now browsing by tag
#cyberfraud | #cybercriminals | Cloud, 5G and ‘wetware’ attacks — the 5 biggest cybersecurity threats of 2020
Source: National Cyber Security – Produced By Gregory Evans (Source: Giphy) Businesses are getting cosier with the cloud. As more data pours in, it makes sense to use a public cloud server rather than set up servers in-house. But just because they’re moving to a ‘cloud smart’ agenda doesn’t mean that they aren’t being ‘cloud […] View full post on AmIHackerProof.com
Source: National Cyber Security – Produced By Gregory Evans As 2019 splutters to a close, it’s time for our annual lookback at our most-read tech stories, and to ask: “What happened next?”. Facebook and its family of apps dominates this year’s list with four entries – it probably won’t be a surprise that none of […] View full post on AmIHackerProof.com
Source: National Cyber Security – Produced By Gregory Evans Here they are: the baddest stories and the biggest lessons, from 2010 to 2019. From a totally made-up hoax that shocked the world, through a social networking app that promised what it couldn’t deliver, to a larger-than life cybercelebrity who was busted in a military-scale takedown […] View full post on AmIHackerProof.com
Source: National Cyber Security – Produced By Gregory Evans Check out the companies making headlines in the premarket Tuesday: Home Depot — Home Depot shares dropped more than 5% in the premarket after the home improvement retailer reported disappointing same-store sales. The company said global same-store sales rose 3.6% in the previous quarter. Analysts polled […] View full post on AmIHackerProof.com
#city | #ransomware | 90pc of UK’s biggest law firms at risk of having confidential client data stolen
Source: National Cyber Security – Produced By Gregory Evans Around nine in 10 of the UK’s biggest law firms are at risk of being scammed or having their clients’ confidential data stolen or compromised due to sub-standard IT security. A new study of 200 of the country’s biggest law firms found more than 90pc are […] View full post on AmIHackerProof.com
You are only as strong as your weakest link and the cybersecurity industry is no different. A recent survey by SolarWinds, a provider of IT management software, pointed out that negligent users are the biggest cybersecurity threat to German organizations. The company did the survey in a bid to highlight the threats the cybersecurity professionals are facing daily.
The research, which surveyed over 100 information technology professionals from Germany, stated that user errors constituted the largest share of cybersecurity incidents in the last 12 months, at a whopping 80 percent. The study stressed on the fact that internal factors are the most pressing cybersecurity threats. User errors were followed by exposures caused by poor network system or application security at 36 percent, and external actors infiltrating the company’s network at 31 percent.
To understand the factors contributing to the trend, the survey also found out that poor passwords were one of the major concerns for German techies. Nearly 45 percent of the respondents stated that poor and weak passwords were one of the biggest reasons for the breaches, while 42 percent of the respondents stated that sharing passwords is also another grave contributor. Other factors were accidental exposure, deletion, modification of critical data and even copying data into unsecured devices.
To top it all, it was also revealed that 89 percent of IT experts felt that they were unequipped to successfully implement and manage cybersecurity tasks today, with their current IT skillset.
“Our research shows once again that the biggest risk to the organization comes from the inside, aligning with research SolarWinds conducted in other regions earlier this year,” said Tim Brown, vice president of security, SolarWinds. “This underscores the continued need for organizations to address the human side of IT security and consistently educate users on how to avoid mistakes while encouraging an environment of learning and training. However, that alone is not enough; tech pros also need the best possible technology to effectively fight against both threats from the inside and potentially more sophisticated threats from the outside. SolarWinds is committed to helping IT and security teams by equipping them with powerful, affordable solutions that are easy to implement and manage. Good security should be within the reach of all organizations.”
It is not always an accidental error from insiders; sometimes these incidents are a part of a much larger scheme. Earlier this year, a recruiter from the telecommunications company AT&T Network was charged for paying insiders to upload malware on the company’s computer networks to unlock cell phones.
According to the United States Department of Justice (DOJ), the insiders, who worked in AT&T’s Bothell Customer Service Center, allegedly exploited AT&T’s proprietary locking software to remove millions of phones from the AT&T network system and payment plans, which incurred a loss of a million dollars to the company. It’s said that Fahd and his co-conspirators gave over $1 million in bribes to install malware and spying devices in the company.
#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
View full post on National Cyber Security
Cybersecurity and the threat of malicious actors make headlines every day. Boards of directors are recognizing cyber threats as one of the most significant risks. To date, this cybersecurity discussion has centered largely on IT systems; however, the industrial control system (ICS) that operates a facility is often as critical as or more critical than the IT system to an industrial company’s financial results.
