Archives For author

At Eskenzi PR, we believe PR is more than simply achieving press coverage. It’s about staying current in the industry and shouting about news that really matters. By sharing with the world your company’s voice and achievements around various social networks, we help keep you relevant, topical and in tune with the daily news discussion.

For our client FireMon, we send 3 stories in a twitter format (inclusive of hashtags and @’s) on topics relevant to the cyber security industry, which are then sent out periodically on the day from the company’s twitter channel. These can be tailored specific to the client’s own needs. We have also created a newsletter for FireMon to distribute internally which champions the week’s top coverage and the three top news stories from that week. This again helps increase overall viewership, shares of FireMon content and employee engagement.

In addition, any FireMon coverage obtained will be shared across Twitter and LinkedIn from members of the Eskenzi FireMon team to increase circulation and potential viewership. This helps boost FireMon’s overall Share of Voice which regularly pushes FireMon above their competitors. This is measured by our industry leading PR and social media analytics platform, TrendKite.

FireMon Overall Social Share of Voice comparison against competitors 1st January 2017 – October 31st 2017

Firemon case study

*Facebook, Twitter, Google+, LinkedIn and Pintrest are measured

Advertisements

TV is often considered the holy grail of PR, and one of the best ways for clients to really get noticed in the wider marketplace. As a result, we make great efforts to maintain regular contact and good relationships with TV producers for the various channels, and regularly get our clients interviewed on news programs offering comment about breaking news stories. But getting BBC Click to film and interview a handful of our clients at our offices for a special program about security was a rare highlight. Here’s how it happened…

Last May, as usual, we were busy contacting reporters in advance of the Infosecurity Europe trade show to offer interviews with our clients. We had managed to interest producers in speaking to a couple of clients but, as so often happens with TV, their plans changed at the last minute and we had to cancel. But we stayed in touch, and a few months later, we discovered that BBC Click was planning a special show about security to coincide with the annual DEFCON conference in Las Vegas. So it was a perfect opportunity to try and persuade them again to include some of our clients.

We had lengthy conversations with the producers about what they were looking for, and suggested some of our clients that might complement those storylines. As a result, the BBC Click team descended on the Eskenzi offices for an afternoon and filmed a series of our clients talking in-depth about pressing security issues. AlienVault and Cylance both discussed the growing availability of ransomware on the dark web, and demonstrated just how easy it is to purchase these exploits. Meanwhile, Positive Technologies demonstrated how easily a cash machine can be hacked via the Windows XP operating system that many of them use.

But the icing on the cake was persuading BBC Click to send a reporting team over to Newport, Wales, to film on location at Airbus CyberSecurity’s Security Operations Centre. The footage effectively captured the various services that Airbus CyberSecurity can offer, the types of customers that it works with, and the effectiveness of their SOC team at responding to global threats, like WannaCry. In short, it was a PR’s dream. Even better was the fact that, as a result of seeing the film, Airbus received an important inbound sales lead from a potential customer in the water industry.

The full program – Fear and Coding in Las Vegas – can be viewed here: http://www.bbc.co.uk/programmes/b08zqpm0

TelAvivAs a PR agency, we have one key indicator of our success: Coverage. If we can secure good quality, in-depth, and of course positive coverage for our clients, in relevant publications that complement their business goals, we can rest easy at night.

But how do we do this? All too often in the hyperconnected, globalised world of PR, we rely on sending clients comment opportunities which they then respond to for the media, who publish it. While this approach undoubtedly gets results, there are hundreds of other agencies across the globe playing the same game…So how can Eskenzi PR help their clients to get top quality editorial coverage, focused directly on them and highlighting their numerous successes?

One method which we’ve found success with in the past is to bring the media to the client, not the client to the media, in the form of press trips. This is a method which is particularly useful with an agency like Eskenzi, which has a client base with a global reach; It allows the opportunity to take press from all over the world to see our client’s expertise first hand.

