Hackers Target Videogame Publishers for Ransom.

Cyberattacks struck at least three large publishers in the past year

Polish game developer CD Projekt SA disclosed in February it was hit by a ransomware attack. Boxes of the company’s Cyberpunk 2077 game on display in Warsaw in December 2020.

Gamers have struggled for years with hackers who cheat and take over accounts. Now, videogame studios are coming under serious attack, prompting them to step up their cyber defenses.

Hackers claim to have pilfered the source code for popular games such as EA’s FIFA series and CD Projekt’s Cyberpunk 2077, and the libraries of code and digital assets known as game engines used to create them

Rather than demanding ransom to not publish the source code, the hackers have instead said they would auction it on the darknet.

Videogame studios face a number of challenges unique to their industry. The need to consistently stream large volumes of data into and from servers, which power online gaming, means security tools are often customized for a studio.

Hackers could sell source code or use it to launch attacks in a number of ways, according to researchers. Additionally, alternate versions of games containing malware could be distributed to gamers.

The videogame industry as a whole generated revenue in excess of movies and U.S. sports combined in 2020, according to estimates from market research company International Data Corp.

We provide full protection against Ransomware, so enterprise can be assured in safety and security.

41% of risk and compliance pros adopting cloud tech in pandemic recovery

There has been a strong post-pandemic push toward the adoption of cloud-based technology, according to a study by Galvanize, an SaaS governance, risk, and compliance (GRC) software provider.

The survey of GRC professionals revealed the critical value they bring to the C-suite, as well as the top concerns from, and the evolving role of, GRC professionals.

The report, which assessed the views of GRC professionals and non-GRC professionals in related fields, found that nearly half of GRC professionals (45%) are still using Microsoft Office tools to manage critical programs and documents.

However, there’s a light at the end of the tunnel: although only 30% of GRC professionals currently use cloud-based technology, 41% of survey respondents say they are planning to adopt it.

53% of GRC professionals say that, while their organizations now perceive them as being more valuable, the volume and scope of their workload has drastically increased, and resources continue to shrink.

GRC software protects against increased workloads – only 39% of users reported an increased workload, which is far less than those who rely on Microsoft (61%) or on multiple point solutions (89%).

63% of GRC professionals who use integrated technology have complete visibility into the risks faced by their organisations and how those risks tie back to their work; that’s twice as many as those who use Microsoft Office.

Dan Zitting, CEO of Galvanize, said: “Much like we saw in the Roaring ‘20s of 100 years ago, the biggest post-pandemic concern is a return to the new normal.

“The fastest route is through technology – especially for the GRC industry. The data shows indisputable benefits: more visibility into risk, decreased workload, and more efficiencies. It’s promising to see the strides GRC practitioners are taking to implement cloud-based technology so they can maintain their position as strategic advisors to their organizations.”

We provide risk assessments in all aspects of IT and business processes. We help to accelerate cloud migration and adoption.

Recent high-profile attacks on the meat and oil industries are compared to 9/11 terrorist attacks

FBI Director Christopher Wray said the agency was investigating about 100 different types of ransomware and compared the current spate of cyberattacks with the challenge posed by the Sept. 11, 2001, terrorist attacks.

Mr. Wray’s comments—among his first publicly since two recent ransomware attacks gripped the U.S. meat and oil-and-gas industries—come as senior Biden administration officials have characterized ransomware as an urgent national-security threat and said they are looking at ways to disrupt the criminal ecosystem that supports the booming industry. Each of the 100 different malicious software variants are responsible for multiple ransomware attacks in the U.S., Mr. Wray said.

Ransomware is a type of malicious computer code that locks up a victim network’s files that hackers use to demand payment for their release, typically with digital currency such as bitcoin.

This week, hackers held hostage the world’s largest meat processor, just weeks after the operator of an essential pipeline bringing gasoline to parts of the East Coast paid about $4.4 million to regain control of its operations and restore service.

Senior officials at the Federal Bureau of Investigation for years have likened the need to confront rising cyber threats to the post-9/11 scramble against international terrorism.

The most prominent recent ransomware hacks represent only a fraction of some 100 types of ransomware the FBI is investigating, Mr. Wray said. “Those are just two,” he said, adding that each of those 100 different malicious software variants had affected between a dozen and 100 targets.

