In this digital rich world, it’s hard to believe that the majority of Canadian households – with at least one child under 18 – only have one Internet-enabled device available to them. Compounding the problem further is that 13.5 percent of this group relies on a mobile device for their Internet, according to Statistics Canada.
This shortage is creating a digital divide in Canada. If the IT industry does not act soon, it could lead to many young Canadians falling behind other countries and negatively impact digital transformation.
Lenovo Canada’s Executive Director and GM, Colin McIsaac has been running the subsidiary for the past seven years and in that time has successfully introduced many innovative products from the Yoga, the Tiny, the Twist, the X1 Carbon, and state-of-the-art workstations for the oil and gas sector that are also used to design cars for Austin Martin.
But despite the business achievements, conquering the digital divide in Canada has turned into a passion project for McIsaac. During an interview for the Jolera Interview Series program, McIsaac said the digital divide, specifically in the education sector, worries him because a lack of access to current technology can severely impact the quality of education a student receives. “This is sobering, and you compound that with the COVID-19 pandemic, and there’s a byproduct with schools not getting back to classrooms or staggering that experience and asking people to engage from home without a device or broadband or they are not comfortable with the environment, and this creates a much bigger gap between those that have and have not,” he said.
In comparison, McIsaac has more than 100 devices connected to the Internet in his home, and certainly, the narrative believed by most is that Canada is a totally connected community. But McIsaac believes there is a much more significant gap in Canada, and one of the pitfalls of the digital divide is the loss of potential.
“If someone is not able to learn properly, you can create a much bigger gap among the classes. Secondarily, we may miss out on some of the best ideas this generation has to offer because they don’t have access to technology. This is something we have to address, and, in my mind, it can’t happen fast enough,” McIsaac said.
SMARTER TECHNOLOGY FOR ALL
Lenovo operates with a guiding philosophy of “Smarter Technology for All”, and this viewpoint works to ensure that everyone can take advantage of technology. Under McIsaac’s leadership, Lenovo Canada is trying to provide a standardized technology experience for classrooms across Canada and in the home. Lenovo has already contributed more than $5 million in donations for Quebec’s back-to-school initiative, a co-sponsored plan with Best Buy to support the Boys and Girls Club of Canada. Most recently, the company made a significant Chromebooks donation to the Government of Alberta’s school initiative.
More needs to be done, according to McIsaac, from the government and the business community to address the digital divide in low-income areas of Canada since they have the highest percentage of mobile-only device usage.
“Technology has an impact on business, and you can draw parallels on the impact it has on consumers in their daily lives. If they do not have the opportunity to embrace technology’s competitive advantage, they will fall behind, and the longer they are unable to leverage technology, the worse it becomes. There are two ends of the spectrum here with people at one end engaging technology to their great benefit and learning experience and the other end, where people are not,” he added.
Watch the Jolera Interview Series featuring Lenovo Canada’s Colin McIsaac to learn more about how Lenovo deals with the digital divide along with its innovation strategy and how the company is embracing the as-a-service market.
Android mobile device users are being infected with the FakeSpy infostealer. The attack is part of a ‘smishing’ campaign from the Roaming Mantis threat group. The malware is disguised as legitimate global postal-service apps, and ends up stealing SMS messages, financial data, and other sensitive information from the users’ devices. The attacker sends text messages with information about a package delivery, prompting the recipients to click on a malicious link.
Users are recommended to ignore text messages from contacts they don’t recognize and be suspicious of any message about deliveries or other postal services. To avoid being scammed users should double-check the info received through trusted links to local delivery carriers.
Employees who browsed the news on one of these websites could have their computers compromised and then used as a stepping point into their companies’ enterprise networks.
Companies must have proper security measures in place to defend against WastedLocker Ransomware and similar threats. Secure IT – Endpoint protection provides an advanced, comprehensive threat detection and defence solution for an organization’s computer endpoints.
CVE-2020-1425 | CVE-2020-1457
Microsoft has released two emergency security updates to address remote code execution vulnerabilities affecting the Microsoft Windows Codecs Library on several Windows 10 and Windows Server versions. The two vulnerabilities are tracked as CVE-2020-1425 and CVE-2020-1457, the first one being rated as ‘critical’ while the second received an ‘important severity’ rating. After successfully exploiting these vulnerabilities, attackers could obtain information to further compromise the user’s system, and lead to arbitrary code execution on vulnerable systems.
According to Microsoft, the two security patches address the vulnerabilities “by correcting how Microsoft Windows Codecs Library handles objects in memory.” According to Microsoft it wasn’t identified any mitigating measures or workarounds for these two vulnerabilities.
