3D printing gets smarter in healthcare

Since we last reported an amazing 3D printing story in January 2015, the technology continues to demonstrate its extraordinary enabling powers in the operating theatre for the NHS, with another life transformed as reported this week.

Surgeons were able to use 3D printers to replicate body parts in a kidney transplant from father to daughter at Guy’s and St Thomas’ NHS Foundation Trust in London recently.  With the contrast in size of the organs, 3D printers were used to make models of the daughter’s abdomen and father’s kidney from CT and MRI scans. This enabled the surgeons to accurately plan and rehearse the complex operation.

Hard printouts created the girl’s pelvis, whilst her liver was made softer in a liquid plastic model to enable the doctors to practice pushing it out of the way to make way for the new kidney. Happily, the little girl can now run around and eat normally and enjoy a very different outcome and normal childhood, whilst her parents have the simple joy of planning for her nursery integration in the Autumn.

Unlike in medical robotics where there have been more than two million operations since 2000 the robotics arena still carries challenges in winning over patient confidence.  Here however, the winning smiles of father and daughter amply reflect the achievement of partnership between the human hand and advanced printing technology that shows there is plenty more in store in the future of 3D printing.

first-kidney-transplant-3dprinting-changes-life-northern-ireland-toddler-lucy-1

Does your company include “cyber” on the Board agenda every month?

Amicus ITS has long been an exponent of the merit of having an IT expert on a company Board.  Indeed ‘cyber’ has been on Amicus ITS’ own Board’s monthly agenda for the past 18 months.

As we continue to convey this good practice recommendation with our customers, this message is now being endorsed by HM Gov’s Treasury department in a direct appeal to the major UK banks.

As reported in The Sunday Times (240116), Andrew Tyrie, Treasury committee chairman and Tory MP for Chichester, wrote to the major financial institutions over the weekend demanding that they take urgent steps to thwart hacking and data theft.  “Bank IT systems don’t appear to be up to the job”, he said.  “Every few months we have yet another IT failure at a major bank.  These IT weaknesses are exposing millions of people to uncertainty, disruption and sometimes distress.  Businesses suffer too.  We can’t carry on like this”.

The remedy is no magic potion.  The Treasury MP is advocating hard investment in computer systems and that banks answer to a new group within the financial regulator, the Prudential Regulation Authority.

No banks are immune.  Barclays, HSBC, Lloyds and the UK tax payer’s own bank Royal Bank of Scotland (RBS) have all suffered outtages.  Most recently, HSBC suffered a two day failure in its online banking services in January 2016. This follows last August’s dropout when a glitch prevented salaries being paid ahead of the August Bank Holiday.  Other banking failures have included mortgage and pension payments. RBS which has experienced many problems was fined £56 million in 2015 for an IT glitch in 2012 that left millions of customers unable to access their accounts.

The Deputy Governor of the Bank of England, Andrew Bailey is expected to head up a new specialist IT unit within the Bank of England’s Prudential Regulation Authority to ‘ensure lendors are investing enough in their systems’.  We wait to see whether this specialist financial regulator post has the teeth and influence to create the necessary change and improvements required – and soon.  If our banking blog of 31st January 2014 is anything to go by, it could be a very long wait.  Could this MPs plea be one of hope more than expectation?

Irrespective of business sector, it is a timely reminder for companies not to put off updating infrastructures or reinforcing vital firewalls by holding on to unspent, shored up profits post recession.  In our technically challenging world, businesses cannot afford NOT to maintain and future-protect their IT systems, let alone ignore recommendations to invest in protecting against increasingly sophisticated and cynical cyber threats facing every organisation.
• 80% of cyber attacks in 2014 were preventable (source:   Ponemon Institute)
• Only 21% of companies say their Board gets comprehensive information about cyber threat*.
• Only 17% of Board members believe they have a full understanding of the risks*.

