security

Government of Canada Plans to Set CyberSecurity Policy

November 14th, 2017

The growing trend of attacks is worrying every corner of the world. Like other parts, Canadians are also at risk from cyber attack. The Government of Canada plans to fight this battle. They are implementing various measures to stop the attacks. At the SecTor conference here, Colleen Merchant, Director General for National Cyber Security at Public Safety Canada, explained the steps taken.

Merchant mentioned that government agencies will have different responsibilities for cyber security. The Royal Canadian Mounted Police (RCMP) is tasked to handle law enforcement and related investigations. Public Safety Canada handles the Canadian Cyber Incident Response Center (CCIRC).

“CCIRC also has a responsibility for coordinating the overall national response to significant cyber events affecting critical systems in Canada,” she said.

Public Safety Canada also provides helping hands to set policy for cyber security. Merchant mentioned that the role of policy is to help assess challenges and help to formulate overall approaches that work at a national level.

The Government of Canada has released its Cyber Security Strategy manifesto in 2010 which consists of  three core pillars including: securing government systems, partnering to secure vital system outside of the federal government, and helping Canadians to be more secure online.

“From 2010 and going up to 2020 we have committed $431.5 million for investment and improvement into cyber security,” Merchant said.

Government of Canada has taken views from various entities while drafting policy for cybersecurity. Merchant said that there was the need for more privacy, collaboration and skilled cyber security personnel.

“We are recognizing that cyber-security has become a source for economic prosperity,” Merchant said.

“The Government can’t solve all problems but we can find ways to force-multiply, by providing all partners with direction and to set out national-level objectives that we can all work toward,” she said.

____________________________________________________________________________________________

AlertSec ACCESS checks for full disk encryption on PCs running Windows 7, 8, and 10 Home, Pro and Enterprise as well as Mac OS El Capitan and Sierra. AlertSec ACCESS will also verify that all smartphones running iOS and Android are encrypted before access is granted.

Managing Privileged Passwords

November 11th, 2017

Recent survey conducted by One Identity of 913 IT security pros shows that 86 percent of IT security professionals face challenges managing privileged passwords.

As per the One Identity website – “We believe that security is much more than the practice of denial and restriction. That’s why One Identity’s design and integration philosophy is that our solutions must add agility and efficiency to an organization – regardless of size or market – as well as secure its digital assets.”

Other findings of the survey include –

Eighteen percent use a paper logbook for privileged password management

Thirty six percent manage passwords in Excel or another spreadsheet

Twenty two percent are not able to monitor or record activity performed with admin credentials

Forty percent do not change the default admin password

“Over and over again, breaches from hacked privileged accounts have resulted in astronomical mitigation costs, as well as data theft and tarnished brands,” One Identity president and general manager John Milburn said in a statement. “These survey results indicate that there are an alarmingly high percentage of companies that don’t have proper procedures in place.”

LastPass research survey shows that the average security employee is managing 191 passwords.

Twenty six and half percent of businesses has multi-factor authentication to protect their password vaults.

“While we’re seeing that a significant portion of businesses are investing in multi-factor authentication, it is not yet adopted widely enough to compensate for the shortcomings of passwords,” the report states.

Duo Labs conducted survey of 443 individuals has below findings –

Twenty eight percent of respondents use two-factor authentication (2FA)

Fifty six percent of respondents had never heard of it

Forty-five percent of those who use 2FA said they do so on all services that offer it

“This survey underscores the reality that we as a security community still have a long way to go when it comes to educating the everyday person about proper security behaviors in general and 2FA in particular,” the researchers wrote.

____________________________________________________________________________________________

AlertSec ACCESS is a patent pending technology designed to check that devices are encrypted before access to a network is granted. Encrypted devices secure your data even if they are lost or stolen.

