Archive

Category Archives for "Network World Security"

Why automation is the key to the future of cyber security

This vendor-written tech primer has been edited by Network World to eliminate product promotion, but readers should note it will likely favor the submitter’s approach. In 2015 there were 781 publicized cyber security breaches which resulted in more than 169 million personal records being exposed – a number that’s steadily on the rise year over year. And with notable names like BlueCross, Harvard and Target being tossed into the mix, it’s obvious that no company is safe. Yet, only 38% of organizations across the globe can confidently say they are prepared to handle a sophisticated cyber-attack. The numbers don’t lie. Cyber criminals are becoming savvier and their attacks are increasing faster than companies can keep up. Furthermore, it’s becoming increasingly evident that traditional methods, like anti-malware software, are no longer sufficient to keep sensitive data safe. To address this glaring need, many forward-thinking IT executives are fortifying their cyber security strategy using automation as a tool for greater defense.To read this article in full or to leave a comment, please click here

Schemer in “massive” identity theft fraud gets 4 years in slammer

Identity theft is a raging problem but at least some scammers are getting their comeuppance.The Department of Justice today touted that one scammer got four years in prison for his part in a $4.4 million fraudulent federal income tax return scheme that, according to court documents involved the filing of at least 12,000 fraudulent federal income tax returns that sought refunds of at least $42 million from the U.S. Treasury. +More on Network World: IRS: Top 10 2015 identity theft busts+To read this article in full or to leave a comment, please click here

How to perform a risk assessment

Without a complete and thorough risk assessment including all its component parts (discussed herein), you might as well open all your data assets to unbridled exfiltration via Port 80 without any security checks at all. In the end, attackers and criminal digital profiteers will get what they came for in either case. Defending risks without knowing what those risks are is like playing a round of paintball with your eyes closed — you’ll keep missing your opponent. A risk assessment gives the enterprise a specific, more finely narrowed field of targets for which to aim. In this fifth and final installment of a five-part presentation of information security risk defense via informed incident response, CSO regurgitates reliable resources and expert steps you should use on the way to protecting data assets and stores in your enterprise. (See also as part of this series: How to audit external service providers.)To read this article in full or to leave a comment, please click here(Insider Story)

Panama Papers leak explained: What you need to know about the Mossack Fonseca hack

You've doubtless heard about the Panama Papers, a leak of 2.6TB of documents from the one of the world's largest offshore law firms, Mossack Fonseca. The dump of over 11 million files containing detailed financial information on 214,000 companies illustrates how offshore tax havens are exploited.Whatever you may think of Mossack Fonseca's business dealings, there are lessons to be learned about what the company could have — and should have — done to ensure that its clients' data was protected.[ Related: What's the deal with the massive Panama Papers data leak? ]To read this article in full or to leave a comment, please click here(Insider Story)

Quantum computers pose a huge threat to security, and the NIST wants your help

It's no secret that quantum computers could render many of today's encryption methods useless, and now the U.S. National Institute of Standards and Technology wants the public to help it head off that threat.The federal agency recently published a report focusing on cryptography in a quantum world that outlines a long-term approach for avoiding the problem before it happens."There has been a lot of research into quantum computers in recent years, and everyone from major computer companies to the government want their cryptographic algorithms to be what we call 'quantum resistant,'" said NIST mathematician Dustin Moody. "So if and when someone does build a large-scale quantum computer, we want to have algorithms in place that it can't crack."To read this article in full or to leave a comment, please click here

Kaspersky predicts application-layer DDoS attacks will increase

Monday is still the busiest day of the week for DDoS attacks with Thursday replacing Tuesday as the second most active day.According to Kaspersky Lab’s DDoS intelligence report covering the first quarter of 2016, 74 countries were targeted by DDoS attacks, with China, South Korea and the USA as the top three most-targeted countries. There was slight drop in the percentage of attacks targeting resources in the USA.SYN, TCP and HTTP were the top three most popular DDoS attack methods in Q1. Kaspersky Lab's Q1 2016 DDoS Intelligence Report Most botnet attacks are launched from Windows, 55.5% in Q1 2016, compared to 44.5% being Linux-based attacks. South Korea still has the most C&C servers, followed by China, “other,” USA, Russia, a tie by Great Britain and the Netherlands, followed by France.To read this article in full or to leave a comment, please click here