The FBI issued a warning in 2016 to the nation’s power companies that the sophisticated cyberattack techniques used to bring down portions of the Ukraine’s power grid in 2015 could easily be used against U.S. firms. In fact, the most recent report of Russian hacking was identified last week by the U.S. Computer Emergency Readiness Team (U.S. CERT).
According to an alert released by U.S. CERT, a seven-year-old group known as Dragonfly orchestrated the hacking campaign, which hit U.S. government entities and domestic companies in the energy, nuclear, commercial facilities, water, aviation and critical manufacturing sectors. “In multiple instances, the threat actors accessed workstations and servers on a corporate network that contained data output from control systems within energy generation facilities,” states the report.
The results of such an attack could be catastrophic, as Pew Research Center reports that 61% of experts agree a major cyber attack would occur by 2025 causing far-flung harm to the nation’s security and capacity to defend itself. The cost of such attacks will be tremendous. Lloyd’s estimates a blackout across 15 U.S. states would affect 93 million people and cost the economy between $234 billion and $1 trillion.
Despite the need for ICS cybersecurity, three key challenges impede many operations executives from pulling the trigger on that investment. John Livingston, CEO of Verve Industrial Protection, identifies three reasons for that hesitancy:
lack of tools
lack of talent.
1. Risk/fear by leadership of operational disruption from deploying cybersecurity measures. Most operational leaders do not believe their systems are under significant threat. The lack of publicized successful attacks and the general architecture of these networks lead to the belief that these systems are immune to the threats seen on the IT side.
“As a result, the risk of doing something is greater than the risk of doing nothing,” says Livingston. “Potential operational risks include putting security software on control systems equipment that may disrupt normal operations; changing passwords that may create delays in response to a critical operational issue; and adjusting network architectures that may limit access to critical employees or vendors. All of these risks are very real, so I do not intend to downplay them. They must be addressed in any solution.”
2. Lack of tools and approaches that are tuned to the unique challenges of securing industrial control systems. The IT cybersecurity market has grown with a focus on protecting traditional IT devices, explains Livingston. The tools often don’t work in the operations-technology (OT) environment without significant adjustment and tuning. In fact, if improperly installed, they can cause more risk than protection.
3. Talent shortage of people with both operational expertise and cybersecurity knowledge that can be applied to these unique circumstances. A report from Frost & Sullivan and the International Information System Security Certification Consortium, or (ISC)², found that the global cybersecurity workforce will have more than 1.5 million unfilled positions by 2020. At the same time, the number of experienced ICS engineers is declining rapidly as fewer young people go into this career. When you combine the need for ICS and cybersecurity expertise, the talent shortage is extreme.
What can be done?
While the challenges are very real, Livingston recommends four key measures companies can take. Each step is specific to a company’s CFO, as CFOs are a natural bridge between the chief information officer (CIO) or chief information security officer (CISO) with their IT backgrounds and the operations executives.
1. Know what you can do, not just what you cannot do, in ICS. There is a lot you can do, but OEMs and people who have been burned by poorly implemented solutions have convinced owners and operators that these systems are too sensitive to protect. Or at a minimum can only be protected by the OEMs themselves. “I encourage the CFO to bring an independent view and assess what can be done, if done appropriately and safely,” says Livingston. “As we like to say, ‘Take back control of your network,’ from the OEMs holding it hostage.”
2. Pick a standard for security and build a maturity plan. There are many standards that can be applied to ICS security from NIST and NERC CIP to CSC20 and IEC/ISA. All have their pros and cons, and an organization could debate them for a long time. Livingston’s advice is to select something and begin the journey. Each stage of security maturity has benefited over the previous. And they get better as you add new layers over time. A standard allows a CFO to measure centrally against a metric that is common across all industrial control systems.
3. Build security into your capital, as well as operations and maintenance planning. By doing this you don’t have separate budgets for security and operations. Security is a fundamental feature of operations, like maintenance or safety is. Like safety and maintenance, security is a part of ensuring consistent, reliable operations and should be a part of all capital and operational planning discussions.
4. Consider a holistic approach. Take a holistic approach to managing the security risk that not only includes tools and processes for protection, but also purchasing targeted insurance for those risks that do not warrant the expense necessary to protect. “You won’t be able to secure everything, or every possible attack,” explains Livingston, “but you should build foundational elements and then insure what you can.”
