Information Technology

Image: Malwarebytes
US cyber-security firm Malwarebytes today said it was hacked by the same group which breached IT software company SolarWinds last year.

Malwarebytes said its intrusion is not related to the SolarWinds supply chain incident since the company doesn’t use any of SolarWinds software in its internal network.
Also: Best VPNs • Best security keys
Instead, the security firm said the hackers breached its internal systems by exploiting an Azure Active Directory weakness and abusing malicious Office 365 applications.
Malwarebytes said it learned of the intrusion from the Microsoft Security Response Center (MSRC) on December 15.
At the time, Microsoft was auditing its Office 365 and Azure infrastructures for signs of malicious apps created by the SolarWinds hackers, also known in cyber-security circles as UNC2452 or Dark Halo.
Malwarebytes said that once it learned of the breach, it began an internal investigation to determine what hackers accessed.

“After an extensive investigation, we determined the attacker only gained access to a limited subset of internal company emails,” said today Marcin Kleczynski, Malwarebytes co-founder and current CEO.
Malwarebytes products are not affected
Since the same threat actor breached SolarWinds and then moved to poison the company’s software by inserting the Sunburst malware into some updates for the SolarWinds Orion app, Kleczynski said they also performed a very thorough audit of all its products and their source code, searching for any signs of a similar compromise or past supply chain attack.
“Our internal systems showed no evidence of unauthorized access or compromise in any on-premises and production environments.
“Our software remains safe to use,” Kleczynski added.
After today’s disclosure, Malwarebytes becomes the fourth major security vendor targeted by the UNC2452/Dark Halo threat actor, which US officials have linked to a Russian government cyber-espionage operation.
Previously targeted companies include FireEye, Microsoft, and CrowdStrike.

SolarWinds Updates More

[embedded content]
There has been a growing movement away from social media giants such as Facebook and Twitter recently.
Users are getting fed up with relentless privacy violations, surveillance capitalism, political bias, targeting, and newsfeed manipulation by these companies.
MeWe
And other social media platforms are benefitting from this tidal wave. Los Angeles-based social media network MeWe, touted to be the ad-free future of social networking, is currently the No. 1 downloaded social app in the Google Play Store, and the No. 3 downloaded app out of all apps in the store.
The privacy-first “anti-Facebook” platform added 2.5 million new members in the last week.
Since launching in 2016, it surged to nine million users in October 2020, doubling its membership during each of the last three years.
The platform is currently sitting at 15.5 million members — 50% of whom are outside of North America.
MeWe is now translated into 20 languages and is currently the No. 1 social app in Hong Kong.

The company says that its membership spikes frequently — as people worldwide seek a social network that respects them as customers to be delighted, not with ‘data to share, target, or sell”.
MeWe claims to be the new mainstream social network with the features people love and no ads, no targeting, and no newsfeed manipulation.
MeWe is the most downloaded social app and No. 3 in the list of most downloaded apps as of Jan. 15, 2021.
It was knocked off the top slot by WhatsApp alternatives Signal and Telegram, which are benefitting from the brouhaha over WhatsApp’s data privacy changes.
Users are becoming disillusioned by the data gathering from platforms such as Facebook. MeWe gives users total control over their data along with privacy no ads, no targeting, no facial recognition, no data mining, and no newsfeed manipulation.
The main feed can become a little overwhelming at times, but you quickly learn to focus on the information you want to see.
I think that the platform will continue to grow as more and more users come to enjoy the freedom of the feed, and the ad-free look and feel.
MeWe Premium subscriptions will also enjoy steady growth across 2021 and its business pages ($1.99 per month) will be able to compete effectively in a decidedly un-crowded marketplace.
MeWe’s challenge will certainly be keeping up with the hardware needed to scale the platform to cope with this explosion of growth.
Hopefully, its investors have planned for this, and there is plenty of headroom to cope with the tidal flow of new users adopting the platform.
Newer platform users might not remember the Twitter fail whale web page, which appeared as the platform struggled to scale (usually at 8 am PT, as users logged on to find out what had happened overnight).
MeWe will have to ensure that it smoothly incorporates the scalable infrastructure as its membership continues to grow
Long may it continue, MeWe. I love what I’m seeing so far. An ad-free social media platform, with an option to pay for extra features, will surely come to dominate the ad-riddled freemium model we have come to hate.

Social Networking More

Google has released Chrome 88 today, permanently removing support for Adobe Flash Player and bringing an end to an internet era.