One such trip is currently in the works with one of our clients, Imperva, to their offices in Tel Aviv, Israel. This press trip will be attending by influential tech journalists from all over the world, representing publications such as The Times, Dark Reading, The New Statesman, SC Magazine, The Times of Israel and Bloomberg.

Imperva, aside from being a major name in the global cybersecurity market, are also an invaluable player within the Israeli cybersecurity industry. Described as the ‘cybersecurity capital of the world’, Israel has been extremely proactive harnessing homegrown security talent in recent years, and huge brands like Imperva have provided invaluable support, advice and guidance to start-ups looking to succeed in the industry.

So, this press tour will allow Eskenzi not only to demonstrate Imperva’s expertise within their own company, but will also help to frame them as a force for good in the cybersecurity industry generally, helping to nurture and support the next generation of companies that will be striving to keep our data safe, and will also allow some of our key journalist contacts to enjoy a trip to a fascinating and fun location.

To find out more about Eskenzi PR’s latest press outing, watch this space!

The world of social media was rocked last week when Twitter announced that it would allow people to increase the length of their tweets from 140 to 280 characters. The move follows a trial among a small group of users during September, in response to criticism that it was not easy enough to tweet.

During the test period, only 5% of tweets sent were longer than the original length of 140 characters, and only 2% used more than 190 characters. But the social media site revealed that those who did use the longer tweets got more followers, better engagement and spent more time on the site, according to a blog post which detailed the findings.

But soon after the announcement was made, the Twitter backlash began, with newsfeeds quickly clogging up as people tried to experiment with the new format, often using up the characters with meaningless words and jokes. Many pointed out the changes they would rather have seen, such as a crackdown on hate crime, or the introduction of a chronological timeline and edit function.

But how could this change affect those of us working in PR? Twitter is another medium that we use to contact reporters about client news, and when we’re dealing with complex reports, then the additional characters might allow us to include a different angle or additional detail beyond the headline. The change should also be useful for social media analytics, giving us the potential to track influencers’ interaction with brands in a more meaningful way.

But the move could also spell trouble for consumer-facing organisations who deal with customer services on Twitter. Public complaints made in this way could soon become more detailed and potentially damaging for brands, and to diffuse potential crises it will remain key to respond quickly and take any damaging conversations offline where possible.

Any brand communicating with their customers via Twitter would do well to remember the Twitter backlash when the announcement was made. The platform has become popular as a micro-blogging site, and succinct communication is key – so it will be important to avoid any unnecessary words, and make every character count, to retain high levels of engagement.

Twitter currently has 330 million active users, compared to 800 million for Instagram and more than two billion users for Facebook. The change to 280 characters is part of Twitter’s broader plan to attract new users and increase growth.

If you’re in the security game, WannaCry is like celebrity deaths…You always remember where you were! I for one was in the office, frantically getting all the available information over to my clients so we could have a comment written, approved and pitched in a timely fashion.

Such was the same when the NAO announced at the end of October that the NHS could have prevented the WannaCry attack by taking simple cybersecurity recommendations. While this was admittedly terrible news for the NHS, it was great news for our Eskenzi clients! A nationally recognised government office, going on the record about the cybersecurity failings of another globally known, much-loved national institution was almost too good to be true. This is particularly useful for our clients as the report echoes the sentiments that expressed as the time of the original WannaCry outbreak back in May.

At this point, the Eskenzi ‘rapid response’ process ramped up a gear, with Eskenzi employees all over the globe mobilising to capitalise on the news, and allow our clients commentary to become a part of the news agenda around this story. Both the quality of the comments our clients can provide, and the speed and accuracy with which they are pitched to the media are all crucial factors to consider when dealing with a rapidly changing news agenda. Luckily for us, the combination of our excellent PR professionals and our clients’ sector-leading knowledge meant comments were quickly drafted and pitched from across the infosec spectrum. Some of our excellent client commentary on the subject is included below:

Javvad Malik, security advocate at AlienVault:

For many organisations, it’s not a matter of if, but when. Fundamental security controls and hygiene could have prevented, or at least minimised the impact of WannaCry on the attack. But perhaps even more telling is that while the Department of Health had an incident response plan, it was neither communicated nor tested. Without a clearly communicated and tested incident response plan, trying to make one up in the midst of an incident is a recipe for disaster.

