Was CFOs aus Hackerangriffen lernen können
Erfolgreiche Cyberattacken auf Konzerne häufen sich. CFOs sollten daher genau überlegen, ob sie bei Investitionen in die IT-Sicherheit auf die Bremse treten. Denn Einsparungen an der falschen Stelle können den wirtschaftlichen Erfolg eines Unternehmens schnell gefährden. Hitesh Sheth, CEO bei Vectra Networks erklärt in FINANCE, warum vor allem immer öfter firmeneigene Rechenzentren Ziel von Hackerangriffen werden.
How artificial intelligence will solve the security skills shortage
The infosec world is embracing artificial intelligence and the seismic changes it will bring to threat detection and mitigation, Vectra CSO Günter Ollmann writes in Dark Reading. As networks become more sophisticated, generate more data, and are exposed to advanced threats, AI and the automation it empowers are the cure.
The truth is, the Yahoo! data breach is not the exception
The magnitude of the Yahoo! data breach – more than 1 billion user accounts compromised – is by far the largest that has ever occurred. But Yahoo! is not the exception. Routers, switches and servers in the vast majority of data centers where customer account information is kept are largely unprotected and highly vulnerable to cyber attacks.
Video: Cybersecurity woes in the U.S.
The incoming U.S. administration would be well advised to take the recent Democratic and Republican National Committee hacks seriously, Vectra CEO Hitesh Sheth tells CNBC. "We can safely assume that nation-state actors will continue their efforts to affect U.S. economic interests as well as our democratic and political processes."
What the infosec jobs sector will look like in 2017
Vectra CSO Gunter Ollmann says that experienced infosec employees are twice as valuable to the global market, demanding higher pay and improved roles. To retain them, organizations are offering “senior” titles and accompanying pay hikes. Meanwhile, the skills and job tasks between “junior” and “senior” remain unfulfilled.
Insurance claims for data breaches are on the rise
On news that data breach insurance claims are being made at a rate of over one a day, Matt Walmsley, Vectra EMEA director, says “By automating detection using the very latest self-learning security tools, and with it the response to an incident based on early indicators, many attacks can be nipped in the bud before they become costly incidents.”
Remain paranoid, err vigilant, with online security in 2017
There are a lot more tools necessary and available to combat the cyber threat, at the edge, at the endpoint and in between. “It is important to identify, develop and train associates who are motivated cyber warriors, and it is an ongoing process, due to the velocity of change," says Joe Duffey, CISO at Natixis Global Asset Management.
Encrypt everthing. Don't let security be the reason you don't (and attackers do)
Chris Morales, head of security analytics at Vectra, says encrypted network traffic is having an impact on security that relies on deep packet inspection, whose efficacy degrades as more traffic is encrypted. Even worse, traditional security responses to handling encrypted traffic will suffer due to certificate and public key pinning built into applications.
Data breach claims are made at a rate of more than one a day
Matt Walmsley, EMEA director at Vectra , says that a rise in claims for digital theft and intrusions was taking place amid growing nation state-driven cyber crimes and the looming risk posed by GDPR compliance requirements and punitive fines. There is also growth in corporate cyber extortion using ransomware and malware.
What 2017 has in store for cybersecurity
Chris Morales, head of security analytics at Vectra, tells CSO that critical firewall vulnerabilities will continue to be ignored in 2017. According to the Shadow Server website, there are still more than 816,000 Cisco firewalls connected to the Internet that are vulnerable, undermining the inherent trust placed in firewalls.
AI: Revolutionizing the information security industry
Günter Ollmann, CSO at Vectra, explores how the information security industry is starved of experienced security workers and how it is proving detrimental to its advancement and exposing IT systems and Internet businesses to criminality and ransom. In the next 25 years, AI defense systems will unleash unimaginable ways to combat cyber threats.
Hitesh Sheth, CEO at Vectra, outlines his top cybersecurity predictions for 2017. Attacks on the U.S will increase during Drumpf’s administration, new forms of ransomware will become a big headache for security response teams, data center attacks will increase, and firewall vulnerabilities will continue to be ignored.
