now browsing by tag
It’s an unfortunate reality that cyber attacks on the U.S. 2020 election are likely to happen. However, while this is a potent threat to democracy, an even greater threat is to not take the necessary actions to prevent these attacks until it is too late.
There are many different types of cyberattacks that the U.S. 2020 election could face.
- Attacks on electronic poll books and registration systems to remove individuals from voter rolls, swap their polling location, or claim they’ve voted when they haven’t.
- Hacking attacks against election websites that educate the public on voting times, polling locations, and the current status of registrations.
- Disinformation campaigns that disseminate inaccurate results through election night reporting system attacks.
Preventing these attacks requires clever contingency planning and addressing key issues present in the current systems that voters and their states engage with. This article aims to address these issues.
Upgrade voting machines
The most important step in protecting American elections is securing its voting machines. This is hardly a surprise given that the easiest form of attack to comprehend (and by far the most frightening) is the stealthy introduction of malware into voting machines so that election results are changed without anyone noticing.
The first step (and most important) in this process is giving paperless systems a “paper backup” of every vote, one that is verified by each voter. Without this, there is no way to independently assess whether the digital totals provided by the voting machines are legitimate. While this may seem like a huge step, this is something that the United States has made sizable progress towards achieving, that is, halving the number of paperless machines used before 2017.
In a general sense, most American voting machines pose a security risk just by virtue of their age. At a (Read more…)
View full post on National Cyber Security
What does it mean for businesses to “go to the cloud?” While the term “cloud” can be used generically, there are many types of cloud architectures. A key benefit of moving to the cloud is that your data is secured with redundant, diversified servers managed by a third party. With your data managed by a third party vendor, it’s important to understand how and where that data is stored. ForgeRock carefully designs an isolated and secure cloud environment for each customer, while maintaining the benefits of the cloud, like sharing high-level resources to reduce costs for customers.
Secure by Design
To understand the concept of these shared cloud resources, it can be useful to imagine the ForgeRock Identity Cloud as a condominium building, with ForgeRock as the landlord. We are responsible for the general construction and maintenance of the building, as well as for shared infrastructure like common water supply and security. Condominium units within the building can be compared to individual customer environments within the cloud, each isolated and protected with walls, locked doors and windows.
By comparison, other identity cloud architectures and deployments are less like condominium buildings and more comparable to open spaces like high school gymnasiums — more open and malleable. These cloud architectures use virtual machine environments which can be spun up and spun down quickly. Would you feel as secure and safe living in a gymnasium as in your own condo unit?
In either scenario — condo or gymnasium — you could still have a noisy neighbor. The farther you are from your neighbors, the more sound protection you have. In the case of a data leak, being farther from your “noisy neighbors” by being in an isolated cloud environment, offers more data protection.
Is your cloud architecture an open space, or a condo building?
This example is an oversimplification but it is meant to underscore the steps ForgeRock has taken to ensure there is no shared knowledge among its customers. We call this architecture our “secure multi-tenant environment with full customer isolation.” In the next few sections, we’ll help you understand exactly what that means for you.
It is important to understand exactly what we mean by multi-tenancy. Revisiting the condominium building analogy, the entire building — from the basic condo unit to the luxury penthouse — is built to common standards using the same materials, and is operated consistently. In the same way, a multi-tenant cloud service is built on a common, consistent model to deliver service to its customers. ForgeRock provides high-level resources, like the ForgeRock Identity Platform that is shared across the entire ForgeRock Identity Cloud. All customer environments are built within the cloud from a standard template and hosted using a common technology base. These environments are maintained according to a consistent set of processes. They are continually updated against security vulnerabilities and upgraded with the latest code base.
Another benefit of multi-tenancy is the ability for large customers to self-manage multiple environments with a high-level, real-time overview across multiple data centers. Customers who require multiple geo-specific data centers for compliance reasons find this particularly valuable.
