Page 32
https://www.crn.in/digital-issue/july-2018-digital-magazine/
Tuesday, July 3, 2018
Friday, June 22, 2018
Disgruntled employees can pose serious threat
Tesla, the American multinational corporation that
specializes in electric vehicles, energy storage and solar panels. A
disgruntled Tesla employee broke into the company’s manufacturing operating
system and sent highly sensitive data to unknown third parties. This is a steadily
growing trend that is being witnessed in various parts of the world. Unhappy
employees / sacked employees and some cases even high performing ex-employees
try to actively damage their ex-employer. Such employees should be ashamed of
themselves.
What can Employers do?
well, there is help available now. Technology can help
address this issue. We now have Behavior analysis solutions that can figure out
the current mood of your employees - are they happy? sad? Angry? Frustrated?
Pose a danger to organization? The solution is called User and Entity Behavior
Analytics.
Saturday, May 26, 2018
Fancy Bear returns
The hackers responsible for
Democratic National Convention (DNC) hack in 2016 are back in the news again.
On May 23rd - Cisco announced a major breach of over 500,000 routers and
network storage devices. FBI acted swiftly and seized the internet domain that
was used in the attack, cutting off the communication between the hackers and
the infected devices. For now, the hackers will not be able to exploit these
half a million devices for their malicious intentions but the malware still
resides in all these devices. The infected devices are spread over 50 countries
and the most likely author of this Malware is Fancy Bear - the hackers behind
the 2016 DNC hack.
Researchers found VPNFilter
source code on these infected devices - the malware that was used by Russia to
attack Ukraine including the massive power outage. VPNFilter is hard to detect,
works in Stealth mode and is known to steal critical data from Infrastructure
systems.
As an immediate next step - it is
advised to reboot the devices, change the passwords, do not use default
passwords and disable remote admin on all internet facing devices. Legacy
security systems depend on static policies and rules for their providing
security, In an ever changing threat landscape of current times - there is a need
for RAP - Risk Adaptive Protection, which will understand the behavior of
people and adversaries to dynamically change policies and rules to provide
better security.
Thursday, May 3, 2018
Forcepoint helping its customers build a secured data environment
My interview with VAR India
By VARINDIA 2018-04-23
Calling for a shift in the way cyber security is approached, Ajay Dubey, National Manager - Partners & Alliances – Forcepoint tells VAINDIA of how as a security focused company, Forcepoint is trying to address the challenges that crop up while securing its customers and their critical data -
How is your organization geared up with security strategies for the industry at large?
Cyber security as a domain is going through a constant churn to help organisations stay focused on protecting against breaches, protecting critical business data at all times and complying with regulations. This is the reason, over the years, cyber security budgets have increased multi-fold, making it a huge industry. But, despite all these investments, the cyber security attacks have only increased.
This calls for a complete shift in the way cyber security is approached. If you look at threats and technologies, they continue to evolve, but one thing that has remained constant throughout is people. This is what Forcepoint is doing, it is rethinking security from a human-centric approach. The approach emphasizes understanding human behaviour and user interaction with critical data over networks of different trust levels to combat cyber-attacks.
Can you highlight the solutions you are offering for addressing the growing challenge of cyber security?
At Forcepoint, we have unique cyber security solutions for protecting the data -
• Our CASB (Cloud Access Security Broker) is designed to secure data on the cloud. CASB solutions address cloud service risks, enforce security policies, and comply with regulations, even when cloud services are beyond their perimeter and out of their direct control. We acquired Cloud Access Security Broker (CASB) firm Skyfence that has helped increase visibility, control and security as users interact with data wherever it resides, including within cloud applications.
• Forcepoint’s UEBA (User and Entity Behaviour Analytics) helps organizations to baseline behaviour of users and also entities like endpoint servers or applications and then see if there are any deviations from normal baseline. We acquired Red Owl, a leader UEBA (User and Entity Behaviour Analytics) technology to better understand and manage human risk.
• Forcepoint’s Web and Email Security Solutions protect users against multistage advanced threats that often exploit user’s data, which penetrate the organisation’s IT defences.
• Forcepoint NGFW (Next Generation Fire Wall) caters not only to network needs but also security needs of all the networks of our customers. With NGFW 6.4, network security admins can more clearly see and understand the rhythm of their people as they use network resources.
• Our data protection is integrated with DLP (Data Loss Protection) solution and now we have augmented our DLP with insider threat and UEBA (User Entity Behaviour Analytics) solution that understands the context and intent of user behaviour and dynamically applies enforcement policies to activity representing the highest risk.
How are you seeing the security trend to continue in 2018?
