A Gathering of Big Data & Smart Cities Experts in Singapore

SINGAPORE,  – Experts from the Big Data & Smart Cities related industries have recently gathered at Marriott Singapore Tang Plaza for the BIGIT Technology Singapore 2016 featuring the 3rd Big Data & Smart Cities World Show conference. The two-day conference, sponsored by HPE (Platinum Sponsor), Cloudera, Marklogic and Talend (Gold Sponsors), saw a gathering of about 100 attendees from local and overseas including Singapore, Malaysia, USA, Spain, China, Korea, Saudi Arabia, Australia, India and the Philippines with the same objective and mission – to gain comprehensive learning experience related to Smart Cities and build interactive network with global ICT leaders.

This 3rd Big Data & Smart Cities World Show with the theme, “Shaping the Future with Big Data and the Internet of Things towards Building a Smart City” highlighted significant key areas of Big Data and Internet of Things (IoT) in changing businesses and people’s lives in line with the implementation of Smart Cities. With a total of 23 Speakers from various fields, 14 case studies and 4 panel discussions shared during the conference, attendees also had the chance to learn and explore the latest technologies used to build smart cities with the implementation of big data analytics and IoT. Our attendee summed up the event with the feedback: “Thanks a lot for getting me an opportunity to witness the future. I thoroughly enjoyed the event and have gained lot of insights.”

Olygen, the event organiser will also be kicking off its third event this year, known as BIGIT Technology Malaysia 2016, which will feature two concurrent conferences: the 4th Big Data World Show and Data Security World Show and the BIGIT Exhibition on 19th and 20th September at KLCC Convention Centre, KL Malaysia. Co-organised by Multimedia Development Corporation (MDeC) – Malaysia’s government agency leading the national Big Data Analytics initiative, the event will be the Anchor Event of the Big Data Week Asia 2016. To find out more about BIGIT Technology Malaysia, please visit: http://bigittechnology.com/malaysia2016.

For more information, please contact:

Chia Li, Teh
Tel          : +603 – 2261 4227
Email     : enquiry@bigittechnology.com

BIGIT_MY Web Banner 300x200

 

(116)

Share

10 Facts You Need to Know About Data Breaches

By Deborah Galea, manager, OPSWAT

2014 was dubbed as ‘the year of the data breach’. With many new data breaches dominating the headlines in 2015, including Anthem, the White House, banking attacks, and the latest employee data theft at the US federal government, one can only imagine what the name for 2015 will be: the year of even more data breaches?

According to the Ponemon Institute, 43% of companies experienced a data breach in 2014. Not only is the number of data breaches rising, the number of records stolen per breach is increasing as well as the cost per stolen record. It is apparent that current security measures are not sufficient to protect organisations from data breaches.

The SANS Institute reports that a whopping 95% of all attacks on enterprise networks gained entry through a spear phishing attack. A spear phishing attack is an email targeted at specific individuals that are engineered to look legitimate and fool even tech-savvy users. The email has a malicious attachment or link that when opened installs malware and tries to gain system access.

Clearly, spear phishing attempts are sometimes able to get past traditional spam filters and antivirus engines. No single antivirus engine will be able to block every threat. However, by deploying multi-scanning with multiple antivirus engines, the different detection algorithms and heuristics of each engine can be combined, which significantly increases the malware detection rate for known and unknown malware. Other technologies such as data sanitization and file type verification can also prevent threats that may go undetected by antivirus engines.

Below, we have highlighted the top 10 most interesting, remarkable, and troubling facts about data breaches:

Number of stolen records up 78% in 2014

According to the 2014 Breach Level Index by Gemalto, one billion records were compromised in 2014 in more than 1,500 data breaches; a 78% increase compared to 2013.

Cost of data breach rose 23% since 2013

The total cost of a data breach increased 23% since 2013, as reported in the Ponemon Institute’s Annual Cost of Data Breach Study. In 2015 the average cost per lost or stolen record is $154.

Most costly breaches in US and Germany

The Ponemon Institute reports that the most costly breaches are in the US ($217 per record stolen) and Germany ($211 per record stolen).

