We wish you a tremendous Happy New Month.
For years, experts have warned about the danger of Internet of Thing devices, often built by companies on the cheap with little or no interest in building security into their products. Many of these insecure devices have found their ways into businesses, interacting and exchanging cloud-based information with other parts of the corporate infrastructure.
With the emergence of powerful IoT malware such as Mirai, the bad news predictions are being borne out. The reality is that any connected device provides an attack vector for adversaries.
Still, the prospect of malware-infected devices repurposed as a zombie army acting at the behest of cyberattackers hasn’t slowed IoT adoption. Just the opposite is true, in fact. Companies in sectors such as manufacturing, transportation, healthcare and utilities continue to deploy IoT devices in ever-greater numbers, and researchers expect billions of devices will be in use around the world by the end of this decade.
Survey finds workers still violate security policies to remain productive
With workplace cyberattacks on the rise, industry experts are pressing businesses to train their workers to be more vigilant than ever to protect passwords and sensitive data and to recognize threats.
“It is imperative for organizations of all sizes to instill among employees the critical role they play in keeping their workplace safe and secure,” said Michael Kaiser, executive director of the National Cyber Security Alliance, a group that promotes education on the safe and secure use of the internet. The group’s members include such major technology companies as Cisco, Facebook, Google, Intel and Microsoft.
Kaiser made his comments timed with last week’s release of a Dell End-User Security Survey that found that 72% of workers are willing to share confidential company information without regard for proper data security protocols. The survey was conducted online in late February and early March with results from 2,608 professionals in companies with more than 250 workers.
“Cybersecurity education needs to be an integral part of the workplace culture,” Kaiser added. “Cybersecurity education doesn’t mean hosting a one-time course or seminar; it means making security a collaborative, continuous cultural initiative.”
Creating a security culture at a company can be complicated. The survey found that 65% of employees recognize their responsibility to protect confidential information, but many said security programs limit their productivity. Of those who received cybersecurity training at work, 24% admitted they went ahead and used unsafe behaviors anyway in order to complete a task.
There is a “balance between protecting your data and empowering employees to be productive,” said Brett Hansen, vice president of endpoint security and management at Dell. Data security needs to be the top priority “while maintaining productivity,” Hansend said. It’s a difficult task that requires companies to create simple, clear policies that address potential breaches.
The survey found that unsafe behaviors for accessing, sharing and storing data are common in the workplace. Forty-six percent of employees admitted to connecting to public Wi-Fi to access confidential information, while 49% admitted to using a personal email account for work tasks. The survey found 35% said it was common to take corporate information with them when leaving a company.
“As the Dell survey clearly indicates, there is still much work to be done regarding cybersecurity education and training for employees,” said Kristin Judge, director of government relations for the Alliance, via email.
“The trend we are seeing is one of creating a culture of cybersecurity within an organization, which means taking cybersecurity best practices out of the IT department and bringing them into the risk management discussion… Effectively responding to cyber threats is relatively new on the list of day-to-day business practices — so it will take some time to establish and instill widespread organizational change.”
Avivah Litan, a security analyst at Gartner, said companies are beginning to institute cybersecurity training programs. “When it is instituted, it really makes a huge difference,” Litan said in an email. She said she used to be cynical about the impact of these training programs, but has become convinced recently about how effective they can be. She wrote a blog in December describing how one Midwest energy firm had seen an almost 80% reduction in security incidents after training.
The alliance urges companies to talk frequently to workers about:
- Rules for keeping a clean machine, including what programs, apps and data that workers can install and keep on their work computers;
- Best practices for passwords, including making them long and strong, with uppercase and lowercase letters, numbers and symbols, and changing them routinely;
- Throwing out suspicious links in email, tweets, posts, online ads, messages or attachments—even if they know the source;
- Remembering to back up work, based on the policies of each company;
- Speaking up if they notice strange happenings on their computer.
For business travelers going abroad, the National Counterintelligence and Security Center has posted a series of travel tips. They include suggestions such as taking a different mobile phone from the one you typically use and checking for updated cybersecurity alerts at the U.S. Computer Emergency Readiness Team’s website.
NotPetya/GoldenEye Malware Overwrites Master Boot Record
The Petya/NotPetya ransomware used in the global attack ongoing for the past two days was in fact hiding a wiper and was clearly aimed at data destruction, security researchers have discovered.
The attack started on June 27, with the largest number of victims being reported in Ukraine, where it apparently originated from. Within hours, the outbreak hit around 65 countries worldwide, including Belgium, Brazil, France, Germany, India, Russia, and the United States.
The attack would spread within local networks through various tools, including Mimikatz for credential gathering, and the EternalBlue exploit (also used by WannaCry), the EternalRomance exploit (Microsoft released patches for both in March), and WMIC (Windows Management Instrumentation Commandline) and PSExec for lateral movement.
In an era of shrinking IT budgets and rising expectations for ever-increasing business value, traditional IT portfolio approaches must be revised to cope with lofty organizational demands.
Across industries, IT budgets for “run the business” initiatives have declined steadily over the past few years. Yet despite having fewer dollars to spend on activities such as application maintenance and extensions, many senior leaders still expect IT to deliver outcomes that meet if not exceed their strategic business objectives.
To deliver on these expectations, IT must initiate a more rigorous review of the ROI measurement process and consider embracing a managed services-based approach to managing their portfolios. This approach, in our experience, can simultaneously reduce costs and increase the value delivered to business.
We believe organizations should adopt a “zero maintenance strategy,” based on the following imperatives:
- Reduce non-discretionary spend by eliminating the effort expended to run applications in production while optimizing infrastructure costs by “rightsizing” application needs.
- Optimize discretionary spend by accelerating time-to-market while, at the same time, ensuring that the technical and functional value of the application portfolio is increased.
- Deliver business outcomes that continuously verify the relevance of installed applications and ensure they are not only “fit for use” but also “fit for purpose.”
WannaCry, Wanna Decryptor, WannaCrypt – whatever it’s referred to, the ransomware involved in the recent NHS computer hack is, by and large, the same bitcoin-demanding beast. Here we explain everything we know about the worm that caused global chaos.
WannaCry is a so-called encryption-based ransomware also known as Wanna Decryptor or WCRY, Travis Farral, director of security strategy for Anomali told WIRED.
It encrypts users files using AES and RSA encryption ciphers meaning the hackers can directly decrypt system files using a unique decryption key.
In previous WannaCry ransomware attacks, victims have been sent ransom notes with “instructions” in the form of !Please Read Me!.txt files, linking to ways of contacting the hackers. WannaCry changes the computer’s wallpaper with messages asking the victim to download the ransomware from Dropbox before demanding hundreds in bitcoin to work. Read more