gtag('config', 'UA-184601919-1');

Skip to Content

Category Archives: Security

Tips To Prevent Cyber Attacks



5 tips on how you can keep yourself safe online


1.Passwords and Two-Factor Authentication
  • Change your password every so often as this will increase the level of security.
  • Don’t use the same password for all of your accounts.
  • Don’t leave your passwords in close proximity to your devices.
  • Never share your password.

The two-factor authentication method provides two layers of security measures so if a hacker can accurately guess your password, there is still an additional security measure in place to ensure that your account is not breached.

  2.How to choose the right password and what to avoid

These are the 4 most used passwords online which makes whoever is using them vulnerable as they are easy to guess.

  • Password
  • 123456
  • 12345678
  • 1234

When creating a password, most of your devices and accounts will show a strength meter from weak to strong which indicates your chosen password strength. This is a guide that should prompt you to alter your password if your password is too weak. A strong password will have a mix of numbers and letters, both lower and uppercase, and at least 8 characters – most importantly never use any personal information in them.



3.Think Before You Click 

Unfortunately, there are so many unsafe links out there that can cause damage to you and your business. Before you click a link, THINK, is it an unusual message? Something you’re not expecting or you can immediately tell that something doesn’t seem quite right? Inspect the link, is it legitimate? Look for things such as the destination of the URL, is the email senders address genuine? If you are struggling to work it out there are useful tools out there that can be of help. 


4.Back-up Your Data

It’s important to have your data backed up in a physical location and more importantly in the cloud. When your data is in the cloud it is ultimately untouchable, the hacker’s end goal could be to encrypt your data leaving you with nothing. Without having a backup you will have no way of getting your data back. Once it’s gone it’s gone. Increase confidence in your company’s data staying safe from malicious threats. 



5.Secure your Device 

Securing your device doesn’t stop at your desktop, your mobile phone can hold just as much data that you need to protect. You use your mobile phone for pretty much everything including your online banking as well as storing your bank card details. Ensure your passcode is a random selected number pattern nothing too easy to guess if there is an option to enable touch/face ID as passwords this will make it harder for anyone to hack. 



Logo transparent   Services we offer to help protect you 


AntiVirus – Cloud53 has its own bespoke Antivirus solution which is hosted in the cloud and runs on your computers through a very lightweight application. This is a fully managed service, updates happen seamlessly without the users’ knowledge, and should a virus be detected again this will be dealt with remotely leaving the user safe in the knowledge that their computer is fully protected


 AntiSpam – SPAM (unsolicited email) sadly affects everyone these days (estimated 100 billion sent around the world daily). Cloud53 hosts a fully managed service for anti-spam and anti-virus filtering of all your emails. Spam filtering will never be 100% as it’s obviously changing daily however we estimate that approximately 99% of spam is quarantined by our anti-spam system.


Backup & Recovery – In simple terms this is backing up your data offsite and to the cloud. People only realise the importance of their data when they have lost it whether that be due to corruption, virus, deletion, or simply disk failure. Cloud53 can backup your data (any size) to the cloud so it’s safe and accessible. We can backup daily or weekly and retain the last 30 days for you or more if required. Equally, we can restore the data back to you should the worst happen. How valuable is your data? What would you do without it? 


Cloud Failover & Disaster Recovery – Also known as DRaaS (Disaster Recovery as a Service) Cloud53 provides high-availability and continuous uptime solutions for your organisation. We do this by replicating your live systems to our Cloud environment in realtime. Our Cloud technology monitors the heartbeat of your production servers and can automatically failover entire production servers to our Cloud within minutes. This ensures your business-critical servers are always available no matter what happens.

0 Continue Reading →

Travelex – what happened?


We have all seen it on the news, Travelex were reportedly hacked on New Year’s Eve (2 weeks ago today) and are being held to ransom by a criminal ransomware gang known as ‘Sodinokibi’. The company is still working to get back its systems after 2 weeks, resorting to pen and paper in most of its 1200 branches. It seems clear that Travelex does not intend to pay the ransom and claiming that no customer data has been compromised despite the gang claiming to have downloaded sensitive customer data.