Healthcare highest cost per stolen record

The cost of stolen healthcare records can be as high as $363, according to the Ponemon Institute. Healthcare records are more valuable than stolen credit card details since credit cards can easily be cancelled, but fraud using a person’s medical records is much more difficult to stop.

Identity theft most common motive

Gemalto’s research shows that the majority of data breaches are now perpetrated for the purpose of identity theft rather than stealing credit card information. In 2014, 54% of data breaches were motivated by identity theft, compared to 20% in 2013. In 2014 only 17% of data breaches were for financial access, down from 50% in 2013.

Malicious outsiders behind majority of attacks

The 2014 Breach Level Index by Gemalto reports that 55% of the data breaches were perpetrated by malicious outsiders, 25% were due to accidental loss, and 15% were committed by malicious insiders.

95% of breaches start with phishing attack

According to Allen Paller, director of research at the SANS Institute, 95% of all attacks on enterprise networks gained entry through a spear phishing attack. A spear phishing attack is an email targeted at specific individuals that is engineered to look legitimate and fool even tech-savvy users. The email either has a malware-laced attachment or a malicious link that when opened installs malware and tries to gain system access.

Traditional spam filters cannot detect spear phishing attacks

Most spam filtering products detect spam by checking black lists and known spam. However spear phishing emails are composed with considerable effort and target only a small number of individuals, therefore staying under the radar of traditional spam filters.

A single anti-virus engine is not enough to protect against all threats

With 450,000 new threats emerging daily, a single anti-virus solution is no longer going to cut it. By scanning email attachments and web content with multiple antimalware engines you are multiplying the chance that known as well as unknown malware is detected, speeding up protection against outbreaks, and protecting against threats designed to exploit vulnerabilities in specific engines.

Question is not if, but when

Data breaches are becoming more prevalent and more sophisticated. Suffering a breach is no longer a question of if but when. It is important that companies start increasing their security defences.

Read more about how to protect against spear phishing attacks and data breaches: https://www.opswat.com/blog/prevent-spear-phishing-attacks-improved-email-security

(1444)

Share

Russian-Speaking Hackers Tap Satellite Internet Connections

A group of sophisticated Russian-speaking hackers is exploiting commercial satellites to siphon sensitive data from diplomatic and military agencies in the United States and in Europe, as well as to mask their location. The group, which some refer to as Turla, after the name of the malicious software it uses, also has targeted government organisations, embassies and companies in Russia, China and dozens of other countries, as well as research groups and pharmaceutical firms. Security experts have commented as follow;

Ian Pratt, CEO and co-founder, Bromium:

“Whereas ISP’s can trace IP addresses associated with ADSL or cable modem connections to a within a few streets, broadband from geostationary satellites can cover whole continents, with the ISP having limited ability to locate where a particular access modem is — though techniques such as those developed in the search for Malaysia Airlines flight MH370 are potentially able to give rough areas. Hacking groups have frequently used satellite broadband for hosting key components of their infrastructure, but this has typically been done by purchasing a regular subscription under a false identity. Although there was little chance of law enforcement being able to track down the physical location of the satellite modem, once the IP address had been identified as hosting malicious content it would be straightforward for the satellite ISP to block the modem and remove it from the network. An even better covert technique is to effectively clone the access modem of an existing legitimate satellite broadband customer. Due to a lack of cryptographic authentication in most satellite broadband systems this can be done without having physical access to the victim’s modem and can be done just by listening to other traffic and then reprogramming an existing modem. Using a cloned modem makes it harder for the ISP to block the traffic since it would impact a legitimate user, and the miscreants can simply switch to cloning a different legitimate user’s device. Strong authentication of access modems using a key unique to each device is the only way to block this kind of attack, but can only realistically be done for new deployments.”

TK Keanini. chief technology officer (CTO), Lancope:

“If there was any question to the level of game play required in this day and age, here is your wake up call. We in security are always accused of spreading FUD, but this is the reality of the connected world we live in.  Even as an expert, I read news like this and it makes me anxious – and so it should. These are talented well-funded threat actors whose job it is to not make the news; so when one does, consider them the sloppy ones.”

