Computer security

Cybersecurity in Europe: Key Recommendations for The New Cyber Review

by

. These are some of the questions that Hanover’s Digital Policy team* considers relevant to be addressed for Europe’s cyber preparedness.
Indeed, the major cybersecurity overhaul, which was announced on September 13 by Commission President, Jean-Claude Juncker, at the State of the Union address in Strasbourg, set a new course for Europe’s efforts in fighting cyber vulnerabilities, notably by coming up with a new non-binding cyber strategy and a revised mandate of the ENISA agency with new competences.
Yet, Member countries should be more open to information sharing. Our survey shows that all respondents ‘agree’ with further information sharing amongst Member countries, 35 percent of which even ‘strongly agree’.
Despite these achievements, some outstanding issues need to be addressed, i.e. avoiding fragmentation, which would benefit to further operational efficiency, and preserving the integrity of encrypted communications, to avoid that backdoors for government access are used for malicious purposes.

Cybercrime wake-up call

by

. ALBUQUERQUE, N.M. — Cybersecurity experts say the massive breach of credit-reporting company Equifax Inc.’s data systems may be a needed wake-up call to galvanize business and government into much more aggressive action to protect online data in today’s hyperconnected cyber world.
Equifax faces congressional investigations, class-action lawsuits, inquiries by the Federal Trade Commission and the Consumer Financial Protection Bureau, and action by attorneys general from around the country.
Details are still scarce, but apparently hackers broke into Equifax through a flaw in the Apache Struts software package that runs one of its online web portals.
That apparently lax security, plus the immense damage cybercriminals could now inflict on consumers and businesses, may convert Equifax into a watershed event that pushes government and industry into much more aggressive efforts to fight cybercrime, according to industry experts.
Nearly 1.1 billion identities were stolen worldwide through data breaches last year, almost double the 2015 tally, according to the latest annual Internet Security Threat Report released last spring by global cybersecurity firm Symantec Corp.
“Growing hacker sophistication is a factor, but it’s the evolution in online data sharing that’s creating havoc,” said Srinivas Mukkamala, co-founder and CEO of Albuquerque-based cybersecurity firm RiskSense.
As a result, cybersecurity’s traditional focus on teaching employees what to do and not to do to protect systems is inadequate, said Jack Miller, chief information security officer for cybersecurity firm SlashNext, which created hardware to monitor all traffic on a company’s network.
It’s the interface between artificial intelligence and humans, plus the sharing of lessons learned among everybody, that will allow industry and government to get ahead of cybercrime, Mukkamala said.

Equifax says 100,000 Canadians impacted by cybersecurity breach

by

. Equifax Canada said a massive cybersecurity breach at the company may have exposed the personal information of about 100,000 Canadian consumers.
Equifax is a consumer information company that provides, among other services, credit information and credit ratings on individuals.
Our focus now is on providing impacted consumers with the support they need,” Nelson said in a release.
Canada’s privacy commissioner said Friday it had opened an investigation into the data breach after receiving several complaints and dozens of calls from concerned Canadians.
Equifax said it has been working with the Office of the Privacy Commissioner of Canada (OPC) and will be sending notices via mail directly to all impacted consumers outlining the steps they should take.
Equifax has said the breach of its system occurred between mid-May through July, and it learned of the hack on July 29.
Last week, Equifax put the blame for the breach on a web server vulnerability in its Apache Struts open-source software. However, the vulnerability could have been fixed back in early March when patches became available.

