often ourselves. Our behaviours, habits and natural curiosity create the vulnerabilities confidence tricksters use to find out information about us to commit fraud or extortion.

Workshop proposes factors to consider. What people do on the internet and how they access and use services affect an individual’s exposure to risks. GTT proposes that these ideas can be express as an algorithm that could be developed to measure personal risk. The edited presentation discussion outlining the proposed algorithm is the GTT YouTube Channel.

Protecting your devices from malware

What is malware?

Malware is malicious software engineered to work for its makers, and not for the computer user. Malware might steal your identity, install unwanted programs, or encrypt and hold your digital files for ransom. As a term, “malware” covers all sorts of malicious software, including Trojans, spyware, adware, ransomware, and viruses. Malware is now often delivered by exploiting flaws (“exploits”) in legitimate programs.

How do I protect against malware infecting my device?

• Download a proven anti-malware scanner with real-time protection such as Malwarebytes Premium.
• Keep your programs updated so cybercriminals can’t exploit them.
• Protect your wifi with an encrypted password. Never use open wifi.
• Use WPA/WPA2 encryption standard on your home wifi; do not use WEP encryption.
• Back up important files to a local hard drive.
• Do not open emails from people/companies you don’t know.
• Do not click on links sent to you via email or IM without first “hovering” your pointer over the link to confirm it is sending you to a legitimate site.

How do I know if my device is infected with malware?

Look for issues characteristics of a malware infection:

• Does your web browser freeze or become unresponsive?
• Do you get redirected to web pages other than the ones you are trying to visit?
• Are you bombarded with pop-up messages?
• Does your computer run slower than usual?
• Do you see new icons on your desktop that you don’t recognize?

What can you do if your device is infected with malware?

• Remove CDs and DVDs and unplug drives from your computer. Restart in Safe Mode.
• Download a proven malware scanner such
• Disconnect from the internet. Then run a scan.
• Follow instructions to remove any malware.
• Restart your computer.
• Update your operating system, browser, and applications if not current.
• Reset all of your passwords.

Protecting our Routers and Networks

Most of us think about Cybercrime tend to worry viruses, phishing scams, accounts being hacked, or our devices being stolen. The Networks we all use are another way a criminal can access our data to commit crime.

How does the broadband work?

If you have Broadband services offered from domestic Internet Service Providers (ISP) in the UK, there are two different types of Modem, Cable or ADSL (Asymmetric Digital Subscriber Line.). Cable using optic fibre and ADSL use the standard telephone line which is copper wires.

There are several UK ISPs all use different modems and routers.

A modem converts the analogue signals from the cable or phone wire to digital signals (Modem stands for Modulator-Demodulator). The digital signals are sent to different devices by a Router. This is done via an Ethernet Cable or WiFi connection. Most ISP Broadband packages the Modem and Router are built into one device.

How do you set up your home network?

When you get Broadband your ISP provides instructions of how to set up your network and connect with Modem and Router to your devices and the phone or cable connection. If you do not have any information you check your ISP’s website or phone to find out about Protecting initial set up.

Every Modem/Router with have default factory settings to start with. It is important to check and change some of these setting before you start using your network. To do this you have to go the Administrator’s Control Panel.

On the back of the Router box there is usual a label showing the Admin Password and the WiFi Password.

The Admin Control Panel is access by connecting a computer to the Router opening a web browser and typing in the IP address. For example:

• BT – http://192.168.1.254/
• Virgin & Sky – http://192.168.0.1/
• Vodaphone – http://192.168.1.1/

Tops Tips:

• Get to know your ISP and Modem/Router
• Change the Admin Password
• Make sure the Firewall is turned on!
• Set Parental Controls
• Change WiFi SSID and Password
• Create Guest WiFi login

The Admin Control Panel

Why change the Admin Password?

Your Admin Control Panel can be access from any computer connected to the internet if someone knows your IP address. Sometimes the default Admin password is easy to crack or is well known.

If someone can access your Network, they can access any device connected to your network, this means they can spy on you with webcams and steal valuable data like other passwords to emails and bank accounts.

What is a Firewall and why should it be always switched on?

The firewall prevents anyone access your network unless they have the right internet credentials. This can be IP addresses, devices, or passwords. The network firewall can allow exceptions for instance software update being the most common.

Note sometimes you must turn a firewall off when installing some antivirus software.

What are parental controls?

Parental controls allow the administrator to restrict internet searches to safe searching and block access to adult websites. It can also turn off access to certain devices at certain times such as bedtimes. With mobile devices it is not easy for parents to either supervise children 24 hours a day or prevent devices being smuggled into bedrooms.

What is the WiFI SSID?

When you log onto WiFi the SSID is the name of the WiFI Network. The default label will identify the ISP provider and network name is possible that default SSID and WiFI password might be known by someone passing by your home. It is a good ide to change this no matter how unlikely some would access your WiFi

You should make sure the WPA (Wireless Protected Access) is enable.