The biggest security trend in 2018 will be EU’s GDPR regulation which will have a considerable impact on nations that control or process data of EU citizens. With the regulation of GDPR coming into action in May 2018, the focus should now shift towards three areas like the adoption of the prescribed nature of controls in the regulation in specific areas, improvement of the existing privacy structure to work according to the requirements of the regulation and reassessing the opportunity of processing in the context of GDPR.
The second massive trend that’s being observed is the adoption of cloud. Even highly regulated industries like banks have started to adopt cloud on a big scale but the problem with cloud is that it opens up everything and it does not restrict the access anymore.
Additionally, the IT security solutions are unable to understand behaviour of malicious, accidental or compromised users in spite of the technology investments. Therefore, cyber security must move from a technology-centric view to one that understands human behaviour and intent and employ a security system that can effectively do the same.
With new wave of security intelligence and its intensification, what are your prospect marketing plans?
Forcepoint’s unique brand strategy of focusing on cyber behaviours instead of emphasizing just on technology to protect a perimeter that no longer exists has helped customers in building a data secured environment. This approach requires both intelligent systems and transparent collaboration between an organization’s stakeholders.
Our brand’s theme of protecting organisations against accidental, compromised or malicious users to protect against data thefts reflect the shift in the current security paradigm, which is largely technology-oriented, to focus on people as they interact with critical business data and intellectual property.
How are you going to leverage your market strategy to further boost your presence in the country?
Our approach is to help our customers increase their security effectiveness while lowering risks as they accelerate digital transformation of their business. We continue to engage with companies across the entire ecosystem including Banking and Finance, IT and ITeS, Manufacturing, Government, Pharmaceutical, Insurance and many more to help them understand the need to protect critical data and importance of providing their employees access to the right data whenever and wherever it’s needed.
Cyber security as a domain is going through a constant churn to help organisations stay focused on protecting against breaches, protecting critical business data at all times and complying with regulations. This is the reason, over the years, cyber security budgets have increased multi-fold, making it a huge industry. But, despite all these investments, the cyber security attacks have only increased.
This calls for a complete shift in the way cyber security is approached. If you look at threats and technologies, they continue to evolve, but one thing that has remained constant throughout is people. This is what Forcepoint is doing, it is rethinking security from a human-centric approach. The approach emphasizes understanding human behaviour and user interaction with critical data over networks of different trust levels to combat cyber-attacks.
Can you highlight the solutions you are offering for addressing the growing challenge of cyber security?
At Forcepoint, we have unique cyber security solutions for protecting the data -
• Our CASB (Cloud Access Security Broker) is designed to secure data on the cloud. CASB solutions address cloud service risks, enforce security policies, and comply with regulations, even when cloud services are beyond their perimeter and out of their direct control. We acquired Cloud Access Security Broker (CASB) firm Skyfence that has helped increase visibility, control and security as users interact with data wherever it resides, including within cloud applications.
• Forcepoint’s UEBA (User and Entity Behaviour Analytics) helps organizations to baseline behaviour of users and also entities like endpoint servers or applications and then see if there are any deviations from normal baseline. We acquired Red Owl, a leader UEBA (User and Entity Behaviour Analytics) technology to better understand and manage human risk.
• Forcepoint’s Web and Email Security Solutions protect users against multistage advanced threats that often exploit user’s data, which penetrate the organisation’s IT defences.
• Forcepoint NGFW (Next Generation Fire Wall) caters not only to network needs but also security needs of all the networks of our customers. With NGFW 6.4, network security admins can more clearly see and understand the rhythm of their people as they use network resources.
• Our data protection is integrated with DLP (Data Loss Protection) solution and now we have augmented our DLP with insider threat and UEBA (User Entity Behaviour Analytics) solution that understands the context and intent of user behaviour and dynamically applies enforcement policies to activity representing the highest risk.
How are you seeing the security trend to continue in 2018?
The biggest security trend in 2018 will be EU’s GDPR regulation which will have a considerable impact on nations that control or process data of EU citizens. With the regulation of GDPR coming into action in May 2018, the focus should now shift towards three areas like the adoption of the prescribed nature of controls in the regulation in specific areas, improvement of the existing privacy structure to work according to the requirements of the regulation and reassessing the opportunity of processing in the context of GDPR.
The second massive trend that’s being observed is the adoption of cloud. Even highly regulated industries like banks have started to adopt cloud on a big scale but the problem with cloud is that it opens up everything and it does not restrict the access anymore.
Additionally, the IT security solutions are unable to understand behaviour of malicious, accidental or compromised users in spite of the technology investments. Therefore, cyber security must move from a technology-centric view to one that understands human behaviour and intent and employ a security system that can effectively do the same.
With new wave of security intelligence and its intensification, what are your prospect marketing plans?