It becomes increasingly important for all organisations of all sizes to invest in cyber security. It doesn’t necessarily need to be huge investments, but care should be taken that the fundamental security controls are put in places and validated, as well as testing an incident response plan.

Anton Grashion, managing director-security practice at Cylance:

“While it’s true that organizations could have prevented at least one recent ransomware outbreak through ‘basic IT security,’ such as regular patching, the fact remains that a treasure trove of weapons-grade malware has recently been made available to every variety of threat actor on the Dark Web. It’s easy to say that if recommendations were acted upon the effect would have been less, but there would still have been an effect because the initial malware infection had to be stopped as well – not something the recommendations covered.

“Regular patching is necessary, but not sufficient for preventing highly damaging cyber-attacks on networks. It’s still imperative for security teams to evaluate next-generation anti-malware technologies inside their own organizations to see what works best for their purposes against these increasingly sophisticated new malware types, which are regularly failing to be stopped by traditional security products. Indeed, there is still a large estate of aging operating systems in daily use in both public and private organizations and while it is advisable to migrate to more up to date versions it’s sometimes a decision on what else will be cut to upgrade. Better yet is to protect these platforms in the first place and buy some breathing space in which an orderly upgrade program can be executed when budgets allow.”

Stephanie Weagle, VP at Corero Network Security:

“Organisations operate un-patched legacy systems and no formal mechanism to effectively protect against the evolving landscape of cyber security threats is irresponsible.  Over a third of national critical infrastructure organisations in the UK (39%) have not completed basic cyber security standards issued by the UK government, according to data revealed under the Freedom of Information Act.  In order for the UK to become the safest place to do business, Critical Infrastructure must engage in cyber resiliency best practices, and proper security defenses.  To keep up with the growing sophistication and organisation of well-equipped and well-funded threat actors, it’s essential that organisations maintain comprehensive visibility across their networks, to instantly and automatically detect and block any cyber threat, including DDoS attacks.”

Edgard Capdevielle, CEO of Nozomi Networks:

“The National Audit Office’s report reminds us that cyber security is not optional, it needs to be part of regular operations. Clearly there is a high cost when regular IT system updates aren’t implemented and cyber security recommendations aren’t followed.

“Attackers continue to look for new and inventive ways to infiltrate organisations and infrastructure meaning global outages as Wannacry was able to realise could become increasingly frequent if left unchecked.

“The EU’s NIS Directive due to be implemented into UK law next May, those who fail to adequately protect infrastructure will be penalised financially.

“With ransomware – such as WannaCry, especially given its ability to reinfect connected devices, prevention has to be first and foremost. Applying artificial intelligence and machine learning for real-time detection and response, organizations can monitor for known malware infections and detect anomalous behavior that might indicate new malware variants enabling organization to rapidly discover and act to remove malicious code before harm is done.”

Gavin Millard, technical director at Tenable:

“In theory, Wannacry could have been easily prevented by deploying a freely available patch and restricting or removing a ubiquitous service called SMB from Windows systems that couldn’t be updated. In reality though, due to the complex networks in place, overlapping ownership of devices and systems that can’t be updated due to contractual issues with the suppliers, this was far from trivial to accomplish.

“To be resilient to further attacks of this nature, each of the NHS trusts has to ensure foundational security controls are in place and identify where improvements are needed. The UK government has already defined controls every critical infrastructure should follow with schemes such as Cyber Essentials and NIS. But to implement these guidelines effectively, investment is required into a public sector that is already severely lacking funds.