The role of CFO in ICS security is absolutely critical. For non-services companies, the protection of these systems is fundamental to sustaining financial results. The CFO is uniquely positioned to bridge the space between the CISO and the operational leadership to drive to a solution using the four steps outlined above to begin a cybersecurity maturity journey and make this a part of every planning discussion.
The post 4 #solutions to the 3 #biggest #cybersecurity #challenges appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures
Jon Oltsik, an analyst with Enterprise Strategy Group in Milford, Mass., examined some of the top 2018 cybersecurity trends. While some analysts have focused on ransomware, and others made dire pronouncements about nationwide power-grid attacks, Oltsik said he’s more concerned about cloud security, where easily exploitable vulnerabilities are becoming increasingly likely.
Security teams — many of which are facing a severe lack of cybersecurity skills — are struggling with the rapid deployment of cloud technologies, such as virtual machines, microservices and containers in systems such as Amazon Web Services or Azure. Many organizations are switching to high-end security options from managed security service providers or SaaS providers. ESG research indicated 56% of organizations are interested in security as a service.
Among other 2018 cybersecurity trends, Oltsik said he foresees greater integration of security products and the continued expansion of the security operations and analytics platform architecture model. As large vendors like Cisco, Splunk and Symantec scramble to catch up, they will fill holes in existing portfolios. Although he said he sees machine learning technology stuck in the hype cycle, in 2018, Oltsik projects machine learning will grow as a “helper app” in roles such as endpoint security or network security analytics.
With the introduction of the European Union’s General Data Protection Regulation (GDPR) on May 25, 2018, Oltsik said a major fine — perhaps as much as $100 million — may serve as a wake-up call to enterprises whose security platforms don’t meet the standard.
“One U.K. reseller I spoke with compared GDPR to Y2K, saying that service providers are at capacity, so if you need help with GDPR preparation, you are out of luck. As GDPR anarchy grips the continent next summer, look for the U.S. Congress to (finally) start engaging in serious data privacy discussions next fall,” he added.
The challenges of BGP
Ivan Pepelnjak, writing in ipSpace, said when Border Gateway Protocol (BGP) incidents occur, commentators often call for a better approach. “Like anything designed on a few napkins, BGP has its limit. They’re well-known, and most of them have to do with trusting your neighbors instead of checking what they tell you,” he said.
To resolve problems with BGP, Pepelnjak recommended the following: First, IT teams need to build a global repository of who owns which address. Second, they need to document who connects to whom and understand their peering policies. And they need to filter traffic from those addresses that are obviously spoofed.
The good news, Pepelnjak, said, is most BGP issues can be solved with guidance from volume 194 of Best Current Practices — the latest update. In Pepelnjak’s perspective, internet service providers (ISPs) are often the problem. ISPs have little incentive to resolve BGP issues or reprimand customers who can easily switch to more permissive providers. An additional problem stems from internet exchange points running route servers without filters.
According to Pepelnjak, because engineers hate confrontation, they often turn to cryptographic tools, such as resource public key infrastructure, rather than fixing chaotic or nonexistent operational practices. “What we’d really need to have are (sic) driving licenses for ISPs, and some of them should be banned for good, due to repetitive drunk driving. Alas, I don’t see that happening in my lifetime,” he added.
Read more of Pepelnjak’s thoughts on BGP issues.
Artificial intelligence, low-code and abstracting infrastructure
Charlotte Dunlap, an analyst with GlobalData’s Current Analysis group in Sterling, Va., blogged about the repositioning of mobile enterprise application platforms (MEAP) to address app development and internet of things. Dunlap said advancements in AI, API management and low-code tools play into DevOps’ need for abstracted infrastructure.
GlobalData research indicated that MEAP is widely used to abstract complexity, particularly in use cases such as application lifecycle management related to AI-enabled automation or containerization.
GlobalData awarded high honors to vendors that integrated back-end data for API management, such as IBM MobileFirst and Kony AppPlatform. Dunlap said mobile service provider platform strategies have increasingly shifted to the needs of a DevOps model.
“Over the next 12 months, we’ll see continued momentum around a growing cloud ecosystem in order to stay competitive with broad platform services, including third-party offerings. Most dominant will be partnerships with Microsoft and Amazon for offering the highest levels of mobile innovation to the broadest audiences of developers and enterprises,” Dunlap said.
The post Looking #ahead to the #biggest 2018 #cybersecurity #trends appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures