Education & Training: The Downfall of File-less Attacks (AVT)

Whilst we are all aware of the file-less or zero-footprint attack, the growth in their use has been alarming. With regular anti-virus tools less likely to detect them, how can the ‘savvy’ CIO ward against them?

The answer lies squarely in the need for the education and training of employees, ensuring they fully understand exactly what an advanced volatile threat (AVT) is and what to do should one be suspected.

AVTs live in memory; they never touch the disk and can only steal information when the computer is running. The exposure ends when the user shuts down the machine.

From a technical point of view, the only way to deal with AVTs is with anomaly-based detection tools, which live on each individual computer/server. These tools look at all system activity, even down to keystroke patterns and analyze normal from abnormal behavior.

In the case of an AVT, detection is likely because it will probably open a service, to enable an external connection. It is through this service that data, is sent. Hence, the behavior would be deemed abnormal, detected and shut down.

The Business Continuity Institute’s (BCI) Cyber Resilience Report called for improved user education after revealing that nearly two thirds (64%) of global firms have experienced at least one cyber ‘disruption’ in the past year. The report comprised of interviews with 734 respondents from 69 countries, showing that user education is a global issue.

Phishing and social engineering were found to be the primary cause of more than half (57%) of disruptions, highlighting the urgent need for improved user education.In the case of an AVT, detection is likely because it will probably open a service, to enable an external connection. It is through this service that data, is sent. Hence, the behavior would be deemed abnormal, detected and shut down.

The Business Continuity Institute’s (BCI) Cyber Resilience Report called for improved user education after revealing that nearly two thirds (64%) of global firms have experienced at least one cyber ‘disruption’ in the past year. The report comprised of interviews with 734 respondents from 69 countries, showing that user education is a global issue.

Phishing and social engineering were found to be the primary cause of more than half (57%) of disruptions, highlighting the urgent need for improved user education.

Click here to read the full article in Info Security Magazine

GDPR Breach: Ready, Get-Set, Go!

So here we go, GPPR has been in force for just under two months and already two well known brands have been caught in its net.

Luxury retailer, Fortnum & Mason, have detailed the loss of some 23,000 customer records, which include emails, telephone numbers and delivery addresses of customers who filled out a survey, or took part in an online competition, being affected.

Fortnum had used Typeform, who specialise in creating such surveys, to organise these forms. It was Typeform who discovered that an unknown third party had gained access to its server and downloaded the data.

And, Travelodge has announced that 180,000 personal details of its clients were taken, which included date of birth, passport numbers and billing information.

As a result and under the new GDPR regulations (disclosure within 72 hours of a breach), both company’s have been forced to contact each person whose data has been lost, all of whom will need to change their details, such as passwords, and will need to monitor their personal credit rating closely, as well as any bank accounts and credit card statements, as there could be indications of ID fraud.

Colin Tankard, Managing Director of data security company, Digital Pathways, suggests, that this level of diligence can go on for a couple of years. Stolen data could be held for such a period until the ’heat goes down,’ with those affected forgetting about their details being taken, then the hackers strike.

Image of Colin Tankard, Managing Director of Digital Pathways    Colin Tankard, Managing Director of Digital Pathways

“If both of these brands had encrypted their data, they would not need to contact each customer as, under GDPR, if the data is encrypted, it is only the Information Commissioners Office (ICO) who need to be advised, as the encryption protects the data from being read.

“Data discovery tools can locate any sensitive data which has been created and stored within a network, even in back up tapes. And, such tools make a subject access request simple, as the name of the requester is used for the search and any relevant data is tagged and its location identified.

Click here to read the full article in Global Security Magazine

Implementing responsible AI from the start

Digital Pathways’ Colin Tankard looks at how we reap the rewards of AI while avoiding the risks.

Artificial intelligence (AI) and machine learning (ML) are two very hot buzzwords right now and often seem to be used interchangeably. They are not quite the same thing, but the perception that they are can sometimes lead to confusion.

Machine learning is a type of artificial intelligence (AI) that allows software applications to become more accurate in predicting outcomes, without being explicitly programmed.

AI is the process of simulating human intelligence, using machines, especially computer systems. The process includes learning (the acquisition of information and rules for using the information), reasoning (using the rules to reach approximate or definite conclusions) and self-correction.

In smart buildings, AI is already being used to control the environmental needs of the people working within the building. For example, monitoring the volume of people in any area and using this intelligence to decide if ’air-con’ should be switched on or if the lowering of shades or opening of windows will suffice.

Another example is the controlling of the smart building environment outside of hours, by counting the number of people in the building, or noting when unusual events happen, and acting accordingly.

All of this, and more, is with us today and will continue to expand into our daily business and personal lives.

Data security

Although the benefits look good, there is a fear that such AI programs could ’go rogue’ and turn on us, or be hacked by other AI programs. Hackers love artificial intelligence as much as everyone else in the technology space and are increasingly using AI to improve their phishing attacks. The need for innovative and robust data security therefore becomes even more important to the management of the smart building than it is at present.

Read the full article here in Smart Cities World

Tesla Feel The Heat Of An Insider Threat

Tesla, the luxury electric car maker, seem to have fallen foul of an insider threat episode, with Elon Musk, warning that a disgruntled staff member had altered the company’s IT system code, harvesting highly sensitive information and giving it to others.