InfoSec skills shorage: The No. 1 threat to Internet security
It is estimated that today there are over 1 million InfoSec positions unfilled – growing to over 1.5 million by 2019 – and more than 200,000 of those vacancies are in the U.S. This global shortage of expertise and experience lies at the very heart of the InfoSec world’s ability to respond to cyber attacks – affecting vendors and consumers alike.
Hackers may go holiday shopping online, too
Employees who reuse credentials or shop from their work computers are at risk, says Chris Morales, head of security analytics at Vectra. Fake Best Buy or Amazon promotional emails could be a phishing attack infecting computers with ransomware or exploits to initiate a targeted cyber attack, while everyone is supposed to be enjoying holiday cheer.
Data center security – Is it safe?
Data centers are the main repository for digital assets and resources, and their high value makes them a target for attackers. But threats in the data center are relatively mature by the time they manifest. With more assets residing in data centers than ever before, how safe is it? Matt Walmsley, EMEA director at Vectra, explains.
Device agnostic IoT security
With more unmanaged and seldom-updated devices connecting to our networks, behavior-based security is an essential line of defense. It ensures that unusual activity and volume are quickly identified and addressed, and this can be done regardless of the device being targeted. Matt Walmsley, EMEA director at Vectra, makes the case.
Who's afraid of APT?
What can organizations who expect to be a target do about an APT? And how sure can anyone really be that they are ready to respond? Expecting the unexpected is a difficult task, says Matt Walmsley, EMEA director at Vectra, quite reasonably, although in terms of cyberattacks the truth is that prevention alone fails.
US-Wahl 2016 und der Umgang mit Big Data
Große Daten-und Datenwissenschaften können verschiedene Arten von Prognosen zu erstellen. Das Brexit-Referendum und die US-Wahlen von 2016 führten zu zwei Ergebnissen, die sich stark von den vorhergesagten Ergebnissen unterschieden. David Pegna, Leiter der Data Science bei Vectra, erklärt, was Cyber-Sicherheit aus den großen Datenfehlern lernen kann.
Bigger walls won't keep data safe
For years, the security community focused on perimeter defenses, but ensuring all is well requires more than building a bigger wall. Hackers only need about 146 days to spy, spread and steal, according to Mike Banic, vice president of marketing at Vectra. And it only takes about three days for an attacker to gain administrative credentials.
Where cybercriminals go to buy your stolen data
Darknet website AlphaBay sells tens of thousands of items related to malware, exploits, hacked accounts, stolen credentials, and hacking services. Christopher Doman, a threat analyst at Vectra, talks about the AlphaBay market and forum and explains the various ways this information can be used for nefarious purposes.
Evaluating AI-powered threat detection technologies
Unlike signature-based detection systems, today’s AI-powered security technologies are rarely suited to a plug-it-in-and-watch-it-light-up evaluation strategy. They often include a mix of supervised and unsupervised machine learning, automated threat hunting, trained classifiers, and focus on reducing erroneous and unactionable alerts.
Compliance doesn’t equal security but it sure does help
As more business decisions rely on big data analytics, cybercriminals have greater incentive to pollute the incoming data to alter decisions or make them predictable so they can be monetized, says Vectra CTO Oliver Tavakoli. This can cause a hedge fund to buy or sell a stock. “Criminals can make large sums of money front-running the transaction.”
What will the next ransomware note say?
In 2017, ransomware will be used with other techniques for blended attacks, says Vectra CSO Günter Ollmann. Despite ransomware detection improvements made in 2016, most organizations still do not have a sufficient offline backup strategy to restore files, whether the ransom is paid or the attacker provides the encryption key.
DHS hiring puts into question the cybersecurity skills shortage
"Everyone with a newly minted computer science degree is being encouraged to get into cybersecurity, as the lack of candidates is driving up salaries," says Vectra CSO Günter Ollmann. Although the U.S. Department of Homeland Security event "was pitched under the banner of cybersecurity, it is not clear what jobs were actually being filled."
Who has the most impact in driving security advancement?
"The CISO usually becomes the person who drives both the strategy and the budget," says Vectra CEO Hitesh Sheth. "They usually have a team." It's often seen in the Fortune 50 companies that "the CISO is still heavily involved, but the board is involved as well. It has become a regular topic among the board of directors."