Forcepoint’s unique brand strategy of focusing on cyber behaviours instead of emphasizing just on technology to protect a perimeter that no longer exists has helped customers in building a data secured environment. This approach requires both intelligent systems and transparent collaboration between an organization’s stakeholders.
Our brand’s theme of protecting organisations against accidental, compromised or malicious users to protect against data thefts reflect the shift in the current security paradigm, which is largely technology-oriented, to focus on people as they interact with critical business data and intellectual property.
How are you going to leverage your market strategy to further boost your presence in the country?
Our approach is to help our customers increase their security effectiveness while lowering risks as they accelerate digital transformation of their business. We continue to engage with companies across the entire ecosystem including Banking and Finance, IT and ITeS, Manufacturing, Government, Pharmaceutical, Insurance and many more to help them understand the need to protect critical data and importance of providing their employees access to the right data whenever and wherever it’s needed.
Friday, April 6, 2018
The World This Week - April 1, 2018
The World This Week.
Truth is sometimes stranger than
fiction. But for the whistle blower - It would have been impossible to believe
that a company like Facebook would have allowed itself to be used by such spurious
app developers.
In a nutshell – A company called
Cambridge Analytica paid nearly $1M to Cambridge psychologist Aleksandr Kogan
to create an app called ‘thisisyourdigitallife’. The intent of the app was to
collect Facebook user profile data and pages liked in the guise of an online
personality quiz. The app was able to directly access 270,000 user’s data. Here
is the real catch – using this data the app developers were able to access data
of 50M users – which they then misused to allegedly influence Donald Trump
Victory in 2016. They apparently also influenced several other democracies
including India, Argentina, Kenya, Nigeria, The Czech Republic and others.
There have been several data
breaches in the recent past – Equifax, Yahoo, Deloitte, NSA, Indian telco giant
– Reliance Jio and few more but there is none as damaging as this Facebook
fiasco. Facebook itself seems to be under fire with the “#DeleteFacebook”
hashtag trending, Mark Zuckerberg has formally apologized but his troubles are
far from over. Many governments will be under pressure – political parties will
have to answer a lot of questions. You and me – public at large are the
helpless victims – what more this borrowed phrase summarizes this point – “If you’re
Not Paying for It; you’re the Product”.
Among other major whistle blower
new grabbers were the leak of CBSE board exam papers in India and possible
fraud / conflict of interest at board room level of India’s ICICI bank.
Yet another data leak - US based
Orbitz – a subsidiary of Expedia – has suffered a leak 880,000 credit card
numbers putting that many people in risk.
So here’s what we can start doing
differently from tomorrow. Be alert and vigilant on what you share on social
media, when creating online account – avoid using Facebook to login or
authenticate yourself. Don’t believe everything that you see in the social
Media – especially WhatsApp. Think before you forward.
Business are equally vulnerable
if not more to data thefts. Among the few options that companies have – the
prominent one is to safeguard and have controls over PPT – People, Process and
Technology. Like they say – never try to make a Matchbox at home – it will not
only cost more – it will be a far from a perfect product – Cyber security is
similar – In-house is fine for certain areas but for most of the other areas
outside help is always better. It will not only cost lesser dollars – it is
sure shot to work.
Thursday, March 22, 2018
iNews - Around The World This Week
|
1)
Cyber
security, AI top technologies for healthcare firms - Cyber security
(77 per cent), Big Data analytics (72 per cent) and AI (59 per cent) are the
three digital technologies most utilized by healthcare firms currently,"
Infosys said in its report titled "Digital Outlook for Healthcare and
Life Sciences Industry. According to the report, nearly 76 per cent of the
life sciences firms that were surveyed considered investing in cyber security
over the next three years for protecting patient data.
2)
Powerful APT Malware
“Slingshot” Performs Highly Sophisticated Cyber Attack to Compromise Router
- Slingshot is one of the powerful cyber threat actor that mainly targeting
individuals and organization and the major victims belong to Africa and the
Middle East. Slingshot attacked 100 of victims who is located in
Kenya, Yemen, Afghanistan, Libya, Congo, Jordan, Turkey, Iraq, Sudan, Somalia
and Tanzania
3)
Endpoint
and Mobile Top Security Spending at 57% of Businesses - Businesses
say data-at-rest security tools are most effective at preventing breaches,
but spend most of their budgets securing endpoint and mobile devices. There
is a disconnect between businesses' ideal security practices and their actual
strategies. Some 77% of companies cite data-at-rest security tools as the
most effective for preventing breaches but fall toward the bottom (40%) of
security spending priorities, new data shows.