How did this happen?

Most are familiar with Ransomware, essentially it is malware which enters a network and encrypts the files on that network rendering them useless in the hope that a ransom is paid and the decryption key is provided in return, though don’t always bank on an honest transaction! We have seen this many times in particularly the Wannacry cryptoworm of 2017 which attacked Microsoft Operating systems. Microsoft had released a patch to prevent this however most users typically hadn’t installed it and so were at risk of being infected, equally Windows XP was vulnerable as it was no longer supported in much the same way that Windows 7 is no longer supported from today (14th January 2020) and no further patches are available.

How was Travelex Different?

Travelex were warned by a security researcher back on 13th September 2019 that they had insecurities in their Virtual Private Network (VPN) in particularly their Pulse Secure VPN Servers but that appears to have been ignored!  The issue however starts 7 months previous to this when Pulse Secure identified a vulnerability and released a subsequent patch but clearly this was not applied by Travelex. It is reported that the ‘Sodinokibi’ gang have had access into Travelex network for the last 6 months, no doubt watching and gathering data ready for the attack, this was certainly a planned and well executed ransomware attack.

Could it have been avoided?

YES without a shadow of doubt. Hindsight is a wonderful thing but Travelex IT Security didn’t miss a security patch by a few days but by several months! Regular patching of endpoints is essential, IT Security is critical, this is/was a major worldwide financial business.

Will they recover?

Good question! After 2 weeks they haven’t recovered, all servers are unavailable, branches are using pen and paper, it’s a disaster! Perhaps Travelex intend to pay and hopefully get their files back? A company like Travelex should have substantial Disaster Recovery plans and should be able to restore from backup however its likely, given the time that has now passed and the size of the attack that backups are also encrypted. As for company reputation, well its shot!

No matter how small or large your business is, do not think that you cannot be affected by Ransomware, do not ignore IT Security risks, protect your network endpoints



0 Continue Reading →

Hacker Halloween

Monsters may be out of your age range, however, technology can be a scary place, it’s always connected and open for hackers, malware and viruses. Halloween is the scariest time of the year with ghosts, monsters and demons, however, is the horrors found in technology more terrifying?

New devices are being created each year to make your everyday lives smarter and more efficient but it is up to you to ensure your devices are secure. This involves any device that is connected to the internet such as televisions, gaming consoles, home router, Google Home, Alexa, security cameras, baby monitors, smart locks and even smart thermostats, these can all make your home vulnerable.

Hacker banner

These devices are known as the Internet of Things devices or IoT for short, IoT devices have provided cybercriminals with new ways of gaining access to devices and the reason why these devices are targeted is because they have little or no security.

Heres how to keep your devices safe not just on Halloween but all year round.

Router security 1

How to become secure 

Equip your home router with strong passwords as this is the key element in connecting all of your devices and make them operable.

Rename your router, don’t keep the name that it comes with as this may distinguish the make or model. Give your router an unusual name that doesn’t relate to you or your address, as you don’t want to give away any personal information.

Strong password 1

Set up a guest network that visitors or friends and relatives can use and doesn’t link with your IoT devices.

Change any default username and passwords that come with your devices as some hackers may already know the default passwords for some IoT devices which makes it easier to access them.

Random password 1

Also, use strong passwords and avoid the common words, use more complex passwords which you can do by mixing up letters, numbers and symbols. You may want to consider a password manager.

Keep software up to date, if you get notified of a software update don’t ignore it. These updates could include security patches, make sure that you are downloading the updates to ensure that you are secure.

Two-factor authentication, you can receive one time codes that get sent to your phone as well as entering a password which helps you become more secure if this is offered it is beneficial to use it.

Password 1

Can it be stopped?

It is very unlikely as hackers find new ways each day, you can stay one step ahead of hackers by following the steps provided above.

Don’t forget to check out our other latest blog posts on our website and don’t hesitate to get in touch if you think we could help your business run smoother!
You can reach us on 0333 444 5353 or email [email protected]


3 Continue Reading →

Password security 101

Do you know how strong your passwords are?