Flash reached its official end of life (EoL) on December 31, 2020, when Adobe officially stopped supporting the software. On January 12, Adobe also began blocking content from playing inside Flash, as part of its final nail in the coffin.
Google is not alone in its move to remove Flash. The decision was made together with Adobe and other browser makers such as Apple, Mozilla, and Microsoft, in 2017. Apple and Mozilla have also stopped supporting Flash, and Microsoft is scheduled to end support later this month.
Currently, according to web technology survey site W3Techs, only 2.2% of today’s websites use Flash code, a number that has plummeted from a 28.5% figure recorded at the start of 2011.
Speaking at a conference in February 2018, Parisa Tabriz, Director of Engineering at Google, said the percentage of daily Chrome users who’ve loaded at least one page containing Flash content per day went down from around 80% in 2014 to under 8% in early 2018, a number that has most likely continued plummet since.
FTP support is also gone
But today’s Chrome 88 release also comes with other features, deprecations, bug fixes, and security patches. One of the most important changes is the removal of support for accessing FTP links (ftp://) inside Chrome, a process that started back in Chrome 86:
Chrome 86 – FTP is still enabled by default for most users but turned off for pre-release channels (Canary and Beta) and will be experimentally turned off for one percent of stable users. In this version, you can re-enable it from the command line using either the –enable-ftp command line flag or the –enable-features=FtpProtocol flag.
Chrome 87 – FTP support will be disabled by default for fifty percent of users but can be enabled using the flags listed above.
Chrome 88 – FTP support will be disabled.
Chrome now blocks mixed, insecure downloads
In Chrome 88, Google has also finished a plan it began last year. With today’s release, Chrome now blocks certain HTTP file downloads.

Cases where Chrome will stop downloads include when a user is accessing a web page that starts with HTTPS, but the file is downloaded from an URL starting with HTTP. Chrome deems these cases as “mixed” and “insecure” downloads, and starting with Chrome 88 will block them completely for the users’ protection.

Image: ZDNet
Other changes
On top of this, Chrome 88 has also removed support for the old DTLS 1.0 protocol, used inside Chrome as part of its WebRTC support.
Furthermore, Chrome 88 will also include an origin trial for detecting idle state. When enabled by the user, the origin trial will allow websites to request the ability to query if users are idle on a browser, allowing messaging apps to direct notifications to the best device.
For some Chrome 88 users, Google will also test a new user interface for the permission drop-down panel, the UI through which websites request permissions to access various user systems, such as the microphone, file system, and others.
Users will also be able to search through all open tabs in Chrome 88.
In addition, Chrome 88 also drops support for OS X 10.10 (OS X Yosemite). Going forward, Chrome on Mac will require OS X 10.11 or later.
Chrome 88 will also block tab-nabbing attacks, as previously reported here by ZDNet, and the browser will also heavily throttle JavaScript timer operations in background tabs to improve performance and reduce CPU and RAM use.
Another major change is that Chrome 88 now also officially supports extensions built with Manifest v3 extension rules. Extensions built on this new controversial system can now also be uploaded to the Chrome Web Store.
And last but not least, single words entered in the URL bar will not be treated as intranet locations by default in enterprise versions of Chrome 88.
[embedded content]
But we only touched on the major Chrome 88 features. Users who’d like to learn more about the other features added or removed in this new Chrome release can check out the following links for more information:
Chrome security updates are detailed here [not yet live].
Chromium open-source browser changes are detailed here.
Chrome developer API deprecations and feature removals are listed here.
Chrome for Android updates are detailed here [not yet live].
Chrome for iOS updates are detailed here.
Changes to Chrome V8 JavaScript engine are available here.
Changes to Chrome’s DevTools are listed here. More

Image via Brave
With the release of Brave 1.19 today, Brave has become the first major browser maker to support IPFS, a peer-to-peer protocol meant for accessing decentralized or censored content.

Released in 2015, IPFS stands for InterPlanetary File System. It is a classic peer-to-peer protocol similar to BitTorrent and designed to work as a decentralized storage system.
Also: Best VPNs • Best security keys
IPFS allows users to host content distributed across hundreds or thousands of systems, which can be public IPFS gateways or private IPFS nodes. Users who want to access any of this content must enter an URL in the form of ipfs://{content_hash_ID}.
Under normal circumstances, users would download this content from the nearest nodes or gateways rather than a central server. However, this only works if users have installed an IPFS desktop app or a browser extension.
Brave says that with version 1.19, users will be able to access URLs that start with ipfs://, directly from the browser, with no extension needed, and that Brave will natively support ipfs:// links going forward.
Since some major websites like Wikipedia have IPFS versions, users in oppressive countries can now use Brave’s new IPFS support to go around national firewalls and access content that might be blocked inside their country for political reasons and is available via IPFS.