Equifax’s Data Breach Should Prop Up These Cybersecurity Stocks

by

Equifax’s Data Breach Should Prop Up These Cybersecurity Stocks.
Betting on cybersecurity stocks has been a profitable trade in 2017.
The company last week admitted that it failed to fix a vulnerability called “Apache Struts.” And here’s the thing: This vulnerability, which was exploited by the attackers, was first discovered in March — a good six months before the breach took place.
As expected, heads at Equifax have begun to roll as various class-action suits are being formed.
On Friday the company said two technology and security executives, Susan Mauldin and David Webb were leaving the company “effective immediately.” According to Reuters, the company also announced that it has brought on FireEye (FEYE) threat intelligence subsidiary Mandiant, to investigate the breach.
Cybersecurity stocks like FireEye, which last week soared 8%, has skyrocketed 46% year to date, crushing both the CIBR and HACK.
For similar reasons, investors should look to data security specialist Barracuda Networks (CUDA), which last week rose more modestly at 1.74%.
CUDA stock, which has risen just 14.5% year to date, could move higher in the quarters ahead.
Cybersecurity threat prevention could soon see spending of up to $101.6 billion on cybersecurity software, services, and hardware, according to research by the International Data Corporation.
And because of this latest breach to Equifax, businesses and consumers likely won’t wait to be victimized, especially given the ever-connected world in which we live.

Build it right with NIST’s Cybersecurity Framework

by

Build it right with NIST’s Cybersecurity Framework.
Published by the National Institute of Standards and Technology, and based on important research from the Information Technology Laboratory, this publication offers a comprehensive set of security controls to help you protect your data.
[ Read reviews of today’s top security tools and bookmark CSO’s daily dashboard for the latest advisories and headlines.
The level of potential risk is your starting point in developing and building solid cybersecurity defenses.
Before you can select the right set of security controls, you must consider the importance and sensitivity of the data.
Having established the potential impact levels, you can select a security control baseline.
You must weigh in regulations, emerging threats, new and legacy technologies and systems, plus your business goals, to arrive at the right blend for your organization.
Without in-depth, regular assessments you have no idea if your security controls have been implemented correctly, if they’re operating as intended, or if they’re meeting your expectations for security.
Continuous monitoring You’ve set a baseline, tweaked it to fit your needs, implemented it and tested to ensure that it’s working properly, now you can take it easy, right?
You might adopt a new system, integrate a new third-party service, or change your business goals.

Most infosec pros believe election hacks are acts of cyber war

by

Most infosec pros believe election hacks are acts of cyber war.
IT security professionals believe the effects of cyber attacks on elections go beyond diminishing confidence in the democratic process, according to a Venafi survey of 296 IT security professionals at Black Hat USA 2017.
Seventy-eight percent said they would consider it an act of cyber war if a nation-state was found to have hacked, or attempted to hack, another country’s election.
Intelligence agencies have determined that nation-states have already targeted elections globally, including in the U.S. A report from the NSA recently revealed that Russia launched a cyber attack on VR Systems, an election systems provider, prior to the 2016 U.S. presidential election.
“The definition of an act of war is an action by one country against another which is an immediate threat to peace,” said Jeff Hudson, CEO of Venafi.
“An attempt at election hacking could easily be considered an act of cyber war.
The intent is to undermine the foundation of government, which is responsible for protecting the country.
Malicious actors have the ability to alter voting databases, delay vote counts and subvert trust in the election process.” Additional findings include: Eighty-eight percent believe governments have not done enough to deter hackers from interfering with future elections.
Over a quarter (twenty-seven percent) believe attackers have already altered election results.
Voting machines are lucrative targets for cyber criminals and nation-state attackers, and unfortunately, many of them have vulnerabilities that can be easily exploited by these bad actors.

How do you secure the cloud? New data points a way

by

How do you secure the cloud?
Data from cloud security provider Alert Logic shows the nature and volume of risk for each form of cloud environment as compared to an on-premises data center.
Key findings include: Hybrid cloud environments experienced the highest average number of incidents per customer at 977, followed by hosted private cloud (684), on-premises data center (612), and public cloud (405).
Whether it’s a public, private or hybrid cloud environment, web application threats are dominant.
“It’s possible to keep these systems secure, but only if you understand what web frameworks and platforms your development teams tend to use.
“You can only do this if you automate your deployments, but you will gain the level of control over your infrastructure you could never achieve in traditional data centers,” says Govshteyn.
It’s not just data that security teams have limited visibility into.
While security operations are responsible for cloud security at 69 percent of the respondents’ organizations, cloud operations (54 percent) or network operations are also involved.
The same security tools that are deployed on-premise will be able to also secure the cloud – so cloud and security teams need to communicate.” What type of person should take point on the organization’s cloud security?
“In the last few years, this tends to be the IT operations team or an enterprise security team, but there is always an architect-level individual contributor or dedicated cloud security team at the core of this effort.