They’re probably not as strong as you think. Why wait until the one day a year where everyone talks about the subject? World Password Day is an annual celebration to promote safer password habits. It takes place on the first Thursday of May each year, but why wait another 10 months to tighten up your password security?

While passwords are a common form of authentication on the Internet, they’re more often than not the only line of defence between hackers and your personal information. Our helpful team at Cloud53 HQ would be happy to talk things through with anyone who is concerned about their security and anyone who wants better defences. In the meantime, the information below may give you some quick pointers!image

What is Password Security?

Password security, though often overlooked, plays an extremely important role when it comes to protecting your identity on the Internet. After all, it keeps unauthorised users from breaking into your online accounts and stealing your personal information for their nefarious purposes like impersonating you to commit crimes in your name.

You can free yourself from risk by resetting your old, weak passwords to long, un-crackable ones and remind your friends, family and colleagues to do the same. With identity theft and other cyber-crimes at an all-time high, setting robust passwords is crucial and we’re going to show you exactly how to go about that.

How Hackers Can Steal Your Passwords?

Have you ever wondered how hackers go about cracking your passwords? Well, here are some of the most common ways through which they can steal your passwords, and ultimately, your personal information:

1. Brute force attack

One of the most common password cracking techniques out there, a brute-force attack involves checking all possible key combinations until the right one is found. Since hackers use complex algorithms to try multiple combinations at super-fast speeds, rest assured that your short passwords will be cracked in no time!

2. Password sniffing attack 

A password sniffing attack is a technique used by hackers to collect your credentials on unencrypted connections. By using a combination of easily available tools on the Internet, they monitor all incoming and outgoing traffic on a network so they can intercept your usernames and passwords as they’re being transmitted.

3. Phishing attack 

Even though phishing is an old trick in the hacker’s playbook, it’s still going strong and doesn’t seem to be going away anytime soon. Typically, it entails sending an email to the victim by impersonating a legitimate entity and requesting that they provide sensitive information like usernames, passwords, and even credit card details.

4. Social engineering attack 

A social engineering attack requires little technical knowledge and relies on human error, tricking otherwise unwary employees or users into performing certain actions or revealing confidential information such as passwords or bank account details.

5. Dictionary attack 

In a dictionary attack, a hacker tries hundreds – or sometimes even millions – of likely possibilities derived from a predefined list of words or dictionary in order to defeat an authentication mechanism like passwords.

6. Keystroke logging

Keystroke logging, also known as keylogging, is a technique that involves the use of a program to record or log every keystroke so they can obtain confidential information like passwords without the knowledge of the unsuspecting user.

So how do I make a secure Password?

Now that you know the common password security mistakes you need to avoid, let’s discuss how to create strong passwords. The following are some password tips to prevent hackers from accessing your online accounts:

 1. The longer your passwords, the better.

The passwords you decide to use should be at least 12 characters in length so that they’re difficult to break. The longer a password is, the more combinations a hacker would need to try in order to successfully crack it.

2. Aim for complexity.

Password length and complexity go hand-in-hand in the quest to creating strong passwords, so make sure you include lower-case and upper-case letters along with numbers and symbols. Mix them up like you mix your cocktails on a Friday night!

3. Unpredictability is key.

Unpredictability is key when it comes to password strength. Avoid predictable words, passwords based on dictionary words, as well as any references to your personal life or popular TV shows, video games, and movies.

4. Unique is the way forward. 

We’ve already highlighted this before, but its importance can’t be emphasised enough: Only use one password for one account.

Hopefully you are now equipped with the knowledge and ready to update your passwords. However, if you are still feeling uncertain and would like some more advice, don’t hesitate to give one of our friendly staff a call on 0333 444 5353 or drop us an email at [email protected] and we’ll be in touch with some more helpful tips!

3 Continue Reading →

Windows 7 – is this the end?