 

(335)

Share

The global capital markets are highly vulnerable to cyber attack…and Greece could be the warm-up

By: John Edge

Because my roles have always involved new technologies applied to existing markets, I’ve been trained to think about technology related governance and risk; now as I look to a future of affordable mass compute power and artificial intelligence driven threats, I can’t help but think of where the weak points may be.  And my hunch leads me to places where both manpower and system power may be depleted.  And there’s an obvious one right now.  The Greek capital markets.  My gut tells me that Greece could be the warm up for an attack on the system integrity of capital markets.

I know that this is an odd statement to make, given that capital markets do not have systemic risk weak points and are designed to be resilient to cyber attacks – theoretically invulnerable to all comers.  But, instinctively, we all know that this cannot be the whole story – that risk cannot be entirely eliminated and that where there is human life, things can go wrong.  So, the question is – how bad could it get?

The truth is: bad, very bad.  In theory, global collapse of hitherto unseen proportions.

Automation of the capital markets infrastructure started in the 80’s, as technology evolved.  Both performance and price created the opportunity to splice automated functions into what were once manual processes. This concept of splicing is essential to understanding where we are today, in that we did not design for an end goal, we designed for what worked in the here and now.

As such capital markets grew organically from a technology point of view, with layer after layer of systems being built, duplication and overlap were created, whereby systems ran out of capability and were patched back together or replaced, often partially,

Throughout the 90’s and early 2000’s the rate of adoption of technology accelerated, driven by the relentless hustle to hit quarterly targets. Machines were built to trade millions of times a second, competition for trading flow at the exchange level was opened up, so exchanges were driven to advance their technology to stay competitive, which meant more machines were built. The cycle has continued at this pace and now extend to retail and commercial banking, with digital demand from customers driving the transformation of these markets.

Then we introduced cloud computing, which offered the opportunity to increase performance and scalability whilst reducing cost. So markets took a complex organic system and started to distribute it, across internal and external data centers plus service providers. Vendor technologies exploded in popularity; the age of ‘FinTech’ was born, bringing substantial advantages to market participants. Marvelous progress indeed.

However, much as it’s a downer – sometimes the ‘bear view’ needs to be considered.  What does the bear view show us?

Starting with the basic truth that old code often has holes in it and modernizing code is essential to system health.  Ah ha – you say – simple.  Just modernise the code, and everything will be fine.  But here’s the rub: Modernising code costs money.  Which eats into quarterly returns, making it somewhat unattractive to those who make the decisions. “Heigh-ho,” they may say.  “Let’s just hope the thing doesn’t break down on my watch.”

The next layer up is the compilation of the systems and the architectures in place; were they designed for entities with malicious intent? Entities armed with, thanks to a Mr. Moore and his law, low cost massive computer power?  The answer is, of course not.  Some of the newer types of cyber attack couldn’t have been conceived of when these systems were build.  That’s criminal ingenuity for you.

So, with aging code bases and system architectures not designed to resist the kind of power modern cyber threats at large have, we at least have well trained teams operating in a coordinated fashion globally to manage this fragile ecosystem. Oh wait, nope… we don’t have that either.

For a “mini” taste of how things can go wrong, there’s the bankruptcy of Knight Capital, caused by a rogue algorithm, a human ‘non malicious’ error that went undetected, which turned the largest trader in US equities into rubble in a little under a week.  Then there were the SIP issues with NASDAQ that shut off that market, and all other markets, for a large part of a trading day. Most recently we have seen glitches with NYSE.

All three of these crises, which were nothing on what could happen on a global scale, were created by human error and are in practice being addressed through Reg SCI. These incidents are indicative of what occurs when critical systems fail in capital markets. The elephant in the room is the possibility of a malicious attack.  Because that’s going to be worse than anything human error could cause.

Let’s, for a moment, create a nightmare scenario.  How could that come about and what would be the effect?

Imagine a powerful group looking to insider trade, which is trading with non-public information.  This group decides to create the non-public information by shutting down a stock exchange for two days. The night before the attack the group buys options contracts that will pay off, if the market moves down. When they shut down the market for two days, panic ensues and the market “sells off”.

Of some comfort is that the fictional baddies might be deterred by the fact that if the plan could go horribly wrong for them – the futures position may go against the intent and lose the monies deposited as margin.