Traditionally, the term ‘Insider Threat’ does indeed invoke images of malicious employees lurking in the shadows of an office attempting to steal company secrets or bring down the system. The reality is, that this form of ‘evil insider’ is infrequent at most companies, though clearly not Tesla, with instances of such threats occurring once in a ‘blue moon’. The real issue and biggest risk to confidential data, is the negligent employee, more commonly categorised as the ‘Unintentional Insider Threat’.

It is common that when a cyber security professional attempts to speak with C-level management about mitigating and even preventing the Insider Threat, the feedback they receive is along the lines of, ‘everyone here is happy. We don’t have disgruntled employees, so we don’t have to worry about Insider Threat!’

Perhaps that is true. But, if you ‘turn the conversation on its head’ and talk about the Insider Threat as unintentional threats; employees who make mistakes – inadvertently causing harm – executives listen.

A Verizon 2015 data breach investigation report showed that ‘Insiders’ are responsible for 90% of security incidents and of these 29% are deliberate and malicious whilst 71% are unintentional, with misuse of systems, log-in/log-out failures, with cloud storage leading the way.

There is no doubt that organisations that understand, address & focus on minimising the damage from the Insider Threat, are going to be the companies that win. And, remember, even if your technologies are not obsolete, you will still need to augment your security protocols for Insider Threats and Unintentional Insider Threats.

Read the full article here in Global Security Magazine 

Streamlining data discovery

Understanding what unstructured data exists in the enterprise is not easy. Massive volumes of documents, spreadsheets, presentations and emails are typically scattered about an organisation.

With no real tools to manage it based on business value, it accumulates with no end in sight. The easy option is to buy more storage but that doesn’t fix the problem. Continue and you have hundreds of terabytes or petabytes of unstructured user content with no way to classify and manage the data according to its value. But by breaking it down into multiple iterative steps, starting high and working down to a level of detail to satisfy all stakeholders, order can be achieved.

Read the full article in Network Security Magazine here on page 20

Defend at all costs!

Legal sector must ‘step up a gear’ in Cyber technology.

Hackers view the legal sector, which tends to store and process critical and invaluable information, as a potential weak point in the cyber security chain and are constantly pursuing different ways to access legal organisations, both large and small. It is high time that the business of law makes cyber security its absolute priority to ensure its present and future is well – protected from the ruthless criminals out there ready to attack at every given opportunity. It is time the legal industry brought these cyber criminals to justice.

Read the full article in Intercontinental Finance & Law here on Page 21

 

How to keep a hacker out of your computer: The security of your data is vital – use our guide to stay safe

In the wake of the meltdown at TSB and the harvesting of personal information from Facebook, people are increasingly nervous about managing their finances online.

Here, The Mail on Sunday looks at how safe our data is and what we can do to protect ourselves from scams and fraudsters.

ACT ON NEW DATA PROTECTION LAW

A shake-up of data protection rules is being introduced this month aimed at changing the way companies handle personal information given to them.

Under a new ‘general data protection regulation’, it should be easier to control how our details are shared. This includes financial facts – such as where we bank, our account numbers and sort codes.

To read the full article in the Mail on Sunday

Cyber Security Company of the Year – Digital Pathways: Securing your data

Business and Industry Today is extremely proud to present Digital Pathways with our Cyber Security Solutions Company of the Year Award.
Established in 1996 by Managing Director, Colin Tankard, Digital Pathways is reputable for their award-winning and ground-breaking data security solutions that help businesses improve and protect their digital assets. Grounded in Harlow, Essex, Digital Pathways has over 20 years in the cybersecurity arena and work with some of the largest blue chip names across Europe. They specialise in encryption which is the foundation technology across all legislation, regulations and good
security practice.
Read the full article on page 32 here

Network security in the age of the internet of things

Wireless devices and smart technologies are increasingly being brought into the workplace, and pose a growing risk to company data

The internet of things (IoT) is a comparatively recent invention. Ten years ago, we only worried about protecting our computers, and it was only five years ago when we needed to protect our smartphones. Now we need to consider protecting our fridges, heating systems and industrial machines in order to safeguard company networks.

The IoT is growing quickly. Researchers estimate that by 2020 the number of active wireless-connected devices will exceed 40 billion. These devices are becoming an increasingly attractive target for criminals, as more connected devices mean more attack vectors and possible vulnerabilities.The IoT is growing quickly. Researchers estimate that by 2020 the number of active wireless-connected devices will exceed 40 billion. These devices are becoming an increasingly attractive target for criminals, as more connected devices mean more attack vectors and possible vulnerabilities.

Read more

Sharing a Data Protection Officer

The General Data Protection Regulations, which comes into force shortly, requires the need for a Data Protection Officer…

As we all know by now, the General Data Protection Regulations, the process by which the European Parliament intends to strengthen and unify data protection for all individuals within the European Union (EU), as well as addressing the export of personal data outside of the EU, comes into force on May 25th of this year.

One of the many requirements of the legislation is the need for a Data Protection Officer (DPO). This person assumes the role of data protection expert and deals with any data protection queries. It is a high-level position requiring grounding in both national and European data protection law and practice, as well as a thorough understanding of GDPR. Read more