Hacker Tales

A couple of years ago we published an e-book titled ‘The Hacker Tales: Stories of Hacking, Privacy and Deception’. It was hugely successful being picked up by numerous publications, websites and promoted across multiple social media platforms which resulted in it being downloaded 2000 times.  The idea of the e-book is to be a grown-ups bed-time story book, where through short stories you go off to sleep wondering whether the story you’ve just read could really happen, or was it just fiction, with a moral story running through it!

The short stories can be written by anyone, all you need to do is dream up a scary hacking scenario which could possibly be something that could happen today or not in the near too far distance. They need to be entertaining, riveting, concise and enjoyable with a list of helpful hints and tips to the reader – offering IT security best practices to help readers be more security savvy otherwise there could be consequences.

Would you be interested in sponsoring the next Hacker Tales book for £1,000? Half of the money will be a charitable donation as it will go to the Children’s Charity NSPCC –  http://www.nspcc.org.uk  (which is the charity that the IT security community support through the White Hat Events http://whitehatevents.org.)

In return, your logo will appear in the e-book which will be promoted through the www.itsecurityguru.org and distributed to the entire IT Security Guru database, plus be a main resource to download from http://www.securityserious.com. In addition, Eskenzi will be working hard to promote the e-book through our many media friends and associations which we are hoping will reach over 100,000 people, plus we hope as a sponsor you can promote it through your own channels too. We’ll even provide you with your own digital copy that you can share with your customers.

MOST IMPORTANTLY, we’ll be on the lookout for good stories to include so, if you or any of your colleagues feel inspired to write a chapter of around 1000 words, we’d love you to take a read to consider it for inclusion.

Have a read of the book and let me know if:

  1. Make a charity donation to the book by being a sponsor
  2. You’d like to contribute a short story

The book will be also be available for download via the Security Serious website, other media sponsors, and we will self-publish through Amazon.

If you’re interested in getting involved then please contact dulcie@eskenzipr.com or call 0207 1 832 837.

Advertisements

Eskenzi PR will once again be organising the IT security analyst & CISO Forum on 1st and 2nd May 2018 in London – this year we’ve pulled out all the stops to get some really outstanding analysts to fly in from the US, Germany and the UK to meet with just 10 vendors.  Already 5 places have been snapped up, so now we’re on the scout for another 5 leading edge companies who are going to wow the analyst and CISO communities with new innovative technology and strong ambitious plans to grow and show competitive advantage.

This event has been designed to make it incredibly time and cost effective as it combines three events into one:

  1. Meeting a year’s worth of analysts in one day
  2. A CISO roundtable with between 10-15 of the UKs top CISOs
  3. Lead generation opportunity through exhibiting at the CISO debates for over 50 end-users which takes place on the second afternoon of the event.

The Forum has been going for over a decade and is only available to just 10 vendors, of which there are now just 5 places left.

These are the analysts who have so far agreed to attend:

  • IDC – Duncan Brown (UK)
  • Bloor Research – Fran Howarth (EU)
  • Kuppinger Cole + Partner – Martin Kuppinger (EU)
  • Quocirca – Bob Tarzey (UK)
  • Telesperience – Teresa Cottam (UK)
  • Goode International – Alan Goode (UK)
  • ABI Research – Michela Menting (UK)
  • Ovum –Rik Turner (UK)
  • PAC  – Paul Fisher (UK)
  • Securosis – Mike Rothman (US)
  • 451 Group – Scott Crawford (US)
  • Forrester Research – Heidi Shay (US)
  • Aberdeen Group – Derek Brink (US)
  • NSS Labs – Paula Musich (US)
  • David Monahan – EMA (USA)

End-user companies who will attend include:

Santander, National Grid, Network Rail, GlaxoSmithKline, Virgin Media, BP , HMRC, Commerzbank, BBC, BT,  Foreign Commonwealth Office, John Lewis , NFU Mutual,, Betfair, Channel 4, Lloyds, Unilever, Barclays, The Economist, HSBC, Home Office, Cabinet Office, NHS.

If you have new products and have something refreshing and insightful to impart to the analyst community then you should seriously consider attending this event.

The cost of the event is £13,500 which includes the entire 2 day event, including accommodation for 2 nights in Park Lane’s Intercontinental Hotel, which is absolutely gorgeous, plus dinner for 2 nights and breakfast and lunch over the 2 days.  Any additional delegates attend for £1000 plus VAT.