Full Tenant Isolation Explained
Continuing with the condominium metaphor, full tenant isolation can be compared to the individual condo unit itself. The ForgeRock Identity Cloud provides each customer with a distinct, dedicated data environment. All passwords, private keys, and other secrets associated with a customer’s ForgeRock Identity Cloud instance are generated, securely stored, and used solely within the customer environment. There is no shared knowledge between tenants — each tenant environment is self-sufficient and sovereign. Each environment runs a distinct copy of the service code under dedicated identities, with dedicated storage for customer secrets and data that only the customer can access. Additionally, the ForgeRock Identity Cloud enables customers to select their data center location so they can be in compliance with certain regulations. This is unique among identity cloud providers.
In addition to building a secure cloud architecture, ForgeRock also hardens our software by following the latest industry best practices. Our Secure Software Development Lifecycle (SSDLC) maintains high integrity though continuous testing. Our continuous deployment and integration means you will always have the latest version.
That’s the ForgeRock difference.
Learn more here. Or, contact your sales rep today.
*** This is a Security Bloggers Network syndicated blog from Forgerock Blog authored by n n Robert Vamosin n n. Read the original post at: https://www.forgerock.com/blog/cloud-series-building-secure-identity-cloud
The post #cybersecurity | #hackerspace |<p> Cloud Series: Building a Secure Identity Cloud <p> appeared first on National Cyber Security.
View full post on National Cyber Security
Source: National Cyber Security – Produced By Gregory Evans by Joe Panettieri • Feb 7, 2020 Fortinet continues to gain momentum with MSSPs, and the company’s secure SD-WAN solutions are catching on with channel partners, CEO Ken Xie and CFO Keith Jensen told Wall Street analysts during Fortinet’s quarterly earnings call on Thursday, February 6. […] View full post on AmIHackerProof.com
Source: National Cyber Security – Produced By Gregory Evans If you’re lucky, the process will be automatic; you might even get alerts on your phone every time a firmware update gets applied, which usually happens overnight. If you’re unlucky, you might have to download new firmware from the manufacturer’s site and point your router towards […] View full post on AmIHackerProof.com
Source: National Cyber Security – Produced By Gregory Evans You’ve probably been hearing the hype about lightning-fast 5G for years now. And while the new wireless networks still aren’t ubiquitous in the United States, 5G is slowly cropping up in cities from Boston and Seattle to Dallas and Kansas City. With the faster connection speeds […] View full post on AmIHackerProof.com
#deepweb | Running from the storm – How Bangladesh’s climate migrants are becoming food secure – Bangladesh
Source: National Cyber Security – Produced By Gregory Evans By Rafiqul Islam BHOLA, Bangladesh, Nov 28 2019 (IPS) – It was almost a decade ago when Ruma Begum and her family left their home in Bangladesh’s coastal Tazumuddin upazila or sub-district and travelled some 50 km away to start a new life. They had been […] View full post on AmIHackerProof.com
Source: National Cyber Security – Produced By Gregory Evans As Brits plan to go to extreme lengths to grab a bargain this Black Friday but are leaving themselves exposed to cyber-criminals? Brits are gearing up to grab a bargain this Black Friday and Cyber Monday, with 17% already considering pulling a sickie. Over half of […] View full post on AmIHackerProof.com
Fueled by automation, the adoption of DevOps processes and more, the role of the developer has become increasingly important and widespread for enterprises going through digital transformation. Developers need access to privileged credentials in order to access key developer tools like Kubernetes or Jenkins admin console. These credentials can be saved locally, making developers’ workstations — whether they are Macs or PCs — high-value targets for hackers.
These workstations are often vulnerable to something as simple as a phishing email, which attackers can use as an entry point to get access to the developer’s credentials. Because of these vulnerabilities, developers’ workstations are extremely important to secure. However, developers are famous for prizing speed above all else — and seeing security as little more than a speed bump. So how to ensure that developers take security seriously?
