Hack Archives - IT Security Guru

Hackers adopt ‘school of fish’ approach as they sharpen focus on mid-sized businesses

The Gurus — Tue, 09 Jan 2018 17:00:25 +0000

Rudimentary attacks, like information gathering, reputation blocks, fraud, and brute force attacks, increased by 71% from 2016-2017, according to new data released by eSentire, Inc., the largest pure-play Managed Detection and Response (MDR) provider. The data represents a total volume rise in detected events from 15 million in 2016, to 21 million last year.

Reports demonstrate a marked technique shift by attackers who favor obfuscation techniques that evade standard perimeter controls. The data, collected from eSentire’s best-in-class threat monitoring technologies, spans thousands of private and public cloud sources across the company’s 600+ client base, and includes primarily mid-sized businesses in the finance, legal, healthcare, technology, and insurance industries.

“It’s not that businesses don’t need prevention technologies, rather, you need to be able to detect when those technologies are being bypassed and intervene immediately,” said J.Paul Haynes, eSentire CEO.

In its 2017 Market Guide for Managed Detection and Response Services, Gartner states that: “Organizations are looking to improve real-time threat detection and incident response capabilities; however, they often struggle to invest limited resources in the required people, processes and technology. Managed detection and response improves threat detection monitoring and incident response capabilities via a turnkey approach to detecting threats that have bypassed other controls.”¹

“Last year’s monster breaches, like WannaCry, affected countless mid-sized businesses, and since those attacks, we’ve seen a steady rise in organizations proactively seeking measures to safe-guard against similar attacks,” said Haynes. “Mid-sized enterprises have similar cyber risk profiles to large enterprises, yet a fraction of the budget to invest in detection and responses capabilities.”

MDR is the fastest growing segment in cybersecurity as firms of all sizes struggle to acquire and retain the threat hunting skills, advanced cyber technologies, and threat intelligence processes to continuously anticipate the next move the ‘school of fish’ is making.

“This new data supports an existential problem when it comes to defending against threats,” said Haynes. “Early breach indicators are measured in minutes and hours, and countermeasures need to be deployed in near real-time. In our world, it is not the 200+ days to detect which you read in the headlines, it’s now!”

As the largest pure-play MDR provider, eSentire saw significant market expansion in 2017, with in excess of 60% year-over-year revenue growth. Today, the company maintains a 97% customer retention rate.

“At the end of the day, while the volume of attacks continues to rise, combining endpoint, network, and threat intelligence data equips eSentire’s threat hunters with the richest possible data allowing faster decision making, investigations, and the ability to disrupt attacks,” said Haynes. “Ultimately, businesses need to avoid greater financial losses and need more than traditional prevention technologies to achieve that.”

About eSentire:
eSentire® is the largest pure-play Managed Detection and Response (MDR) service provider, keeping organizations safe from constantly evolving cyber-attacks that technology alone cannot prevent. Its 24×7 Security Operations Center (SOC), staffed by elite security analysts, hunts, investigates, and responds in real-time to known and unknown threats before they become business disrupting events. Protecting more than $5 trillion in corporate assets, eSentire absorbs the complexity of cybersecurity, delivering enterprise-grade protection and the ability to comply with growing regulatory requirements. For more information, visit www.esentire.com and follow @eSentire.

The post Hackers adopt ‘school of fish’ approach as they sharpen focus on mid-sized businesses appeared first on IT Security Guru.

Hacked Medical Devices Could lead to Breaches

The Gurus — Tue, 05 Dec 2017 15:46:52 +0000

Hacked medical devices, such as IV Pumps, could lead to a widespread data breach, according to Spirent SecurityLabs.
Read Full Story
ORIGINAL SOURCE: Dark Reading

The post Hacked Medical Devices Could lead to Breaches appeared first on IT Security Guru.

Iranian Military Hacker Indicted for HBO Hack

The Gurus — Wed, 22 Nov 2017 11:11:55 +0000

The US DoJ has identified and indicted Iranian national, Behzad Mesri, in relation to this years HBO hack.
Read Full Story
ORIGINAL SOURCE: The Register

The post Iranian Military Hacker Indicted for HBO Hack appeared first on IT Security Guru.

Hackers targeted Democrats Right Until End of Election

The Gurus — Wed, 08 Nov 2017 16:52:29 +0000

Former interim DNC chief has revealed that hacks against the Democratic party continued for months after election, and targeted some of the Parties most closely guarded secrets.
View Full Story
ORIGINAL SOURCE: AP News

The post Hackers targeted Democrats Right Until End of Election appeared first on IT Security Guru.