How AI will transform cybersecurity
The challenge of detecting attack behaviors in network traffic is immense. Finding correlations across protocols without intrusive deep packets inspection requires analyzing thousands of correlations between metadata from internal and external network traffic. A few companies are using AI technology to tackle this challenge, including Vectra.
Cybersecurity predictions for 2017
Alex Waterman, senior director of product management at Vectra, predicts that cybercriminals will step up their efforts to corral legions of unprotected IoT devices to mount even more sophisticated attacks. Also, the attack tools published by the Shadow Brokers hacking group will be used against the data center’s vulnerable physical infrastructure.
Cybersecurity predictions for 2017
Alex Waterman, senior director of product management at Vectra, predicts that cybercriminals will step up their efforts to use more vulnerable IoT devices to mount attacks and the tools published by the Shadow brokers hacking group will be used against the data center’s unprotected physical infrastructure.
Three mobile cyber attack: 6 million customers’ details exposed
“It’s troubling that the breach was discovered only after receiving complaints from customers that scammers were fishing for their bank account details," says Vectra CTO Oliver Tavakoli. "With the availability of real-time detection methods today that identify what’s happening at any given moment, this lack of awareness is shocking."
Election 2016: The bungling of big data
The accuracy of polling results failed miserably in the 2016 election. From a data science perspective, what are the lessons learned from the big data polling blunders in election predictions? The lesson is all about using the right data for the problem at hand, and not about questioning if the data is right. The same applies for cybersecurity.
Camouflaging state-sponsored malware attacks
Most organizations continue to struggle with malware-based intrusions, according to this column written by Vectra CSO Günter Ollmann. Despite the deployment of policies, user education, enforcement chokepoints, data inspection, and regular assessments of defenses, malware remains the primary method of breaching the corporate network.
Passcode influencers: Trump won’t improve cybersecurity
"Just as hacking, cybersecurity and email breaches have been core to the election process, they will continue to grow and affect the U.S. government," says Vectra CSO Günter Ollmann. "Hence, in Trump's presidency, the U.S. government and agencies will have their hands forced in dealing with this invasive hacking epidemic.
Data integrity: The next big threat
Vectra CTO Oliver Tavakoli explains to SC Magazine that the variety, volume and velocity inherent in big data makes it difficult to ensure integrity of all of the data. To combat this challenge, Tavakoli encourages organizations to always pay attention to where the data is coming from and to encrypt the data.
IT Sicherheit – Intelligente Abwehr
Traditionelle IT-Sicherheitslösungen gelangen an ihre Grenzen und können keinen ausreichenden Schutz mehr bieten. Im Zuge dieser Entwicklung setzt sich die künstliche Intelligenz (KI) als neuartiger Sicherheitsansatz immer weiter durch. Oliver Tavakoli, CTO bei Vectra berichtet in einem aktuellen Beitrag auf VDI Nachrichten, worin die Vorteile des maschinellen Lernens liegen.
Unfilled jobs are the biggest threat to cybersecurity
A global shortage of expertise lies at the heart of the infosec world’s ability to respond to attacks and has considerable effect on vendors and consumers alike. Vectra CSO Günter Ollmann explains why unfilled jobs are the biggest threat to the cybersecurity industry, and identifies three ways to approach the problem.
Brute force: Understanding automated cyber attacks
Every new technology that guards against cyberattacks forces hackers to evolve. Automated attacks are now capable of learning to use an application and carrying out its basic functions. For example, Wade Williamson, director of threat research at Vectra, says banking malware can transfer money belonging to a compromised account.
IoT security tips to protect your small business
"You should keep Internet-enabled devices – like video cameras—on a separate network from the primary business network that deals with customer financial transactions, like point of sale systems, intellectual property, or any form of regulated data," said Chris Morales, head of security analytics at Vectra.
The worst people you meet in IT security: The 'ever-helpful'
Vectra CSO Günter Ollmann chastises "the person who holds open a secure door for a slow moving 'employee' without checking for a badge. One of the easiest ways to infiltrate a secure building or data center is to appear encumbered (e.g., having both hands full with boxes) and wait for an authorized person to open the door for you."