In addition, Brave also says that its users can also install their own IPFS node with one click with version 1.19 and help contribute to hosting some of the content they download to view.
A focus on privacy features
“We’re thrilled to be the first browser to offer a native IPFS integration with today’s Brave desktop browser release,” said Brian Bondy, CTO and co-founder of Brave. “Integrating the IPFS open-source network is a key milestone in making the Web more transparent, decentralized, and resilient.”
This marks the second decentralized browsing protocol that Brave now supports after integrating the Tor network and the Onion protocol in June 2018 in the form of a feature now known as “Tor Tabs.”
But Brave also said that work on its IPFS integration is also expected to expand in the coming future. The browser maker plans to support automatic redirects from DNSLink websites to their native IPFS versions, the ability to co-host an IPFS website, the ability to easily publish to IPFS, and more, in future versions.
Native IPFS support is just the latest in a long line of privacy-focused features that Brave has added to its product. Previous ones include support for a private video chat system, a built-in ad blocker, fingerprinting randomization, minimal telemetry, query parameter filtering, social media blocking, and others.
Brave, which launched in 2016 to great fanfare, is currently believed to have around 24 million monthly active users, after passing the 20 million mark last November. More

There’s been a significant rise in organisations encountering malware attacks on remote devices over the course of the last year as employees have been forced to work from home.
The ongoing coronavirus pandemic has resulted in more remote working than ever before and both organisations and employees have had to quickly adapt to this new environment and the additional challenges that come with it.
One of those challenges is cyber criminals attempting to take advantage of remote workers’ insecure PCs as an entry point into corporate networks.
As a result of this, there’s been a rise in malware attacks targeting remote workers and according to cybersecurity company Wandera’s Cloud Security Report 2021, over half of organisations – 52 percent – experienced a malware incident on a remote device. That’s up from just 37 percent of organisations experiencing malware attacks on remote devices during 2019.
In many instances, cyber criminals are taking advantage of known vulnerabilities in software to help deliver malware under the radar, as users struggle with software management and patch installation without the direct aid of a corporate IT team.
SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)
Remote workers are tricked into downloading malicious applications from phishing emails which install malware, but they believe they’re installing something which will help their productivity.

“More often than not, the offending apps were being downloaded and installed by the remote workers themselves,” Michael Covington, VP at Wandera told ZDNet.
“We saw a fairly large number of apps claiming to offer collaboration functionality, though in reality they were designed to steal private information like messaging content or trick the user into granting access to the camera and microphone, thus enabling a remote attacker to eavesdrop”.
Worryingly, of those devices compromised by malware, over a third of users continued to access corporate emails while one in ten continued to access cloud services – both potentially providing hackers with much wider access to the network than they’d initially gained by compromised one remote machine.
Securing remote employees is proving to be a challenge for information security teams, who themselves are are now also working remotely, making the job even more difficult.
However, engaging with remote employees to provide advice on how to work safely and securely can go a long way to keeping them – and the wider organisation – safe from cyber attacks, something which will be better for everyone in the long run.
“Continuously engaging with workers on the sign-in mechanisms they should use, the incident reporting they should follow, and the applications that are approved for work will help everyone do their part to protect the business and its assets,” said Covington.
MORE ON CYBERSECURITY More

Image: Getty Images/iStockphoto
Cybersecurity firm FireEye has released today a report detailing the techniques used by the SolarWinds hackers inside the networks of companies they breached.

Together with the report, FireEye researchers have also released a free tool on GitHub named Azure AD Investigator that they say can help companies determine if the SolarWinds hackers (also known as UNC2452) used any of these techniques inside their networks.
Also: Best VPNs • Best security keys
Today’s FireEye report comes as the security firm has spearheaded investigations into the SolarWinds supply chain compromise, together with Microsoft and CrowdStrike.
The SolarWinds hack came to light on December 13, 2020, when FireEye and Microsoft confirmed that a threat actor broke into the network of IT software provider SolarWinds and poisoned updates for the Orion app with malware.
The malware, known as Sunburst (or Solorigate), was used to gather info on infected companies. Most of the 18,000 SolarWinds customers who installed a trojanized version of the Orion app were ignored, but for some selected targets, the hackers deployed a second strain of malware known as Teardrop and then used several techniques to escalate access inside the local network and to the company’s cloud resources, with a special focus on breaching Microsoft 365 infrastructure.
In its 35-page report today, FireEye has detailed in great detail and depth these post initial compromise techniques, along with detection, remediation, and hardening strategies that companies can apply.