Creating a Guest WiFi

Many Routers allow setting up a Guest WiFi login this prevent a guest access your Home Network. This is useful if you have contractors in the house that need to access the internet while they are working in your home.

See the YouTube resources provided by Tech Videos

Managing Cybercrime Risk

The Cybercrime Prevention Hour has considered how risk management tools could be used to inform, raise awareness, and provoke discussion on how to control individual and corporate risks.

The approach to examine risk is simple; identify, assess and deicide. Risk threats have two components consequences or impact and likelihood or probability of occurrence.

Cybercrime Definition

Cybercrime RISK is the potential for a THREAT is a person or thing that is likely to cause damage to exploit a VULNERABILITY such as a flaw, feature or user error that may result in some form of negative IMPACT.

Vulnerabilities that expose us to Cybercrime

Introducing the Risk Assessment Matrix

The results using the Risk Assessment Matrix discussing different vulnerability domains can be then used to inform decision making. Whether a risk is taken or not, or an affordable or practical control, is initiated to give sufficient comfort and safety. Every individual or organisation will have different devices, software, networks, and behaviours to contend with there is no one solution for everyone however there are common themes.

Decision making

The final step if for dealing with risks is the decision making. As with all risks there are 4 choices; either take, avoid, treat, or transfer. The first two choices are obvious, and it is simply a question of chancing it or not, but sometimes we have no choice and are forced into doing something that is beyond our comfort zone that feels potentially risky. In this situation we try control the risk or limit possibility of things going wrong.

Treating or controlling risks is best understood by giving an example:

“I use my phone for everything if I someone stole it what would I do? If the phone were stolen it would have my address book, diary, email, social media accounts, and personal photos.”

Should use the phone and nothing else or should I risk it?

How can I treat or control the risk?

• Keep the phone on me and only use in a safe place.
• Use device security, fingerprint lock of face recognition.
• Encrypt the storage.
• Make sure I know all the account passwords or have them stored in a password manager I can access from another device.
• Make sure I have backed up of the photos and documents onto a secure cloud storage.
• Make sure I have the device SIM PUK code on file at home and get my mobile phone contract supplier to replace the SIM.

If I implement the 6 controls above, I can drastically limit the impact if I should be unlucky and get my phone stolen. All these measures I can do with no additional cost. Only the first point would reduce the likelihood of my phone being stolen.

If my device is expensive to replace, I could consider transfer the risk of the loss by buying some personal insurance against theft.”

Anyone wishing to attend future Cybercrime Prevention Workshops can book a free place at our Eventbrite page and find more information on the Cybercrime Vigilance Project web page.

Anyone can register has a student with GTT and request the free Cybercrime Assessment Matrix tools see the Student Area on our website.

The School of Metal Bashers Challenge

Aim: Become a student have an opportunity to learn some basic computer hardware skills so you can volunteer to help other by repairing and recycling old computers, repair their own equipment. If you live in the Bradford area this is an amazing opportunity to developing skills further in hardware repairs or building new computers.

Sessions are held online every week on a Tuesday from 2pm to 4pm for 12 weeks.

You will get old PC to practice and learning with, the ultimate challenge will be to bring it back to life!

Computer Surgery Metal Bashers 2016 – “It’s Alive! It’s Alive!”

What will you learn:

• Learn what tools and equipment are needed to carry out basic computer repairs.
• Identify hardware engineering risks and basic safety requirements
• Identify the basic layout of a computers and its parts.
• Know key basic electronic principles needed to understand how a computer works
• Learn how to replace faulty parts and test computer operation by know some simple diagnostic techniques.
• Learn how to research and procure replacement parts increase understanding and knowledge of manufacturers, interfaces, and compatibility.
• Learn how to set up a new computer by installing an operating system practice using the BIOS and different Operating Systems.

What activities will you do:

• Identify safety requirements: Tools, manual handling, hazardous substances, electrical hazards.
• Identify electronics and hardware: Electronic and computer hardware components. Use Ohms and Power Laws.
• Define and explain how digital technology works.
• Identify ports and connectors. Connect a computer system and running a computer system.
• Access and using the “BIOS”.
• Creating and using software boot tools.
• Accessing and using disk management tools including formatting and partitioning disk drives.
• Diagnostic process, testing and observing results.
• Looking at common faults.
• Replacing faulty components.
• Developing repair solutions and options.
• Practical sessions
• Sourcing spares and fitting problems.
• Installing operating systems.
• Using Windows and Linux operating systems.
• Review and Evaluation.

For more information and registration visit the School of Metal Bashers Web Page.

World wide web: Peeking behind the scenes

Most of us are unaware of how the internet works we use and trust our technology to do the daily things we need when we need it. Beneath the surface there a servers, cables, wireless transceivers, software, and people keeping it all running. For Internet Service Providers (ISPs) reliability and safety are paramount to maintain customer confidence.

