How to Solve the Five Biggest Email Security Problems
By now we all know that if email is not properly managed, it can cause major security headaches, including infected machines, system downtime and embarrassing data breaches. With nuisances such as spam being mostly blocked by anti-spam products, organizations need to focus their attention on other major security issues that are being less successfully defended against. But what are the biggest email security problems that companies face today and how can they be solved? This article discusses how to solve the five biggest email security problems, including the five biggest email security problems that are facing companies today. It also provides tips and advice on software that can help you better protect your company against email threats.
Monday, August 31, 2015
Monday, August 17, 2015
Protect Your Data: Top Ten “Need to Know” Tips
Protect Your Data: Top Ten “Need to
Know” Tips
With breaches happening on an almost daily basis, it's
critical to establish rules and processes to keep your data safe and
secure. The following tips, designed to
help you build a sustainable path towards data security, were inspired by the
FTC.
Don’t Make Security
an Afterthought
Think before you collect.
Is it necessary and does it add value to capture personal, sensitive
information from your customers and prospects?
Or does it just open up additional risk?
If you absolutely need to collect sensitive information, don’t hold on
to it longer than necessary. Set an “end
date” and follow through with securely destroying the info. Security shouldn’t be reactive but proactive.
Stay in Control
If you need to hold on to sensitive data (it’s a business
must), then how do you keep it safe from prying eyes – both inside and outside
your organization? Answer: limit
access. Does your summer intern need
wide-open access to corporate IP to do her job?
Probably not. Implement a system for periodically reviewing entitlements
to ensure people only have access to the information they need. Your auditors
will thank you.
Passwords and
Authentication, Please
You’ve got sensitive data and want to keep it safe.
Requiring complex passwords (by the way, “password” is NOT complex) that
include multiple elements (caps, numbers, minimum characters) and changing them
on a quarterly basis makes it hard for hackers. Even better: require two-factor
authentication, disable access after a specific number of failed login
attempts, and protect against authentication bypass to really “up” the
proverbial ante.
Share It Securely
Sure, your internal network is secure. But what if you need
to share your data outside the firewall? One way to do this securely is with a
data file sync and share solution that works with your existing permissions and
authentication infrastructure.
Who’s Knocking on
Your Door?
Do you know who is accessing what computer at all
times? Probably not. So protect yourself
– and your sensitive data – in a separate, secure place on your network. Limit access. Even better, continuously
monitor your file access activity with a solution that makes it easy to see and
address suspicious, unusual behavior before it’s too late.
Remote Control
Isn’t telecommuting great? It allows employee freedom and
increased productivity. But it can be a security nightmare. The key idea is to
allow remote connections, but restrict the ability to re-login to other desktop
and servers. We really want to make it difficult for hackers to leapfrog around
your network. This can be accomplished by enhancing security of the Remote
Desktop feature in Windows. You can read more about how to do it here.
Keep It Under Wraps
Is your organization developing a hot new product or
solution? Have you thought about how your customers will use it and whether it
needs to be secure? Make sure your developers are up to scratch with Privacy by
Design principles, and the latest best practices in safe coding. In addition,
know thy platform security guidelines – no need to recreate the wheel. Finally,
testing is key! While not every threat
can be anticipated, testing for common vulnerabilities ensure security at the
gate.
Who’s Got Your Back?
You probably work with service providers and other
contractors. But do they share your passion for security? Make sure your
standards are being met by including your security requirements (for example,
encryption, two-factor authentication, data retention limits) in contracts and
service-level agreements. Remember to stay active and always monitor your
controls to ensure that your security expectations are followed and your users
aren’t inadvertently exploited.
Make a Plan, Stan
You’re secure – for now.
Unfortunately, security isn’t static and so to remain compliant you’ll
need to stay on top of your systems and technology. This means making a plan that includes
monitoring third party software, performing updates, and faithfully
implementing patches. In addition, pay
heed to security warnings and notifications!
Develop an action plan! If a vulnerability has been exposed, be
proactive and take the steps necessary to protect your data!
Physical Security
Network security is critical. But what about computer
hardware, as well as paper files and all the miscellaneous stuff that makes up
a typical office environment? Does your company have a security policy for the
non-virtual world? Rule #1: keep important papers and other physical IP in a
secure place (locked file cabinets, secured server rooms, etc.). Laptops should have secure-login and
hardware-level password protection set. What about old computers, servers,
tapes, and disk drives? What may appear
as trash to you could be a gold mine to hackers.
Monday, June 29, 2015
How Can Hospitals Protect Their Medical Equipment from Malware?
The challenges in protecting hospitals from cyber attacks are very similar to those faced in ICS and SCADA environments; the equipment used in hospitals is not user-serviceable and therefore often running out-of-date software or firmware. This creates a dangerous situation. The medical industry isn't alone in fighting this threat. As this article explains, they don't have to invent new techniques for preventing infection, they simply need to adapt the proven strategies employed by other industries.
