When the threat “sleeps” at home

The Security is highly important these days in ANY organisation, private or public, in any vertical market, it doesn´t matter. The new economic globalisation and the eclosion of a geo-located structure  have made new and brilliant internal and external threats.

It’s true from 5 years to today; almost every  company has  at least the minimum security in-house, I’m talking about Firewalls, Antivirus, and anti-spam at least. And I agree that the minimum was enough to protect our business from outside. But I also agree that the internal protection is  the biggest unknown security now, and unfortunately, the ‘bad guys’ go one  step ahead of us. The old techniques included/meant  trying to bypass the firewall, but today many of our staff are not seated in the office, so there’s no firewall. But let’s go beyond that, let’s imagine a mad internal personnel, let’s think about one of our new employees, are we sure he or she is  not doing anything bad with my data? Have  you heard  about Spy Industry?

At this point, if you are thinking we are talking about needing  a DLP (Data Leak Prevention) you are right, and obviously, we need to be sure no one bypasses our ‘corporate compliance rules’ like who can send what type or content of data outside… BUT is  that enough? Sorry to say, no it isn’t . According to the research on 2014 ‘Cost of Data Breach’ from IBM/Ponemon, the 84% of the security issues contains stealing or incorrect use of corporate data.

That’s right, many corporate users steal business information or don´t use it correctly (according to Compliance department). Maybe just an excel with VIP customers leaked on a pen drive or using a cloud drive provider in the worst case.

It’s not new, and many companies push their staff to sign a ‘confidence clausure’. But is  that enough? In my opinion NO. It’s more effective to remind the user what they  doing, whether it’s allowed to do it or not and what the consequences will be. In the “real world”, on the streets, governments and private properties remind us of the use of CCTV to ‘monitor us’; And you obviously do not think to ‘do anything  bad’ while ‘CCTV in operation’.

Based on that idea, why don’t we monitor our staff? Why don’t we develop that plan to the cyber security world? But we will monitor ONLY when they are accessing the ‘risky and highly confidential data’. I.E. access to our CRM, or a critical SQL server.

We are talking about corporate workers, but now think, does all the staff working on your company belong to your firm? Sure? So you don’t outsource anything? I do not know any business with more than 500 users who doesn’t  outsource something : IT helpdesk, Marketing, Designers, Legal, etc..

So there’s no better way to prevent any DLP if we remind a user when it  accesses  a private part of the business ‘Hey smile, to the camera you are on TV.’ And why not use the tampered video recorder as evidence to demonstrate his/her actions.

Today, as far as I know, only a few companies have developed this idea to the market.

Technorizon UK, can help you drive your DLP project, contact us for more info.

Share It!

GOD SAVE THE DATA

Over the past two years, 35 unique ransomware incidents caused cybercriminals a profit of approximately $25 million.

This data originated from a study by Google and the NYU Tandom School of Engineering. The results of the data concluded that the top ransomware earners were Locky, Cerber and CryptXXX that earned $7.8 million, $6.9 million and $1.9 million, respectively.

The trick with Locky is that its creators concentrated on malware development and finessing the supporting botnet structure. The reason the malware spreads faster and wider that other ransomware is because development and distribution were kept separate. Locky has hence generated more than 28 percent of the $25 million earned by ransomware since 2016.

According to Google, the writers behind CyptoLocker, Locky and Cerber have improved avoiding detection by the means of producing malware that can automatically change binaries. Google claims this to be the key when it comes to finding a way around antimalware protection.

However, this study also shows that ransomware attacks such as WannaCry and NotPetya were unsuccessful at acquiring the ‘ransom’. This was due to the fact that it was more a ‘wiper’ malware that did not really comply to the typical ransomware attributes. Kylie McRoberts, a senior strageist with Google’s Safe Browsing team called the wiper malware trend ‘the rise of the ransomware impostors’.

Researchers have also stated that ransomware will be more common and extensive in the upcoming year, as will the number of impostors who have intentions of causing more damage than extort money.

“Ransomware is here to stay and we will have to deal with for a long time to come,” said Kylie McRoberts.

Share It!