Application-layer DDoS attacks will increase, Kaspersky Labs predicts

Monday is still the busiest day of the week for DDoS attacks, with Thursday replacing Tuesday as the second most-active day.According to Kaspersky Lab’s DDoS intelligence report covering the first quarter of 2016, 74 countries were targeted by DDoS attacks, with China, South Korea and the the United States as the top three most-targeted countries. There was slight drop in the percentage of attacks targeting resources in the U.S.SYN, TCP and HTTP were the top three most-popular DDoS attack methods in Q1.To read this article in full or to leave a comment, please click here

Trend Micro: 6 most popular homebrewed terrorist tools

Terrorists are developing and distributing encryption tools that protect privacy of their communications, as well as other homegrown apps that include a news-feed compiler and DDoS attack software, according to a Trend Micro report.The tools have been made to give less tech-savvy members of terror groups the ability to use known technologies without having to trust or invest in commercial products that can perform the same functions, the report says.Some of the tools are still being updated, indicating an active development community among the terrorists.To read this article in full or to leave a comment, please click here

Geek-Themed Meme: Password shenanigans

Truth be told, I am not a model citizen when it comes to password management, so the sentiment behind this latest installment of “Geek-themed Meme of the Week” resonated with me. And the discussion on Reddit that followed was interesting, too. Reddit A suggestion from the comments:To read this article in full or to leave a comment, please click here

Why your iPhone-unlocking fingerprint is susceptible to FBI search warrants

Should you be able to plead the Fifth when a judge forces you to use your fingerprints to unlock an iPhone?That’s the latest ongoing debate in a Los Angeles courtroom after a judge compelled a woman in custody to use Touch ID to unlock an iPhone. Legal experts are arguing that this goes against the Fifth Amendment’s protection against self-incrimination because the authorities would then have access to potentially-incriminating personal data stored on the device.+ MORE IPHONE: Best Apple iPhone 7 design concepts of 2016  +To read this article in full or to leave a comment, please click here

Why you need DRM for your documents

If you pay $1.99 to download an ebook for your Kindle, it’s protected by DRM that stops you sharing the contents, and if Amazon wants to, it can revoke the document so you can’t read it any more. Is your company’s current price list protected nearly as well?With information rights management (often known as enterprise DRM, short for digital rights management), you could make sure that price list was only shared with your customers, blocking them from sending it on to your competitors and automatically blocking it at the end of the quarter when you come out with new prices. Or you could share specifications with several vendors in your supply chain during a bidding process and then block everyone but the winning vendor from opening the document after the contract is finalized. You can make sure that contractors aren’t working from out of date plans by making the old plan expire when there’s an update. Tracking and visibility is useful for compliance as well as security; you could track how many people had opened the latest version of the employee handbook, or see that a document you’d shared with a small team was being actually read by Continue reading

That printer in the corner is still a threat

They sit off in the corner, some of them collecting dust. Yet, a printer is a legitimate attack surface. Many companies don’t bother to update the firmware on older models, or don’t include every model in a security audit (such as the one in the CEO’s office everyone forgot about), or the organization assumes a hacker won’t bother with an Epson or HP that is barely even connected to Wi-Fi.Interestingly enough, because a printer is so innocuous and seemingly harmless, that’s the exact reason it poses a threat, according to the security analysts who talked to CSO about this issue. Sometimes, the best attack vector for an attacker is the one no one bothers to think about. However, a recent IDC survey found that 35 percent of all security breaches in offices were traced back to an unsecured printer or multi-function device, costing companies $133,800 each year.To read this article in full or to leave a comment, please click here

Microsoft’s CEO explains why his company sued the U.S. government

Microsoft surprised the world last month when it filed a lawsuit against the U.S. Department of Justice, alleging that the frequent practice of attaching gag orders to search warrants for customer data violates the U.S. Constitution.On Monday, CEO Satya Nadella told a group of tech luminaries why the company did so: Microsoft has a strong view on its privacy promises to users, and the company will fight to prevent government overreach that, in its view, compromises the principles of privacy. Governments have a compelling need to help preserve public safety, but Microsoft wants to make sure that users' privacy is also preserved, Nadella said. To read this article in full or to leave a comment, please click here

Microsoft to begin SHA-1 crypto shutoff with Windows 10’s summer upgrade

Microsoft last week outlined the timetable it will use to drop browser support for sites that secure traffic with SHA-1 certificates, part of an Internet-wide plan to rid the Internet of the weaker encryption.With the delivery of the Windows 10 Anniversary Update -- slated to ship sometime this summer -- both Internet Explorer (IE) and Edge will stop displaying a lock icon for sites that reply on a SHA-1 certificate. That icon signals that the bits back and forth between browser and website are encrypted, and so not vulnerable to spying.To read this article in full or to leave a comment, please click here