Summarized, they are as follows:
Steal the Active Directory Federation Services (AD FS) token-signing certificate and use it to forge tokens for arbitrary users (sometimes described as Golden SAML). This would allow the attacker to authenticate into a federated resource provider (such as Microsoft 365) as any user, without the need for that user’s password or their corresponding multi-factor authentication (MFA) mechanism.
Modify or add trusted domains in Azure AD to add a new federated Identity Provider (IdP) that the attacker controls. This would allow the attacker to forge tokens for arbitrary users and has been described as an Azure AD backdoor.
Compromise the credentials of on-premises user accounts that are synchronized to Microsoft 365 that have high privileged directory roles, such as Global Administrator or Application Administrator.
Highjack an existing Microsoft 365 application by adding a rogue credential to it in order to use the legitimate permissions assigned to the application, such as the ability to read email, send email as an arbitrary user, access user calendars, etc., while bypassing MFA.
“While UNC2452 has demonstrated a level of sophistication and evasiveness, the observed techniques are both detectable and defensible,” FireEye said today.
In fact, it was FireEye’s ability to detect these techniques inside its own network that led to the company investigating an internal breach and then discovering the broader SolarWinds incident.
Similar tools to the one FireEye released today have also been released by the US Cybersecurity and Infrastructure Security Agency (called Sparrow) and CrowdStrike (called CRT).

SolarWinds Updates More

If your online life revolves around Gmail, Chrome, and other Google software and services, your Google account is one of your most precious online resources. That’s especially true if you use the Gmail address associated with that account as your primary email address.

An online criminal who gets hold of those credentials can cause chaos and do catastrophic damage to your online life, which is why it’s important to protect your Google account from being compromised.
Also: Best VPNs • Best security keys  
In this post, I list seven steps you can take to help you lock that account down so it’s safe from online attacks. If this sounds familiar, it’s a mirror of the recommendations I published earlier for Microsoft accounts: “How to lock down your Microsoft account and keep it safe from outside attackers.” Although there are similarities between the two companies’ security tools, there are also some important differences.
As with all things security-related, making your online assets safer from outside attack involves trade-offs with convenience. To help with that balancing act between convenience and security, I’ve divided the steps into three groups, based on how tightly you want to lock down your Google account.
(And please note that the steps described in this article are about personal accounts associated with free Gmail addresses. Google’s paid business services, including Google Workspace, are managed by domain administrators. Although some user configuration steps are the same, administrators can set policies that affect security settings. If your Gmail account is provided by your employer, check with them about best practices for securing that account.)
Baseline security
This level is sufficient for most ordinary PC users, especially those who don’t use their Gmail address as a primary factor for signing in to other sites. If you’re helping a friend or relative who’s technically unsophisticated and intimidated by passwords, this is a good option.

At a minimum, you should create a strong password for your Google account. That password should be one that’s not used by any other account.
In addition, you should turn on 2-step verification (Google’s term for multi-factor authentication) to protect yourself from phishing and other forms of password theft. When that feature is enabled, you have to supply an additional proof of your identity when you sign in for the first time on a new device or when you perform a high-risk activity, such as paying for an online purchase. The additional verification typically consists of a code sent as an SMS text message to a trusted device or a prompt sent to a smartphone.
Also: Better than the best password: How to use 2FA to improve your security 
Better security
Those baseline precautions are adequate, but you can tighten security significantly with a couple extra steps.
First, set up your smartphone as an authentication factor, using an app such as Google Authenticator. You can also sign in on a smartphone using your Google account, which automatically enables it to receive prompts for use as a sign-in and verification option. Then remove the option for using SMS text messages to verify your identity.
With that configuration, you can still use your mobile phone as an authentication factor, but a would-be attacker won’t be able to intercept text messages or spoof your phone number.
Also: Microsoft urges users to stop using phone-based multi-factor authentication 
Maximum security
For the most extreme security, add at least one physical hardware key along with the Google Authenticator app and, optionally, remove personal email addresses as a backup verification factor. That configuration places significant roadblocks in the way of even the most determined attacker.
This configuration requires an extra investment in hardware and it definitely adds some friction to the sign-in process, but it’s by far the most effective way to secure your Google account.
Also: Best security keys in 2020: Hardware-based two-factor authentication 
STEP 1: CREATE A NEW, STRONG PASSWORD
First things first: You need a strong, unique password for your Google account. The best way to ensure that you’ve nailed this requirement is to use your password manager’s tools to generate a brand-new password.
(No password manager? Try an online option like the 1Password Strong Password Generator or the LastPass Password Generator Tool.)
Generating a new password ensures that your account credentials are not shared with any other account; it also guarantees that an older password that you might have inadvertently reused isn’t part of a password breach.
To change your password, go to the Google Account Security page at https://myaccount.google.com/security. Sign in, if necessary, then click Password (under the Signing In To Google heading) and follow the prompts to change your password.
Also: The best password managers for business: 1Password, Keeper, LastPass, and more 