Securing privileged access through the principle of least privilege needs to be a top security priority. It is no secret that no-one should have full-time admin rights. But, what does that mean for developers?
Security teams face a difficult dilemma. They need to better secure developer workstations while still providing them the elevated permissions and privileges—and freedom—they need to get their job done. And they need to do all that without impacting velocity.
I recently encountered this comment on the Stackoverflow forum:
“There is almost no legitimate operational reason for restricting admin access to local PCs for staff that need it to do their job.”
Is that true?
Developers, DevOps and other engineers all perform administrative tasks as part of their job responsibilities, so they also have “full control” of their environment. Furthermore, because of the work developers do, there are extra challenges involved in hardening and restraining their workstations regardless of whether they are using Windows or macOS.
Developers install and uninstall software, drivers and system updates. They change operating system internals and use debugging programs on a regular basis. Without full control, developers often can’t do their jobs.
However, developers have access to source code, API keys and other shared secrets – usually more access than the standard user. Compromising a developer is a quick way for attackers to gain immediate elevated access to the most essential, mission-critical information an organization has. Consequently, developers have the kind of access that attackers want, which makes them the type of user who needs the highest levels of protection – whether they like it or not.
Want to take over a company or cause reputational damage quickly? Compromise a developer endpoint.
There are even specific types of attacks designed to target developers. For instance, “watering hole” attacks where cyber attackers will compromise common, popular developer web sites known to be good places to share code and get help troubleshooting programming issues. For example, four of the largest software developer companies in the world were compromised during a single cyber attack campaign that placed a zero-day Java exploit on an iOS developer web site.
Rights and Responsibilities
One way to deal with developers’ requests for full admin rights would be to provide them with virtual machines dedicated to programming, which could be perfectly patched and thoroughly hardened. This is doable with the right amount of monitoring and alerting, antimalware and IPS.
However, a workaround like this has a huge management overhead. It requires more budget, additional machines and another user to manage those machines. It’s not a comfortable situation for the IT team or the developer – and let’s not forget the cost of such a solution.
Additionally, while using their development tools, developers consume a lot of computer resources (e.g. generating millions of temporary files during code compilation). This leaves the security team with the job of ensuring that no significant performance impact occurs while implementing endpoint security products – not an easy task.
Conventional attempts to counter this typically require system administrators or security staff to perform manual inspections and craft security policies in response. As application complexity and development velocity increase, it becomes impractical to determine least privilege ahead of time manually. Furthermore, a central policy gatekeeper won’t scale efficiently and is likely to negatively impact delivery velocity.
Cutting the Gordian Knot
There has to be a better way to balance the needs of the developer with security concerns. Organizations need to be able to remove administrative privileges from developers without preventing them from doing their jobs, reducing velocity or overburdening security teams.
CyberArk Endpoint Privilege Manager can overcome these obstacles, allowing organizations to remove privileged credential rights on Windows workstations, servers and MacOS. It provides privileged access management (PAM), allowing enterprises to easily remove local Admin users – including developers. For instance, CyberArk Endpoint Privilege Manager can elevate specific applications used by the developer on a day-to-day basis or provide just-in-time user elevation for a specified time while recording and logging all user activity.
In addition, since developers may save credentials to their development environments, Endpoint Privilege Manager protects those repositories from credential theft while allowing trusted applications to use the credential stores.
Another key feature for the developers use-case is the out-of-the-box predefined policies for different developer tools like visual studio, Eclipse, Git and others.
Final Thought – The Developer Resistance
Each new security-driven restriction impacts the developer productivity throughout the entire software development process. Consequently, developers may fight the rules and restrictions necessary to maintain a strong security posture. What makes Endpoint Privilege Manager any different?
Endpoint Privilege Manager minimizes interference in the developer workflow. Developers – and other users – don’t need to go through the extra step of involving an administrator when they need access to certain applications. For a predefined, approved set of applications, users can seamlessly gain access through an automated process.