4)
Frost
Bank Says Data Breach Exposed Check Images - According to the
company, it discovered last week that a third-party lockbox software program
had been compromised, resulting in unauthorized users being able to view and
copy images of checks stored electronically in the image archive. Frost Bank
systems weren’t impacted in the incident, Frost says. The information that
was accessed as part of the incident could be used to forge checks, the
company says.
5)
Walmart
Jewelry Partner Exposes Millions in Latest Cloud Storage Misconfig -
The Chicago, Illnois-based jewelry company, which operated under the name
Limogés Jewelry, left names, addresses, ZIP codes, phone numbers, email
addresses, IP addresses and passwords publicly available in an AWS S3 bucket
– data that can be used to carry out targeted fraud or phishing attempts.
6)
Dragonfly
Compromises Core Router to Attack Critical Infrastructure -
Dragonfly, the threat actor that was recently called out by the United States
as an arm of the Russian government, has been observed using a compromised
core router as one of its primary tools in attacks against government
agencies and critical infrastructure in Western Europe. “This is a
discovery whose significance far outweighs its size, given that core router
compromises are considerably harder to detect, analyze, patch, and remediate
than compromises of PCs,” Cylance researchers said.
7)
Cybersecurity
Incident Response Still Major Issue - Over 75% of respondents across
the globe admitted that they do not have a formal cybersecurity incident
response plan in place across their organization. However, nearly
three-quarters (72%) of organizations report feeling more cyber-resilient
today than last year and feel confident about their skilled personnel. This
confidence may be misplaced, with the analysis revealing that 57% of
respondents said the time to resolve an incident has increased, while 65%
reported the severity of the attacks has increased.
8)
Chinese
APT Takes Aim at Pharma - A Chinese advanced persistent threat (APT)
actor has been spotted using the infamous PlugX malware to target
pharmaceutical organizations in Vietnam, aimed at stealing drug formulas
and business information. A remote access Traojan (RAT), allows attackers
to perform various malicious operations on a system without the user’s
permission or authorization, including copying and modifying files, logging
keystrokes, stealing passwords and capturing screenshots of user activity.
9)
Twitter
Users Bilked out of Big Money by Elon Musk Clones - Twitter users are
collectively being conned out of tens of thousands of dollars per day via
fraud schemes involving accounts impersonating celebrities, including Elon
Musk and Vitalik Buterin, the man behind the Ethereum cryptocurrency. The
scam tweets ask for a small sum to be sent to an account, promising victims
that they will receive much larger amounts back in a classic chain-letter
gambit. An analysis of the Ethereum blockchain showed that the tactic is
working, with thousands of dollars being sent to the bad actors. The fake
accounts have struck hundreds of times over the last two months, with the
most successful taking away over $70,000 per day.
10)
Nearly
90% of Firms Will Use Biometrics by 2020 - The vast majority of
organizations will use biometric authentication technology by 2020, but
concerns over vendor transparency persist. 62% use it already in some
form, while an additional 24% will do so in the next two years. However,
although most believe it to be a more secure alternative to static passwords,
PINs and personal security questions, just 10% claimed biometrics are secure
enough to be used as the only form of authentication.
|
Monday, February 5, 2018
iNews - Around The World This Week
1)
3
Ways Hackers Steal Your Company's Mobile Data - The most effective data
exfiltration prevention strategies are those that are as rigorous in vetting
traffic entering the network as they are traffic leaving it. It's the
unfortunate reality of the cybersecurity threat landscape today that malicious
actors are advancing their tactics at a breakneck pace, finding new
vulnerabilities in network defenses to execute attacks faster than IT teams can
keep up.
2)
ANZ
Bank suffers 10-hour internet banking outage - ANZ Bank suffered a
major outage of its internet banking service with users reporting problems for
much of Monday. The outage appears to have started just after 10am Sydney time
and was not resolved until just before 8pm - resulting in 10 hours of
downtime. Earlier, users took to social media to complain about the issues,
which the bank said on its Twitter account were “intermittent” and the IT team
was working to fix “as a matter of priority”.
3)
Cyberattacks
on Israeli banks rose in last six months - Israel's banking regulator
warned banks and their customers on Sunday to be more vigilant against cyber
criminals following a rise in hacking attempts in recent months. "In the
last half year, we have seen an increase in attempts at fraud via phishing,
aimed at banking system customers with the intent to steal funds from their accounts,"
the central bank said, adding that the attacker initially tries to steal the
customer's login and other personal details aimed at transferring funds between
accounts.
