Home Podcasts Videos Guest Posts Q&A My Take Bio Contact
 

Top Stories

 

NEW TECH: DataLocker extends products, services to encrypt data on portable storage devices

By Byron V. Acohido

No matter how reliant we ultimately become on cloud storage and streaming media, it’s hard to image consumers ever fully abandoning removable storage devices.

There’s just something about putting your own two hands on a physical device, whether it’s magnetic tape, or a floppy disk, or a CD. Today, it’s more likely to be an external drive, a thumb drive or a flash memory card.

Related: Marriott reports huge data breach

Ever thought about encrypting the data held on a portable storage device? Jay Kim, co-founder and CEO DataLocker, did.

Launched as a one-man operation in 2007, DataLocker has grown into a leading manufacturer of encrypted external drives, thumb drives, flash drives and self-encrypting, recordable CDs and DVDs.

DataLocker today has 40 employees and last year moved into a larger facility in Overland Park, Kansas, with room to grow. I had the chance at RSA 2019 to visit with Shauna Park, channel manager at DataLocker, to discuss what’s new in  the encrypted portable drive space. For a full drill down please listen to the accompanying podcast. Key takeaways:

Protected backup

Even with increased adoption of cloud computing, external storage devices, like USB thumb drives and external hard drives, still have a major role in organizations of all sizes. These drives still serve a purpose, such as transporting data from one computer to another, accessing presentations outside of the office, or as an additional backup solution. …more

NEW TECH: SlashNext dynamically inspects web page contents to detect latest phishing attacks

By Byron V. Acohido

Humans are fallible. Cyber criminals get this.

Human fallibility is the reason social engineering has proven to be so effective – and why phishing persists. Consider these metrics from messaging security firm Proofpoint:

•Email-based corporate credential phishing attacks quadrupled in Q3 2018 vs. the previous quarter.

•Web-based social engineering attacks jumped 233% vs. the previous quarter.

•99% of the most highly targeted email addresses in the quarter didn’t rank as such in the previous report, suggesting that attackers are constantly shifting targets.

What’s more, a study by antivirus vendor Webroot informs that more than 46,000 new phishing sites go live each day, with most disappearing in a few hours. And a recent survey conducted by SlashNext, a Pleasanton, CA-based supplier of advanced antiphishing systems, revealed that 95% of IT professionals underestimate phishing attack risks. This holds true even though nearly half the respondents reported their organizations experience 50 or more phishing attacks per month, with 14% experiencing 500 phishing attacks per month.

It’s not as if companies and cybersecurity vendors have been sitting on their hands. Vast resources have been directed at filtering emails – the traditional delivery vehicle for phishing campaigns – and at identifying and blacklisting webpages that serve as landing pages and payload delivery venues.

So quite naturally, cyber criminals have shifted their attack strategies. They are pursuing fresh vectors and honing innovative payload delivery tactics. The bad guys are taking full advantage of the fact that many companies continue to rely on legacy defenses geared to stop tactics elite phishing rings are no longer using.

I recently had an eye-opening discussion about this with Jan Liband, SlashNext’s chief marketing officer. Here are the key takeaways from that interview:

Unguarded vectors

By now, most mid-sized and large enterprises have a secure email gateway that’s highly effective at filtering out 80%-95% of phishing emails. So phishers have moved on to comparatively unguarded vectors: social media channels, SMS (text), ads, pop-ups, chat apps, IM, malvertising and rogue browser extensions, Liband told me.

Platforms like Facebook, Twitter and Instagram are wide open for intelligence gathering. With knowledge of our friends, families and preferences, phishers are able to craft postings and messages targeting groups of victims, or specific individuals. The end game is to funnel victims to landing pages. …more

Q&A: The drivers behind the stark rise — and security implications — of ‘memory attacks’

By Byron V. Acohido

A distinctive class of hacking is rising to the fore and is being leveraged by threat actors to carry out deep, highly resilient intrusions of well-defended company networks.

Related: Memory hacking becomes a go-to tactic

These attacks are referred to in the security community as “fileless attacks” or “memory attacks.” The latter conveys a more precise picture: memory hacking refers to a broad set of practices, which can include fileless attacks, that constitute this go-deep form of network break-ins.

I had the chance at RSA 2019 to discuss memory hacking with Willy Leichter, vice president of marketing, and Shauntinez Jakab, director of product marketing, at Virsec, a San Jose-based supplier of advanced application security and memory protection technologies.

They walked me through how threat actors are cleverly slipping snippets of malicious code past perimeter defenses and then executing their payloads  – undetected while applications are live, running in process memory.

For a long time, memory hacking was the exclusive province of nation-state backed operatives. But over the past couple of years, memory attacks have come into regular use by common cybercriminals. Garden-variety threat actors are now leveraging memory hacking tools and techniques to gain footholds, move laterally and achieve persistence deep inside well-defended networks.

For a comprehensive drill down, please view the accompanying YouTube video of my full interview with Leichter and Jakab at RSA 2019’s broadcast alley. Here are excerpts, edited for clarity and length:

LW: Can you frame this new class of hacking? …more

GUEST ESSAY: Six risks tied to social media marketing that all businesses should heed

By Mike James

While the internet and social media have been very positive for businesses, there remains an inherent risk when it comes to how brands manage their Facebook, Twitter, and Instagram accounts.

Related: Defusing weaponized documents

While social media on every platform has benefits, there remains risks that must be addressed so as to keep your companies’ image and data safe.

No matter how large or small your business may be, the ability of social media to help you reach new customers and interact with consumers is unparalleled; however, there are danger areas. Here are five potential pitfalls of social media marketing.

Risk no. 1: Cybercrime

Businesses should always be very aware of the threat of cybercriminals, and social media also poses very real cyber-security risks.