Putting your head in the cloud to become GDPR compliant

The Gurus — Tue, 07 Nov 2017 11:32:30 +0000

GDPR is coming and is set to have a huge impact on UK businesses. From high-tech to agriculture, every modern business has huge volumes of data that will have to be stored, secured and managed in a way that is compliant with the new regulation.
That’s all very well and good if you are a huge company that can throw resource at dealing with the issue, but what about everyone else? With fines of up to €20 million or 4% of global annual turnover, it could spell the end for a small business if they are caught out by GDPR. So, with the data concerns of a bigger organisation, but without the same level of resource, how can SMEs tackle GDPR compliance efficiently and cost effectively?
The majority of businesses in the UK are SMEs and it is simply impractical for most to put in place a team to handle regulatory compliance. However, that is not to say that managing directors of small businesses need to take on the task of GDPR alone. The starting point must be to review their current infrastructure. Many businesses, particularly those without a heritage in digitalised systems, view IT as a purely tactical decision, often taking a short-sighted approach to addressing it. The result is the installation of systems that quickly become overly complex and make it difficult to ensure that data protection compliance in particular, is handled effectively; but how can businesses change this?
The answer is to start looking at IT as a strategic decision. The reality is that for most businesses, IT is a significant element of their organisation and yet they don’t think about the best way to approach it in the long term. For an SME, with minimal resources to dedicate to IT, this is where cloud technology comes into its own. As well as providing an organisation with an easy to manage infrastructure that is resilient and grows with their business, it can also be the most efficient way to prepare and protect themselves ahead of GDPR.
By moving to the cloud and working with a Managed Service Provider (MSP), smaller businesses can ensure that they are meeting all regulatory requirements when it comes to data protection, without sinking huge amounts of time or funding. Larger cloud platforms, like Microsoft Azure, provide businesses with access to affordable enterprise grade security, giving them a way to protect their data better than ever before. Additionally, working with an experienced MSP gives a business access to the expertise needed to arrange and organise its infrastructure and storage in a way that meets and keeps them in line with increasingly strict industry compliance requirements.
Platforms such as Microsoft Azure are investing time and vast amounts of resource to ensure that they make it as easy as possible for those with infrastructure built on their platform, in order to meet the rules around GDPR. Offering dedicated support, guidance and expertise, it gives SMEs peace of mind that they are compliant and that both their own and customers data are protected.
The consequences of failing to comply would be felt that much harder by an SME, with more slender profit margins than an enterprise, and they may go under if they face GDPR penalties. This is even more worrying when we consider that less than one in ten SME owners in the UK fully understand what GDPR actually means for their business or have taken the appropriate steps to prepare themselves for it, according to the latest research from Aldermore, it is vital that SMEs see that the cloud can offer a cost effective, fast track to compliance.
– Paul Blore, Managing Director, Netmetix

The post Putting your head in the cloud to become GDPR compliant appeared first on IT Security Guru.

Can you prevent the mega breach?

The Gurus — Tue, 07 Nov 2017 11:27:15 +0000

The threat landscape today is more complex and more dangerous than it has ever been. Where once hackers tended to operate individually, now organisations face much more sophisticated threats from organised eCriminal groups, hacktivists, and nation-state adversaries. The immense resources and know-how that these cybercriminals can deploy means that organisations need to update their approach to security. If they do not, then they will find themselves the victims of the next big breach, and could suffer the devastating reputational and financial consequences that follow a successful attack.
Traditional approaches to IT security are no longer enough in the face of these new, advanced threats. What’s more, many organisations are failing to understand the missing link in the continuous ‘people, process and technology’ conversation, which could make all the difference in the constant fight against hackers. By harnessing the power of the cloud, a variety of next-generation technologies, and threat intelligence, businesses can steer clear of the dreaded mega breach.

The power of the cloud
As organizations grow and become more distributed, adding more endpoints across the enterprise, sophisticated adversaries will continue to aggressively target their data and IT infrastructure. The cloud offers new means of providing pervasive protection throughout the enterprise – with lower cost and reduced management overhead while adding significantly increased performance, agility and scalability. In fact, cloud-based endpoint protection provides organisations with the ability to monitor and learn from attackers as it tests attack strategies, apply crowdsourced threat protection and provides seamless upgrades. The cloud enables for better protection and offers a level of scalability and speediness that on-premise solutions do not.