Thursday, June 25, 2015
GAO: Recent Data Breaches Illustrate Need for Strong Controls across Federal Agencies
Seems obvious, doesn't it? The GAO has identified a number of challenges federal agencies face in addressing threats to their cybersecurity. In an effort to bolster cybersecurity across the federal government, several government-wide initiatives, spearheaded by the Department of Homeland Security (DHS) and the Office of Management and Budget (OMB), are under way. While these initiatives are intended to improve security, no single technology or tool is sufficient to protect against all cyber threats. Rather, agencies need to employ a multi-layered, "defense-in-depth" approach to security that includes well-trained personnel, effective and consistently applied processes, and appropriate technologies.
Wednesday, June 24, 2015
86 Percent of Energy Security Professionals Believe They Can Detect a Breach on Critical Systems in Less Than One Week
Tripwire survey compares cybersecurity views of 400 energy executives and IT professionals
PORTLAND, Ore. – June 25, 2015 – Tripwire today announced the results of a survey conducted by Dimensional Research. The survey examined the views of over 400 energy executives and IT professionals in the energy, oil, gas and utility industries on cybersecurity and compliance initiatives. Overall, energy security professionals were extremely confident in their ability to detect a cyberattack on critical systems, with 86 percent stating they could detect a breach in less than one week.
The Tripwire survey found that 49 percent of all respondents believe their organization could detect a cyberattack on a critical system within 24 hours. Energy executives were found to have the highest levels of confidence, with 61 percent claiming their organization could detect a critical system breach in less than 24 hours. However, according to Mandiant's M-Trends 2015 report, the average time required to detect an advanced persistent threat on a corporate network is 205 days, and in the 2015 Data Breach Investigations Report, Verizon reported that 66 percent of cyberattacks took months to detect.
"Cybersecurity within energy companies is stronger than it has ever been, yet growing bodies of evidence indicate that it's still far too easy to compromise the energy infrastructure," said Mark Weatherford, principal at The Chertoff Group. "Confidence at the executive level is certainly critical and necessary for success, but over-confidence can lead to a potentially dangerous false sense of security. Interestingly, a survey conducted last year by the Ponemon Institute found that 31 percent of 160,000-plus IT security professionals in 15 countries never speak with senior company executives, which might explain why Tripwire's survey found that energy executives have such a high level of confidence in their organization's ability to detect a critical systems breach. Therefore, it's a legitimate question to ask if executive confidence is misplaced."
Additional findings from the Tripwire survey include:
• 94 percent of executives agree that their organization is a target for cyber criminals.
• 83 percent of respondents believe a cyberattack could do serious physical damage to their infrastructure.
• Only 3 percent of respondents believe it would take more than one month to detect a cyberattack on a critical system.
"Cybersecurity in the energy industry is focused on protecting the availability and reliability of the critical infrastructure on which our nation relies," said Rekha Shenoy, vice president of business and corporate development for Tripwire. "The good news is that energy organizations are increasingly aware of cybersecurity risks and are investing more resources into reducing these risks. The bad news is that many of these organizations are still underestimating the sophistication, persistence and evasive technology of the attackers who are targeting them. The reality is that most organizations need a continuous view of their entire attack surface in order to detect a breach quickly and respond before damage is done."
PORTLAND, Ore. – June 25, 2015 – Tripwire today announced the results of a survey conducted by Dimensional Research. The survey examined the views of over 400 energy executives and IT professionals in the energy, oil, gas and utility industries on cybersecurity and compliance initiatives. Overall, energy security professionals were extremely confident in their ability to detect a cyberattack on critical systems, with 86 percent stating they could detect a breach in less than one week.
The Tripwire survey found that 49 percent of all respondents believe their organization could detect a cyberattack on a critical system within 24 hours. Energy executives were found to have the highest levels of confidence, with 61 percent claiming their organization could detect a critical system breach in less than 24 hours. However, according to Mandiant's M-Trends 2015 report, the average time required to detect an advanced persistent threat on a corporate network is 205 days, and in the 2015 Data Breach Investigations Report, Verizon reported that 66 percent of cyberattacks took months to detect.
"Cybersecurity within energy companies is stronger than it has ever been, yet growing bodies of evidence indicate that it's still far too easy to compromise the energy infrastructure," said Mark Weatherford, principal at The Chertoff Group. "Confidence at the executive level is certainly critical and necessary for success, but over-confidence can lead to a potentially dangerous false sense of security. Interestingly, a survey conducted last year by the Ponemon Institute found that 31 percent of 160,000-plus IT security professionals in 15 countries never speak with senior company executives, which might explain why Tripwire's survey found that energy executives have such a high level of confidence in their organization's ability to detect a critical systems breach. Therefore, it's a legitimate question to ask if executive confidence is misplaced."