GDPR

November 8th, 2017

HyTrust conducted survey of 323 attendees at the VMworld 2017 conference in Las Vegas, Nevada. It found that only 21 percent are concerned about GDPR compliance regulations and plan to implement it. Twenty seven percent are concerned but have no plan to implement.

“If you think GDPR desn’t apply to your organization, think again,” HyTrust president and founder Eric Chiu mentioned in a statement.

“Most organizations today are very aware of their security risks, but are not as far along with technology and processes to meet the GDPR compliance requirements, despite a May 2018 deadline that has significant fines for failure to comply,” Chiu added.

Another survey conducted by Carbon Black survey of 120 business decision makers has below findings –

Eighty six percent of respondents mentioned that they are confident in their ability to comply with GDPR requirements

Fifty eight percent are not using effective risk management tools

Survey conducted by Computing Magazine stated that only ten percent have their toolsets for classifying critical data and prioritizing risk to data.

“In order to effectively identify and neutralize data breaches, it’s essential to know what constitutes normal network behaviors versus what is suspicious,” Carbon Black senior director for compliance and governance programs Chris Strand said in a statement.

“Failing to align the right data protection toolsets with people and processes, many organizations are at risk of non-compliance with the GDPR and, more importantly, putting their customers’ information in jeopardy,” Strand added.

Survey conducted by IAPP-EY survey of 548 privacy professionals worldwide shows that fully 95 percent ( 75 percent of whom are located outside the EU) say the GDPR applies to their organization.

“Even though the EU’s GDPR has yet to take effect, organizations the world over are spending money on hiring and promoting privacy staff, training employees on privacy, purchasing technology to help with GDPR compliance, and pushing privacy awareness into every corner of the firm,” the report states.

____________________________________________________________________________________________

AlertSec ACCESS checks for full disk encryption on PCs running Windows 7, 8, and 10 Home, Pro and Enterprise as well as Mac OS El Capitan and Sierra. AlertSec ACCESS will also verify that all smartphones running iOS and Android are encrypted before access is granted.

Deception Technology

October 31st, 2017

Symantec’s endpoint security product suite has latest update which uses deception technology to keep devices secured. Deception technology is first step towards this efforts in the industry.

It unveiled Endpoint Security for the Cloud Generation along with this new technology. It is used by the companies to trick hackers which makes them believe that they had gained access to the systems.

“Deception technology is a direct result of Symantec’s innovation strategy paired with more than 15 years of endpoint security expertise,” Sri Sundaralingam, head of product marketing for Enterprise Security Products at Symantec.

The technique makes hackers to waste their efforts, time and energy breaking into fake servers.

“With deception on the endpoint, customers can now utilize the threat intelligence and deception capabilities of the largest security company in the world to expose stealthy attack tactics, delay attackers, and determine attacker intent beyond what’s available through purely network-based deception technologies – all at a scale like no other in the market,” continued Sundaralingam.

SEP 14.1 also had a new add-on entity which is called Hardening. It isolates suspicious activity at applications.  It also provides behavioral analysis and machine learning to identify malware.

Symantec Advanced Threat Protection (ATP): Endpoint 3.0 employs SEP’s endpoint detection and response features combined with threat intelligence and machine learning to stop attacks.

Company also launched Skycure’s AI-enabled mobile threat defense software. Skycure was acquired by Symantec for an undisclosed amount.

“One of the most dangerous assumptions in today’s world is that iOS and other mobile devices that employees bring into the office are safe, but the apps and data on these devices are under increasing attack,” stated Symantec CEO Greg Clark at the time. “We believe that tomorrow’s workforce will be completely mobile and will demand a cyber defense solution that travels with them.”

____________________________________________________________________________________________

AlertSec ACCESS is a patent pending technology designed to check that devices are encrypted before access to a network is granted. Encrypted devices secure your data even if they are lost or stolen

Funding for Averon

October 25th, 2017

San Francisco-based company Averon recently secured $8.3 million in an Avalon Ventures-led Series A round of funding. The firm is a mobile authentication startup.