The event will once again take place at No.4 Hamilton Place, Mayfair, London W1J and we hope you will be able to attend.

If you are interested in reserving a place please call Yvonne on +44 (0)207 1832 832 or email yvonne@eskenzipr.com

The world of social media was rocked last week when Twitter announced that it would allow people to increase the length of their tweets from 140 to 280 characters. The move follows a trial among a small group of users during September, in response to criticism that it was not easy enough to tweet.

During the test period, only 5% of tweets sent were longer than the original length of 140 characters, and only 2% used more than 190 characters. But the social media site revealed that those who did use the longer tweets got more followers, better engagement and spent more time on the site, according to a blog post which detailed the findings.

But soon after the announcement was made, the Twitter backlash began, with newsfeeds quickly clogging up as people tried to experiment with the new format, often using up the characters with meaningless words and jokes. Many pointed out the changes they would rather have seen, such as a crackdown on hate crime, or the introduction of a chronological timeline and edit function.

But how could this change affect those of us working in PR? Twitter is another medium that we use to contact reporters about client news, and when we’re dealing with complex reports, then the additional characters might allow us to include a different angle or additional detail beyond the headline. The change should also be useful for social media analytics, giving us the potential to track influencers’ interaction with brands in a more meaningful way.

But the move could also spell trouble for consumer-facing organisations who deal with customer services on Twitter. Public complaints made in this way could soon become more detailed and potentially damaging for brands, and to diffuse potential crises it will remain key to respond quickly and take any damaging conversations offline where possible.

Any brand communicating with their customers via Twitter would do well to remember the Twitter backlash when the announcement was made. The platform has become popular as a micro-blogging site, and succinct communication is key – so it will be important to avoid any unnecessary words, and make every character count, to retain high levels of engagement.

Twitter currently has 330 million active users, compared to 800 million for Instagram and more than two billion users for Facebook. The change to 280 characters is part of Twitter’s broader plan to attract new users and increase growth.

If you’re in the security game, WannaCry is like celebrity deaths…You always remember where you were! I for one was in the office, frantically getting all the available information over to my clients so we could have a comment written, approved and pitched in a timely fashion.

Such was the same when the NAO announced at the end of October that the NHS could have prevented the WannaCry attack by taking simple cybersecurity recommendations. While this was admittedly terrible news for the NHS, it was great news for our Eskenzi clients! A nationally recognised government office, going on the record about the cybersecurity failings of another globally known, much-loved national institution was almost too good to be true. This is particularly useful for our clients as the report echoes the sentiments that expressed as the time of the original WannaCry outbreak back in May.

At this point, the Eskenzi ‘rapid response’ process ramped up a gear, with Eskenzi employees all over the globe mobilising to capitalise on the news, and allow our clients commentary to become a part of the news agenda around this story. Both the quality of the comments our clients can provide, and the speed and accuracy with which they are pitched to the media are all crucial factors to consider when dealing with a rapidly changing news agenda. Luckily for us, the combination of our excellent PR professionals and our clients’ sector-leading knowledge meant comments were quickly drafted and pitched from across the infosec spectrum. Some of our excellent client commentary on the subject is included below:

Javvad Malik, security advocate at AlienVault:

For many organisations, it’s not a matter of if, but when. Fundamental security controls and hygiene could have prevented, or at least minimised the impact of WannaCry on the attack. But perhaps even more telling is that while the Department of Health had an incident response plan, it was neither communicated nor tested. Without a clearly communicated and tested incident response plan, trying to make one up in the midst of an incident is a recipe for disaster.

It becomes increasingly important for all organisations of all sizes to invest in cyber security. It doesn’t necessarily need to be huge investments, but care should be taken that the fundamental security controls are put in places and validated, as well as testing an incident response plan.

Anton Grashion, managing director-security practice at Cylance:

“While it’s true that organizations could have prevented at least one recent ransomware outbreak through ‘basic IT security,’ such as regular patching, the fact remains that a treasure trove of weapons-grade malware has recently been made available to every variety of threat actor on the Dark Web. It’s easy to say that if recommendations were acted upon the effect would have been less, but there would still have been an effect because the initial malware infection had to be stopped as well – not something the recommendations covered.