Windows 7

Windows 7, as an operating system (OS), is probably the most popular OS in history, XP was good in its day but Windows 7 beat it. It was released in 2009 and in its first year sold 240 million copies, that’s 7 copies every second! It has become the staple business Operating System and it was only at the end of 2018 that Windows 10 became more popular. As of April 2019 Windows 10 accounts for 44%* of Operating systems on Desktops/Laptops with Windows 7 still having 36%* of the market. Windows XP that went end of life 5 years ago still has 3.5%*.

Nobody knows the exact number of computers in use worldwide but in 2015 it was estimated to be around 2 Billion, if we take that as todays figure then there are around 720 million Windows 7 PC’s in use worldwide! One hell of a successful OS for the last 10 years!

BUT in January 2020 Windows 7 is officially retired and in Microsoft terms is ‘end of life’! What does that mean? Well simply it will continue to work as it always has done, in much the same way Windows XP still works however there will be security risks which may be acceptable for a home computer but typically is going to be a major risk for business computers. Furthermore the latest applications and/or updates may not work on Windows 7.

Microsoft releases critical and security patches regularly for all operating systems as and when potential threats or vulnerabilities are found, the numbers per month vary but typically there are around 20 per month from Microsoft, from January 2020 these will not be released from Microsoft for Windows 7.


  1. Carry on as you are using Windows 7 and accept the risks.
  2. Upgrade your Windows 7 to Windows 10 subject to the computer hardware meeting Windows 10 requirements.
  3. Purchase a new computer which comes with Windows 10.


Essentially if you are a Windows 7 user Microsoft have effectively backed you into a corner, it is a major risk to continue using Windows 7 and the longer it is used after January 2020 the larger the risk becomes. The best advice, to be safe, is to move to Windows 10 however this will come at a cost.

Remember the WannaCry Ransomware attack on the NHS last year? This is estimated to have cost the NHS £92m and affected most XP machines within the NHS that were powered on at the time, the hack happened due to a vulnerability within the OS as no updates for XP had been released for 4 years. Something similar is a very serious threat to Windows 7 after January 2020.

Cloud53 would be happy to discuss the options with any company concerned about their OS strategy ready for the next decade.

*figures from netmarketshare April 2019

0 Continue Reading →

Windows Sandbox – Coming Soon!

A new feature coming to Windows 10, for Pro and Enterprise users and it is called Windows Sandbox. Windows Sandbox is software that allows you to create a temporary isolated environment which can then be used to run a potentially suspicious app or just for testing.

Sandbox will come as part of Windows Pro/Enterprise and will be shown as a feature ready to be installed

This implementation makes it easily accessible and less work than creating a Hyper-V session for a quick test.


The set up for Sandbox is very simple, once opened it’s effectively a clean and new installation of Windows, no need for a complicated set up as with other virtual environments. It has the host’s diagnostic data settings and all other privacy settings are set to the default values, totally secure and away from your network. Each time a new session is closed all settings revert to default so every session is new and fresh.

This is a very convenient security measure to have in place. You will be able to witness first-hand what an application does when run, therefore if it is harmful you can remove it from your PC without ever opening it and exposing it to your files/network as the sandbox is ring-fenced.

The reason it does not affect your PC is because it uses hardware based virtualisation for the kernel isolation. That is done by relying on Microsoft’s hypervisor (Hyper-V) to have Sandbox separate from the host.

It is in the early stages but requires Windows 10 build 18305. Obviously as this is still in beta there could be compatibility issues and performance issues.

0 Continue Reading →

An Alexa Issue


Living in a world where people are always wanting the most up to date technological advances, there can be a darker side to these new products, an example of this has just recently been reported in the news.

The ‘Amazon Alexa’, a voice operated device which is referred to as a virtual home assistant which has a variety of different functions to allow you to say a certain phrase and the device will respond accordingly, has apparently been listening in on private conversations from its customers, when the device has not been triggered to be listening, and sent the recorded conversation to one of the people in the customer’s contacts list.

This goes to show that not every new device on the market is perfect and if we ever are in range of one of these voice operated products we should be careful on what we say, because you never know if something could go wrong and the conversation being unknowingly recorded, and possibly sent, is not just a harmless one about hardwood floors as this couple from Portland, Oregon experienced.


