March 22, 2018
Author : Ted Kritsonis Via Mediaplanet
Source : IndustryandBusiness.ca
Smarter Protection Key to Battling New Malware Threats — With businesses embracing the Internet of Things (IoT), a greater level of connectivity should provide an impetus to prepare for inevitable cyberattacks.
A Forbes report found that 32 percent of top tech CEOs felt IT security was among the greatest challenge their companies faced—a concern compounded by new malware attacks aimed at exploiting vulnerabilities.
Gamarue is an example of a “malware family,” which means that it’s the codebase for different variant strains to create botnets to launch cyberattacks. Available for sale in underground markets, it is possible for anyone to buy it and build their own botnet, says Alexis Dorais-Joncas, Security Intelligence Team Lead at ESET, an IT security firm.
“Last year alone, there were about 500 different people who acquired the [Gamarue] kits and deployed it in the wild to control their own little botnets,” he says. “We pooled our telemetry data with other partners and built a list of domain names and addresses used to control the botnets. With help from multiple law enforcement agencies around the world, we were able to seize control of many of these domain names and IP addresses and redirect all the traffic into one sinkhole server.”
A sinkhole is one large server that accepts connections from the infected machines and keeps them dormant. It records who is connecting to it, allowing ESET to determine the total scope of infections around world.
Protection against this type of “crimeware” needs to be multifaceted because it will get into the company network through the weakest link, he adds. Large organizations with a big staff are especially vulnerable even if only a few employees are careless.
“There’s no one solution to block every infection vector, so companies should be on the lookout for the latest threats and how they work,” he says. “All the same/best practices apply—patching workstations with the latest software, anti-spam and malware blocks at the email gateway and deploying endpoint and network protections like firewalls.”
Paul Butcher and Jim Stechyson
How Businesses Are Getting One Step Ahead of Cyberattacks — Cyberattacks, like ransomware, have become a daily threat to organizations of all sizes. IT security teams struggle to keep up with the changing threat profiles and constant attacks leaving organizations vulnerable to cyber threats such as phishing, vishing, whaling, and other internet crimes.
“Cybercrime is a booming business, and the latest techniques used by cybercriminals have an impressive ability to manoeuvre past traditional security defences,” says Jim Stechyson, co-founder of HostedBizz, who, along with business partner Paul Butcher, runs one of Canada’s leading cloud service providers. “Despite the best efforts of IT teams to protect their organizations with traditional perimeter defence systems, the key to better data and security protection lies with systems and processes that assess vulnerabilities, educate end users on them, and include data protection strategies that ensure full recovery,” adds Butcher.
The co-founders agree that using a multi-layered approach to data security and protection that includes a commitment to ongoing end user education and testing to identify potential threats plays a big part in reducing the risk of cyberattack and penetration. The following tactics to augment an organization’s security and defence are essential:
- Assess vulnerability by conducting phishing simulations. These provide valuable insight into risk. They also identify where education and testing programs should be implemented to raise awareness and train users on how to recognize and react to potential threats. These simulations are often available through service providers and are surprisingly affordable.
- Build a protection plan that includes the ability to restore infected data and systems into a pre-attack production state. Data backup policies that include an offsite copy with a DRaaS provider ensure 100 percent confidence that critical systems can be recovered onsite or in the cloud promptly should a significant corporate-wide security breach occur.
Bringing Together Board, Business, and IT —Protecting digital assets is challenging for all companies, especially when dealing with evolving cyber threats — pushing executives to stay two steps ahead.
The most valuable asset in most instances is a company’s digital data, notes Bob Gordon, Executive Director of the Canadian Cyber Threat Exchange. However, emerging trends indicate that cyber threats are no longer solely about extorting a ransom from compromised firms.
“A company executive or business owner needs to have a good understanding of what the critical information is within their organization,” says Gordon. “What kind of data could they lose that would cost them their competitive edge? Where is that information stored and who has access to it? Making that data accessible across the spectrum of the business widens the risk, because every end user and workstation becomes a potential door into corporate IT systems.”
He adds that many of the cyber breaches that took place earlier last year could largely have been prevented had patches been installed on the infected systems ahead of time. Canadian boards are becoming more engaged and assessing cyber threats in the same way they look at traditional risks.
“It has to become a board level issue because it’s a business issue,” says Gordon. “This is not just an IT problem — if you leave it solely in the realm of IT professionals, you’re not going to solve it. You need the business side to get involved, from the board all the way down.”
IT departments can’t make those decisions, he adds. The business unit determines what data and processes are critical, making decisions about the risks and solutions involved should it be compromised.
“It’s a three-way conversation: board, business units, and IT,” says Gordon. “And the question is not if you will be attacked, but when.”
Government Announces New Canadian Centre for Cyber Security — In today’s world, digital technologies and the internet are increasingly important to innovation and economic growth. Accordingly, cybersecurity has become a mainstream issue in both the public and private sector alike, and to Canadians more generally.
Cyber compromises, when they occur, take up time, money, and other valuable resources. They can impede the government’s objectives, damage an organization’s trust and reputation, and affect the personal information or finances of individual Canadians.
Cyber threats evolve at an incredible pace and the challenge of protecting cyber systems and information will get a lot harder in the future. With advances in technology such as quantum computing, the future is quickly becoming today’s reality.
To combat cyber threats, the Government of Canada has announced the creation of the new Canadian Centre for Cyber Security (the Cyber Centre) in Budget 2018. As part of the Communications Security Establishment (CSE), the Cyber Centre will be a single unified source of expert advice, guidance, services and support on cyber security operational matters. It will be outward-facing, open to collaboration with industry partners, and a trusted resource for faster, stronger responses to cybersecurity incidents.
With the Cyber Centre, Canadians will have a clear, unified, and trusted place to turn to for cyber security issues.
This important investment will benefit all Canadians as it reinforces federal government cyber security capabilities and improves the detection of, and response to, continually evolving cyber threats. The pervasive and interconnected nature of the internet means we must all think of cyber security more often, and work together to raise our collective defences.
The Cyber Centre will be the country’s authority on cybersecurity operations and together with industry partners, will be better prepared to take on complex, ever-evolving cybersecurity challenges— because it’s everyone’s business.