Week ahead in cyber: Dems look to block State Department shakeup

by

Week ahead in cyber: Dems look to block State Department shakeup.
The House and Senate are returning to Washington after their month-long summer recess and will face a number of cybersecurity issues on their docket.
The State Office of the Coordinator of Cyber Issues (S/CCI) was one of several envoys and offices Tillerson told Congress in August he planned to close or consolidate.
There had been rumors that Tillerson had plans to revamp State’s cyber work since mid-July, when the department’s top cyber diplomat resigned from his post.
Democrats are vowing to fight the move.
Donald Trump Jr. has scheduled a private interview with the Senate Judiciary Committee, but the date has not been publicly released.
Investigators have also been raising pressure on Trump’s former campaign manager, Paul Manafort.
CNN reported Tuesday that special counsel Robert Mueller has subpoenaed Manafort and his attorney.
The last week also saw new evidence that the Trump Organization was pursuing a major real estate deal in Moscow during the campaign, though it is unclear if Trump was aware of the negotiations.
Lawmakers returning to Washington will also be grappling with the fallout from a slew of resignations from Trump’s infrastructure security council.

Facebook Adware Attack

by

Facebook Adware Attack.
An adware campaign working, via Facebook messenger, is using targeted notes and URLs to trick Facebook users into clicking through to an installation screen for adware.
Alan Levine, an IT Security Veteran and Security Advisor to Wombat Security Technologies commented below.
Alan Levine, Security Advisor at Wombat Security: Why are criminals targeting this?
Cyber hackers may have multiple aims, but a consistent key objective is to compromise as many end user devices as possible.
What can organisations do to defend or mitigate such attacks?
What can users do to protect themselves?
First and foremost, although it wouldn’t be a popular choice, users of Facebook Messenger can protect themselves by taking a break, patiently waiting until Facebook’s security team addresses the malware, secures the Messenger vector, and eradicates the threat.
Cyber awareness training programs educate end users, and educated end users are more likely to do the right thing and less likely to be victimised by this kind of cyber-attack.
In this article Expert Comments Alan Levine alan levine awareness awareness training cyber cyber defense cyber threats defense end end users facebook facebook messenger messenger protect right security security advisor threats training users wombat security

IFINSEC Financial Sector IT Security Conference And Exhibition

by

IFINSEC Financial Sector IT Security Conference And Exhibition.
Date: 14-15 November 2017 Location: Istanbul – Turkey Email: info@ifinsec.com Reminder: Early bird rate on delegate registration is valid until 08 September 2017 for IFINSEC Financial Sector IT Security Conference and Exhibition (www.ifinsec.com) that will be held on 14-15 November 2017 in Istanbul, Turkey.
IFINSEC is a global, niche and dedicated conference focusing on IT Security technologies and solutions for financial industry.
Sponsorship and delegate registrations are open.
IFINSEC is one of the most important conferences in EMEA region on IT Security technologies and solutions for financial sector.
IT Security, Information Security, Network Security, Big Data Security, Application Security, Web Security, Identity and Access Management, End User Security, Database Security, Mobile Security, Cloud Security and IT Risk Management are key topics of the conference.
IFINSEC Conference serves a platform at where speakers will share their experience, knowledge, visions and future forecasts with the visitors.
The language of the conference speeches will be English or Turkish.
Simultaneous translation to Turkish or English will be available during conference speeches.
For more information about IFINSEC Conference, please visit event website www.ifinsec.com or contact: info@ifinsec.com