Additional findings from the Tripwire survey include:
• 94 percent of executives agree that their organization is a target for cyber criminals.
• 83 percent of respondents believe a cyberattack could do serious physical damage to their infrastructure.
• Only 3 percent of respondents believe it would take more than one month to detect a cyberattack on a critical system.
"Cybersecurity in the energy industry is focused on protecting the availability and reliability of the critical infrastructure on which our nation relies," said Rekha Shenoy, vice president of business and corporate development for Tripwire. "The good news is that energy organizations are increasingly aware of cybersecurity risks and are investing more resources into reducing these risks. The bad news is that many of these organizations are still underestimating the sophistication, persistence and evasive technology of the attackers who are targeting them. The reality is that most organizations need a continuous view of their entire attack surface in order to detect a breach quickly and respond before damage is done."
Friday, June 12, 2015
Amazon Themed Malware Targets Crypto Currency
AppRiver issued a warning about a stream of malicious emails attempting to pose as legitimate Amazon purchase confirmations but that actually injects malware, identified as the Fareit malware family. Once unleashed, it begins pilfering the target machine for just about every type of Crypto currency in existence.
Troy Gill, manager of security research at AppRiver confirms, "Over the past week we have been monitoring (and blocking) a stream of malicious emails attempting to pose as legitimate Amazon purchase confirmations. The messages simply state that ‘your order has been confirmed’ and contains a small amount of details. The user being targeted is directed to an attached .doc file for the shipping and tracking details."
In order for the .doc (MD5sum=998692c0e93d4821c069aa96ddff800c) to actually infect the user’s machine they must have Macro’s enabled for MS Word.
Troy continues, "The malware contained in these messages is identified as part of the Fareit malware family. This family of malware is often distributed via Word documents with malicious macros embedded and has been known to drop multiple malware variants on the target machine. In this particular case the malware quickly goes to work attempting to steal the Outlook password along with website passwords from various browsers such as Firefox, IE, Chrome and Opera. It then attempts to harvest account credentials for a lengthy list of FTP and multiple file storage programs. In addition it begins pilfering the target machine for just about every type of Crypto currency in existence. This behavior (stealing Crypto currency) is something we have been seeing with more frequency as of late. The anonymous nature and lack of regulation in the Crypto Currency market make it more akin to stealing actual cash than to committing wire fraud by raiding someone's online bank accounts. But in this case the cybercriminals are okay with that, too. The last observed behavior was to drop a copy of the Zeus Trojan to be used to capture and steal bank related information."
Thursday, June 11, 2015
'Zombifying' Cyber-attack Could Affect +50 Million Internet Users
More than 50 million people per month could be at risk of a mass-scale 'malvertising' cyber-attack that turns computers into Zombies, according to researchers at Websense, reports Lara Lackie of Eskenzi PR. The attack routes through advertising platforms to target popular websites, with researchers noting breaches on Bejewelled Blitz on Facebook, CNN Indonesia, the official websites of Prague Airport and RTL Television Croatia, as well as Detik and AASTOCKS.
It was discovered that the attack utilizes open advertising platform OpenX, which sees up to 100 billion impressions per month, to compromise and inject malicious code which is spread to multiple websites. The injected code leads to a redirect which has been seen to lead to the highly prevalent Angler Exploit Kit, which exploited the latest Adobe Flash Player vulnerability (CVE-2015-3090), distributed CryptoWall 3.0, Bedep and Necurs, as well as a Trojan known as 'Bunitu.' The Bunitu malware dropped by Angler 'Zombifies' computers, by causing infected machines to act as a proxy. This enables it to be used for subsequent malicious activity and allows cybercriminals to hide behind legitimate users’ machines to avoid detection by the authorities.
Carl Leonard, principal security analyst at Raytheon|Websense, said, "Advertising networks are an increasingly popular focus for cybercriminals, as they open up avenues to infect millions of users with minimal effort. The growing nature of evasion, stealth and variation employed in the malicious code means that it's more important now than ever to deploy a security solution capable of stopping threats at multiple points in the kill chain."
TK Keanini, Lancope CTO, added, "I think this quote from Websense says it all, and let me call out a few things here to highlight the salient points.
"These methods are popular for cybercrime because they require minimal effort, which means lowering their operational costs. We, in turn, need to ensure that we are doing everything thing to raise their operating costs. Business leaders understand these economics, and until we treat this as a business problem, cyber crime will continue to operate at a low cost and high profit meaning their business is growing and they are expanding.
"He also says that we need to do everything to stop their operations along the kill chain. This kill chain terminology limits us in our discussion, and I prefer to call it the attack continuum because then we can, in the same thought process, speak about a defense continuum which describes perfectly the strategy we must instrument and operate. The defense continuum captures the defender's tactics, techniques and procedures that raise to the cost to the attacker's operation and objectives."
Subscribe to:
Posts (Atom)