Currently, all businesses in Greece are suffering a high amount of disruption. What we know is that often it is human error that causes problems, rushed code releases and poor processes creating production issues. The duress being suffered by business operators in countries such as Greece could increase the likelihood of human error.

But on top of this, opportunistic criminals could use these markets as a training ground – a ‘cyber attack gym’.  The functional layout of capital markets is roughly the same everywhere, although the volumes change significantly between countries. Could the current Greek crisis present an opportunity for practices attacks, and would the operators, in the current state of chaos, even know this was occurring?

There are global automated market places that have not trained enough people to operate information security defenses. Systems have been developed to aid humans in the management of security perimeters, however standards and processes have not yet been developed for many smaller market places.

On top of these challenges there is the issue of system re-engineering, the moving from the organic spaghetti infrastructure to an infrastructure designed for today’s environment. Which all comes down to budget.

Chewing the fat with my friend and colleague Alexei Miller, a managing director at global technology consulting firm, DataArt, he pointed out that chaos always begets criminal creativity and that Greece was that chaos. Cheaters, he said, will look for ways to circumvent capital controls.  He noted that if the Greek situation were happening in certain other countries (and he didn’t say which) and Europe was sending massive checks to keep them afloat, the biggest question would be how much of it would be stolen.

It is true that technology fosters spending accountability.  But when it is left to tick along, in the way the global capital markets technology often is in many places and organisations, it can be a force for evil.

Sleep tight.  Don’t have nightmares, now

 John Edge is an innovator and social entrepreneur in the digital economy, with a recognized expertise in financial technology and a track record of creating breakthrough business models by harnessing network capital to identify patterns created by market needs, inefficiencies and new technologies. With the mission to create value for individuals, corporates, investors and society.  He is an advisor to global technology consulting firm, DataArt.

(440)

Share

Bromium Black Hat Survey: Endpoint Risk Five Times Greater Than Network or Cloud

Bromium has released “Black Hat 2015: State of Security,” a survey of more than 100 information security professionals conducted at the Black Hat Conference 2015. The survey reveals issues with Flash and security patch management, with the majority of respondents citing the endpoint as the source of greatest risk. The report also highlights the risk of cyber attacks on critical infrastructure and an initial positive reception to Windows 10.

“One reason that the endpoint is the source of the greatest security risk is because of how difficult it is to balance security and productivity. For example, 90 percent of organisations would be more secure if they disabled Flash, but 41 percent would become less productive,” said Clinton Karr, senior security strategist, Bromium. “Traditional security solutions have proven ineffective at mitigating this dilemma, putting our critical infrastructure at significant risk.”

Key findings from “Black Hat 2015: State of Security” include:

The Endpoint Is the Source of Greatest Security Risk — The majority of information security professionals cited the endpoint as the source of the greatest security risk (55 percent). The second most common response was insider threats (27 percent). Network (9 percent) and cloud (9 percent) were selected less frequently.

Security Professionals Pan Flash — The overwhelming majority of security professionals believe their organisation would be more secure if it disabled Flash (90 percent); however, 41 percent believe disabling Flash would make their organisation less productive or break critical applications.

Implementing Security Patches Is a Challenge — The majority of organisations implement patches for zero-day vulnerabilities in software, such as Flash and Internet browsers, in the first week (50 percent first week; 10 percent first day); however, 22 percent take more than a month to deploy.

Critical Infrastructure Is at Risk of Cyber Attack — The majority of Black Hat attendees cited financial services (30 percent), energy (17 percent), healthcare (17 percent) and government (12 percent) as the verticals at the most risk of cyber attacks. Interestingly, financial services was also selected as the vertical that has implemented the best security practices (60 percent).

Windows 10 Improves Security, But Not Enough — The majority of information security professionals believe Windows 10 improves security (56 percent), but many (33 percent) believe these improvements are not enough.
 

“Black Hat 2015: State of Security” surveyed 101 information security professionals at Black Hat Conference 2015, in Las Vegas, Nevada, August 5 and 6, 2015.

Download the PDF “Black Hat 2015: State of Security” at http://www.bromium.com/sites/default/files/rpt-black-hat-survey-us-en.pdf.