Direct Autonomous Authentication (DAA) mobile identity verification standard is the brainchild of Averon. It allows smartphone users seamlessly and securely interact with services and devices. The technology allows users to interact with devices like smart locks which involves no download of dedicated app.

“Averon leverages real-time mobile network signaling and the SIM/eSIM (eUICC) chips already found in the world’s seven billion smartphones, requiring no installation, no apps, and no user involvement whatsoever,” the company explained in an Oct. 24 media advisory. “Working seamlessly in the background, it is the easiest, fastest and most secure way to provide instant, frictionless authentication.”

Wendell Brown, Averion’s CEO mentioned that his company is the solution to large scale breaches in current time.

“As we see in the news every day, cybersecurity breaches continue to grow in size and frequency, and the world is in desperate need of the next generation of online identity authentication,” said Brown, in a statement. “Averon offers a uniquely superior solution that authenticates users while relying on zero personally identifiable data and requiring zero effort on the part of consumers – Averon is the new gold standard in cybersecurity, and we’re rapidly taking it to scale.”

Many cyber security startups are getting funded. The partial list can be mentioned as below who got funding in recent times –

KnowBe4 secured a $30 million Series B round of financing the company

Contrast Security mentioned that it had completed a Series C round worth $30 million

ShiftLeft’s secured $9.3 million

Attivo Networks secured  $21 million Series C round of funding

Duo Security raised $70 million

 ___________________________________________________________________________________

AlertSec ACCESS checks for full disk encryption on PCs running Windows 7, 8, and 10 Home, Pro and Enterprise as well as Mac OS El Capitan and Sierra. AlertSec ACCESS will also verify that all smartphones running iOS and Android are encrypted before access is granted.

Breaches in US Financial Service Organizations

October 23rd, 2017

As per the 2017 Thales Data Threat Report, forty two percent of U.S. financial services organizations got affected by data breach. Survey saw participation of 1,100 senior security executives worldwide. The findings are as below:

Twenty four percent of the organizations suffered data breach in last year alone

Nineteen percent suffered data breach in 2016

Eighty-six percent of participants believe they are vulnerable to data threats.

Ninety six percent will use sensitive data in an advanced technology environment

“Data breaches continue to hit the headlines and, as recently illustrated by the Equifax breach, the financial services industry is a prime target for hackers,” Thales e-Security vice president of strategy Peter Galvin said in a statement.

“As digitization continues to transform the industry’s online infrastructures it is critical organizations implement data security solutions that follow the data — wherever it is created, shared or stored,” Galvin added.

A recent survey conducted by ISMG survey of over 250 banking and security leaders found that 38 percent have confidence in threat detection deployed by companies.

“This survey certainly shows that while consumers may shoulder many direct costs and burdens associated with fraud, institutions are also suffering substantially,” NuData Security marketing director Lisa Baergen told eSecurity Planet by email.

“The global uptick in fraud, coupled with ever-increasing amounts of PII available on the black market, makes financial institutions more vulnerable and as a result, their security investments are growing yet their confidence in them isn’t,” Baergen added.

As per Symantec’s Q2 Mobile Threat Intelligence Report: Mobility and Finance found that twenty five percent of mobile devices used by employees at financial services organizations are at risk.

“Since user behavior is such a huge factor in mobile security, user education is one of the most important things an organization can do to… minimize the threat to their organizations through mobile devices,” the report suggests.

____________________________________________________________________________________________

AlertSec ACCESS is a patent pending technology. It is designed to enforce that devices are encrypted before access to a network is granted. Encrypted devices secure your data in case a device is lost or stolen. AlertSec ACCESS checks all computers and smartphones and detects all encryption types.

New Funding for Contrast Security

October 20th, 2017

Contrast Security raised $30 million in a Series C round of financing which was led by Battery Ventures along with venture capital (VC) firms Acero Capital and General Catalyst. The total money raised till date is $54 million.