Complaints to the FBI and reports from the private sector show ransomware incidents have tripled in the past year, Mr. Wray said. While private-sector estimates of the toll to the U.S. economy vary, companies that track ransomware generally put the cost at hundreds of millions or billions of dollars annually and say it is rapidly increasing.

Cybersecurity experts who have tracked the proliferation of ransomware attacks for years said they were encouraged by signals from Mr. Wray and others in the Biden administration that the issue had been elevated to a top national-security priority, but said the problem remained vexing.

“The danger from cyberattack is real, and we need more urgent cooperation between our public and private sectors, and more severe consequences for global cyber attackers,” Sen. Ben Sasse (R., Neb.) said after the JBS hack was disclosed this week.

Our solution is a 100% guarantee against such type of Cyber attacks. Please get in touch.

How the pandemic changed backup

The Covid-19 pandemic forced big changes in how people work – we look at impacts on backup, including increased reliance on the cloud, plus security and compliance vulnerabilities and ransomware

Remote working is now a permanent arrangement for a growing number of businesses after the Covid-19 pandemic pushed organizations of all sizes to move to home working on a wide scale in a very short timeframe.

The impact on all areas of IT has been huge, but arguably it is most acute in backup and data protection.

And the shift to remote working is no longer viewed as a temporary measure for dealing with public health restrictions. Management consulting firm McKinsey believes more than 20% of the workforce can operate as effectively from home as they would in the office. If employers allow it, it says four times as many people could work from home than in 2019.

The impact of home working on IT systems is well documented. Businesses have had to invest in laptops and tablets, and even printers, for remote staff. They have also had to re-engineer networks and applications to allow remote access on a large scale.

Meanwhile, the move to remote working has forced organisations to revisit their data protection and backup strategies.

Protected by being remote?

From a business continuity perspective, an organisation with a highly distributed workforce can be more resilient than one where the majority of employees are office-based. The obvious difference is that there is no need to invoke physical disaster recovery (DR) planning, such as moving to emergency office space. As long as datacentre or cloud-based applications remain accessible, work carries on.

But taking work off-premise forces changes to backup and recovery. Are backup systems configured to run on remote devices? And do employees have enough bandwidth to run backup tools?

At the start of the pandemic, organisations found the bandwidth of their virtual private network (VPN) under stress, so they had to invest in improving capacity. Anecdotally, supporting technologies such as backup was viewed as less critical than line-of-business applications.

“For remote workers, all of a sudden their home became their office. They may not even have had a desk for their laptop. These effects created a domino effect of networking, security and data protection consequences,” says Christophe Bertrand, a senior analyst at ESG.

But although some organisations opted for local solutions for their backup needs – including USB sticks, hard drives or even employee-purchased online storage – Bertrand believes that Covid-19 has accelerated existing trends towards cloud backup and reliance on online office suites and software as a service (SaaS).

Applications such as Microsoft Office 365 became much more important during the pandemic,” says Bertrand.

Five areas where the pandemic impacted backup

1. Local backups, and data compliance

Asking users to back up data locally to removable media is rarely an IT team’s first choice, but during the pandemic, especially the first few weeks, it might have been the only option.

Not all network-based endpoint backup tools supported remote users, and those that did had to contend with limited bandwidth and rising demand for VPN access from other applications.

Supplier support for remote users has improved over the past year, so IT leaders should check the features offered in their backup software. They should also check licensing, to ensure their endpoints are covered.

Once employees have moved to a secure, remote backup system, they should securely erase local backups to prevent a backup solution becoming a data compliance problem.

2. Protecting SaaS applications

Software-as-a-service is one of the technologies that really helped organisations adapt to pandemic working. And backups for SaaS applications are becoming more important – Gartner says it accounts for a growing number of client enquiries.

“In the past two years, infrastructure and operations leaders have begun to include SaaS applications such as Microsoft Office 365, Google Workspace (formerly G Suite) and Salesforce as a part of their backup strategy,” says Gartner senior research director Santhosh Rao.

Although users might assume “cloud” applications automatically back up their data, this is not the case. But suppliers are developing specific backup tools for SaaS, with Office 365 the best supported.

Google Workspace and Salesforce backups are still “largely a work in progress,” notes Rao, but the pandemic has prompted suppliers to invest there too.

3. Backing up to the cloud – and cloud-to-cloud backup

Backing up user data to the cloud bypasses the limitations of corporate VPNs and avoids the data protection pitfalls of remote workers’ local backups.

According to StorageCraft, part of Arcserve, 61% of UK IT decision-makers have increased their use of cloud backup services since the start of the pandemic. Another 28% say they rely increasingly on cloud services for data recovery.

The pandemic has undoubtedly forced CIOs’ hands in the face of technical and compliance concerns. Backing up users’ devices directly to the cloud should be more reliable, easier for employees and, with the right controls, compliant with data protection regulations. The option to back up to private cloud instances provides further assurance.

But organisations are also looking at cloud-to-cloud backup. More on-premise suppliers now support backups for infrastructure as a service (IaaS) and platform as a service (PaaS), including cloud-native workloads and virtual machines, according to Gartner.

With the pandemic shifting more critical applications from the datacentre to the cloud, ensuring they are fully backed up is vital. As Gartner’s Rao points out, this should also include containerised workloads.

Backing up to the cloud also helps deal with another pandemic impact – IT staff no longer need to physically access the datacentre to manage storage.

4. Centralised backup management

The pandemic, and the move to a more fluid and hybrid IT model, has increased workloads for IT teams. As a result, they need centralised tools that can protect data, regardless of location.

This includes backing up user data directly to the public cloud and tiering data to the cloud.

According to Gartner’s Rao, most backup providers now support this. Using services such as Amazon S3 and Azure Blob storage, as well as their long-term storage equivalents Glacier and Azure Archive Blob, can help businesses reduce storage costs.

5. Ransomware

Ransomware attacks have been another unfortunate feature of the pandemic that has affected enterprise backup strategies.

According to one research report, from IT security company Bitdefender, ransomware increased by 485% in 2020. Covid-related phishing campaigns, and attacks on the pharmaceutical and health sectors, account for a large part of the rise.

But any organisation can be targeted by ransomware. As a result, CIOs and CISOs are looking again at “immutable” storage, including tape and Worm-type devices. Meanwhile, backup providers are developing ransomware detection, immutable snapshots – potentially in the cloud – and “clean copy” recovery techniques to allow organisations to recover their data safely.

Security experts warn that ransomware will continue to be a threat, even when the pandemic is under control.

We provide full cycle of backup in the cloud, as well as local and remote location backup solutions.

These are top 5 announcements from Cisco Live – and what they mean to customers

Among a flurry of announcements this past week, Cisco Systems Inc. stepped up its Routed Optical Networking infrastructure is designed to simplify the sprawling networks and expanding its Secure Access Service Edge portfolio to help network operations and security operations teams connect users to applications more securely.

That news and more came at the networking giant’s first digital and truly global Cisco Live user conference, one with more than 100,000 attendees, around four times the usual, in more than 200 countries.

Here are what I view as the top five announcements at the event:

Cisco Plus and network-as-a-service

Historically, there was one way to buy network equipment and that was to pay a price and the customer would own the equipment. This created lumpy spending patterns as customers would spend a lot of money year 0 and then a small amount every year for maintenance and then another big amount at refresh. A couple of years ago, Cisco decoupled hardware and software purchasing, which flattened out the curve but there were certainly spikes at refresh time.

This week, Cisco introduces a true network-as-a-service offering where customers would just pay a monthly or quarterly fee for the infrastructure and software. With NaaS, the customer doesn’t actually own the equipment because it’s a true subscription offering.

Cisco Plus extends NaaS to complete solutions with the first one being Private Cloud. Available mid-year 2021, Cisco Plus Hybrid Cloud will include products from Cisco’s network, data center and storage portfolio as well as lifecycle services and third-party storage and software. Businesses can choose the level of service they need and it offers 0-100% utilization commitments upfront. Coming soon will be Cisco Plus SASE.

This should be a real win for customers since it gives them the option of shifting to an operating-expense model and opens the door for them to upgrade and stay current without having to budget huge sums of money every few years. Also, it makes Cisco technology more available down-market or budget-constrained organizations.