4)
Cryptocurrency
Mining Malware Infected Over Half-Million PCs Using NSA Exploit - 2017
was the year of high profile data breaches and ransomware attacks, but from the
beginning of this year, we are noticing a faster-paced shift in the cyber
threat landscape, as cryptocurrency-related malware is becoming a popular and
profitable choice of cyber criminals. According to the Proofpoint researchers, cybercriminals
are using at least 25 machines to scan the internet to find vulnerable Windows
computers.
5) Cyberattack
Impersonates FBI Internet Crime Complaint Center - A new cyberattack
scams people into providing personal data and downloading malicious files by
impersonating the Internet Crime Complaint Center, a division of the FBI
intended to give the public a reliable means of reporting suspected illegal
activity online. Threat actors trick victims into sharing personal information
with fake IC3 messages laced with malware.
6)
APIs
Pose 'Mushrooming' Security Risk - As APIs grow in prominence, top
security concerns include bots and authentication. The application economy has
now become the API economy. And as the importance of application programming
interfaces (APIs) grows within the enterprise, organizations must keep their
security top-of-mind, lest they put the entire software stack at risk as
APIs deployed without security measures expose organizations to yet another
class of attack vectors.
7)
3
Simple Steps to Securing Your ICS Systems against Digital Threats - We
live in a world where connectivity is key. It’s brought conveniences to our
personal lives, and organizations are adopting it into the industrial world to
boost productivity. Industrial control systems (ICS), which manage utilities
like water, gas, and electricity, are one such example of this ongoing trend.
Organizations are putting ICS systems online so that jobs once carried out
manually can now be carried out remotely or with the help of automation. ICS
systems are a key target for cybercriminals. Security should therefore be a
priority; given the importance of ICS, one would assume these systems would be
running the most secure technology available. This is not the case. Much of
the equipment is at risk of aging out, that is, requiring replacement or
upgrade with very little security.
8)
Infrastructure-Based
Security Vulnerabilities Put Your Business in Peril - With dozens of
breaches and millions left violated, 2017 has witnessed a historic amount of
hacking. This year has been stained with numerous hacking incidents, including
WannaCry, Petya and Cloudbleed. Of these many cases, the Equifax data breach
can be crowned the most significant hack of the year, having exposed the
personal data of nearly 148 million people.
9)
How
to Utilize the Cloud to Mitigate Cybersecurity Risks to Security Hardware
- Today, cybersecurity is on all our minds. Every other day, we get news of
another cyberattack. As more organizations struggle to keep up with the
onslaught of these new threats, many are asking: “What can we do to
strengthen our cybersecurity posture?” When we want to quantify it,
consider the concept of risk. In its simplest form, the risk associated with a
system is the impact of it malfunctioning, multiplied by the likelihood that a
malfunction will occur.
Monday, January 22, 2018
iNews - Around The World This Week
1)
Understanding
Supply Chain Cyber Attacks - Today's cybersecurity landscape has
changed dramatically due to digitalization and interconnectivity. While the
benefits of each push businesses toward adoption, security risks associated
with interconnectivity between networks and systems raise major concerns. Everything-as-a-service
removes traditional security borders and opens the door to new cyber-attacks
that organizations might not be prepared to recognize or even deal with.
2)
Schneider
Electric: TRITON/TRISIS Attack Used 0-Day Flaw in its Safety Controller System,
and a RAT - Industrial control systems giant Schneider Electric
discovered a zero-day privilege-escalation vulnerability in its Triconex Tricon
safety-controller firmware which helped allow sophisticated hackers to wrest
control of the emergency shutdown system in a targeted attack on one of its
customers. Once the malware was inside the controller, it injected the RAT
into memory by exploiting a zero-day vulnerability in the firmware, and
escalating its privileges.
3)
Ransomware:
Why the crooks are ditching bitcoin and where they are going next - The
popularity of bitcoin is creating problems for criminals dealing in ransomware
-- and some are already casting their gaze towards a less volatile
cryptocurrency. While bitcoin has suddenly found itself in the public eye
thanks to its rocketing -- and, more recently, plummeting -- value, it hasn't
appeared from nowhere. We'll see a progressive shift in 2018 towards
criminal use of cryptocurrencies other than bitcoin, making it generally more
challenging for law enforcement to counter.
4)
Where
to Find Security Holes in Serverless Architecture - Application
security is getting a twist with the rise of serverless architectures, which
introduce a new way of developing and managing applications - and a new wave of
related security risks. Businesses are looking to serverless architectures
to drive simplicity and reduce cost. Applications built on these platforms
scale as cloud workloads grow, so developers can focus on product functionality
without worrying about the operating system, application server, or software
runtime environment.
5)
49%
Indian companies not likely to secure sensitive data in cloud - While
an overwhelming majority of global firms have adopted cloud services, there
is still a wide gap in the level of security precautions applied by them, a
survey has revealed. Almost half of Indian organizations say they are not
likely to secure sensitive data in the cloud. Globally, organizations said only
two-fifths of the data stored in the cloud is secured with encryption and key
management solutions.