“Regular patching is necessary, but not sufficient for preventing highly damaging cyber-attacks on networks. It’s still imperative for security teams to evaluate next-generation anti-malware technologies inside their own organizations to see what works best for their purposes against these increasingly sophisticated new malware types, which are regularly failing to be stopped by traditional security products. Indeed, there is still a large estate of aging operating systems in daily use in both public and private organizations and while it is advisable to migrate to more up to date versions it’s sometimes a decision on what else will be cut to upgrade. Better yet is to protect these platforms in the first place and buy some breathing space in which an orderly upgrade program can be executed when budgets allow.”

Stephanie Weagle, VP at Corero Network Security:

“Organisations operate un-patched legacy systems and no formal mechanism to effectively protect against the evolving landscape of cyber security threats is irresponsible.  Over a third of national critical infrastructure organisations in the UK (39%) have not completed basic cyber security standards issued by the UK government, according to data revealed under the Freedom of Information Act.  In order for the UK to become the safest place to do business, Critical Infrastructure must engage in cyber resiliency best practices, and proper security defenses.  To keep up with the growing sophistication and organisation of well-equipped and well-funded threat actors, it’s essential that organisations maintain comprehensive visibility across their networks, to instantly and automatically detect and block any cyber threat, including DDoS attacks.”

Edgard Capdevielle, CEO of Nozomi Networks:

“The National Audit Office’s report reminds us that cyber security is not optional, it needs to be part of regular operations. Clearly there is a high cost when regular IT system updates aren’t implemented and cyber security recommendations aren’t followed.

“Attackers continue to look for new and inventive ways to infiltrate organisations and infrastructure meaning global outages as Wannacry was able to realise could become increasingly frequent if left unchecked.

“The EU’s NIS Directive due to be implemented into UK law next May, those who fail to adequately protect infrastructure will be penalised financially.

“With ransomware – such as WannaCry, especially given its ability to reinfect connected devices, prevention has to be first and foremost. Applying artificial intelligence and machine learning for real-time detection and response, organizations can monitor for known malware infections and detect anomalous behavior that might indicate new malware variants enabling organization to rapidly discover and act to remove malicious code before harm is done.”

Gavin Millard, technical director at Tenable:

“In theory, Wannacry could have been easily prevented by deploying a freely available patch and restricting or removing a ubiquitous service called SMB from Windows systems that couldn’t be updated. In reality though, due to the complex networks in place, overlapping ownership of devices and systems that can’t be updated due to contractual issues with the suppliers, this was far from trivial to accomplish.

“To be resilient to further attacks of this nature, each of the NHS trusts has to ensure foundational security controls are in place and identify where improvements are needed. The UK government has already defined controls every critical infrastructure should follow with schemes such as Cyber Essentials and NIS. But to implement these guidelines effectively, investment is required into a public sector that is already severely lacking funds.

“As we become more reliant on IT systems for every aspect of our critical infrastructure, including healthcare, the impact of a major vulnerability affecting those systems shouldn’t be underestimated or the risks ignored. Putting in place a robust process for identifying all systems on the network and how vulnerable they are, are foundational security controls for a reason. Without this ability, networks will continue to be easily infected by ransomware like Wannacry”

For other coverage successes at Eskenzi, please go to

http://www.eskenzipr.com/Content/News-1-2/1_38/

By Conor Heslin, Account Executive at Eskenzi PR

Many of us now rely on open source software for almost every aspect of our daily computing needs, from our web browsers (Firefox) to email solutions (Zimbra) and content management systems (WordPress).  These solutions make computing much more accessible and save consumers considerable amounts of money – a 2008 report by the Standish Group states that open-source software has resulted in savings of about £48 billion per year to consumers.  But, what drives the open source revolution? Why do people adopt this software and what does this mean for security?

From a user-experience and performance perspective, open source software works in the same way as proprietary software. However, open source software gives its users the transparency to access its code and the freedom to copy, change or improve it. What this means for security is that more people are looking at and testing the code, so if there is a problem it is more likely to get noticed faster and fixed before it causes any serious harm. Indeed, as the fix will be publicly available, other organizations can adopt it and shield themselves from the same problem. Whereas, in closed sourced software, no one outside the organization knows about the bugs or problems discovered in their code and often, it could even take months for companies to release a patch.