“As we become more reliant on IT systems for every aspect of our critical infrastructure, including healthcare, the impact of a major vulnerability affecting those systems shouldn’t be underestimated or the risks ignored. Putting in place a robust process for identifying all systems on the network and how vulnerable they are, are foundational security controls for a reason. Without this ability, networks will continue to be easily infected by ransomware like Wannacry”

For other coverage successes at Eskenzi, please go to

http://www.eskenzipr.com/Content/News-1-2/1_38/

By Conor Heslin, Account Executive at Eskenzi PR

Many of us now rely on open source software for almost every aspect of our daily computing needs, from our web browsers (Firefox) to email solutions (Zimbra) and content management systems (WordPress).  These solutions make computing much more accessible and save consumers considerable amounts of money – a 2008 report by the Standish Group states that open-source software has resulted in savings of about £48 billion per year to consumers.  But, what drives the open source revolution? Why do people adopt this software and what does this mean for security?

From a user-experience and performance perspective, open source software works in the same way as proprietary software. However, open source software gives its users the transparency to access its code and the freedom to copy, change or improve it. What this means for security is that more people are looking at and testing the code, so if there is a problem it is more likely to get noticed faster and fixed before it causes any serious harm. Indeed, as the fix will be publicly available, other organizations can adopt it and shield themselves from the same problem. Whereas, in closed sourced software, no one outside the organization knows about the bugs or problems discovered in their code and often, it could even take months for companies to release a patch.

Open source software can be used to help solve cybersecurity problems by enabling individuals to share their knowledge on security issues and collaboratively come up with solutions for them. And because these solutions will be publicly available this means that anyone can reuse or even improve them. A great deal of the cyber security problems we face today have occurred due to bad design or the lack of knowledge about potential security threats. However, by openly sharing existing knowledge about threats, OSS can certainly improve the security landscape.

Indeed, the key elements of open source software are its openness and transparency. And it is precisely the lack of secrecy that create trust in users, developers and the organizations themselves. For example, when it comes to something as simple as the use of encryption software, which helps secure information, email/text messages or any other type of online communication, users are more likely to trust an open sourced solution than one that claims their code is indestructible.

On the other hand, open source software tends to be less “user-friendly” and may require more technical knowledge than proprietary software, because it essentially doesn’t aim at generating money. However, learning about open source software and how both organisations and individuals can benefit from using can be crucial for establishing the security and privacy aspects in information technology. It’s definitely an area worth exploring!

By Elizabeth Nikolova, Account Executive at Eskenzi PR 

From tapping our contactless cards, to life saving machines, the rise of the selfie and every painfully slow computer update we sit through on a Monday morning, it is increasingly clear that technology is a fundamental component of our daily lives. Some of us love it, some of us not so much- but one thing is for sure, in some way, we all use it. As technological advances continue to amaze us (I’m looking at you, Sophia), and break boundaries that years ago, were pipe dreams, one thing is for sure- technology isn’t going anywhere (except maybe up- after all, the only way is up, right?).

Of course, this begs the question- if we do all use technology, then why are we not all represented in the work force? Gender diversity in the technology industry has long been a talking point. Research shows that, despite industry growth, over the last 10 years’ female representation in the industry has stagnated- only 17% of those working in the industry are female and when looking higher up the ladder, things aren’t that much better – only 1 in 10 are IT leaders. With only 7% of students taking Computer Science at A-Level being female, there is a clear need for action to encourage young women to pursue a career in the field of technology.

I caught up with Vicki Gavin- Compliance Director, Head of Business Continuity, Cyber Security and Data Privacy at the Economist Group to get a little bit more insight on this issue:

What issues do women currently working tech face?