6)
Man
pleads guilty to launching DDoS attacks against former employers - A
man from New Mexico has admitted to launching distributed denial-of-service
(DDoS) attacks against former employers, as well as possessing a firearm
illegally. On Wednesday, the US Department of Justice (DoJ) said John Kelsey
Gammell has pleaded guilty in a St. Paul, Minnesota court to directing DDoS
attacks against former employers, business competitors, companies that refused
to hire him and websites for law enforcement and courts, among others. Gammell
not only set up the DDoS attacks, which launch traffic in such volumes that
online services are disrupted, on his own computers but also paid DDoS-for-hire
services to hammer victims further.
7)
Oman's
stock exchange was easily hackable for months - The security flaw made
the securities market an easy target and was only fixed after a security
researcher sent more than half-a-dozen warning emails. A core router for Oman's
stock exchange, the Muscat Securities Market, had both its username and
password as "admin" for months, even after several attempts by a
security researcher to warn the exchange of the security implications.
8)
Uber
ignores security bug that makes its two-factor authentication useless -
Uber has ignored a security bug that can allow an attacker to hack into user
accounts by bypassing two-factor authentication because the ride sharing
company says the flaw "isn't a particularly severe" issue. Two-factor
authentication (2FA) is a vital part of protecting online accounts. It adds
a second layer of security on top of your username and password -- which can be
stolen -- by sending a code by text message to your phone, for example, which
only you would have access to.
9)
Behavioral
biometrics missing from cybersecurity - Recently, there’s been an
uptick in the adoption of the NIST Cybersecurity Framework, a set of guidelines
aimed at helping organizations improve their overall cybersecurity process. In
December 2017, NIST released the second draft of its framework. Among the
updates were two critical additions to the Identity Management, Authentication
and Access Control guidance. Rather than being shocked by each new data
breach, ransomware attack or instance of fraud, companies are increasingly
working to improve their cybersecurity posture, and not just internal
information security professionals.
Wednesday, January 17, 2018
iNews - Around The World This Week
1) Hospital
pays $55,000 in bitcoin to hackers after 'SamSam' ransomware locks systems
- A US hospital has reportedly paid hackers $55,000 (£39,900) to restore
control over its computer systems after they were infected with a strain of
ransomware known as 'SamSam'. Last Thursday (11 January), staff at Hancock
Regional Hospital, Indiana, found their computers had been infected with
malware, which was demanding bitcoin to regain access. As reported, the
hack impacted emails and health records, but no patient data is believed
stolen.
2) Privacy:
The Dark Side of the Internet of Things - Before letting an IoT device
into your business or home, consider what data is being collected and where
it is going. There's a lot of buzz about the Internet of Things (IoT), but
people aren't quite sure what to think of it. Back in fall 2016, there was a
big attack on an Internet service provider in which a bunch of IoT devices
became a botnet and made much of the Internet unavailable. It was a big
moment that made people question the security of IoT. And although security
risks are getting the headlines right now, and should certainly be considered,
the bigger risk with IoT is privacy.
3) Hackers
hijack Twitter account of India's top diplomat to post photos of Pakistan's
flag - The verified Twitter account of India's top diplomat to the
United Nations was briefly taken over by suspected Turkish hackers early on
Sunday, 14 January, morning. The Turkish hacking group Ayyıldız Tim claimed
responsibility for the attack and managed to take over the president of the
World Economic Forum's account over the weekend as well.
4) IT
Security Spending to Reach $96 Billion in 2018 - Worldwide IT security
spending is expected to climb 8% next year to $96.3 billion, fueled by
investments in identity access management and security services – two areas on
tap to rise faster than the overall spending growth rate, according to a
Gartner report released this week. Identity access management and security
services to drive worldwide spending growth.
5) The
state of Israel’s cybersecurity market - The Equifax breach, WannaCry,
NotPetya, the NSA leak, and many more cyber incidents – 2017 was certainly a
busy year for hackers, illustrating yet again just how vital innovative
cybersecurity solutions are in the fight against cyber threats. Second only
to the U.S., in terms of cybersecurity investment 2017 was another
excellent year for Israeli cybersecurity startups, with dozens of companies
being formed, breaking fundraising records and producing solid exits. The 2017
data also suggest that the Israeli cybersecurity industry is maturing, as we
see a shift in funding towards later stage companies.
