Posted on Author rmaximum Categories Cyber Security, Risk Management

Hackers Target Videogame Publishers for Ransom.

Cyberattacks struck at least three large publishers in the past year

Polish game developer CD Projekt SA disclosed in February it was hit by a ransomware attack. Boxes of the company’s Cyberpunk 2077 game on display in Warsaw in December 2020.

Gamers have struggled for years with hackers who cheat and take over accounts. Now, videogame studios are coming under serious attack, prompting them to step up their cyber defenses.

Hackers claim to have pilfered the source code for popular games such as EA’s FIFA series and CD Projekt’s Cyberpunk 2077, and the libraries of code and digital assets known as game engines used to create them

Rather than demanding ransom to not publish the source code, the hackers have instead said they would auction it on the darknet.

Videogame studios face a number of challenges unique to their industry. The need to consistently stream large volumes of data into and from servers, which power online gaming, means security tools are often customized for a studio.

Hackers could sell source code or use it to launch attacks in a number of ways, according to researchers. Additionally, alternate versions of games containing malware could be distributed to gamers.

The videogame industry as a whole generated revenue in excess of movies and U.S. sports combined in 2020, according to estimates from market research company International Data Corp.

We provide full protection against Ransomware, so enterprise can be assured in safety and security.

Read More
0
Posted on Author rmaximum Categories Cyber Security, Infrastructure

Recent high-profile attacks on the meat and oil industries are compared to 9/11 terrorist attacks

FBI Director Christopher Wray said the agency was investigating about 100 different types of ransomware and compared the current spate of cyberattacks with the challenge posed by the Sept. 11, 2001, terrorist attacks.

Mr. Wray’s comments—among his first publicly since two recent ransomware attacks gripped the U.S. meat and oil-and-gas industries—come as senior Biden administration officials have characterized ransomware as an urgent national-security threat and said they are looking at ways to disrupt the criminal ecosystem that supports the booming industry. Each of the 100 different malicious software variants are responsible for multiple ransomware attacks in the U.S., Mr. Wray said.

Ransomware is a type of malicious computer code that locks up a victim network’s files that hackers use to demand payment for their release, typically with digital currency such as bitcoin.

This week, hackers held hostage the world’s largest meat processor, just weeks after the operator of an essential pipeline bringing gasoline to parts of the East Coast paid about $4.4 million to regain control of its operations and restore service.

Senior officials at the Federal Bureau of Investigation for years have likened the need to confront rising cyber threats to the post-9/11 scramble against international terrorism.

The most prominent recent ransomware hacks represent only a fraction of some 100 types of ransomware the FBI is investigating, Mr. Wray said. “Those are just two,” he said, adding that each of those 100 different malicious software variants had affected between a dozen and 100 targets.

Complaints to the FBI and reports from the private sector show ransomware incidents have tripled in the past year, Mr. Wray said. While private-sector estimates of the toll to the U.S. economy vary, companies that track ransomware generally put the cost at hundreds of millions or billions of dollars annually and say it is rapidly increasing.

Cybersecurity experts who have tracked the proliferation of ransomware attacks for years said they were encouraged by signals from Mr. Wray and others in the Biden administration that the issue had been elevated to a top national-security priority, but said the problem remained vexing.

“The danger from cyberattack is real, and we need more urgent cooperation between our public and private sectors, and more severe consequences for global cyber attackers,” Sen. Ben Sasse (R., Neb.) said after the JBS hack was disclosed this week.

Our solution is a 100% guarantee against such type of Cyber attacks. Please get in touch.

Read More
0
Posted on Author rmaximum Categories Cloud, Cyber Security, Infrastructure

These are top 5 announcements from Cisco Live – and what they mean to customers

Among a flurry of announcements this past week, Cisco Systems Inc. stepped up its Routed Optical Networking infrastructure is designed to simplify the sprawling networks and expanding its Secure Access Service Edge portfolio to help network operations and security operations teams connect users to applications more securely.

That news and more came at the networking giant’s first digital and truly global Cisco Live user conference, one with more than 100,000 attendees, around four times the usual, in more than 200 countries.

