Privacy

GUEST ESSAY: Best practices checklists each individual computer user still needs to follow

By Peter Stelzhammer

In the days of non-stop attacks on personal and work devices, the common day consumer wouldn’t know where to begin in order to protect their devices.

The rise of attacks is unavoidable and with the everyday announcement of a new strain of malware, ransomware and now data wipers, consumers find themselves asking: where do I start? How do I do this?

Whether you are focused on your home computer, work laptop or business operating system as a whole, it’s important to learn the key steps you can take to ensure your defenses are active and up to date.

Update checklist

•Use and keep your security software (i.e. anti-virus program) up to date and turned on. Many users switch off their real-time protection to gain some speed, but safety should come before. We strongly recommend making sure that you use the latest version of the anti-virus software, and for that matter of any software that you are using on your computer. Newest versions come with improved and additional features to enhance software capability.

•Keep your firewall turned on. Software based firewalls are widely recommended for single computers, while hardware firewalls are typically provided with routers for networks. Some operating systems provide native software firewalls (such as Windows OS). For Microsoft Windows home users we recommend using the firewall in its default settings.

GUEST ESSAY: Leveraging ‘zero trust’ and ‘remote access’ strategies to mitigate ransomware risks

By Den Jones

Ransomware? I think you may have heard of it, isn’t the news full of it? Well, the stats are even scarier with over 50% increase in ransomware attacks in 2021, compared to 2020.

The media paid close attention to ransomware attacks last year, as they had a significant impact on Colonial Pipeline, the nation’s largest fuel distributor, and JBS, the nation’s largest meat distributor. In fact, Colonial Pipeline shut down, causing major problems at the gas pumps for days.

When these ransomware attacks occurred, RiskyBiz podcast host Patrick Grey commented that the U.S. would respond: “Don’t take away our gas or burgers.” What an outstanding response! And, he’s not wrong. When supply chain attacks start impacting everyone’s daily life, it becomes very real for us all.

Ransomware is likely going to be here for years to come. It’s such a big industry that Ransomware-as-a-Service (RaaS) actually offers criminals customer service and tech support. This means it’s now a commoditized industry leveraging backend services and capabilities all built for scale.

Best practices

Let’s walk through some practical steps organizations can take today, implementing zero trust and remote access strategies to help reduce ransomware risks:

•Obvious, but difficult – get end users to stop clicking unknown links and visiting random websites that they know little about, an educational challenge. As an enterprise security team, you could restrict internet access at your egress points, but this doesn’t do much when the workforce is remote.

GUEST ESSAY: Defending ransomware boils down to this: make it very costly for cybercriminals

By Derek Krein

From financial institutions to meat producers, it seems every industry has been impacted by ransomware in the past year — maybe even the past week. The world’s largest enterprises to the smallest mom-and-pop shops have been devastated by cybercriminals who are looking to hold assets hostage for a big pay day.

Why the stark increase? Put simply, ransomware attacks are on the rise because of profits. This return on investment is bringing in new players, and the ransomware monster continues to grow…and we’re not ready to fight it off. Why? We’re not prepared to defend against persistent threats.

With ransomware-as-a-service (RaaS) as popular as it is, the attribution conversation becomes more difficult. Most of the ransomware attacks that use RaaS are done by affiliates who bounce from service to service, often using two to four different services at the same time. Shutting down a service doesn’t stop the attacks – the affiliates move to another RaaS provider, the RaaS owners just rename, retool, and go again.

While it’s nice to see law enforcement and governments go after the gangs, that won’t stop the monster that has grown out of control, that we, as an industry, continue to feed. While attribution and following the money can get a few wins, we need a multi-pronged strategy to slay the ransomware beast.

GUEST ESSAY: NewsCorp hack shows cyber espionage, squelching of press freedom on the rise

By Toby Lewis

As the dust settles following the recently disclosed hack of NewsCorp, important lessons are emerging for the cybersecurity and journalism communities.

The Chinese government is well known for its censorship– and frequent harassment and intimidation of foreign journalists. These are the foremost reasons China is ranked fourth worst globally regarding press freedoms.

China has enclosed its national internet servers within what is colloquially called ‘the Great Firewall.’ This firewall even goes as far as to block the latest versions of the encryption service TLS (v1.3) because it puts mechanisms in place to prevent third parties from decrypting traffic.

Internationally, there is no doubt that this predominantly serves to facilitate the detection and blocking of topics sensitive to the Chinese Communist Party, such as the events of June 4, 1989, in Tiananmen Square. The recent Western reporting on the Uyghur internment camps in Xinjiang triggered further sensitivity around how the international community views the Chinese Communist Party’s domestic policies.

In a recent statement, the Foreign Correspondents Club of China (FCCC) commented, “Covering China is increasingly becoming an exercise in remote reporting, as China cuts off new visas and expels journalists.” Only 4 percent of respondents to an FCC poll said their organization received a new J-1 visa in 2021, and 46 percent said their bureaus were understaffed because of a lack of visas.

GUEST ESSAY: The case for leveraging hardware to shore up security — via a co-processor

By Gopi Sirineni

Cybersecurity has never felt more porous. You are no doubt aware of the grim statistics:

•The average cost of a data breach rose year-over-year from $3.86 million to $4.24 million in 2021, according to IBM.

•The majority of cyberattacks result in damages of $500,000 or more, Cisco says.

•A sobering analysis by Cybersecurity Ventures forecasts that the global cost of ransomware attacks will reach $265 billion in 2031.

•The FBI reports that 3,000-4,000 cyberattacks are counted each day.

That’s just a sample of what is obvious to anyone in the industry: we’re in a war with cybercriminals, and we can hardly say we’re winning.

The vulnerabilities of internet security, once mostly a nuisance, have become dangerous and costly. Data privacy breaches expose sensitive details about customers, staff, and company financials. Security software may have been a satisfactory product at the turn of the century, but despite massive levels of investment, many experts now realize that it is not adequate for dealing with contemporary threats.

We reached this point of friction because of the compound effect of two shortcomings. One, security was too often treated as an afterthought by the industry, taking a backseat to a device’s speed, functionality, and design. Security remains an added expense that isn’t easy to market, especially when third-party software solutions have been so widely adopted.

GUEST ESSAY: Why rigorous vulnerability management is crucial to protecting critical systems

By Trishneet Arora

As companies accelerate their reliance on agile software development, cloud-hosted IT infrastructure and mobile applications, vulnerability management (VM) has an increasingly vital security role to play.

Not only does VM contribute to the safety and security of an organization’s network and infrastructure, it also helps ensure infrastructure performance is optimized.

An efficient VM solution will reduce the time and manpower resources required to maintain an effective cybersecurity infrastructure, thereby reducing the risk for enterprises.

VM is a well-known and mature segment of cybersecurity. Despite this, many organizations manage incomplete or out-of-date VM technologies to protect critical data assets.

When creating new strategies for VM, it is important to consider a few best practices:

•VM includes multi-layered capabilities, requires a “continuous improvement” mentality, and must be implemented enterprise wide (including mobile, internet-based applications and cloud assets) to be effective.

GUEST ESSAY: The case for acknowledging — and bridging — the security gap between IT vs OT

By Christopher Britton

My many years working with companies dealing with significant disruptions in the cybersecurity space has taught me a lot. The more I learn, the more I understand the inherent vulnerabilities facing organizations across the world.

The convergence of information technology (IT) and operational technology (OT) is a double-edged sword for critical infrastructure sectors – despite all its benefits, IT/OT convergence is not without its risks. These risks have become even more pronounced as ransomware attacks reach record-breaking highs.

Critical infrastructure sectors, such as energy and water, have never seemed more in the crosshairs – so much so that they have become the focus of recent Biden administration cybersecurity initiatives. In case of crisis, organizations need a plan, which begins with alignment between teams.

Crossing the Chasm

It has been more than a decade since Gartner first highlighted the challenges and benefits of IT/OT convergence. The promises of IT/OT convergence include lower costs, enhanced performance and the orchestration of systems through integration and automation, but the challenges include increased complexity, limits with scalability, and new cybersecurity risks. For example, OT environments include devices installed with legacy operating systems, which can be difficult to integrate and secure.

Older Articles »

The Last Watchdog