I think that the biggest issue women in technology face is nature of the work environment.  In general, the environment in the core technology areas; support, infrastructure and development is very competitive.  The nature of the work is such that practitioners are being challenged in some way to work harder, smarter or faster.  Thus, practitioners are constantly having to prove both to themselves and to others they are capable.  Many people may find this sort of environment uncomfortable and choose not to do these sorts of roles.

Are there any signs of success/ progression towards a more diverse workforce in the tech industry?

The number of women choosing a career in technology is increasing overall.  As with all change the pace is slow but the numbers are increasing.  In fact they are increasing quite rapidly in the technology governance, and risk management functions.  Women are less well represented in the support, infrastructure and development teams, but I think this may be down to the work environment.  I think that those of us in the industry need to stop undervaluing the technical governance and risk management functions and start treating them as the technology roles they are.

How can the Industry encourage young women to pursue a career in technology or cybersecurity? Whose responsibility is it to do this?

Hiring managers need to ensure they do not introduce bias into an already limited candidate pool by identifying the minimum requirements for the role and when reviewing CVs look for reasons why each candidate might be able to do the job rather than looking for reasons not to hire.  Candidates can help themselves by writing a cover letter which summarises for the hiring manager how their skills match the job posting.

How would you sell your current career path to the younger version of yourself- what advice would you give yourself? What challenges would you tell yourself to expect?

My advice to everyone regardless of the career path they want to follow is to do what you love.  When you do what you love, you’ll love what you do and be pretty good at it.  Which will naturally lead to career progression.  A couple of cautions, don’t be a shrinking violet, volunteer to take on new responsibilities and don’t be afraid to tell people when you’re good at something.  Finally, while having a career plan is a good starting point, don’t be a slave to your plan.  Be bold, be prepared to take opportunities when they come your way.

By Michelle Marriott, Account Executive at Eskenzi PR

Stats from http://www.womenintech.co.uk/

We are now at the tail end of Security Serious Week 2017, which has been a fantastic period for building cybersecurity awareness. Kicking off today’s edition in our week-long cybersecurity series is Threat-Hunting Thursday and we have selected the great mind of Josh Mayfield, platform specialist, Immediate Insight at FireMon for an in-depth Q&A analysis looking at today’s threats, the evolving landscape within cyber and what defence systems are available to those who wish to stay on step ahead of attackers.

How would you define Threat and what are the differences between Threat, Risk and Vulnerability?

[JM] Threats are unique from vulnerabilities and risks because they express ‘intent’.  Threats come in many forms and sources, but the key marker for any threat is the intent to cause harm or damage.  Look at ransomware, malware, DDoS, data exfiltration…all of them begin with an intent to do harm.

 

Risk is simply a quantified metric of potential loss or damage.  Risk metrics are based on circumstance (internal or external) that can leave the organization or individual in a precarious position.

Financial services (banks) and healthcare, for example, are at greater risk because the circumstances of their business brings them into a cohort of organizations that are regular targets of cyberattack.  Organizations use risk to better understand the future, potential outcome of damaging events.  Factored into this equation are their current vulnerabilities.

 

Vulnerability is all about the susceptibility of harm.  If threats are exogenous factors of potential loss or damage, vulnerability is the endogenous side of that ledger.  Vulnerability assessment begins with a look at oneself and quantifying the likelihood of loss or damage based on attributes within.

Cybersecurity vulnerability begins with an honest assessment (a diagnosis) of the endogenous systems – finding the weak spots.

 

In short:

Threat, the intentional conduct of someone (internal or external) to cause harm

Risk, a quantifiable metric of potential harm, given the circumstances and environment

Vulnerability, the attributes native to the organization or individual that increases probability of harm

 

WannaCry, Power Grids hacked, Deloitte – What has surprised you most about the types of attacks that have occurred in 2017? And do you think today’s enterprises are taking security seriously?

[JM] I wish I could say that the cyberattacks and data breaches of 2017 surprised me.  But given the milieu of cybersecurity practices, it was the only outcome one could predict.  We didn’t know where or how these attacks would happen, but it should we widely agreed by now that our present disciplines are not equipped to manage the threats organizations face.