6) Top
think tank warns cyberattacks could lead to 'inadvertent nuclear launches'
- A new report from the Chatham House think tank has warned that cybersecurity
vulnerabilities could lead to accidental nuclear war if countries carrying the
hugely destructive warheads do not introduce new measures. While
cybersecurity is a prevalent issue many sectors of society now have to
consider, nuclear weapons systems were developed during a technological era
when " little consideration was given to potential malicious cyber
vulnerabilities", the report states.
7) What
is FakeBank? New banking malware can intercept SMS messages to steal sensitive
data and funds – Security researchers have discovered a mobile malware
strain that can intercept users' sensitive SMS messages to steal their
banking details and funds, phone numbers, balance on a linked bank card and
location data. According to Trend Micro researchers, the malware dubbed
"FakeBank" has been spotted in several SMS/MMS management software
apps and primarily targets victims in Russia and other Russian-speaking
countries.
8) Watch
out for this Netflix phishing scam that will steal your credit card details
- Netflix users are being warned to avoid clicking on any suspicious email
links after a phishing scam was uncovered, which security experts say is
designed to steal credit card details. Found by Australian cybersecurity firm
MailGuard, and shared on Twitter by the New South Wales police, the fake
emails use convincing social engineering tactics – including the official
Netflix website layout – in an attempt to dupe recipients into entering
financial details.
9) Hyper-Converged
Infrastructure To Accelerate IT Transformation - Technology is fast becoming
the key pillar for organizations to stay competitive, spur innovations, and
seize new growth opportunities. Despite increasing IT budgets, the traditional
three-tier architecture, is proving to be a hindrance to meeting the rising
business and market demands due to its inbuilt complexities. Apart from that, the
stress to reduce operational costs and improve productivity is also forcing
technology teams to explore alternative means to bring down complexity and
costs through the adoption of agile architectures.
Thursday, January 11, 2018
Making GDPR a priority for the year 2018
“ You can resist an invading army; you cannot resist an idea whose time has come,” once said Victor Hugo wisely.
Today, in India, that idea is privacy. To date, privacy has not put up much of a fight; that will change in 2018. After a couple of years of getting fringe interest, privacy has, quite quickly, hit a tipping point.
The advent of EU’s General Data Protection Regulation (GDPR), only adds to that movement. So, how is GDPR going to impact Indian organisations and what should you, the IT leaders, be doing to ensure that your organisation complies with GDPR regulations.
The EU General Data Protection Regulation (GDPR) becomes enforceable by law in May of 2018. It will require global organizations that hold the personal data of European Union residents to adhere to new requirements around control, processing and protection.
GDPR will have a far-reaching impact the digital economy
The GDPR probably won’t affect a large swathe of small and medium Indian businesses. But given the penalties (more on this later), that’s not a chance your business wants to take. Also, it is expected that many countries will follow the EU in terms of updating their regulations to match this new standard for data protection.
If not already, it is time to know if your company has or processes any data of a European company or a European citizen. Remember, the citizen doesn’t have to be residing in a country that’s part of the EU—just that she is a citizen. (Which countries are part of the EU?)
Given, the GDPR comes into force in May of 2018, it leaves Indian companies who haven’t started preparing only about two quarters to do so.
Preparing for GDPR is critical
Delaying preparation for GDPR isn’t the best approach. Procrastinating isn’t going to make the GDPR go away!
Like any law, the worst case only applies if your company has suffered a data breach and is challenged by a European company or citizen--and you can’t prove you have complied with the GDPR.
Any personal data breach impacting a European Union resident will need to be reported within 72 hours. Companies that do not comply will face fines of up to 20 million Euros or 4 percent of global turnover, whichever is higher. Infringements of a more technical nature call for penalties that amount to 2% of annual global revenue, or €10 million. Those who have not budgeted for the long-term implications of the GDPR will struggle.
Complying with GDPRs Conditions
Our own research shows that complying with erasure (the right of EU nationals to scrubbed clean off your servers and the servers of your partners) is what concerns businesses the most (51%).
That said, there a host of that need to be met; how difficult they are to comply with comes down to maturity of your company’s data practices.
Here’s a slightly long, yet an-easy-to-read, list of changes that the GDPR has brought about.
What Needs to Change?
Plenty. The way your company asks for consent and collects data, how that data is stored and processed, the way your data supply chain is constructed, who your company shares data with, the number of technology partners your company uses for data back-up and archiving, the cloud services it chooses—all of this, and more, needs to change.
The majority of businesses will be stunned by the regulation’s impact on their operations, as it creates security challenges that cannot be solved solely with technology.
Smart companies will see this not just through the compliance lens but as a feature of their security policy. Fundamentally, the GDPR changes the way we look at data security.
Data is important because it belongs to people or is important to people, hence the focus on privacy. GDPR will put humans back at the centre of security debate. And is another idea whose time has come.
