Data/Cyber

Ransomware among top threat vectors – report

in

BY Richard Summerfield

The cyber security landscape is increasingly fraught with danger. Attacks such as the ‘WannaCry’ cryptoworm, have been headline news in recent months. According to the Cyber Threatscape Report 2017, produced by iDefense, part of Accenture Security, there will be a continuation escalation of the high profile attacks seen in the first half of 2017. As such, companies must be prepared to take action.

“The first six months of 2017 have seen an evolution of ransomware producing more viral variants unleashed by potential state-sponsored actors and cybercriminals. Our findings confirm that a new bar has been set for cybersecurity teams across all industries to defend their assets in the coming months,” said Josh Ray, managing director at Accenture Security. “While the occurrence of new cyber attack methods is not going away, there are immediate actions companies can take to better protect themselves against malicious ransomware and reduce the impact of security breaches.”

According to the report, cyber criminals are rapidly expanding their capabilities, due to factors such as the proliferation of affordable, customisable and accessible tools and exploits. Attack vectors, such as distributed denial of service-for-hire services are likely to become much more widespread as cyber criminals, both individual and state-sponsored, look for new ways to disrupt the landscape.

The report suggests that to improve cyber defences, companies should consider adopting an email analytics platform in the cloud, as well as authentication tools and spam filters. They should also update and test cyber resilience plans, and impose administration rights restrictions on local workstations to further reduce the potential impact of cyber criminality.

The study also found that cyber criminals have begun to use alternative cryptocurrencies or adopt bitcoin laundering schemes to conceal transactions. Furthermore, the report notes that state-sponsored threat actors may continue to conduct espionage activities in response to military exercises and economic sanctions.

Ensuring that adequate business continuity planning is in place is an important step organisations should take as cyber criminals become more ambitious. This requires companies to be proactive. By taking action to protect themselves against cyber attack, companies can reduce the impact of any breaches they suffer.

Report: Cyber Threatscape Report 2017

National exercise tests Singapore’s cyber attack resilience

in ,

BY Fraser Tennant

Against a backdrop of increasingly frequent, sophisticated and impactful cyber attacks, the Cyber Security Agency of Singapore (CSA) has carried out a large multi-sector exercise to test the robustness of the country’s cyber incident management and emergency response plans.

Code-named Cyber Star, the exercise tested 11 critical information infrastructure sectors (CII): government, infocomm, energy, aviation, maritime, land transport, healthcare, banking and finance, water, security and emergency and media.

Comprising of a series of scenario planning sessions, workshops and table-top discussions, exercise participants were tested on their incident management and remediation plans in response to simulated cyber security incidents, such as a malware infection or a large-scale distributed denial of services (DDoS) attack.

The Cyber Star exercise followed a similar exercise in May 2016 which covered the banking and finance, government, energy and infocomm sectors.

"This is a good opportunity for us to level-up our capability and make sure that we are ready as possible," said deputy prime minister Teo Chee Hean, who observed the exercise at CSA headquarters alongside more than 200 sector leaders and owners, including the Monetary Authority of Singapore, the Energy Market Authority and Singapore Airlines.

“With greater interconnectivity and proliferation of cyber threats, the ability of our critical sectors to respond promptly to attacks is vital,” said David Koh, chief executive of the CSA.

The exercise this week also coincides with a public consultation on a proposed Cybersecurity Bill, which was launched last week by the Ministry of Communications and Information (MCI) and the CSA. The proposed Bill seeks to establish a framework for the oversight and maintenance of national cyber security in Singapore and will empower CSA to carry out its functions. The Bill also aims to minimise cyber threats and ensure that the country can better deal with cyber attacks in future.

The Bill has four main objectives: (i) to provide a framework for the regulation of CII owners; (ii) to provide the CSA with powers to manage and respond to cyber security threats and incidents; (iii) to establish a framework for the sharing of cyber security information with and by CSA officers, and the protection of such information; and (iv) to introduce a lighter-touch licensing framework for the regulation of selected cyber security service providers.

The Cybersecurity Bill consultation runs from 10 July to 3 August 2017.

News: Singapore’s 11 critical sectors tested for first time in national cyber security exercise

More money, more problems

in

BY Richard Summerfield

Barely a week goes by without a major cyber attack making global headlines. Indeed, in recent weeks, the ‘WannaCry’ and ‘Petya’ ransomware attacks have caused chaos across a spectrum of organisations the world over. And, although many companies are beginning to respond to the threat, often the response is misguided, according to a new report from KPMG and BT.

The report, 'Securing the digital enterprise: The cyber security journey – from denial to opportunity', notes that too many companies are treating cyber security as a siloed issue, which can be dealt with simply by “throwing money” at the problem. While companies must ensure they have, for example, adequate and updated firewalls and antivirus protection, it is equally as important to pool shared resources and treat cyber security as a conventional operational risk issue. This requires greater ‘buy-in’ on cyber issues from the board and a better integration of cyber issues into overall business strategy.

David Ferbrache, Technical Director in KPMG’s cyber security practice, said: “The recent spate of cyber-attacks is keeping cyber risk at the top of the business agenda, and as such investments are being made. The business community needs to avoid knee-jerk reactions as cyber security is a journey – not a one size fits all issue, and getting the basics like patching and back-ups right matters. It’s important to build a security culture, raise awareness amongst staff, and remember that security needs to enable business, not prevent it.”