Open source software can be used to help solve cybersecurity problems by enabling individuals to share their knowledge on security issues and collaboratively come up with solutions for them. And because these solutions will be publicly available this means that anyone can reuse or even improve them. A great deal of the cyber security problems we face today have occurred due to bad design or the lack of knowledge about potential security threats. However, by openly sharing existing knowledge about threats, OSS can certainly improve the security landscape.

Indeed, the key elements of open source software are its openness and transparency. And it is precisely the lack of secrecy that create trust in users, developers and the organizations themselves. For example, when it comes to something as simple as the use of encryption software, which helps secure information, email/text messages or any other type of online communication, users are more likely to trust an open sourced solution than one that claims their code is indestructible.

On the other hand, open source software tends to be less “user-friendly” and may require more technical knowledge than proprietary software, because it essentially doesn’t aim at generating money. However, learning about open source software and how both organisations and individuals can benefit from using can be crucial for establishing the security and privacy aspects in information technology. It’s definitely an area worth exploring!

By Elizabeth Nikolova, Account Executive at Eskenzi PR 

From tapping our contactless cards, to life saving machines, the rise of the selfie and every painfully slow computer update we sit through on a Monday morning, it is increasingly clear that technology is a fundamental component of our daily lives. Some of us love it, some of us not so much- but one thing is for sure, in some way, we all use it. As technological advances continue to amaze us (I’m looking at you, Sophia), and break boundaries that years ago, were pipe dreams, one thing is for sure- technology isn’t going anywhere (except maybe up- after all, the only way is up, right?).

Of course, this begs the question- if we do all use technology, then why are we not all represented in the work force? Gender diversity in the technology industry has long been a talking point. Research shows that, despite industry growth, over the last 10 years’ female representation in the industry has stagnated- only 17% of those working in the industry are female and when looking higher up the ladder, things aren’t that much better – only 1 in 10 are IT leaders. With only 7% of students taking Computer Science at A-Level being female, there is a clear need for action to encourage young women to pursue a career in the field of technology.

I caught up with Vicki Gavin- Compliance Director, Head of Business Continuity, Cyber Security and Data Privacy at the Economist Group to get a little bit more insight on this issue:

What issues do women currently working tech face?

I think that the biggest issue women in technology face is nature of the work environment.  In general, the environment in the core technology areas; support, infrastructure and development is very competitive.  The nature of the work is such that practitioners are being challenged in some way to work harder, smarter or faster.  Thus, practitioners are constantly having to prove both to themselves and to others they are capable.  Many people may find this sort of environment uncomfortable and choose not to do these sorts of roles.

Are there any signs of success/ progression towards a more diverse workforce in the tech industry?

The number of women choosing a career in technology is increasing overall.  As with all change the pace is slow but the numbers are increasing.  In fact they are increasing quite rapidly in the technology governance, and risk management functions.  Women are less well represented in the support, infrastructure and development teams, but I think this may be down to the work environment.  I think that those of us in the industry need to stop undervaluing the technical governance and risk management functions and start treating them as the technology roles they are.

How can the Industry encourage young women to pursue a career in technology or cybersecurity? Whose responsibility is it to do this?

Hiring managers need to ensure they do not introduce bias into an already limited candidate pool by identifying the minimum requirements for the role and when reviewing CVs look for reasons why each candidate might be able to do the job rather than looking for reasons not to hire.  Candidates can help themselves by writing a cover letter which summarises for the hiring manager how their skills match the job posting.

How would you sell your current career path to the younger version of yourself- what advice would you give yourself? What challenges would you tell yourself to expect?

My advice to everyone regardless of the career path they want to follow is to do what you love.  When you do what you love, you’ll love what you do and be pretty good at it.  Which will naturally lead to career progression.  A couple of cautions, don’t be a shrinking violet, volunteer to take on new responsibilities and don’t be afraid to tell people when you’re good at something.  Finally, while having a career plan is a good starting point, don’t be a slave to your plan.  Be bold, be prepared to take opportunities when they come your way.

By Michelle Marriott, Account Executive at Eskenzi PR

Stats from http://www.womenintech.co.uk/

We are now at the tail end of Security Serious Week 2017, which has been a fantastic period for building cybersecurity awareness. Kicking off today’s edition in our week-long cybersecurity series is Threat-Hunting Thursday and we have selected the great mind of Josh Mayfield, platform specialist, Immediate Insight at FireMon for an in-depth Q&A analysis looking at today’s threats, the evolving landscape within cyber and what defence systems are available to those who wish to stay on step ahead of attackers.