Tuesday, January 9, 2018
iNews - Around The World This Week
1) Breach
of India's Biometric Database Puts 1 Billion Users at Risk – A breach of
the Unique Identification Authority of India's Aadhaar biometric system is
putting personally identifiable information (PII) of more than 1 billion Indian
residents at risk, reports the Tribune, an Indian publication. Attackers
created a gateway to the biometric database, in which any Aadhaar user's ID
number can be entered into a portal, the Tribune reports. Once the number
is entered, it will pull up the resident's name, address, postal code, photo,
phone number, and email address, according to the Tribune.
2) Google
Apps Script vulnerability could lead SaaS apps to download malware –
Google Apps Script is vulnerable to exploits that could allow malware to be
delivered via URLs. Attackers could automatically download arbitrary malware
hosted in Google Drive to a machine -- and the victim would have no idea it was
happening. This type of attack is different from phishing and malware
distribution via links to Google Drive URLs, which are fairly common. These
normally involve sending a Microsoft Office doc, which is enabled to run macros
when the user gives permission.
3) Android
malware targets bitcoin, bank apps, including SBI, HDFC, Axis Bank: Report
- If you are using banking or cryptocurrency apps on your mobile phone, you
need to read on. An Android Banking Trojan called Flash Player has affected
over 232 banking apps, many of which are mobile apps of prominent Indian
public as well as private banks. Android mobile phone users having third party
app stores - an online app market to install apps, just like Google Play but
not owned by Android OS or Google - run the risk of accidentally downloading
this malware, putting confidential security details like netbanking customer id
and password at risk. Links to download this can also come through spam emails
or SMS.
4) Enterprise
machine learning will double and jump start business growth and adoption,
Deloitte predicts – Machine learning will intensify amongst medium and
large-sized enterprises, doubling the number of implementations and pilot
projects using machine learning technology in 2018 compared to last year, and
then doubling again by 2020. According to Deloitte’s Technology, Media and
Telecommunications (TMT) Predictions, advancements in machine learning
technology include data science automation and a reduced need for training data
as well as new chips in both data centers and mobile devices. The
advancements will help establish the foundation, which will over the near term
make machine learning mainstream across industries where organizations have
limited talent, infrastructure and data to train models.
5) Payment
system, network security under RBI radar - The Reserve Bank of India
has again flagged cyber risks faced by banks and said it would continue to do
surprise drills and inspections to ensure that they have systems in place to
deal with any threats to payment systems and network security. While the
assessment is factored in the overall risk profile of a bank under risk-based
supervision, certain specific areas like payment systems and network
security are proposed to be subjected to more intensive scrutiny during the
year.
6) Meltdown
and Spectre: ‘worst ever’ CPU bugs affect virtually all computers –
Serious security flaws that could let attackers steal sensitive data, including
passwords and banking information, have been found in processors designed by
Intel, AMD and ARM. Everything from smartphones and PCs to cloud computing
affected by major security flaw found in Intel and other processors – and
fix could slow devices.
7) Behavioral
biometrics will replace passwords by 2022 – In just a few years, we can
all safely forget those cumbersome passwords we use to secure and unlock our
devices. And we will be able to thank on-device artificial intelligence (AI)
for easing the strain on our memory. Smartphones will be an extension of the
user, capable of recognizing them and predicting their next move. Gartner
analysts believe on-device AI, as opposed to cloud-based AI, will mark a
paradigm shift in digital security, and will do so sooner than most people
think.
8) SplashData
reveals the worst passwords of 2017 and they're still astonishingly terrible
– After trawling through the more than five million passwords that have
leaked over the past year, mostly in North America and Western Europe, the
California-based company said any one of the passwords included in its list of
100 worst passwords of the year would put users at "grave risk" of
identity theft. For the fourth year in a row, "123456" took the
top spot as the worst password of the year followed by "password".
Naturally, variations of these two such as extra digits or replacing the
"o" with a "0" (zero) in "password" were also
included in the list.
9) The
Future of Seamless Hybrid Clouds – In a world that appears to be
dominated by clouds -- both public and private -- the underlying infrastructure
that provides connectivity becomes largely invisible to users. Indeed, one of
the major promises of cloud is that the pools of resources that power the cloud
can reside anywhere, are elastically available, and are dynamically adjusted to
accommodate the fluctuating needs of the applications they power. The cloud
is already a fractured marketplace, a situation that will only get worse.
As cloud becomes more mainstream for enterprises, they will each focus on the
things that make themselves attractive. If we assume for a moment that each of
them will have some success, the likelihood that enterprises end up putting all
of their resources into a single cloud seems low.
Subscribe to:
Posts (Atom)