(325)

Share

Phishing – the hook may be seen, but employees unlikely to report it

A survey of over 200 IT professionals at this year’s InfoSecurity Europe has found that, while almost 80% of organisations have a process for employees to report phishing emails to the IT/security department, most don’t. In fact, over half of those spoken with (52%) estimated employees report less than 25% of dodgy emails. Digging a little deeper revealed only 8% think that more than 75% of suspicious messages are reported.

 

This surprising statistic comes in the wake of countless recent phishing incidents surfacing in the media, with some incurring personal costs of almost £50,000. The study, conducted by Phish’d by MWR InfoSecurity – a fully managed phishing assessment service designed to maintain a heightened level of security awareness across an organisation, found that organisations are all too aware that email offers a passage into an organisations’  infrastructure with 64% believing it’s the weakest entry point that could result in the compromise of internal systems.

“I’m reassured by the high percentage of organisations that have a reporting process for phishing messages but somewhere along the line something is going wrong as employees simply aren’t using these reporting processes. The sad reality is that, while spam filters and anti-phishing software will prevent some of the nuisance messages landing in people’s inboxes, more targeted phishing messages are purposefully designed to avoid detection and usually get through to the intended recipient, even in companies using the latest technological controls. Ultimately, it comes down to employees to report targeted phishing attacks; so organisations need to ensure their workforce is educated and empowered enough to use the correct reporting process,” explains James Moore, senior security consultant of Phish’d.

James continues “Our experiences tell us that, if a phishing message does manage to coerce the individual into either clicking or downloading a payload, the malware it delivers will almost certainly slip in and then conceal itself. Once on the network, malware can allow an attacker to start spreading out across a network; turning the compromise of one users’ workstation into a much larger issue. Of course, the ideal is for users not to be tricked in the first place but, assuming someone will be fooled, if other colleagues have reported the message the IT team can at least be aware that something may have got in and start tracing other likely points of entry to contain the damage and eradicate the infection.”

Even companies that have effective tools for reporting scam e-mails tend not to train their employees how to spot them, as only 45% of the companies questioned during this survey regularly train their staff to spot friend from foe in their inboxes. Organisations are often quick to assure their clientele that they keep data secure and stringently maintain their defences against cybercriminals – however this survey highlights that even businesses that have plans and processes to prevent phishing being used as an attack vector, the lack of implementation weakens defences.

To find out more about Phish’d, visit https://www.phishd.com/

(288)

Share

Carphone Warehouse victim of data breach

News broke just a few short hours ago that mobile phone giant, Carphone Warehouse, has been victim of a data breach where hackers gained access to the bank details of 2.4 million customers. Customers with accounts at OneStopPhoneShope.com, e2save.com and mobiles.co.uk may also be affected.

Commenting on this, Mike Spykerman, VP at OPSWAT, said: 

“The reality is that data breaches are no longer a question of if, but when. At least some of the information at Carphone Warehouse was encrypted, but still a lot of personal data was not. Data breaches often start with a spear phishing attack that evades detection from regular spam filters and single anti-virus engines. By using multiple anti-virus engines, the possibility that a spear phishing attack is detected is considerably higher. To avoid cyber attacks being successful, companies should prepare their defences by deploying several cyber security layers including device monitoring and management, scanning with multiple anti-malware engines, and advanced threat protection.”

Mark Bower, Global Director at HP Security Voltage further stated that:

“It’s a clear signal that contemporary data encryption and tokenization for all sensitive fields, not disk or column level encryption for credit cards, is necessary to thwart advanced attacks that scrape sensitive data from memory, data is use, as well as storage and transmission. Disk encryption protects data at rest, but it’s an all or nothing approach that leaves exploitable gaps: applications needing data have to decrypt it every time. Yet advanced attacks steal data in use and in motion. Another problem is that, while firms may focus on credit card data to meet basic PCI compliance, attackers will steal any sensitive data like account data, contact information and so on as they can repurpose it for theft. There are effective defences to this. Today’s new-breed of encryption and tokenization techniques can render data itself useless to attackers, yet functional to business needs. This technology, such as Format-Preserving Encryption, is proven in leading banks, retailers and payment processors who are constantly bombarded and probed by attackers. By securing customer and card data from capture over the data’s journey through stores, branches, databases and analytic systems, businesses can avoid unnecessary decryption required by older generation disk or database encryption techniques. Data can stay protected in use, at rest, and in motion, and stays secure even if stolen. Modern vetted and peer reviewed data encryption is infeasible to break on any realistic basis. Its a win-win for business, as it can be retrofitted to existing systems without complications and business change. Attackers who steal useless data they can’t monetize quickly move on to other targets.”