 

Principally, organizations have a dearth of imagination when assessing their threats, risks, and vulnerabilities.

To fully predict and prevent cyberattacks requires complete knowledge of the current state of the world with its ever-changing variables and probabilities, something close to omniscience.  And omniscience tends to be out of reach for human beings.

Right-thinking organizations are going on offense – threat hunting.  This marks a turning point in cybersecurity; moving to methods and tactics that value ignorance and evidence-based pursuits, rather than heuristics and confirmation biases.  We are seeing a slow but noticeable shift, let us hope it continues.

Attackers have become increasingly more innovative with their attacks, so what can individuals and enterprises do to stay one step ahead? What defence mechanisms would you advise?

[JM] Attackers are human.  Humans are goal-directed, not stimulus-driven.  Years ago, the attacker community traded in the currency of respect; making a name for oneself within the community was the ultimate goal.  Now, the financial motive has become the principal driver of attacker behaviour.  To service this financial goal, attackers will use the most effective tools at their disposal.

Cybercriminals are responding to incentives as any economic actor would in an economic world.  With these financial incentives in place, it is no wonder that attackers would opt for ransom instead of depreciating inventories of stolen data.

 

To stay ahead of this innovation curve, organizations need to do three things:

  1. Automate policy management (prevention)
  2. Automate data analysis (detection)
  3. Automate actions (response)

 

Each of these measures will serve an organization experiencing two forces: 1) Personnel/skills shortage, 2) Increased complexity and sophistication of cyberattacks.

 

Automating policy management provides you with the prevention needed without having an army of device technicians constantly updating access control lists (ACLs) in an ever-changing world.  Automating data analysis provides organizations with the needed capability of threat hunting without having to employ Minority Report precogs to detect threats.  Automating actions provides the speed of patching what’s been affected, the closest we can currently get to self-healing computers and networks.

 

 

With the cyber landscape in its current state and with IoT and cloud adoption expanding, looking ahead, what do you see being the biggest threats in 2018?

[JM] After this diatribe about the history of prediction, one may think I am being hypocritical by making statements of what will happen in 2018.  But isn’t in the goal of any method to take in data from the past and confidently make predictions about the future?  Of course!

 

I believe the current model of Passive Security will keep its strong grip.  But guess what?  While organizations cling to what they know cybercriminals are going to advance.  Maintaining this model will likely bring the following unpleasant headlines:

 

  • A major bank in the U.S. or Western Europe will lose over 100 million records
  • A major Western government will experience a breach where over 20 million full citizen profiles are abducted
  • A major healthcare provider will have their Amazon S3 breached, exposing millions of patient records
  • In the wake of a breach (perhaps from 2017), a major company will be charged with criminal neglect and broken up by a Western government

 

Our methods will evolve, we will overcome this.  A new method has been introduced and it has gained a toehold.  It will bide its time until more hapless methods, tragically, run their course.

 

By Rohit Chavda, Account Executive

As part of Security Serious Week 2017, which aims at raising awareness of cybersecurity concerns, Eskenzi PR’s blog posts will take as through various elements of the cybersecurity world. Today’s, New Tech Tuesday, will be about the exciting developments in the fields of biometrics; I will be explaining what biometrics entails, the different types of biometrics, and why they are such an exciting new development for cybersecurity professionals.

Biometrics are defined as ‘metrics relating to human characteristics’. In layman’s terms, this means that it uses elements of an individual’s physical characteristics or behaviours, to identify something about them. The most common kind of biometrics that are heard about are physical biometric solutions, such as retina scans, thumb print or facial recognition. These can all be used as forms of identification which are much more secure than the average password/username combination that we (and identity fraudsters and thieves) know and love so well. However, as has been previously discussed, these solutions are not completely fool proof…although they do have the added benefit of making whoever is using them feel remarkably like James bond!.