Match security plans to your company’s ‘risk appetite’

This report from the CIO Executive Council (CEC), based on a webcast featuring Scott Angelo, CIO at K&L Gates, and Mike Plantinga, CIO at CIBC Mellon, explores CIO-level strategies for dealing with cybersecurity threats – before and after a data breach.One step the report recommends is developing a “risk appetite statement” that identifies how much the organization is willing to spend on certain security threats.The report also encourages CIOs to develop a plan for how to communicate with various stakeholders, such as the board of directors and outsiders, in case of a data breach.To learn more, download the free report, which includes a link to the full CEC webcast.To read this article in full or to leave a comment, please click here(Insider Story)

The Rise of Threat Intelligence Gateways

According to ESG research, enterprise organizations continue to invest in all types of threat intelligence (note: I am an ESG employee).  For example, 60% of organizations have had a threat intelligence program in place for more than 2 years, 69% consume 6 or more open source or commercial threat intelligence feeds as part of cybersecurity analytics efforts, and 72% of enterprises plan on increasing spending on their threat intelligence programs over the next 12 to 18 months.Why is threat intelligence gaining momentum?  Security professionals know that since they can’t block every conceivable cyber-attack, they need to collect, process, and analyze all types of internal and external security data to improve their incident detection and response capabilities.  Many also want to use threat intelligence more proactively for threat prevention.  In fact, 36% of enterprise cybersecurity professionals say that their organizations intend to use threat intelligence feeds to automate remediation actions over the next 24 months.To read this article in full or to leave a comment, please click here

SmartThings security flaws revealed

Researchers from the University of Michigan and Microsoft Research took aim at Samsung’s SmartThings and came up with four proof-of-concept attacks that they believe should make SmartThings owners a bit paranoid by thinking about worst-case scenarios in which hackers remotely take control of your home.If a hacker could unlock your door while you are sleeping, then your safety is at risk. If the door is unlocked while you are away, then you might have come home to discover all your cool tech is gone. If a hacker could continually set off your smoke alarm, then your sanity might be tested.None of those examples is out of the realm of possibility, as the researchers exploited SmartThings framework design flaws and developed attacks that included stealing door lock PIN codes, changing the lock code, triggering a fake fire alarm and turning off vacation mode “all without requiring SmartApps to have capabilities to carry out these operations and without physical access to the home.”To read this article in full or to leave a comment, please click here

New products of the week 5.2.16

New products of the weekOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.CloudJumper nWorkspaceKey features: CloudJumper nWorkspace is a comprehensive Workspace as a Service platform for SMBs and the enterprise that simplifies IT while expanding access to desktops, software applications, data, and entire workspaces from any device or location. Users have access to thousands of applications or can add their own applications with ease using the platform. The fully packaged WaaS platform offers customers a choice of licensing models for greater flexibility and lower costs, including named user and concurrent user licensing options. More info.To read this article in full or to leave a comment, please click here

Qatar National Bank claims customer data released by hackers is authentic

Qatar National Bank has admitted that its systems were hacked but said that the information released online was a combination of data picked up from the attack and from other sources such as social media.The incident would not have a financial impact on the bank’s customers whose accounts are secure the bank said, without providing details of how its systems were hacked, the possible identity of the hackers, and what information was harvested.The announcement Sunday by one of the leading financial institution in the Middle East follows the posting online last week of leaked documents. The attack only targeted a portion of Qatar-based customers, the bank said, claiming the hack attempted to target the bank’s reputation rather than specifically its customers.To read this article in full or to leave a comment, please click here

Michigan utility shuts down systems, phone lines, email after ransomware attack

Last week was a busy week when it comes to ransomware. New victims included a utility company, visitors to a toymaker’s website, pirates sailing The Pirate Bay and many more. Some cyber crooks are now demanding gift cards for ransom instead of bitcoin. While it wasn’t all bad news, there are new decryptors and detectors, the FBI published a new warning about the proliferation of increasingly sophisticated ransomware campaigns.Utility company hit with ransomwareLansing Board of Water & Light (BWL), a Michigan municipal utility, was hit with ransomware after an employee opened an email with a malicious attachment. The ransomware spread, encrypting files on other computers on the internal network; BWL shut down its accounting system, email service for 250 employees and “phone lines,” including the customer assistance line for account inquiries and the line for reporting outages. “Printers and other technology” were also affected.To read this article in full or to leave a comment, please click here