Millions of internet of things (IoT) devices are affected by dozens of vulnerabilities. Cyber-security experts exposed a total of 19 vulnerabilities (4 of them considered critical) in a small library widely used and integrated into innumerous products over the last 20 years. These vulnerabilities affect both enterprise and consumer-grade products, from printers to insulin pumps.
Treck has issued a patch for use by OEMs in the latest Treck stack version (188.8.131.52 or higher).
Linkedin ‘Job Offers’ Malware
A recent malware campaign targeting aerospace and military firms has been discovered. Victims in Europe and the Midle East received Linkedin spear-phishing messages, supposedly from Collins Aerospace and General Dynamics, with a job offer. Besides the offer being fake, the message also included malicious documents that eliminate data from the device.
Users should be cautious whenever opening files from an email. Services like Secure IT – Mail help scan the files within emails to detect if they are legitimate or not. If they are not legitimate, these tools will block users from even visiting the malicious website.
Customers of U.S. banks and financial institution are the target of an ongoing campaign using “Qbot malware”, a banking Trojan active since 2008. Trough Qbot payloads, attackers are able to steal financial data from these clients, and spread malware on compromised devices. According to specialists, “Qbot malware” is being used with updated worm features.
Cybersecurity awareness training is highly recommended to defend against evolving malware threats. Secure IT – User Defence is a suite of security services specifically tailored to empower employees to become the first line of defence against cyber attacks.
With remote workers reaching unprecedented levels during the COVID-19 pandemic, strengthening Wi-Fi access points and the devices that access them is becoming a necessity. Unfortunately, very little thought has been given to Wi-Fi in the security landscape leaving many people vulnerable to hackers. Before the onset of the COVID-19 pandemic, people were using public Wi-Fi for collaborating with co-workers, outside suppliers and customers, along with friends. What made public Wi-Fi so useful was that it was widely available and, more importantly, free. As of last year, there were a total of 362 million public Wi-Fi hotspots available around the globe.
Know the types of Wi-Fi attacks to watch out for.
The most often used attack for WIFI is
called Man-in-the-middle. Hackers use Man-in-the-middle to intercept data
packets as they travel from the person’s computer to the WIFI network. Think of
this as cyber-eaves dropping. The hacker has access to your files and can view
your messages. For a man-in-the-middle attack to work, the hacker needs to be
in the range of an unencrypted WIFI access point. Or has set up a rogue WIFI
access point that the unsuspecting person signs in on.
Do you ever go into a Starbucks to
work? You check for free WIFI, and you see two Starbucks access points available.
You don’t give it a second thought and click on the wrong one. Well, that’s an
Evil Twin situation, were the access point that looks legitimate, but isn’t.
One of the more famous Evil Twin
attacks happened during the 2016 Republican National Convention, where 1,200
attendees connected to the IVOTETRUMP! Hotspot.
AirCrack, Passive Sniffing,
Cowpathy and many more…
To prevent remote workers from these
types of attack methods, what’s needed is to look at security more
holistically. Many people, especially during this unique time, are unaware of
the risks of using unsecured Wi-Fi. The organizations that these people work
for also fail to take the proper precautions to protect remote workers wherever
they are located and the data they access.
Organizations need to think of the whole picture instead of letting their deployed devices out in the wild. Data should be protected behind a Firewall, the devices accessing the data should be monitored and protected with endpoint protection. Instead of installing an access point and walking away, think of WIFI-as-a-Service, that includes a wireless access point but does much more such as advanced security information and event analysis, real live threat detection and remediation.
Each step taken builds upon your organization’s security posture and keeps both your users and your data safe and secure.
Google released a stat this week that 39% of its workforce is away from its various offices in the U.S. In Canada, its 44%. Also, this week, research firm Gartner Inc. reported that 88% of organizations have set up some work from home program.
Many organizations had little or no plans
for securing these workers at home previous to the COVID-19 pandemic, which has
created an opportunity for threat actors to target these people. Most of these individuals
are focused on trying to be productive, while self-isolating to remain safe and
healthy. For many, this new work-at-home reality has been challenging. The
hacker community is taking advantage of this crisis to target vulnerable people
who have their minds distracted by things at home.
Hackers are finding success using hidden mobile apps and unique distribution methods, according to the latest McAfee Mobile Threat Report 2020. The report found that mobile apps, third-party login and counterfeit gaming videos are the tools hackers are using to lure remote workers. Approximately 50% of all malicious threats were as a result of hidden mobile apps.