Company deals in technology that enables enterprises to develop and deploy “self-protecting” software. Contrast Assess and Contrast Protect are two products which integrates security elements into software development process.

“Contrast doesn’t treat the symptoms like a scanner, sandbox, or firewall.  Instead, Contrast infuses both security testing and protection directly into the application, like an immune system for applications that inoculates against vulnerabilities and attacks,” explained Williams. “Simply add Contrast to your application environment, and it starts working immediately without any code or process changes, and without needing security experts.”

Contrast takes two approaches for security.

“Contrast Assess focuses on vulnerabilities, and instantly alerts development teams so they can fix code without disrupting software development. Contrast Protect identifies and blocks attacks, rendering them ineffective,” said Williams. “Together, Contrast Assess and Protect provide organizations with a comprehensive self-protecting software solution that works in data center, cloud, and container [environments], throughout an application’s development and deployment.”

The company’s approach combines DevOps and security without affecting performance, Williams added. In terms of threats and attacks, Contrast’s technology protects against the Open Web Application Security Project (OWASP) top 10 vulnerabilities and much more.

“Contrast invented a way to combine multiple different analysis techniques in a single component that measures vulnerabilities and attacks directly from the running application. This provides an almost unfair information advantage that allows Contrast to protect against a broader range of security problems than other tools and to do it more accurately,” Williams added.

Security risks blocked by company product includes Command Injection, Cross-Site Scripting (XSS), Hard-coded Password, Insecure Encryption Algorithms, Java Reflection Injection, NoSQL Injection, SQL Injection, Weak Random Number Generation among many more. “Contrast also includes a powerful rule language that allow definition of both positive (behavior pattern is required) and negative (behavior pattern is disallowed) security rules,” Williams concluded.

____________________________________________________________________________________________

AlertSec ACCESS is a patent pending technology designed to check that devices are encrypted before access to a network is granted. Encrypted devices secure your data even if they are lost or stolen.

North Korea Hackers Hit US Companies

October 14th, 2017

FireEye researchers recently mentioned that spear phishing emails were sent to U.S. electric companies which can be traced back to North Korea.

The emails contained fake invitations to a fundraiser. Anyone who opened attachment will get malware.

The researchers mentioned that the attack is early-stage reconnaissance.

“Nation-states often conduct cyber espionage operations to gather intelligence and prepare for contingencies, especially at times of high tension,” the researchers wrote.

Two years ago North Korean hackers has released sensitive data on South Korean nuclear power plants.

Researchers mentioned that North Korea linked hackers are bold and “likely remain committed to pursuing targets in the energy sector, especially in South Korea and among the U.S. and its allies, as a means of deterring potential war or sowing disorder during a time of armed conflict.”

“North Korea linked hackers are among the most profilic nation-state threats, targeting not only the U.S. and South Korea but the global financial system and nations worldwide,” the researchers wrote. “Their motivations vary from economic enrichment to traditional espionage to sabotage, but all share the hallmark of an ascendant cyber power willing to violate international norms with little regard for potential blowback.”

Eddie Habibi, CEO of PAS Global mentioned that with the growing tension between US and North Korea the frequency of the attack will rise.

And while critical infrastructure is as prepared as it has ever been for phishing attacks, Habibi said, it’s not well prepared for the consequences of attacks that provide the attackers with “access to the process control networks where you find systems that control volatile processes or ensure worker safety.”

“These systems are often 15 or 20 years old and consequently do not adhere to today’s secure by design principles,” Habibi said. “They are also not visible to security personnel, which makes detecting and reacting sufficiently to compromise difficult at best. Exploiting these systems can lead to loss of production, shareholder value, and even life under certain circumstances.”

____________________________________________________________________________________________

AlertSec ACCESS is a patent pending technology. It is designed to enforce that devices are encrypted before access to a network is granted. Encrypted devices secure your data in case a device is lost or stolen. AlertSec ACCESS checks all computers and smartphones and detects all encryption types.