0 Continue Reading →

Remote Access Warning


About a month and a half ago, there were some reports surfacing of some TeamViewer users being hijacked. This mostly surfaced around 30-05-2016 to 02-06-2016, although there are some reports dating back to mid-June. The logs note that most of these computers were accessed through TeamViewer, with IP Addresses originating from a Chinese VPN, using a method known as “Custom Password”. TeamViewer has refused to explain what method is used for that to appear in the logs. The computers that were hijacked, had the saved passwords stolen, then they opened Chrome/Internet Explorer to attempt to send coupons or vouchers to China through Amazon, PayPal, or abusing any of the saved  passwords while logged into their machines.

Only a few of these computers were accessed by simple dictionary attacks due to the default 4-number password, which could be accessed in 23 hours of brute forcing. Due to the nature of TeamViewer, this password only resets when the application is restarted. Which isn’t that often…

A decent number of the intrusions also appear to coincide with the 01-06-2016 Denial of Service Attack on TeamViewer’s Authentication servers. TeamViewer declines any knowledge of a security issue, and has held their stance at it being the user’s fault for the issues that have been experienced. TeamViewer’s legal team has forced some article publishers to alter the statements about TeamViewer to cover up.

Most of these reports are unverified in a sense – as they are posted on a potentially anonymous forum, claims that cannot be verified. However, they are in such a high volume that some potential truth can be gleaned from the info.

0 Continue Reading →

Distributed Denial of Service (DDoS)


Recently it seems that every week we hear of a major website being unavailable due to a DDoS attack but what is it and why is it becoming so common?

A DDoS attack occurs when multiple systems flood the bandwidth or resources of a targeted system, usually one or more web servers. Such an attack is often the result of multiple compromised systems (for example a botnet) flooding the targeted system with traffic.

It appears that along with these attacks becoming more common, they are also becoming more serious in the sheer bandwidth that is being used. Speaking to a recent victim they saw over 80Gbps being used against their IP’s, very few providers could sustain that bandwidth. To put this into perspective in Q4 of 2013 the average DDoS attack was using an average of 2.14 Gbps.

In recent months major names have been attacked such as the BBC (reportedly over 600Gbps), Sony PlayStation network, TalkTalk, Carphone warehouse and many more but why?

It would seem that essentially the groups doing this wish to extort money from their victims, using blackmail with the threat that if they do not pay then attacks will continue. However could you trust a black mailer not to do it again after payment? This is why it is generally reported that companies do not pay, however it seems reasonable to assume that some companies do pay as these sort of attacks cost money to implement and so they must be worthwhile to the criminals?

The type of payment is the issue in these ransom situations as payment is always instructed to be made in bitcoins and so is totally untraceable (if you know what you are doing). It is also thought that money gained in this way often finds its way to support worldwide illegal activity.

You don’t have to be a large company to suffer a DDoS attack but the attackers do go to where they believe ransom money is available, however if you do become a victim of a DDoS attack and subsequent blackmail it is best to treat it as an exercise to bolster your security and potentially test your DR strategy, it is not advised to meet the demands of the cyber criminals.

0 Continue Reading →

Hacking – why does it keep happening?

Obviously this week the big story has been TalkTalk who it would appear have been hacked and potentially allowed details of 4 million customers into the wrong hands. This is the third large cyber-attack which TalkTalk have received and it is not at present clear why TalkTalk are targeted or who did it but it is far from being the only company that keeps being hit!
Most, if not all, large companies will receive cyber-attacks every day, it is unfortunately the norm. This is the reason why large companies invest in heavily in cyber security but being ahead of the cyber criminals isn’t easy. Around 1 million new malicious programs are created on a daily basis according to security firm Symantec.
It is extremely unlikely that any large company has not received cyber-attacks, it is also very unlikely that any of these large companies haven’t suffered a breach of security due to these attacks at some point. It is only the clever companies that are aware of these breaches and learn from them. It is likely that many companies will not know they have been breached which is much more dangerous than being aware!
Can it be stopped? Very unlikely, unfortunately it is just a case of staying one step ahead of the hackers which in reality is extremely difficult and expensive.

0 Continue Reading →