Hackers use social media to learn more about you, and they can be very skilled when it comes to working out your passwords thanks to your posts about your pets, family, or even birthday plans.

When your social media accounts are shared between your personal account and your business pages, then even your own profile pages may be a way for hackers to gain access to company data.

In order to minimize the risks, you need to establish a strong online security culture across every level of your company. Teach your employees about the need for stronger passwords, and how to make use of both password generators and password management systems.

Risk no. 2: Trolls

There are some people online who enjoy attacking strangers on social media, and businesses are not exempt from this unpleasant attention. Whether it’s online bullying on Facebook, attacks to your brand on Twitter, or even leaving unfounded negative reviews online, those trolls cost UK businesses as much as £30k a year. …more

MY TAKE: ‘Cyberthreat index’ shows SMBs recognize cyber risks — struggling to deal with them

By Byron V. Acohido

Small and midsize businesses — so-called SMBs — face an acute risk of sustaining a crippling cyberattack. This appears to be even more true today than it was when I began writing about business cyber risks at USA TODAY more than a decade ago.

Related: ‘Malvertising’ threat explained

However, one small positive step is that company decision makers today, at least, don’t have their heads in the sand. A recent survey of more than 1,000 senior execs and IT professionals, called the AppRiver Cyberthreat Index for Business Survey, showed a high level of awareness among SMB officials that a cyberattack represents a potentially devastating operational risk.

That said, it’s also clear that all too many SMBs remain ill equipped to assess evolving cyber threats, much less  effectively mitigate them. According to the Cyberthreat Index, 45 percent of all SMBs and 56% of large SMBs believe they are vulnerable to “imminent” threats of cybersecurity attacks.

Interestingly, 61 percent of all SMBs and 79 percent of large SMBs believe cyberhackers have more sophisticated technology at their disposal than the SMBs’ own cybersecurity resources.

“I often see a sizable gap between perceptions and reality among many SMB leaders,” Troy Gill a senior security analyst at AppRiver told me. “They don’t know what they don’t know, and this lack of preparedness often aids and abets cybercriminals.”

What’s distinctive about this index is that AppRiver plans to refresh it on a quarterly basis, going forward, thus sharing an instructive barometer showing how SMBs are faring against cyber exposures that will only continue to steadily evolve and intensify.

I had the chance at RSA 2019 to discuss the SMB security landscape at length with Gill. You can give a listen to the entire interview at this accompanying podcast. Here are key takeaways:

Sizable need

AppRiver is in the perfect position to deliver an SMB cyber risk index. The company got its start in 2002 in Gulf Breeze, Florida, as a two-man operation that set out to help small firms filter the early waves of email spam. It grew steadily into a supplier of cloud-enabled security and productivity services, and today has some 250 employees servicing 60,000 SMBs worldwide. …more

BEST PRACTICES: Mock phishing attacks prep employees to avoid being socially engineered

By Byron V. Acohido

Defending a company network is a dynamic, multi-faceted challenge that continues to rise in complexity, year after year after year.

Related: Why diversity in training is a good thing.

Yet there is a single point of failure common to just about all network break-ins: humans.

Social engineering, especially phishing, continues to trigger the vast majority of breach attempts. Despite billions of dollars spent on the latest, greatest antivirus suites, firewalls and intrusion detection systems, enterprises continue to suffer breaches that can be traced back to the actions of a single, unsuspecting employee.

In 2015, penetration tester Oliver Münchow was asked by a Swiss bank to come up with a better way to test and educate bank employees so that passwords never left the network perimeter. He came up with a new approach to testing and training the bank’s employees – and the basis for a new company, LucySecurity.

Lucy’s’s software allows companies to easily set-up customizable mock attacks to test employees’ readiness to avoid phishing, ransomware and other attacks with a social engineering component. I had the chance at RSA 2019 to sit down with Lucy CEO Colin Bastable, to discuss the wider context. You can listen to the full interview via the accompanying podcast. Here are key takeaways: …more

MY TAKE: NIST Cybersecurity Framework has become a cornerstone for securing networks

By Byron V. Acohido

If your company is participating in the global supply chain, either as a first-party purchaser of goods and services from other organizations, or as a third-party supplier, sooner or later you’ll encounter the NIST Cybersecurity Framework.

Related: How NIST protocols fit SMBs

The essence of the NIST CSF is showing up in the privacy regulations now being enforced in Europe, as well as in a number of U.S. states. And the protocols it lays out inform a wide range of best-practices guides put out by trade groups and proprietary parties, as well.

I had the chance at RSA 2019 to visit with George Wrenn, founder and CEO of CyberSaint Security, a cybersecurity software firm  that plays directly in this space.

Prior to launching CyberSaint, Wrenn was CSO of Schneider Electric, a supplier of technologies used in industrial control systems. While at Schneider, Wrenn participated with other volunteer professionals in helping formulate the NIST CSF.

The participation led to the idea behind CyberSaint. The company supplies a platform, called CyberStrong, that automatically manages risk and compliance assessments across many types of frameworks. This includes not just the NIST CSF, but also the newly minted NIST Risk Management Framework 2.0, and the upcoming NIST Privacy Framework. For a full drill down on the wider context, give a listen to the accompanying podcast. Here are key takeaways:

Collective wisdom

Think of NIST as Uncle Sam’s long-established standards-setting body. “They are the people who brought you 36 inches in a yard,” Wrenn observed. To come up with its cybersecurity framework, NIST assembled top experts and orchestrated a global consensus- building process that resulted in a robust set of protocols. The CSF is comprehensive and flexible; it can be tailored to fit a specific organization’s needs. And the best part is it’s available for free. …more