Here are what I view as the top five announcements at the event:

Cisco Plus and network-as-a-service

Historically, there was one way to buy network equipment and that was to pay a price and the customer would own the equipment. This created lumpy spending patterns as customers would spend a lot of money year 0 and then a small amount every year for maintenance and then another big amount at refresh. A couple of years ago, Cisco decoupled hardware and software purchasing, which flattened out the curve but there were certainly spikes at refresh time.

This week, Cisco introduces a true network-as-a-service offering where customers would just pay a monthly or quarterly fee for the infrastructure and software. With NaaS, the customer doesn’t actually own the equipment because it’s a true subscription offering.

Cisco Plus extends NaaS to complete solutions with the first one being Private Cloud. Available mid-year 2021, Cisco Plus Hybrid Cloud will include products from Cisco’s network, data center and storage portfolio as well as lifecycle services and third-party storage and software. Businesses can choose the level of service they need and it offers 0-100% utilization commitments upfront. Coming soon will be Cisco Plus SASE.

This should be a real win for customers since it gives them the option of shifting to an operating-expense model and opens the door for them to upgrade and stay current without having to budget huge sums of money every few years. Also, it makes Cisco technology more available down-market or budget-constrained organizations.

ThousandEyes integration across Cisco portfolio

All network management products are focused on monitoring traffic on the internal company network. ThousandEyes was the first to monitor internet traffic and help business understand how the internet is performing across the globe. When the company launched, software-as-a-service vendors used ThousandEyes to help understand how their services were performing and isolate problems.

In 2021, Cisco acquired ThousandEyes with the goal of integrating it across its portfolio. Given that more and more businesses are relying on cloud apps, which use the internet for transport, this seemed like a shrewd acquisition since it would let Cisco monitor the true end-to-end path for apps. At Cisco Live, the company announced the integration of ThousandEyes with the Catalyst 9000 switching portfolio and Cisco AppDynamics Dash Studio.

With the former, customers will receive, at no extra cost, ThousandEyes intelligence in the DNA Advantage and Premier, providing an end-to-end look at network performance where the definition of end-to-end has been expanded to include the internet.

The latter provides customers with a single view of application performance so customer can see up the entire stack – from the network to app layer. Cisco refers to this as “full-stack observability.”

This addresses one of my biggest problems in information technology. Most monitoring and management vendors tout their products help with “mean time to innocence” where the products prove the app issue isn’t the fault of the network. To that, I say, who cares?  The focus for IT should not be to point figures but to fix the issue, quickly.  ThousandEyes integration across the Cisco portfolio makes that easier to do.

Cisco Duo passwordless authentication to put an end to passwords

When it comes to passwords, there is no good answer. If they’re too simple, users get breached. If they’re too complicated, people forget them and get frustrated having to reset them all the time. If the company is constantly changing passwords, users go to some sort of predictable scheme.

What’s the right answer? How about getting rid of passwords? The new Cisco Duo feature does that. Cisco Secure has introduced infrastructure-agnostic, passwordless authentication.

It simplifies and strengthens authentication for accessing cloud apps, protected by Duo single sign-on that leverages third-party platform biometrics such as Apple FaceID and TouchID and Windows Hello. Bringing together passwordless authentication with Duo SSO lets users put the majority of their passwords into a simplified login experience.

For decades, security pros have been trying to get rid of passwords, but there was never a better way because biometric systems were mediocre at best. The infusion of artificial intelligence into these products has improved biometrics to the point where it can be used for business purposes. The best way to manage passwords is to get rid of them and use something else.

Routed Optical Networks

At first glance, the term “routed optical” may seem like a contradiction because for decades service providers have built a Layer 2 optical network and then a routed Layer 3 overlay. Cisco introduced the concept where the two networks could be converged using a wide range of Cisco technology, including the optics from its recent $4.5 billion Acacia Communications Inc. acquisition, the recently introduced Silicon One chip and a new broadband gateway for telcos.

For the past year, Jonathan Davidson, general manager of Cisco’s Mass Infrastructure group, has been touting how Cisco’s “Internet of the Future” strategy, which enables SPs to converge multiple networks together to create a simple, cost-effective and scalable network.