How would you define Threat and what are the differences between Threat, Risk and Vulnerability?

[JM] Threats are unique from vulnerabilities and risks because they express ‘intent’.  Threats come in many forms and sources, but the key marker for any threat is the intent to cause harm or damage.  Look at ransomware, malware, DDoS, data exfiltration…all of them begin with an intent to do harm.

 

Risk is simply a quantified metric of potential loss or damage.  Risk metrics are based on circumstance (internal or external) that can leave the organization or individual in a precarious position.

Financial services (banks) and healthcare, for example, are at greater risk because the circumstances of their business brings them into a cohort of organizations that are regular targets of cyberattack.  Organizations use risk to better understand the future, potential outcome of damaging events.  Factored into this equation are their current vulnerabilities.

 

Vulnerability is all about the susceptibility of harm.  If threats are exogenous factors of potential loss or damage, vulnerability is the endogenous side of that ledger.  Vulnerability assessment begins with a look at oneself and quantifying the likelihood of loss or damage based on attributes within.

Cybersecurity vulnerability begins with an honest assessment (a diagnosis) of the endogenous systems – finding the weak spots.

 

In short:

Threat, the intentional conduct of someone (internal or external) to cause harm

Risk, a quantifiable metric of potential harm, given the circumstances and environment

Vulnerability, the attributes native to the organization or individual that increases probability of harm

 

WannaCry, Power Grids hacked, Deloitte – What has surprised you most about the types of attacks that have occurred in 2017? And do you think today’s enterprises are taking security seriously?

[JM] I wish I could say that the cyberattacks and data breaches of 2017 surprised me.  But given the milieu of cybersecurity practices, it was the only outcome one could predict.  We didn’t know where or how these attacks would happen, but it should we widely agreed by now that our present disciplines are not equipped to manage the threats organizations face.

 

Principally, organizations have a dearth of imagination when assessing their threats, risks, and vulnerabilities.

To fully predict and prevent cyberattacks requires complete knowledge of the current state of the world with its ever-changing variables and probabilities, something close to omniscience.  And omniscience tends to be out of reach for human beings.

Right-thinking organizations are going on offense – threat hunting.  This marks a turning point in cybersecurity; moving to methods and tactics that value ignorance and evidence-based pursuits, rather than heuristics and confirmation biases.  We are seeing a slow but noticeable shift, let us hope it continues.

Attackers have become increasingly more innovative with their attacks, so what can individuals and enterprises do to stay one step ahead? What defence mechanisms would you advise?

[JM] Attackers are human.  Humans are goal-directed, not stimulus-driven.  Years ago, the attacker community traded in the currency of respect; making a name for oneself within the community was the ultimate goal.  Now, the financial motive has become the principal driver of attacker behaviour.  To service this financial goal, attackers will use the most effective tools at their disposal.

Cybercriminals are responding to incentives as any economic actor would in an economic world.  With these financial incentives in place, it is no wonder that attackers would opt for ransom instead of depreciating inventories of stolen data.

 

To stay ahead of this innovation curve, organizations need to do three things:

  1. Automate policy management (prevention)
  2. Automate data analysis (detection)
  3. Automate actions (response)

 

Each of these measures will serve an organization experiencing two forces: 1) Personnel/skills shortage, 2) Increased complexity and sophistication of cyberattacks.

 

Automating policy management provides you with the prevention needed without having an army of device technicians constantly updating access control lists (ACLs) in an ever-changing world.  Automating data analysis provides organizations with the needed capability of threat hunting without having to employ Minority Report precogs to detect threats.  Automating actions provides the speed of patching what’s been affected, the closest we can currently get to self-healing computers and networks.

 

 

With the cyber landscape in its current state and with IoT and cloud adoption expanding, looking ahead, what do you see being the biggest threats in 2018?

[JM] After this diatribe about the history of prediction, one may think I am being hypocritical by making statements of what will happen in 2018.  But isn’t in the goal of any method to take in data from the past and confidently make predictions about the future?  Of course!