Furthermore, Endpoint Privilege Manager allows users to elevate privileges to access these approved applications while continuing to access other, unapproved applications as non-privileged users. This means that developers can continue to access the majority of the applications they use on a daily basis without having to slow down – without losing out on the benefits of application security.
Developers are like builders constructing a house on an empty lot. They need to be armed with the best tools to do their best work. If you give them old equipment, they will spend more time working around it than actually building. Endpoint Privilege Manager lets developers do what they do best – without interrupting their workflow with compliance and security requirements – so that they can write code faster.
Developers don’t need to be the last hold out for administrator rights within an organization. Learn how this is possible today.
The post Secure Developer Workstations Without Slowing Them Down appeared first on CyberArk.
*** This is a Security Bloggers Network syndicated blog from CyberArk authored by Vadim Sedletsky. Read the original post at: https://www.cyberark.com/blog/secure-developer-workstations-without-slowing-them-down/
View full post on National Cyber Security
JACKSON, Tenn.– Internet-enabled theft, fraud and exploitation were responsible for $2.7 billion in losses in 2018. The victim could be anyone who uses a connected device, including you.
The Federal Bureau of Investigation says its Internet Crime Complaint Center took in a an average of 900 complaints every day last year, ranging from non-payment scams to pyramid schemes.
Jeremy Baker is one of the people investigating these crimes. To prevent them, he has some tips you can do right at home.
“Just like your personal hygiene, you want to shower every day, you want to bathe, want to smell good, your cyber hygiene is the same thing. Just be in good shape,” Assistant Special Agent-in-Charge Jeremy Baker told WBBJ 7 Eyewitness News.
The first thing he said was to have multi-layer authentication.
“If you log into your email and give your username and password, it won’t let you in just yet. It’ll do at least one other step like text you a code or email a different account a code and you put that in and go in,” he said.
To set that up, go to your email account, click security, and turn on the two-step verification.
Also, check your passwords.
“Think about somebody sitting in their mother’s basement all day trying to guess what your password is. Make it hard for that person to do it,” Baker said.
He said the passwords should be long and unpredictable.
“So, if I’m a Green Bay Packers fan, I shouldn’t make it ‘Green Bay Packers Fan,’” Baker said.
And if you post about the Packers all over social media, hackers might be able to use that.
“I’ve actually seen some huge cases where some industrious and creative criminals tracked executives on social media,” he said. “That is exactly how they got millions of dollars out of these large companies. Because they knew exactly what to say and when to say it and when to hit, based on the executive’s availability or lack-of availability.”
Keeping that safe is as easy as changing the privacy setting on social media from public to private.
But, most importantly, trust your gut. If you see a website or email that doesn’t look secure, don’t click or open it.
“Because those are actually the two biggest things we still see, even as complicated as technology gets, it’s usually caused by people opening or clicking things they shouldn’t,” Baker said.
And, the FBI says give the computer a break and turn it off. If the computer isn’t on, hackers can’t get into it.
“Make it hard for the bad guys to make you a victim,” he said.
Baker also offers a few other tips:
Use different computers for internet use and private use.
Install and keep up with anti-virus protection and software.
Keep your computer, tablet and phones up-to-date with the latest software, as the makers are constantly researching and updating.
And, back up your data.
The post #cyberfraud | #cybercriminals | FBI gives tips on how to keep your information secure appeared first on National Cyber Security.
View full post on National Cyber Security
A 15-year-old programmer named Saleem Rashid discovered a flaw in the popular Ledger hardware wallet that allowed hackers to grab secret PINs before or after the device was shipped. The holes, which Rashid described on his blog, allowed for both a “supply chain attack” – meaning a hack that could compromise the device before it was shipped to the customer – and another attack that could allow a hacker to steal private keys after the device was initialized.
Rashid is not affiliated directly with any Ledger competitors although there was some suggestion that he did some work on Trezor and other competing hardware wallets. His response: