Service Archives - IT Security Guru

Just another I.T. manic Monday? Automation can help

The Gurus — Tue, 18 Apr 2017 08:46:37 +0000

Okay, it’s true. I’m a big fan of the song “Manic Monday” by The Bangles. Released in 1986 by Columbia Records, the song—written by Prince under the pseudonym “Christopher”—was the band’s first hit.
It’s a sure bet Prince didn’t have the IT Service Management (ITSM) world in mind when he penned the lyrics. But after reading the research report “Anatomy of the Service Desk in 2016” prepared by the Service Desk Institute (SDI), the song’s chorus could be the IT analyst’s anthem:
It’s just another manic Monday
I wish it were Sunday
‘Cause that’s my fun day
My I don’t have to run day
It’s just another manic Monday.
The SDI report, created from responses to an online survey sent out to more than 10,000 senior ITSM professionals earlier this year, unearthed some interesting findings. For example, most survey respondents (32 percent) said Monday is the day of the week where the service desk is most productive, up from 23 percent when the survey was first administered in 2012.
In response to the question “At what time of day do you receive most of your calls?”, 60 percent of respondents selected 8:00 am to 10:00 am, while 33 percent chose 10:00 am to 12:00 pm. For a variety of reasons, including password and login issues and issues of people working remotely, only a small number of respondents indicate they receive most of their calls after 12:00 pm.
Concerning the question “Do you feel under pressure at work?”, 67 percent of respondents said yes while 33 percent said no. In addition, a majority of respondents (64 percent) agreed that there aren’t enough hours in the day to complete their work.
Ticket volumes rise faster than IT headcount
Couple SDI’s findings with data from Forrester Research that “57 percent of service desks struggle with increased ticket volumes, but only 31 percent are expanding headcount.”
SDI and Forrester Research shed light on the fact that IT departments today need to speed up service response, optimize cost management, and shift resources when needed to react faster to the operating environment of the enterprise.
In the eBook “Five Ways to Modernize IT Service Management,” the third section discusses the necessity to adopt automation. The eBook’s author, Ivanti manager of product marketing Melanie Karunaratne, states: “Recent Gartner research cites the top three reasons for driving organizations to automate:

Efficiency (78 percent)
Cost reduction (58 percent)
Risk mitigation (40 percent)

“Whether you’re aiming to work faster, maintain consistency, or reduce costs, automation can help. Automated service management processes let you refocus your time and resources on strategic activities that support business initiatives and goals.”
Where do you start?
Karunaratne recommends reviewing any routine, low-complexity, resource-intensive tasks such as password resets. “Employing automation to reduce call volumes will deliver immediate value to the operation and the business user experience. Any repetitive request is an opportunity for automation.”
According to Forrester, respondents to one of its surveys reported that “the average cost of resolving a password issue was $31 and that approximately 20 percent of all help desk calls were password-related.”
Enabling business users to access self-service and reset passwords automatically reduces direct contact with your team, offers an enhanced experience, and saves administrative costs.
By Brent Bluth, Ivanti

The post Just another I.T. manic Monday? Automation can help appeared first on IT Security Guru.

Isis using Telegram to target US air bases in South Korea, intelligence agency warns

The Gurus — Mon, 20 Jun 2016 10:57:44 +0000

Islamic State (Isis) has set its sights on US air force bases in South Korea, according to the country’s intelligence agency. The extremist group’s hacking arm, the United Cyber Caliphate, has collected information on 77 US and Nato air bases across the globe, including South Korea and is calling for its supporters to attack them.
South Korea’s National Intelligence Service (NIS) said the Isis is using Telegram – the encrypted messaging service – to release information on US air bases, including the Osan Air Base. The released data includes addresses and Google Maps coordinates. The terror group has also released personal information of several individuals in over 20 countries, one of whom is an employee of a South Korean welfare organisation. According to the NIS, the individual is now under protection,CNN reported.

Original Source: International Business Times
View the full story here.

The post Isis using Telegram to target US air bases in South Korea, intelligence agency warns appeared first on IT Security Guru.

South Korean Air Force Website Faces Cyber Attack

The Gurus — Fri, 27 May 2016 09:48:28 +0000

The official website of South Korean Air Force (airforce.mil.kr) was shut down for two weeks after a massive cyber attack hit its server.
On 12th May 2016, the air force website was found infected with a malicious code forcing the authorities to shut down the site from public view while running a temporary site for public information. The same day the military were informed that some suspicious emails were sent to local defence contractors by a supposed Defence Acquisition Program Administration official. It is quite possible that the emails either contained a malware or it was simply a phishing scam stealing the login credentials of local defence contractors.

Original Source: HackRead
View the full story here

The post South Korean Air Force Website Faces Cyber Attack appeared first on IT Security Guru.