Action – do a cyber health check review of your company after today:

• Re-evaluate the crown jewels of YOUR organisation (key information and data assets)
• Review risk from 3rd party suppliers (get into active compliance).
• Be pro-active and transparent about risk – your customers will thank you.
• Arrange for a cyber threat ‘pen test’ and get in shape for 2016.

In the constantly evolving world of cyber security, the wise understand that there is no panacea against cyber attack, it is just a matter of when – however, those best armed against the enemy will be the ones best prepared for attack, understanding and prompt response.

Why SMEs really should care about hacking

There may have been a mistaken belief amongst SMEs that they are NOT a principle target for cyber attack.  This has been firmly refuted by security firm Symantec following their research of the trends which evolved during 2015 and which has just been published in their latest report.

UK, US and Indian SMEs in particular are being targeted, specifically with the goal of stealing money from businesses.

Hackers are using two types of Trojans (a common cyber threat method through which the victim is conned into launching malware believing it to be harmless) and social engineering (a confidence trick – essentially to get people to perform an action or divulge confidential information).

The newer, more sophisticated threats target, “employees responsible for accounts and fund transfers”.

Scammers will send emails from stolen or compromised accounts often related to finance and lure the employee to open them.  The email contains a .zip attachment, which once clicked on, opens a Pandora’s Box for the cyber attackers to log key strokes, steal files, passwords, access the camera and microphone.  The logging of key strokes is more sinister in that it tracks the keyboard use and pathway thereby tracking different websites etc. and passwords not even held on the computer as part of the data heist.

The email subject line might have a heading  such as the following:
• Re:Invoice
• PO
• Remittance Advice
• Payment Advise
• Quotation Required
• Transfer Copy
• TT Payment
• PAYMENT REMITTANCE
• INQUIRY
• Qoutation
• QUOTATION
• Request for Quotation

Hackers use two publicly available remote access Trojans (RAT):  Backdoor.Breut and Trojan.Nancrat.  Nancrat being the one most commonly used in the UK.

And it doesn’t have to be a swift in/out attack.  Hackers, once in, are happy to mooch around the computer to find out how to steal money.  “In some cases, attackers have been known to even download manuals to figure out how to use certain financial software,” the Symantec report says.

The recommendation of course is not to open suspicious attachments and to exercise caution when using email. All too often, a too-speedy key stroke can lead to an accidental but high impact outcome for the firm.  The solution is to get educated about cyber attacks and what they look like and treat email communications with cautious respect. That way, you get smart and your company and customers stay safe.

BT’s EE acquisition now cleared by the Competition and Markets Authority

BT-EE

Last January we reported on BT’s £12.5 billion takeover of mobile provided EE. We had since been awaiting to hear from the Competition and Marketing Authority (CMA) whether this move would significantly harm the competition, in not just the mobile provider arena but in the Quad-play (selling a package of fixed-line phone, mobile, internet and TV) space as well.  Surprisingly, the CMA have granted BT the all clear in the EE buy out.

Both BT and EE are giants in their specialties with BT controlling 37.6% of the UK home phone market, 31% of the UK fixed-broadband market and EE holding 33.8% mobile market share. Together they hold 35 million customers between them.

Rivals, including Vodafone and TalkTalk had voiced concern during the acquisition’s original announcement calling for competition authorities to force BT to spin off its Openreach operation which maintains the UK’s copper and fibre communications cable network. This has since gone to regulator Ofcom for review for whether BT and Openreach should in fact be split up due to concerns their performance to other providers had often been poor.

The bringing together of BT and EE will likely see both cross-promotion and cross-sales between landline services and mobile.  One would assume that customers buying all their telecommunications packages from both BT and EE should get monetary savings and they wouldn’t want to lose by switching their mobile carrier next time round, something that is more frequent in the mobile world compared to consumers switching their landline provider.

Another matter yet discussed is the fate of the EE brand, being relatively young at just 6 years. Despite its size as the largest in the market, BT may not be able to resist the temptation in switching the EE brand for uncool BT Mobile. If this was the case, we could see some users switch back over to other mobile provides due to BT’s lack of lustre reputation in customer services and lack of historic expertise in the mobile arena next to O2, Vodafone and even now Three.