Make sure the password you enter here is strong and isn’t used for any other online account.
Follow the instructions to save the new password using your password manager. Feel free to write it down, if you prefer a physical backup. Just make sure to store the paper in a secure location, such as a locked file drawer or a safe.
STEP 2: TURN ON TWO-STEP VERIFICATION
Don’t leave the Google Account Security page just yet. Instead, scroll up to the Two-Step Verification section and make sure this option is turned on. Use the default option to receive codes via text message on a mobile phone you personally own. (You can set up other, more advanced forms of verification as well, but we’ll get to those later.)
The setup process is a fairly straightforward wizard that confirms you are able to receive verification messages. After it’s complete, stay on that page for the next step.

Basic 2-step verification uses SMS text messages, which are adequate for low-risk accounts.
STEP 3: PRINT OUT RECOVERY CODES
Next step is to save a set of recovery codes. Having access to one of these codes will allow you to sign in to your account if you’ve forgotten the password or if you’ve lost your phone. Without this backup, you risk being permanently locked out.
On the Google Account Security page, find the Backup Codes option and click Set Up. That opens a pop-up dialog box like the one shown here, containing 10 codes that you can use when you’re prompted for a second verification factor. Print out that page and file it away in the same locked file cabinet or safe where you put your password.

  Print out a set of recovery codes and store them in a safe place where you can find them quickly if you lose access to your account.
Note that you can return to this page at any time to see your list of backup codes and print a fresh copy. Codes can only be used one time, and will be indicated as “Already used” if you reprint the list. Generating a new batch of codes renders the old batch invalid.
And now for some more advanced security options.
STEP 4: ADD A RECOVERY EMAIL ADDRESS
Registering a recovery email address is an important security precaution. In the event that Google detects suspicious activity on your account, you’ll receive a notification at this address.
Having a recovery email is also helpful if you forget your password. When two-step verification is enabled, resetting your password requires at least two forms of verification, such as a printed backup code and a code from an email message sent to a registered email account. You’ll need to supply both of those forms of identification or you risk being permanently locked out.
Go back to the Google Account Security page and click Recovery Email (under the Ways We Can Verify It’s You heading). Enter or change the recovery email address. You’ll receive a notification at that address to confirm that it’s available for recovery,
Which address should you use here? A free backup email address, such as a Microsoft Outlook.com account, is acceptable if your security needs are minimal. A better option is a business email address, which is under the control of an administrator and is more difficult to hack into than a personal account.
Also: Best email hosting services in 2020: G Suite, Microsoft 365, and more options 
STEP 5: SET UP YOUR SMARTPHONE AS AN AUTHENTICATOR
When you register your smartphone as a trusted device, Google gives you two ways to use it for authentication purposes.
If you use an Android device that’s signed in using your Google account, you can sign in to any Google service by responding to prompts from Google. This option doesn’t require any extra setup.
On an iPhone or iPad, you need to download the Google or Gmail app, sign in with your Google account, and turn on push notifications. (Full instructions are on this Google Support page: “Sign in with Google prompts.”)
In addition, you can use Google Authenticator or another smartphone app that generates Time-based One-time Password Algorithm (TOTP) codes for multi-factor authentication. I highly recommend using one of these apps for any service that supports them. (For more on these options, see “Protect yourself: How to choose the right two-factor authenticator app.”)
To set up Google Authenticator (or another authenticator app) for use with a Google account, go to the Google Account 2-Step Verification page. Under the Authenticator App heading, click Set Up. (If you’re replacing your phone, click Change Phone). Install the app, if necessary, and then follow the prompts to add your account using the bar code that the authenticator app displays.