How to stop the Mirai botnet: Can blocking Port 23 fight further DDoS attacks?
One of the biggest reasons we now have the Mirai botnet is that "the (IoT) manufacturers are trying to save money and reduce the time to market, and only after the product has been proven to be popular do they go back and add security to it," Vectra CSO Günter Ollmann tells the International Business Times.
What these CSOs did on their first days
Vectra CSO Günter Ollmann weighs in on the most vital areas of focus for new CSOs during their first weeks on the job and shares advice for prioritizing problem areas. Ollmann also shares two different yet critically important perspectives on security – vendor and non-vendor – and what to take care of on day one.
Hackers coordinate targeted attacks against Middle East entities
“Whether it’s freedom fighters or terrorists, the cyber-domain is an important theatre for propagating a cause," says Vectra CSO Günter Ollmann. "Tools that target the opposition and gather valuable intelligence are in play by small and large groups around the world. Cyber warfare isn’t just the domain of large nation-state actors.”
Middle Easterners targeted in 'Moonlight' espionage campaign
Researchers at Vectra Networks have been monitoring the group for the past two years and determined that its operations focus on Middle Eastern political issues. The threat actor has been dubbed “Moonlight” based on the name of a command-and-control (C&C) domain used in the attacks.
Phishing techniques infect political targets with Trojan malware
Moonlight group is likely to be involved in cyberespionage, warns Vectra Networks. “They put effort into crafting the emails, the websites, the documents they've created, putting a fair amount of energy into it. But beyond that the underlying tech is off the shelf," says Vectra CTO Oliver Tavakoli, emphasizing how attackers don't need sophisticated hacking skills.
'Moonlight' APT uses H-Worm backdoor to spy on targets
Identified by Vectra Networks, this particular campaign used spear-phishing emails and social media lures to trick targets into installing the H-Worm malware. H-Worm creates a backdoor that can be used to further compromise targets with a remote access Trojan called njRat.
'Moonlight' Middle East hacking group exposed
A hacking group is running a wide ranging cyber-espionage campaign against targets in the Middle East. Security firm Vectra Networks says it has identified over 200 samples of malware generated by the group over the last two years. The assaults are not technically sophisticated but nonetheless tricky in their use of social engineering tactics.
Keeping zombie botnets out of your home network
Your router, home Wi-Fi, refrigerator and webcams could be part of an international army of zombie attackers. “A newly installed Wi-Fi home router is likely to be compromised within weeks if the default passwords are not changed – or within a few hours if you live in a more densely populated metropolitan area,” says Vectra CSO Günter Ollmann.
Funkschau: Ransomware – Keinen hohen Preis zahlen
Das berichtet Gérard Bauer, Vice President EMEA bei Vectra Networks, auf Funkschau.de. Der Experte gibt Einblick, wie sich Cyber-Kriminelle Zugang zu Unternehmensnetzwerken verschaffen und wie sich Firmen vor hochprofesionellen Ransomware-Angriffen schützen können.
C-suite career advice: Hitesh Sheth, Vectra Networks
Vectra CEO Hitesh Sheth offers career advice about breaking into the tech industry: “Don’t play it safe. The tech industry is very unique with lots of opportunity for someone just starting their career. Take risks. Look for startups that can drive exponential change and not just ones that seem to be the 'coolest.'”
NSA spy details how to tap into webcam on Mac without user noticing
"If these gadgets are not regularly updated to address vulnerabilities, then they are left open to exploitation," says Vectra EMEA Director Matt Walmsley. "There's now a lot of pressure on the manufacturers to raise their game and support the embedded software side of things as long and as vigorously as, say, a PC operating system vendor does.”
TalkTalk fined £400k by ICO for data breach
"Under the forthcoming EU General Data Protection Regulation (GDPR), the fines could have been much higher – up to 4 percent of worldwide turnover. In the case of TalkTalk, that could have been £72 million based on 2015 turnover,"Vectra CSO Günter Ollmann says. "In that respect, the company has got off lightly.”