ThousandEyes integration across Cisco portfolio

All network management products are focused on monitoring traffic on the internal company network. ThousandEyes was the first to monitor internet traffic and help business understand how the internet is performing across the globe. When the company launched, software-as-a-service vendors used ThousandEyes to help understand how their services were performing and isolate problems.

In 2021, Cisco acquired ThousandEyes with the goal of integrating it across its portfolio. Given that more and more businesses are relying on cloud apps, which use the internet for transport, this seemed like a shrewd acquisition since it would let Cisco monitor the true end-to-end path for apps. At Cisco Live, the company announced the integration of ThousandEyes with the Catalyst 9000 switching portfolio and Cisco AppDynamics Dash Studio.

With the former, customers will receive, at no extra cost, ThousandEyes intelligence in the DNA Advantage and Premier, providing an end-to-end look at network performance where the definition of end-to-end has been expanded to include the internet.

The latter provides customers with a single view of application performance so customer can see up the entire stack – from the network to app layer. Cisco refers to this as “full-stack observability.”

This addresses one of my biggest problems in information technology. Most monitoring and management vendors tout their products help with “mean time to innocence” where the products prove the app issue isn’t the fault of the network. To that, I say, who cares?  The focus for IT should not be to point figures but to fix the issue, quickly.  ThousandEyes integration across the Cisco portfolio makes that easier to do.

Cisco Duo passwordless authentication to put an end to passwords

When it comes to passwords, there is no good answer. If they’re too simple, users get breached. If they’re too complicated, people forget them and get frustrated having to reset them all the time. If the company is constantly changing passwords, users go to some sort of predictable scheme.

What’s the right answer? How about getting rid of passwords? The new Cisco Duo feature does that. Cisco Secure has introduced infrastructure-agnostic, passwordless authentication.

It simplifies and strengthens authentication for accessing cloud apps, protected by Duo single sign-on that leverages third-party platform biometrics such as Apple FaceID and TouchID and Windows Hello. Bringing together passwordless authentication with Duo SSO lets users put the majority of their passwords into a simplified login experience.

For decades, security pros have been trying to get rid of passwords, but there was never a better way because biometric systems were mediocre at best. The infusion of artificial intelligence into these products has improved biometrics to the point where it can be used for business purposes. The best way to manage passwords is to get rid of them and use something else.

Routed Optical Networks

At first glance, the term “routed optical” may seem like a contradiction because for decades service providers have built a Layer 2 optical network and then a routed Layer 3 overlay. Cisco introduced the concept where the two networks could be converged using a wide range of Cisco technology, including the optics from its recent $4.5 billion Acacia Communications Inc. acquisition, the recently introduced Silicon One chip and a new broadband gateway for telcos.

For the past year, Jonathan Davidson, general manager of Cisco’s Mass Infrastructure group, has been touting how Cisco’s “Internet of the Future” strategy, which enables SPs to converge multiple networks together to create a simple, cost-effective and scalable network.

Although this is a telco-centric announcement, there are implications to business users in that 5G is coming and coming fast. Businesses of all sizes rely on the SPs to deliver faster and more feature-rich networks to take advantage of 5G, cloud, mobility and the “internet of things.” The operational overhead with running networks holds big telcos back. The new routed optical network should enable SPs to deliver much higher levels of service to its customers.

Expanded SASE architecture

Secure Access Service Edge had started heating up pre-pandemic but has exploded as more users headed home and required corporate grade security from their living room. The only way to do this is with SASE as it delivers security from the cloud. At Cisco Live, Cisco expanded its SASE architecture with the ability to purchase all core components in a single offering, as well as soon as a Cisco Plus service.

This includes a wide range of security components such as DLP, browser isolation, malware detection and newly introduced passwordless authentication, as well as Viptela SD-WAN appliances, which now provide cloud integration with Amazon Web Services, Microsoft Azure, Google Cloud and Megaport. Cisco has also included ThousandEyes visibility as part of its SASE offering.

Current Cisco customers can take advantage of this because it enables them to go from their current network to a software-defined wide-area network plus SASE deployment or leave the network in place and implement the security capabilities of SASE first. A year ago, most customers moved from traditional networks to SD-WAN to SASE, but the large number of remote workers has favored the demand for security before network evolution.

We have many years of experience working with Cisco Systems to deliver global and local technical solutions.