After installing an authenticator app, use this barcode to set up your Google account to generate TOTP codes.
STEP 6: REMOVE SMS TEXT MESSAGES AS A FORM OF VERIFICATION
By this point, you should have more than enough secure ways to authenticate yourself and verify your identity. That means it’s time to remove the weakest link in the chain: SMS text messages.
What makes SMS text messages so problematic from a security point of view is the reality that an attacker can hijack your mobile account. It happened to my ZDNet colleague Matthew Miller a few years ago, and I wouldn’t wish that nightmare on anyone. (For details and some additional security advice, see “Protect your online identity now: Fight hackers with these 5 security safeguards.”)
Before you change this setting, confirm that you have at least two alternative forms of verification (a secure email address and the Google Authenticator app, for example) and that you’ve saved backup codes for the account. Then, from the Google Account 2-Step Verification page, go to the Voice Or Text Message section. There, you’ll find entries for each of the phone numbers registered as 2FA factors for your account.
Click the pencil icon to the right of a number to open its properties and click Remove Phone to eliminate its entry. Repeat for other numbers you want to remove.
STEP 7: USE A HARDWARE SECURITY KEY FOR AUTHENTICATION

  Using a hardware key, you can sign in to your Google account with a tap.
This step is the most advanced of all. It requires an investment in extra hardware, but the requirement to insert a device into a USB port or make a connection via Bluetooth or NFC adds the highest level of security.
For an overview of how this type of hardware works, see “YubiKey hands-on: Hardware-based 2FA is more secure, but watch out for these gotchas.”
To configure a hardware key, go to the Google Account 2-Step Verification page, click Add Security Key, and then follow the prompts.
You’ll need to enter the PIN for your hardware key, then touch to activate it. When that setup is complete, you’ve got a powerful way to sign in to any service powered by your Google account without having to fuss with passwords.
As I mentioned at the start of this article, most people don’t need this level of advanced protection. But if your Google Drive account includes valuable documents like tax returns and bank statements, you’ll want to lock it down as tightly as possible. More

Remote working has put people at risk of being targeted by cyber criminals because home networks are rarely set up with enterprise-level security in mind. But a new tool could give home workers the same protections against cyberattacks as they’re used to in the office.
The UK’s National Cyber Security Centre’s (NCSC) Protective Domain Name Service (PDNS) has been active since 2017, helping to keep public sector workers as safe as possible from cyberattacks – and now there’s a version for remote workers.

More on privacy

PDNS is designed to stop the use of DNS for spreading and operating malware, ransomware and other cyber threats by preventing the browser from finding websites that have been identified as malicious – ultimately, if you’re working from a public sector building, your computer is protected by PDNS.
SEE: A winning strategy for cybersecurity (ZDNet special report) | Download the report as a PDF (TechRepublic)
However, the COVID-19 pandemic forced many employers to send their their employees to work from home and the public sector is no different in that regard, with remote working suddenly becoming the new norm.
That meant that government employees suddenly found themselves outside of protected networks and more vulnerable to hackers and malware because they’re not protected by PDNS at home – so their networks could find and connect to malicious sites if the user was exposed to one.
With this in mind, the NCSC – in partnership with Nominet – released a free tool that enables remote workers across the public sector to stay safe with PDNS from home.

The PDNS Digital Roaming application for Windows 10 detects when a device is being used outside of an enterprise network and redirects DNS traffic to PDNS using an encrypted DNS over HTTPS (DoH) protocol. It offers users the same protections against malware and other cyber threats as they’d have when connecting from the corporate network.
SEE: How do we stop cyber weapons from getting out of control?
PDNS Digital Roaming is available to all public sector staff, even if they weren’t using it on enterprise networks previously. The NCSC notes that PDNS isn’t a VPN but a “lightweight application” that encrypts and redirects DNS traffic to keep users safe.
“By installing it on their device, staff can ensure that their DNS traffic is being directed to the PDNS and is thus protected by this innovative service,” said David Carroll, MD of Nominet’s NTX Cyber division.
“Solutions like the PDNS help to secure the critical infrastructure that our nation relies on, the organisations that house our most personal records, and the institutions that we turn to in our hours of most need,” he added.
MORE ON CYBERSECURITY More