Hackers can still duplicate an individual’s physical traits, via photographs, but what is inherently harder to imitate, replicate or duplicate is the personal characteristics they aren’t even aware of – Let alone anyone else. This is where the cutting-edge field of passive biometrics comes into play.

Passive biometric solutions, such as those pioneered by NuData Security have made for security solutions that can identify an individual in a frictionless, user-friendly way, by analysing known passive behavioural indicators, such as the speed at which a user types on a device, the angle at which a device is held. These factors (and many more) are then cross-referenced with the user’s known behaviours (location, time of use etc) in order to build up a picture of a good user that is accurate to a degree that no other authentication method could dream of. If these solutions were deployed globally, there’s a significant chance that account takeover, fraud and other forms of identity crime would reduce significantly. So, in the future, when you’re furiously texting a WhatsApp group chat, you could be helping to keep your online accounts safe…. that’s truly taking security serious!

By Conor Heslin, Account Executive.

As part of European cyber security awareness month, we at Eskenzi PR are doing our part and will be producing a one-off series to promote cyber security. Today’s edition is Malware Monday – Ransomware.

 

Ransomware (noun): a type of malicious malware designed to block access to a computer system until a sum of money is paid. A simple definition with catastrophic ramifications.

 

For many unattached from the world of cyber or technology, ransomware is just a meaningless word lost among the catalogue of phrases used by IT professionals. That certainly changed in 2017.

 

Here’s why:

 

On 12th May 2017, a ransomware worm named WannaCry wreaked havoc around the world, infecting hundreds of thousands of systems used by some of the largest corporations including banks, hospitals, airports and utilities.  Shadow Brokers, the cyber criminals believed to be behind the attack, used NSA leaked hacking tools to spread the virus through a Microsoft system flaw. Despite its global reach, the malware had known flaws and within 72 hours, security researchers located a kill switch.  Nevertheless, WannaCry crippled systems in over 150 countries, including the UK, where the NHS was brought to a standstill with systems in majority large proportion of hospitals and facilities being corrupted.

 

No less than a month later, ransomware once again made international headlines. The variant known as NotPetya or Petya or Goldeneye spread like a swarm of locusts, causing devastation to many organisations across Europe and America including the likes of major advertiser WPP and Danish shipping giant Maersk. However, it was Ukraine that was critically hit with utilities like energy and power grids, airports and banks all being taken offline. NotPetya manifested through known flaws within networks that used Microsoft Windows and exploited systems by using a modified version of EternalBlue SMB, the same NSA tool used in the WannaCry attack.

 

Attacks like WannaCry and NotPetya acted as a global wake up call for organisations to take cyber security seriously. As it becomes more of a recognized issue and with such severe consequences, cyber security can no longer be ignored.

 

Javvad Malik, security advocate at AlienVault has given his thoughts regarding the growing threat ransomware poses, not only now, but in the years ahead, and has given advice on how organisations can prevent their data becoming hostage.

 

“Ransomware has stolen most of the headlines thus far this year and they continue to be a popular attack avenue. What we have seen is a clearer splintering of attacks whereby there are cybercriminals in it for the money that primarily utilise ransomware, and on the other side we have more targeted attacks by highly skilled groups.

 

“We saw the success WannaCry had in spreading with the EternalBlue vulnerability despite there being a windows patch in place. Cyber criminals will continue to use techniques that provide a return on investment until such a time they no longer work, or a readily-available alternative exploit becomes available. So, we can probably see malware gradually evolving over the coming year at the same rate as had been so far and unlikely to see a massive change in direction.

 

“A lot of preventative measures come down to employing fundamental security practices. This includes good patch management, network segregation, maintaining backups, and having good threat detection controls in place.”

 

FYI: ransomware has been identified as being the top threat facing computer users by the European policing agency, Europol!

 

By Rohit Chavda, Account Executive