North Korean Hackers

October 11th, 2017

South Korean ruling party lawmaker Lee Cheol-hee said that North Korean hackers have stole 235 GB of data from South Korea’s Defense Integrated Data Center which includes operational plans created by Seoul and Washington for all-out war with North Korea.

The data includes plans for “decapitating” the North Korean leadership if war breaks out. It also includes contingency plan.

“The Ministry of National Defense has yet to find out about the content of 182 GB of the total [stolen] data,” he said.

As per the Pentagon spokesman Colonel Rob Manning, all key information remains secure. “I can assure you that we are confident in the security of our operations plans and our ability to deal with any threat from North Korea,” he said.

“We’ll continue to work closely with our partners in the international community in identifying, tracking and countering any cyber threats,” Manning added.

As per the AlienVault threat engineer Chris Doman, hacker group responsible for the attacks is possibly a subgroup of the attackers behind WannaCry, the Sony breach, and the SWIFT hacks. “They are very active, and I continue to see new malware samples from them every week,” he said.

“In Ukraine, the number of cyber attacks, and their level of sophistication, rose with fighting on the ground,” Comodo senior research scientist Kenneth Geers said. “The threat of sudden decapitation via cyber and traditional strikes may force Kim Jong-un into making desperate moves.”

“Cyber is more unpredictable than traditional weaponry, because you may lose control of your assets before you know it,” Geers added. “Given that the risk is international nuclear war, there are no limits on what both sides might do in cyberspace to prepare the battlespace, in an effort to improve the prospects of victory for their side.”

Geers also mentioned that North Korean hackers may plan sabotage operations in case of war. “It is possible that North Korea might receive cyber help from Russia and/or China, who may perceive an interest in undermining U.S. geopolitical goals, as well as testing national cyber capabilities,” he said.

____________________________________________________________________________________________

AlertSec ACCESS is a patent pending technology designed to check that devices are encrypted before access to a network is granted. Encrypted devices secure your data even if they are lost or stolen.

Fast Flux Botnets is a Security Risk

October 8th, 2017

Attackers use many techniques which is hidden in nature. Akamai research mentioned that a botnet with over 14,000 IP addresses uses fast flux DNS technique to avoid detection. It is technique which uses Domain Name System (DNS) to hide the source of an attack.

Multiple sets of IP address are rapidly swapped in and out of the DNS records which avoids detection. Most of the attack are coming from eastern Europe.

“No attribution to a specific attacker, but the research shows that the majority of botnet IP addresses are from Ukraine, Romania and Russia,” Or Katz, Principal Lead Security Researcher, Akamai, told eSecurityPlanet.

Botnets have been using fast flux techniques earlier which includes the zBot and Avalanche networks.

It is not a new technique. The focus of the research conducted by Akamai is to show analysis using data science approaches.

“According to the evidence we were able to collect, we assume that the botnet infrastructure is based on compromised machines and the machines that are associated with the botnet are constantly changing,” Katz said. “The fast flux technique being used is abusing the features of DNS in a way that serve their objectives.”

Akamai has not given the specifics of the attack.

“While tracking fast flux botnet is challenging, it is possible to do so by using algorithms that capture the fluxing behavior by looking on the relevant features, and this can lead to detecting such networks out-of-the-box,” Katz said.

One can detect botnets attack by having threat landscape visibility along with DNS and web traffic monitoring.

“Fast flux botnets are using domain names as the way for communication with malware,” Katz said. “Having algorithms that can track those domain names, once they start to become active, can reduce the effectiveness of such botnets.”

____________________________________________________________________________________________

AlertSec ACCESS checks for full disk encryption on PCs running Windows 7, 8, and 10 Home, Pro and Enterprise as well as Mac OS El Capitan and Sierra. AlertSec ACCESS will also verify that all smartphones running IOS and Android are encrypted before access is granted.