(388)

Share

How can cloud data accelerate forensic investigations?

Shahaf Rozanski, Director of Forensic Products at Cellebrite

Cloud data represents a virtual goldmine of potential evidence for forensic investigators. Together with mobile device data, cloud data sources often present critical connections investigators need to solve crimes. However, there are a number of challenges that investigators face when it comes to data retrieval from the cloud.

The overarching challenge is private data in the cloud. Private data in the cloud, as the term suggests, is private user data (i.e. data that the user has actively chosen to refrain from sharing publically) and there is, for good reason, a significant amount of ‘red tape’ that surrounds private user data. But what happens when the user in question is suspected of committing a crime?

To add to this, more and more data is being stored in the cloud as many companies, and indeed individuals, look to virtual methods of data storage, with enhanced flexibility and ease of access. This also correlates with the amount of users now on social media and with 38 million social media users in the UK – a staggering 59 per cent of the population – it is evident that during a criminal case, investigators simply cannot afford to neglect social data that is inevitably stored in the cloud.

Out of the 38 million UK social media users, 30 million of them (79 per cent) are using social media on their mobiles, which further highlights the importance of mobile phones in the retrieval of crucial evidence in criminal investigations.

Investigators need to be able to access this data when it is of paramount importance to a criminal investigation. The problem is that investigators may need to go to the service provider if they don’t have the permissions or capabilities to access the username and password to request this data, which can take time.

If you’re an investigative force requesting private data in the cloud from a company located in the same country as the investigation is taking place then it can take a few weeks to a few months to obtain this data. However, if you’re requesting the data from another country, bearing in mind the investigation is taking place in Europe, when most of the world’s major service providers are based in the US, then it can take up to a year to retrieve the data.

The time that it takes to request data relevant to a particular criminal case is a challenge in the sense that the actual timeline of an investigation is extremely important to the outcome of the case. The retrieval of evidence needs to be executed in the shortest possible time to ensure that nothing is missed in the evidence gathering process, and to ensure that the investigative team doesn’t run out of time when retrieving evidence.

There is also an issue with the records production rate of the cloud service providers due to the limited resources that these companies have to handle the large number of requests from law enforcement. In the UK, during the first half of 2014, Facebook and Google’s response rate was 70 per cent, while Twitter’s response rate was only at 40 per cent.

Another challenge is that of forensic data preservation. It is of vital importance that the case team retrieves and handles all private data sources with the upmost care and consideration. In the case of extracting evidential data from the cloud, investigators should feel confident that the information that was extracted from the cloud service provider is authentic, traceable and thus defensible in court.

However, the problem of accessing private cloud data in a timely manner for criminal investigations can be rectified with the use of mobile forensic technology. When a mobile phone is seized in criminal investigations, law enforcement can use technology such as the UFED Cloud Analyser, to access private-user cloud data by utilising login details that have been extracted from the mobile device of the suspect or victim. This private-user cloud data is extracted under the appropriate legal authority, be it a search warrant, written consent, or other authority as defined by legal counsel in the relevant jurisdiction.

The investigative process when using such technology to retrieve private-user cloud data involves a five step process:

1.     Seize the mobile device and begin a forensic extraction of data

2.     Decode cloud services login information from the extracted forensic copy of the device

3.     Forensically preserve private user data using login information from the mobile device or manually provided credentials

4.     Analyse and report data from different cloud data sources in a unified format

5.     Deliver data to additional relevant law enforcement and justice officials

The analysis and reporting of retrieved data in a unified format is a very significant step in this process. The data that is retrieved has to be understood by a range of investigators and legal personnel, many of who may not be well-versed in mobile forensic data retrieval.

This data may also have to be presented in a courtroom, where a jury might be present that will have to understand and digest the data that is being put in front of them. Again, the data must be in a format that can be understood easily so that people with little or no understanding of mobile data forensics can easily make a decision based on the evidential data that has been displayed to them.