 

I believe the current model of Passive Security will keep its strong grip.  But guess what?  While organizations cling to what they know cybercriminals are going to advance.  Maintaining this model will likely bring the following unpleasant headlines:

 

  • A major bank in the U.S. or Western Europe will lose over 100 million records
  • A major Western government will experience a breach where over 20 million full citizen profiles are abducted
  • A major healthcare provider will have their Amazon S3 breached, exposing millions of patient records
  • In the wake of a breach (perhaps from 2017), a major company will be charged with criminal neglect and broken up by a Western government

 

Our methods will evolve, we will overcome this.  A new method has been introduced and it has gained a toehold.  It will bide its time until more hapless methods, tragically, run their course.

 

By Rohit Chavda, Account Executive

As part of Security Serious Week 2017, which aims at raising awareness of cybersecurity concerns, Eskenzi PR’s blog posts will take as through various elements of the cybersecurity world. Today’s, New Tech Tuesday, will be about the exciting developments in the fields of biometrics; I will be explaining what biometrics entails, the different types of biometrics, and why they are such an exciting new development for cybersecurity professionals.

Biometrics are defined as ‘metrics relating to human characteristics’. In layman’s terms, this means that it uses elements of an individual’s physical characteristics or behaviours, to identify something about them. The most common kind of biometrics that are heard about are physical biometric solutions, such as retina scans, thumb print or facial recognition. These can all be used as forms of identification which are much more secure than the average password/username combination that we (and identity fraudsters and thieves) know and love so well. However, as has been previously discussed, these solutions are not completely fool proof…although they do have the added benefit of making whoever is using them feel remarkably like James bond!.

Hackers can still duplicate an individual’s physical traits, via photographs, but what is inherently harder to imitate, replicate or duplicate is the personal characteristics they aren’t even aware of – Let alone anyone else. This is where the cutting-edge field of passive biometrics comes into play.

Passive biometric solutions, such as those pioneered by NuData Security have made for security solutions that can identify an individual in a frictionless, user-friendly way, by analysing known passive behavioural indicators, such as the speed at which a user types on a device, the angle at which a device is held. These factors (and many more) are then cross-referenced with the user’s known behaviours (location, time of use etc) in order to build up a picture of a good user that is accurate to a degree that no other authentication method could dream of. If these solutions were deployed globally, there’s a significant chance that account takeover, fraud and other forms of identity crime would reduce significantly. So, in the future, when you’re furiously texting a WhatsApp group chat, you could be helping to keep your online accounts safe…. that’s truly taking security serious!

By Conor Heslin, Account Executive.

As part of European cyber security awareness month, we at Eskenzi PR are doing our part and will be producing a one-off series to promote cyber security. Today’s edition is Malware Monday – Ransomware.

 

Ransomware (noun): a type of malicious malware designed to block access to a computer system until a sum of money is paid. A simple definition with catastrophic ramifications.

 

For many unattached from the world of cyber or technology, ransomware is just a meaningless word lost among the catalogue of phrases used by IT professionals. That certainly changed in 2017.

 

Here’s why:

 

On 12th May 2017, a ransomware worm named WannaCry wreaked havoc around the world, infecting hundreds of thousands of systems used by some of the largest corporations including banks, hospitals, airports and utilities.  Shadow Brokers, the cyber criminals believed to be behind the attack, used NSA leaked hacking tools to spread the virus through a Microsoft system flaw. Despite its global reach, the malware had known flaws and within 72 hours, security researchers located a kill switch.  Nevertheless, WannaCry crippled systems in over 150 countries, including the UK, where the NHS was brought to a standstill with systems in majority large proportion of hospitals and facilities being corrupted.

 

No less than a month later, ransomware once again made international headlines. The variant known as NotPetya or Petya or Goldeneye spread like a swarm of locusts, causing devastation to many organisations across Europe and America including the likes of major advertiser WPP and Danish shipping giant Maersk. However, it was Ukraine that was critically hit with utilities like energy and power grids, airports and banks all being taken offline. NotPetya manifested through known flaws within networks that used Microsoft Windows and exploited systems by using a modified version of EternalBlue SMB, the same NSA tool used in the WannaCry attack.

 

Attacks like WannaCry and NotPetya acted as a global wake up call for organisations to take cyber security seriously. As it becomes more of a recognized issue and with such severe consequences, cyber security can no longer be ignored.