Vast numbers of people are involved in keeping up with criminals and other that are continuing to exploit vulnerabilities to financial or political gains. Being vigilant against cybercrime is like continual cold war between good and evil trying to outsmart the opposition.

Recently the news released information about weapon grade security tools being harvested by unknown criminals. This week the US Government security have announced that state agencies have been hacked using SolarWinds Orion network hacking tools.

Cybercrime Prevention Hour

The GTT Cybercrime Prevention Hour were able to learn more about what goes on behind the scenes with guest speaker Iain Currie from BT.

A recording of the event is now available on the GTT You Tube Channel to be used as learning resource for our students.

If you would like to join a Cybercrime Vigilance project and attend one of our monthly workshops, please visit the GTT website project page and book your workshop place via the Eventbrite weblink.

BBC Website References:

• US cyber-attack: US energy department confirms it was hit by Sunburst hack – BBC News
• SolarWinds: Why the Sunburst hack is so serious – BBC News
• SolarWinds Orion: More US government agencies hacked – BBC News
• US Treasury and commerce department targeted in cyber-attack – BBC News

Introducing the “Metal Bashers”

Get Technology Together working in partnership with Solidaritech is offering a practical computer repair course for adults that is free to anyone living in the Bradford MDC area. The course offers 12 weeks intensive practical work on how to strip down a computer and rebuild it.

The GTT volunteers made this video to show how School of Metal Bashers could work. This year because of the COVID pandemic GTT will doing much of the classroom activities online using the Zoom App and offering remote tutor support with emails, phone calls and video chats.

GTT Volunteers Video promoting the School of Metal Bashers

The course, starting January and February 2021 will be delivered in weekly online class video call, with a computer kit, online resources, and tutor support.

PLACES STILL AVAILABLE FREE FOR ANY ADULT LIVING IN THE BRADFORD AREA – CONTACT GTT FOR MORE DETAILS.

Enrol for the School of Metal Bashers now! CLICK HERE!

Learning about cybercrime together

What is Cybercrime Risk?

This month the GTT Cybercrime Prevention Hour considered cybercrime risk. In conclusion Cybercrime risk is the potential threat of a person or thing that is likely to cause damage by exploiting a vulnerability (a flaw, feature or use error) that may result in a negative impact.

Coping with threats and dealing with our fears

Threats can be general like scam emails sent out in large quantities in the hope that recipients might respond or can be target specifically at you. Cybercrime has many different motives often money or data, but sometimes can be more sinister such as entrapment or revenge. Everyone seems to be bombarded with junk email and nuisance calls these days, and the workshop concluded it is good to share the burden, learn more about the threats we all face and get support together.

What are the vulnerabilities that expose us to cybercrime?

There are 3 areas to examine: Networks, Devices and People.

• Everyone uses a network connection to access the internet whether that is via a LAN Cable, WiFi router or mobile data connection. Each method will have security built into the hardware, but not all of us know how to use it or have access to the security controls.
• All digital devices have security built into their operating systems, making sure it is used, updated regularly as well as having it personal data backup are the basics of minimise risk.
• The greatest potential for risk is ourselves, a lack of knowledge, forgetfulness, carefree or risky behaviours increases exposure to cybercrime threats. Or simply making a mistake which we are all prone to do many times in our lives.

Criminals rely on this. Hence the term “Phishing” scam emails are literally criminals fishing for people with hope to net an unsuspecting victim. Often posing as your ISP, PayPal, Apple, Microsoft, or Amazon suggesting there is a problem with your account or are offering a refund (“a carrot or stick”). The “hook” is the internet link in email which delivers the malware onto your device. If you click on the link you are “caught” and the damage is done.

If you want to learn more and help others please join the GTT Cybercrime Prevention Hour held monthly for more information see the GTT Upcoming Events, Cybercrime Vigilance and Student Area on this website.

GTT Cybercrime Prevention Hour

GTT launched the Cybercrime Vigilance project with the support of the West Yorkshire Police Community Safety Fund. GTT hosts regular monthly workshops to discuss, share information, and learn about cybercrime prevention. It is a continual challenge for everyone as new technology develops.

The aims of the GTT Cybercrime Prevention Hour workshops will explore and collaborate to develop on going shared resources. GTT encourages everyone to Participate, Learn, Achieve, and Innovate together

• What is Cybercrime? How do we identify cybercrime risks?
• What impact does cybercrime have on victims?
• Looking statistics and unreported crime, how common is cybercrime?
• The fear of crime – how safe do we feel?
• Managing behaviours and risk – How do I use my technology?
• Review my risk controls – what I am doing? is it good enough? What should I be doing?
• Training in good practice and developing good habits

It is free to join the workshop book a place by contacting GTT or via Event Brite.