Looking to next-generation solutions
In today’s modern IT landscape, organisations need to look to more next-gen solutions to combat effectively against modern threats.
Replacing traditional, legacy antivirus (AV) technology with a more sophisticated approach that completely monitors your network is a key component of this. Traditional antivirus (AV) technologies rely on a signature-based approach and as such, can only identify known threats. All it takes for an attacker to circumvent these systems is to make a small tweak between signature updates for the malware to become “invisible.” With next-gen AV, more strains of malware and other threats become visible, so you can detect and stop these types of attacks instantly.
Traditional AV products fail to deliver the efficacy improvements required to protect organizations against modern threats. These products miss more advanced threats because they lack effective machine learning and behavioral detection capability. Traditional AV continues to have blind spots because their endpoint detection and response (EDR) features are immature and unintelligent. While they are able to record and search events collected from endpoints, customers are then tasked with sifting through the sea of data to find meaningful security events. This process is painstakingly antiquated against modern, speedy vulnerabilities. With next-generation technology, the opposite is the case, and you can pinpoint threats in an efficient manner for more complete protection and faster remediation.

Tracking threats through threat intel
Organised cybercriminals today have many motivations to infiltrate their chosen targets – from financial gain to cyberwar and more. Traditionally, eCriminals and hacktivists implemented extortionist tactics to get precious data, but there has been an uptick in cyber espionage activity this year from nation-state threat actors in North Korea, Russia and China.
In the face of these diverse, highly-motivated threats, it is no longer sufficient for organisations to take a reactive stance. Instead, organisations need to have a clear and comprehensive understanding of the different threats they face, if they are to have any chance of defending against them effectively. Threat intelligence is therefore central to modern day cyber risk mitigation, enabling organisations to anticipate and detect potential threats from across the entire web and thereby, choose the right defensive approaches.
To protect revenue, customer and other stakeholder data, jobs, IP and shareholder value, organisations must invest in real-time threat intelligence, while developing a well-trained team that can monitor, capture and analyse threat data effectively. To get out of reactive mode and prevent breaches, businesses must take steps to prioritise actionable intelligence so that they can get ahead of the threats that could compromise their business.
Ultimately, steering clear of a breach comes down to two key points: speed of detection and efficacy. Being able to assess any intrusion and contain it immediately is the only way to future-proof your business. A combination of detection technologies and comprehensive strategy is critical to ensure that no matter where the bad guys move, or whatever new tactics they deploy, the business is well equipped to repel risk.
By Amol Kulkarni, Sr. Vice President, Engineering at CrowdStrike

The post Can you prevent the mega breach? appeared first on IT Security Guru.

Childrens Smartwatches 'Easily' Hackable

The Gurus — Wed, 18 Oct 2017 09:16:34 +0000

Certain smartwatches, designed to be safe for children, have security flaws which make them easier for hackers to gain access to, a watchdog has warned.
Read Full Story
ORIGINAL SOURCE: BBC

The post Childrens Smartwatches 'Easily' Hackable appeared first on IT Security Guru.

Iran Responsible for Parliament Cyber-Attack

The Gurus — Tue, 17 Oct 2017 09:45:58 +0000

It has emerged that Iran was behind the cyber attack on the UK Parliament in June this year; the attack attempted to break account holders’ passwords. It is unclear as to why, or what hackers where after.
Read Full Story
ORIGINAL SOURCE: Information Security Magazine

The post Iran Responsible for Parliament Cyber-Attack appeared first on IT Security Guru.

Multi-currency Exchange LiteBit.eu Hacked Twice in Two Months

The Gurus — Mon, 18 Sep 2017 09:25:36 +0000

Multi Currency exchange LiteBit has been hacked twice in two months; no bitcoin or altcoin funds believed to be stolen in either breach.
View Full Story
ORIGINAL SOURCE: Bleeping Computer

The post Multi-currency Exchange LiteBit.eu Hacked Twice in Two Months appeared first on IT Security Guru.

India’s “robust” biometric database let millions get fake IDs

The Gurus — Tue, 12 Sep 2017 09:28:12 +0000

Criminals managed to circumvent the “robust” security of India’s biometric database to issue over 8 million fake identity cards — which Indian citizens use for everything from opening bank accounts to getting married. Police in the northern Indian state of Uttar Pradesh Sunday arrested 10 men as part of a crackdown on a sophisticated fraud scam which involved cloning fingerprints and cracking the security features of the Aadhaar enrollment system — which was described in August as “robust and uncompromised” by the authority charged with protecting it.
View Full Story
ORIGINAL SOURCE: Vice News

The post India’s “robust” biometric database let millions get fake IDs appeared first on IT Security Guru.