Customer Trust and Revenues are where DDoS hits hardest

The Gurus — Thu, 24 Mar 2016 11:45:16 +0000

Corero Network Security has unveiled research from this year’s RSA showing that the most damaging consequence of DDoS attacks is the loss of customer trust.
After polling tech decision makers at RSA, Corero also foud that 34% of respondents felt loss of revenue was the biggest threat.
Dave Larson, Coerero’s chief operating officer, informed us that ‘network or website service availability is crucial to ensure customer trust and satisfaction, and vital to acquire new customers in a highly competitive market. When an end user is denied access to Internet-facing applications or if latency issues obstruct the user experience, it immediately impacts the bottom line.’
DDoS attacks make the media regularly, but get much more attention when there’s actually a firewall failre or a service/website is fully derailed. However Corero’s recent research has found that that there’s been a huge increase in sub-saturation attacks – those which are part of alrge plan, designed to knock one particular aspect of a service or site down as other nefarious activities take place or intelligence is gathered on behalf of the attackers.
Larson noted that small DDoS attacks often escape the radar of traditional scrubbing solutions. Many organizations have no systems in place to monitor DDoS traffic, so they are not even aware that their networks are being attacked regularly.
‘Industry research, as well as our own detection technology, shows that cyber criminals are increasingly launching low-level, small DDoS attacks,’ said Larson. The problem with such attacks is two-fold: small, short-duration DDoS attacks still negatively impact network performance, and-more importantly, such attacks often act as a smokescreen for more malicious attacks. While the network security defenses are degraded, logging tools are overwhelmed and IT teams are distracted, the hackers may be exploiting other vulnerabilities and infecting the environment with various forms of malware.’
Corero also found that many companies rely on upstrea providers to eliminate the attacks, with 30% of respondents saying this was their technique for protection. 85% of those surveyed believe their upstream provider should offer this protection as a service to their subscribers – over half of respondents said they’d pay their provider for this as a premium service.
When looking at the current methods of handling the DDoS threat used by companies, nearly one third (30%) of respondents rely on traditional security infrastructure products (firewall, IPS, load balancers) to protect their businesses from DDoS attacks. ‘Those companies are very vulnerable to DDoS attacks because it’s well-documented that traditional security infrastructure products aren’t sufficient to mitigate DDoS attacks,’ said Larson.

The post Customer Trust and Revenues are where DDoS hits hardest appeared first on IT Security Guru.

Telekom Austria says mobile service was hit by cyber attack

The Gurus — Wed, 03 Feb 2016 10:44:16 +0000

Telekom Austria’s mobile internet service was hit by a cyber attack that caused temporary access outages for millions of users in its home market from Friday until late Monday, it said on Tuesday.
The company also repelled an attack on its Austrian fixed-line internet infrastructure on Tuesday, a spokesman said.
No personal data was stolen, the spokesman said.

Original Source: Reuters
View the full story here

The post Telekom Austria says mobile service was hit by cyber attack appeared first on IT Security Guru.

BT broadband in broad-based brownout and TITSUP incidents

The Gurus — Wed, 29 Jul 2015 09:19:27 +0000

If you can’t reach a chum in the UK, chances are they’ve fallen victim to a substantial outage that’s hit BT’s voice and broadband services. Or a Total Inability To Support Usual Performance (TITSUP) incident.
The carrier appears to be suffering from two issues, the first reported to us by Reg readers Colin and Neil who’ve complained of very slow downloads, difficulties accessing the Web, dropped packets galore and traceroutes that don’t make it past the home gateway.
A glance at the carrier’s service status page omits mention of the slow access problem, but does reveal 15 outstanding issues including one that’s hitting over 40 communities from Manchester to Newquay.
BT says “A small number of our customers in the areas shown below, may experience a loss of telephone and/or broadband services. We hope to have service restored as quickly as possible and apologise for any inconvenience this may be causing. Services can be affected by a variety of reasons such as damage caused by 3rd parties or cable theft.”

view the full story here

The post BT broadband in broad-based brownout and TITSUP incidents appeared first on IT Security Guru.

ESRM – Penetration testing and fixing need to get out of 90s model

The Gurus — Wed, 03 Dec 2014 16:58:42 +0000

The traditional penetration testing model is not effective any more, as the model is not balanced in terms of cost benefit and in ensuring flaws are fixed.

Speaking at the Enterprise Security and Risk Management conference in London, Rui Shantilal, founder and managing partner of Keep-It-Secure-24, said that penetration testing has changed in the last ten years to match the actions of the attacker, but asked if enough was being delivered.

He said that “frameworks,tools, techniques and methodologies” have changed, but so too have the methodologies of attacker and in the 1990s, to test security you hired a company who gave you the results of the test and give you a report. “Nowadays it is pretty much the same, internet and tools have evolved but the process is the same,” he said.

“Current momentum is challenging for the penetration testing model, as in the 1990s the number of vulnerabilities was so low that it was irrelevent and not important to test every day. When we used to do traditional penetration testing, the hardest piece to know was when to start.”

He said that there are different types of attackers: the script kiddies who do not spend a lot of time on the attack; those who do spent time; and those behind targeted attacks. Between the first two, Shantilal said that they are covered with standard penetration testing, and eventually we may be able to do the testing in the same time frame.

“What about APT though, the attacker can do reverse engineering of traffic and decrypt cookies and understand what is inside organisation and that is not possible in five, ten or 15 mandates, so if you are worried about APT do AP testing,” he said.

He also claimed that if a problem is detected, is the user actually sure it has been mitigated? He said users should expect a “nice report” and they should get a presentation from the lead penetration tester on everything that they found.

“There are the reasons why the traditional penetration testing model is not effective any more, as the model is not balanced in terms of cost benefit. You dont get what you pay for,” he said. “It should look like: testing, reporting, managing and validating where you can manage your priorites and can simulate a flaw so you can check the resiliency of your controls.”

Shantilal also asked how many businesses would take that report and send it unencrypted within the company? He asked if a business knew how to extract the metrics on the process, knew what kind of vulnerabilities were more typical and who needs to be trained to mitigate those issues?

He said: “Penetration testing is a project not a process, but security a process not a one off approach.”

The post ESRM – Penetration testing and fixing need to get out of 90s model appeared first on IT Security Guru.