The importance of cloud data in so many areas of everyday life means that law enforcement agencies simply must consider the pool of evidence that is stored in the cloud during criminal investigations. A failure to contemplate this data could easily result in missed opportunities to convict, and during live investigations the consequences could be far worse.

The ever-increasing use of mobile phones to conduct criminal activity in correlation with the vast numbers of social media users worldwide, is a clear indication that criminal investigators must be equipped with the latest technology to timely retrieve cloud data and react to all types of criminal; who use and abuse different channels to exercise their criminal activity.

(435)

Share

Last month in DDoS attacks – Protest and Activism

On the evening of July 26th, New York Magazine published what some may believe to be a controversial article regarding the alleged sexual assault victims of Bill Cosby. This particular piece included interviews from 35 women who have stepped forward with their allegations against the actor.  A few hours after the article was published online, DDoS attacks rendered the publication’s website unavailable for about a 12 hour time period. 

New York Magazine resorted to social media outlets to share the story in wake of their website inaccessibility.  The magazine is guessing to have lost about 500,000 unique visitors to their site due to the take down.

For those familiar with the world of digital media this is a major blow to traffic, clicks and ultimately online advertiser revenues. 

Also this last month we’ve seen reports that PlannedParenthood.org has also fallen victim to a DDoS attack, stemming from controversial videos published by anti-abortion hactivists. Today, visitors to PlannedParenthood.org are met with a static page with a message that reads: “our site is not available to due a hack by extremists.” Visitors looking for additional information and resources are directed to visit other Planned Parenthood web properties, including their official facebook page as an alternative. 

DDoS attacks are in no way a ‘new’ cyber threat that organizations should be wary of. In fact DDoS has been utilized as an attack tool for a decade or more for a wide range of motivations.  Ramifications of the damage are just as wide ranging as the attacks themselves: 

Revenue loss – Downtime affects the bottom line, directly and indirectly, and in principle, all types of damage could be rolled into this one. Effects vary widely across industries, and among firms within industries. 

Operational/Productivity loss – Network problems impact IT staff directly, and may impact some or all of the non-IT divisions. During full outages, workforce productivity comes to a halt. Troubleshooting, mitigation, and disaster recovery procedures are notoriously resource-intensive.  

Reputation damage – Your brand suffers if customers and business partners cannot access your site, become casualties of a breach, or simply experience diminished function or performance when interacting with your digital properties or online tools and assets. 

(296)

Share

Russia allegedly launches “sophisticated” attack against the Pentagon

NBC broke the news last night that Russia launched a “sophisticated cyberattack” against the Pentagon’s Joint Staff unclassified email system, which has been shut down and taken offline for nearly two weeks.

Andy Heather, VP EMEA at HP Security Voltage, commented:
 
“Cyber attacks are a real and present danger, whatever the source. The sophistication in advanced malware renders traditional security virtually impotent.
 
Current, traditional security technologies are ineffective, and both businesses and government agencies have to do more to protect sensitive information.These traditional technologies, including access and authorisation, AV and endpoint protection technologies, are not enough to protect information across its entire life-cycle, from the moment it’s created to the moment is consumed and deleted.  These current technologies are not providing the necessary means to actually protect data as the data moves throughout and across an organisation.
 
The only way that companies and government agencies can ensure that any sensitive data is comprehensively protected, is through a data-centric security program. This protects the actual data levels, rather than these traditional security technologies which focus on protecting the perimeter, which has long since failed to exist.
Organisations should be using data encryption as a means to protect their information.  Encryption should be used as a key mechanism within a data-centric approach, but encryption needs to be applied at the data level itself – not only on the database, or disk level, which are again simply point solutions.
 
Public and private sector organisations are leveraging cloud-based services, mobility and big data initiatives to manage, move and analyse sensitive data like never before.  Protecting the data itself through a data-centric strategy is the only way that these organisations can leverage these initiatives in a secure and protected way. 
The ongoing use of only traditional security technologies will simply lead to more data breaches, especially as cyber attacks increase in volume and malware sophistication A data-centric approach including encryption and, tokenization, is the only way for any organisation to secure the data from these continued attacks.”

(334)

Share