Terry Hicks, the executive vice president
of McAfee’s Consumer Business Group, said mobile threats are playing a game of
‘hide and seek.’ McAfee has uncovered that hackers have expanded the ways of
hiding their attacks, making them increasingly difficult to identify and
remove, which makes it seem like 2020 will be the year of attacks from places
organizations least expect them.
McAfee’s research found that hidden apps are the most active mobile threat, generating nearly 50% of all malicious activities. Hackers continue to target people through channels that they spend the most time on— their devices, as the average person globally is expected to own 15 connected devices by 2030. Hidden apps take advantage of unsuspecting individuals in multiple ways, including taking advantage of third-party login services or serving unwanted ads. Here are a few examples.
Remote workers who are learning how to work from home are dealing with gaps in there day that they occupy by playing games and seeking other multimedia experiences. Hackers are taking advantage of this by distributing malicious apps through links in gamer chat apps and cheat videos by creating their content containing links to fake apps. These apps disguise themselves as real with icons that closely simulate the actual apps but serve unwanted ads and collect user data. McAfee researchers uncovered apps such as FaceApp, Spotify, and Call of Duty all have fake versions trying to prey on unsuspecting users.
New Mobile Malware
McAfee researchers have also discovered new mobile malware called LeifAccess, also known as Shopper. This malware takes advantage of the accessibility features in Android to create accounts, download apps, and post reviews using names and emails configured on the victim’s device. McAfee researchers observed apps based on LeifAccess being distributed through social media, gaming platforms, malvertising, and gamer chat apps. Fake warnings are used to get the user to activate accessibility services, enabling the full range of the malware’s capabilities.
Legitimate Apps Used by Hackers
There are also legitimate apps aimed at stealing data used by Hackers. McAfee researchers found that a series of South Korean transit apps were compromised with a fake library and plugin that could exfiltrate confidential files called MalBus. The attack was hidden in a legitimate South Korean transit app by hacking the original developer’s Google Play account. The series provides a range of information for each region of South Korea, such as bus stop locations, route maps, and schedule times for more than five years. MalBus represents a different attack method as hackers went after the account of a legitimate developer of a popular app with a solid reputation.
What’s clear is that with so many more remote workers in play, hackers will have a bigger pool of people to target, which is why a comprehensive suite of security, backup, and management solutions for those who use Office 365 is an excellent route to protecting these users.
During this time of COVID-19, people need to protect their email with powerful tools that can scan the email tenant for phishing and malware. Not only do they need tools to look for the usual suspects but also advanced AI systems and tools such as a Security Information and Event Management (SIEM) system. These tools find suspicious or malicious events and have an extra layer of security by having real human beings that can take action and remediate potential security threats.Services such as Secure IT – Mail are able to fulfil the needs of keeping users secure while working remote.
The current COVID-19 situation has led to a lot of organizations to shift their entire workforce to work remotely. For some organizations, this means that employees may be working remotely for the first time. Working remotely changes the way teams interact and work together and staying productive can be difficult in these circumstances. Here are five best practices for keeping teams on task and fostering collaboration as teams work remotely.
1. Use A Reliable Platform
Solely relying on email to communicate
with your remote workforce is ineffective. Users may receive many emails per
day and miss important messages. Being able to communicate via web chat, phone
call or video conferencing makes it easier and faster for users to talk to one
another. It also allows users to easily share documents/their work and receive
feedback in real-time.
2. Meet Regularly
Staying connected with employees is
essential, especially if your team usually sees each other every day.
Scheduling meetings (via video call or phone chat) to communicate throughout
the day is a great way to stay engaged and keep one another updated on
completed/ongoing tasks and goals.
3. Support Employees
Employees who are not used to working
remotely may be struggling with the shift. The added social isolation and
overarching health concern may also cause employees additional stress or
anxiety. It’s important to check in with employees, listen to their concerns
and empathize with their situations. If your organization offers an employee
assistance program (EAP), remind employees that they have access to this
4. Stay Accessible
When working apart, users will need to
communicate with one another more often. Unlike an office setting where
employees can pop by your desk/office, employees have no idea whether you’re
out to lunch or in a meeting. Leaving your calendar open or having a status
notification displayed will inform employees of your availability. That way,
they know if you’re too busy to respond to their query.
5. Prioritize Tasks
Help employees focus on their initiatives
by providing direction on how they should engage with their current priorities.
Discuss with each team member individually on where each person should direct
their focus and ensure they know which tasks should be a priority. If you can
narrow down their tasks, they will feel less overwhelmed and be able to direct
their attention to the most critical projects.
For more tips and resources, we’ll be releasing our resource center soon!