There must be a better acknowledgement, at board level, of the threat posed by cyber attacks. As such, organisations must have the right security provisions in place. These include, companies making sure they know where they are on their journey to cyber security, which, according to the report, involves five key stages: denial, worry, false confidence, hard lessons and true leadership.

Mark Hughes, CEO of BT Security, said: “The global scale of the recent ransomware attacks showed the astonishing speed at which even the most unsophisticated of attacks can spread around the world. Many organisations could have avoided these attacks by maintaining better standards of cyber hygiene and getting the basics right. These global incidents remind us that every business today - from the smallest sole trader through to SMEs and large multinational corporations - needs to get to grips with managing the security of their IT estate, as well as their people and processes.”

Report: Securing the digital enterprise - The cyber security journey – from denial to opportunity

‘Petya’ cyber attack affects thousands

in ,

by Richard Summerfield

Fresh off the heels of the ‘WannaCry’ ransomware attack, a fresh global cyber attack disrupted computers across the world on Tuesday and Wednesday. Russia's biggest oil company, Ukrainian banks and multinational firms across Europe, the US and the Asia-Pacific region were affected.

The latest attack, known as ‘Petya’ or ‘GoldenEye’, included code known as 'Eternal Blue', which cyber security experts believe was stolen from the US National Security Agency in April and was also used in WannaCry. It is the Eternal Blue code which facilitated the speed of the assault. Indeed, the attack spread rapidly, affecting machines running Microsoft’s Windows operating systems, encrypting hard drives and overwriting files before demanding $300 in bitcoin payments to restore access. "We are continuing to investigate and will take appropriate action to protect customers," a spokesman for Microsoft said.

Globally, Russia and Ukraine were most affected by the thousands of attacks, according to Kaspersky Lab. In Ukraine, government systems as well as banks, state power utilities and Kiev’s airport and metro system were all affected. Elsewhere, advertising giant WPP, French construction materials company Saint-Gobain, Danish shipping giant Maersk, US pharmaceutical company Merck, Russian steel and oil firms Evraz and Rosneft, and the Australian manufacturing facilities of the Mondelez owned Cadbury’s chocolate factory, along with many others, were all affected. In total, more than 2000 organisations are believed to have been hit.

The effectiveness of this latest attack, and the speed at which it has spread, so soon after the WannaCry attack, is cause for alarm among companies, cyber security professionals and the general public.

After the WannaCry incident, governments, security firms and industrial groups advised businesses and consumers to make sure all their computers were updated with Microsoft patches to defend against the threat. This latest attack, believed to be smaller than WannaCry, could be more harmful than its predecessor as it renders computers unresponsive and unable to reboot. The resourcefulness of the attackers is also a concern for cyber security professionals, particularly as Petya does not appear to have the same ‘kill switch’ which was used to neutralise the WannaCry attack.

Though they are not a new development, ransomware attacks are becoming more frequent. The Petya attack is yet another reminder that many organisations are neglecting to patch their systems, allowing malicious actors to exploit weaknesses. Companies must do more to protect their networks, their data and, ultimately, their cash.

News: New computer virus spreads from Ukraine to disrupt world business

IoT breaches hit US firms

in ,

BY Richard Summerfield

Nearly half of all companies in the US using an Internet of Things (IoT) network have been the victims of recent security breaches, according to a new survey from Altman Vilandrie & Company.

The survey, ‘Are your company’s IoT devices secure?’, which included nearly 400 organisations, notes that security systems protecting 48 percent of organisations’ IoT networks have been breached at least once in the last two years. Overall, the cost of the IoT security breaches represented 13.4 percent of smaller companies’ annual total revenues. For larger companies – those with annual revenues in excess of $5m – the cost of a breach can run into the tens of millions.

“While traditional cybersecurity has grabbed the nation’s attention, IoT security has been somewhat under the radar, even for some companies that have a lot to lose through a breach,” said Altman Vilandrie & Company director Stefan Bewley, who co-directed the survey. “IoT attacks expose companies to the loss of data and services and can render connected devices dangerous to customers, employees and the public at large. The potential vulnerabilities for firms of all sizes will continue to grow as more devices become Internet dependent.”

The survey also highlights a connection between the amount companies spend on IoT security and the likelihood that they endure a breach. Typically, those companies that have not been breached have invested as much as 65 percent more in IoT security than their counterparts. Preparedness is key, though the risks for companies of all size, and at all levels of preparedness, will continue to grow as more devices become internet-dependent.

“We see it being critical for security providers to build a strong brand and reputation in the IoT security space. There are lots of providers developing innovative solutions, but when it comes to purchasing decisions, buyers are looking for a brand and product they trust,” said Ryan Dean, a principal at Altman Vilandrie & Company, who co-directed the survey. “Price is a secondary concern that buyers tend to evaluate after they have narrowed their options down to a few strong security solutions.”

Report: Are your company’s IoT devices secure?

©2001-2025 Financier Worldwide Ltd. All rights reserved. Any statements expressed on this website are understood to be general opinions and should not be relied upon as legal, financial or any other form of professional advice. Opinions expressed do not necessarily represent the views of the authors’ current or previous employers, or clients. The publisher, authors and authors' firms are not responsible for any loss third parties may suffer in connection with information or materials presented on this website, or use of any such information or materials by any third parties.