 

Javvad Malik, security advocate at AlienVault has given his thoughts regarding the growing threat ransomware poses, not only now, but in the years ahead, and has given advice on how organisations can prevent their data becoming hostage.

 

“Ransomware has stolen most of the headlines thus far this year and they continue to be a popular attack avenue. What we have seen is a clearer splintering of attacks whereby there are cybercriminals in it for the money that primarily utilise ransomware, and on the other side we have more targeted attacks by highly skilled groups.

 

“We saw the success WannaCry had in spreading with the EternalBlue vulnerability despite there being a windows patch in place. Cyber criminals will continue to use techniques that provide a return on investment until such a time they no longer work, or a readily-available alternative exploit becomes available. So, we can probably see malware gradually evolving over the coming year at the same rate as had been so far and unlikely to see a massive change in direction.

 

“A lot of preventative measures come down to employing fundamental security practices. This includes good patch management, network segregation, maintaining backups, and having good threat detection controls in place.”

 

FYI: ransomware has been identified as being the top threat facing computer users by the European policing agency, Europol!

 

By Rohit Chavda, Account Executive

My names Michelle and I am a social media addict. Okay, so addict may be a bit of an over exaggeration, but like any stereotypical millennial, I love a bit of online socialising; Instagram, Twitter (work, and personal FYI), Facebook and even Linkedin- I would say I spend a reasonable portion of my day to day life online. I’m not ashamed to admit it, either. As technology continues to develop around us, our online presence has become more distinct, and in some ways pretty important. Prospective employers use it to seek us out, and we keep connected with friends and family far and wide, who we may not be able to be connect with, without it. And it’s not just our personal and work life that benefit- we can shop, and keep up to date with current affairs as they happen- just about everything is at our fingertips. In all honesty, is it such a bad thing to utilise the tools we have so easily at our disposal? Probably not (I write while searching for memes on twitter).

Of course, with so many of us online, we must remember- the bad guys are there too. Lurking in their deep dark hideouts of the wider web, there are some individuals waiting to use our social media accounts for their own sneaky gain- sometimes with criminal intentions, and sometimes just for the weird kick they seem to get out of Instagram hacks (I mean, poor Bieber right!? No one wanted to see that!)  I know you’re probably thinking, “this kind of thing only happens to famous people”, but trust me, that is just not true; the latest Instagram hack resulted in six million people’s details being stolen, and sold for $10 a pop on the dark net (personally, I’d say we’re all worth a bit more than that, but hey!) The increase in these kinds of attacks really does illustrate just how vulnerable we all are online.

Before I started at Eskenzi, I was the kind of person that fell for an Instagram phishing email, or used my forename as my password for pretty much all my accounts- I’m still surprised that I was never the victim of some kind of hack. However the last five months has made me completely rethink my attitudes towards how I look after my personal information online. I now realise that our data is worth something and isn’t just floating around safety in the cloud- we should look after it, just the same as we do when we’re out and about with our ID’s, bankcards, and large wads of cash (we can dream…)

So, just what can we do exactly? It goes without saying, never ever give out your information to someone you can’t verify- NEVER give out your password. The other tips I have learnt from experts in the industry would be:

  • Don’t reuse your passwords If you happen to visit one site, and your password happens to get stolen, the bad guys can just try all your other accounts; if it’s the same, well- you’ve done the hard work for them.
  • Avoid weak passwords. Yes, this means no more Password, Password1, or your name! The easier they appear to be, then clearly, the easier they are. Think of a unique combination that only you know.
  • Password Managers They can generate, store generate them for you- pretty handy, and very safe!
  • Two Factor Authentication is a third process which validates you- you usually have to enter your standard username and password, and then has a second authentication method. (FYI, Instagram now has this little tool available to all users)
  • PATCH AND UPDATE! The NHS was bought to a standstill because of unpatched systems; if they can wreak havoc in such a huge organisation, your social media accounts are about as safe as Moleman in The Simpsons- not very. Keeping it up to date closes those little vulnerabilities that hackers can take advantage of to gain access into your accounts.

All in all it is up to us to realise- it is our responsibility to protect and manage our online social life. The tips above will certainly get you part way there, but be savvy! There is an I in security guys, so lets get it together and sort it out; before our Facebook profile starts randomly inviting our parents to some NSFW websites (facepalm).

By Michelle Marriott – Account Executive at Eskenzi