Is this really a fair and prudent decision by the CMA in what should be a competitive marketplace?

The Microsoft Sim for Windows 10

cellular_data

Getting online on your PC or Microsoft tablet, outside a WiFi area may get easier soon with the new Windows Store listing called ‘Cellular Data’ by Microsoft.   The app is only designed to work with specific  Windows 10 devices and requires a Microsoft Sim.  The app details advise that you will be connect with and pay for a mobile data plan using your Microsoft account for payment, with no long term commitments.

This approach sounds similar to Apple’s with recent iPads, with an Apple Sim you can choose your network carrier on the device and choose a short-term rolling contract. So far the Apple Sim is limited to just the company’s iPad with no plans to date to bring the sim to its phones and laptops.

The safe bet is that the ‘specific Windows 10 devices’ mentioned in Microsoft’s store listing is referring to its own hardware like the Surface 3, which does come with a Sim card slot for LTE access and other future Surface devices with sim card slots. This would let consumers and businesses buy-in Surfaces from Microsoft and then decide later, commitment free which network carrier and tariffs to choose and on which devices.

The other, less safe, but more interesting bet is that in addition to Microsoft’s own hardware, the support for this app and service spans OEMs. So for example, an HP or Lenovo laptop or tablet could also come with Microsoft Sims, letting even more consumers and businesses take advantage of opting-in to mobile data as and when needed. Of course this would be a much more complex relationship between Microsoft and OEMs. If Microsoft didn’t want to cut OEM’s into a % of data plan profits they could offer one-off payments per Microsoft Sim shipped with device’s or simply offer Windows licencing discounts if Microsoft Sims are included with their laptops and tablets.

Whether we see the Microsoft Sim locked down to its own hardware or not, its presence still offers up some much needed flexibility and competition for mobile data users in the Microsoft ecosystem.

At the very least we would be surprised if we don’t see an announcement for an alternative Surface Pro 4 with cellular compatibility and a Microsoft Sim in the box in future.

Hactivists unmasked over BBC website collapse on New Year’s Eve 2015

“New World Hacking” finally claimed responsibility two days into 2016, following the attack on the BBC website which was a relatively common Distributed Denial of Service (“DDoS”) cyber attack.  The high profile targeting ensured that the BBC’s news service, iPlayer online TV and radio services were down for several hours on 31st December 2015, resulting in an error message being shown instead of the BBC homepage.

A DDos attack is where a website becomes overloaded with a surge of traffic it cannot handle, with result that the website’s servers stop responding to requests.

The targeting of the BBC was purportedly friendly fire!  The hactivists claim to concentrate on taking down websites supporting ISIS (Daesh) or sites affiliated to the terror group – and this exercise against the BBC was just to test the capabilities of their machines, because of the BBC’s high capacity to respond to traffic.  No doubt this made the BBC feel very comforted.

Amicus ITS security specialist Mark Heather added:  “This has been described as a DDoS attack but it appears to have been designed as a scoping exercise; not to attack the BBC per se, but to give the hactivists more insight as to their efficacy.  Unfortunately, there is little that companies can generally do to thwart this type of attack. But threat management can be deployed as part of a wider cyber security protection strategy”.

“Organisations can take certain preventative positive measures to thwart, circumvent or manage cyber threats.  ‘Threat analysis’ can be undertaken as part of an ongoing reputation exposure exercise. Your cyber security team can look out for any ‘Dark Chat’ underground threads published on web hactivist forums for example – and with this intelligence, then direct traffic towards a ‘honeypot’ mechanism for example” (see below)

honeypot-diagram

Honeypots can be used to check content before anything is passed through the firewall, as one of an organisation’s strategic steps to beefing up their data security.  As Mark comments:  “Much like the weather, you cannot stop rain from happening, but you can wrap yourself up warm and get your umbrella out knowing what the forecast is likely to be”. 

New-World-Hacking