Although this is a telco-centric announcement, there are implications to business users in that 5G is coming and coming fast. Businesses of all sizes rely on the SPs to deliver faster and more feature-rich networks to take advantage of 5G, cloud, mobility and the “internet of things.” The operational overhead with running networks holds big telcos back. The new routed optical network should enable SPs to deliver much higher levels of service to its customers.

Expanded SASE architecture

Secure Access Service Edge had started heating up pre-pandemic but has exploded as more users headed home and required corporate grade security from their living room. The only way to do this is with SASE as it delivers security from the cloud. At Cisco Live, Cisco expanded its SASE architecture with the ability to purchase all core components in a single offering, as well as soon as a Cisco Plus service.

This includes a wide range of security components such as DLP, browser isolation, malware detection and newly introduced passwordless authentication, as well as Viptela SD-WAN appliances, which now provide cloud integration with Amazon Web Services, Microsoft Azure, Google Cloud and Megaport. Cisco has also included ThousandEyes visibility as part of its SASE offering.

Current Cisco customers can take advantage of this because it enables them to go from their current network to a software-defined wide-area network plus SASE deployment or leave the network in place and implement the security capabilities of SASE first. A year ago, most customers moved from traditional networks to SD-WAN to SASE, but the large number of remote workers has favored the demand for security before network evolution.

We have many years of experience working with Cisco Systems to deliver global and local technical solutions.

Read More
0
Posted on Author rmaximum Categories Cyber Security, Infrastructure

Highlighting the Value of an Integrated Security Platform

As organizations strive to modernize their networks, the latter will continue to expand and become increasingly complex. This will lead to a deeper fragmentation of traditional edges, like the data center, wide area network (WAN), and local area network (LAN). As a result of this fragmentation, partners may find it difficult to secure their customers’ networks, which now include new unique edges. 

Identifying New Challenges Impacting Networks

Even as they work from home, remote employees require the same level of access, speed, customization, and performance as their in-office peers. However, to secure these networks, organizations often turn to point solutions designed to cover only a particular network segment. This fact was underscored in a 2020 IBM survey, which found that organizations deploy approximately 45 different solutions on average, with most requiring coordination across 19 security tools. 

With IT staff already overwhelmed with monitoring, this disaggregation can create security gaps that cyber criminals use to gain unauthorized access, steal or corrupt data and systems, or even disrupt the economy. 

Converging Crucial Elements in An Integrated Security Platform

Establishing a flexible and adaptive network that connects in-person and remote workers is challenging. Similarly, managing security in a continuously evolving threat landscape becomes increasingly difficult, especially for organizations using legacy solutions and strategies. 

Partners can help their customers address these issues by working with them to implement a security-driven networking strategy. Converging networking and security breaks down silos and encourages collaboration across the network; when networking and security are integrated into the IT infrastructure, the organization can take various crucial factors into account, including the network, endpoints and devices, and the cloud and applications. Further, security can take key networking functions into account, enabling them to more appropriately adapt configurations, policies, and programs for more consistent protection. 

Today’s organizations need solutions that offer coverage across the ever-expanding attack surface. Understanding the components of the cyber kill chain is critical to maintaining a strong defense. This includes the following steps:

  • Reconnaissance
  • Weaponization
  • Delivery
  • Exploitation
  • Installation
  • Command and control
  • Action objectives

Customers rely on their partners to help them evaluate these factors across their digital attack surface so that they can thwart the cyber kill chain at any given point, in any location within the network. Therefore, partners must not only understand these factors themselves, but also know what it takes to address them. 

Using a Broad, Integrated, and Automated Security Platform

To address changes within their network environments, many organizations turn to integrated tools or platforms. Despite this demand, historically, the cybersecurity industry has failed to deliver the advanced solutions that could keep pace with continuous network changes. Instead of providing a comprehensive and integrated solution, many vendors have delivered security for a specific piece of a business’s network. 

With the right platform, however, customers can effectively deploy and manage security solutions. Because of this, security teams should consider a broad platform that can help improve performance and deliver automation that meets the advanced needs of today’s businesses. 

Additionally, partners can help customers ensure consistent security and performance spanning from edge to edge with comprehensive, deeply integrated solutions. They can also facilitate integration throughout their customers’ IT infrastructure by deploying a robust solution built on a common foundation that converges networking and security. This way, security teams can keep pace with shifts between the two, offering comprehensive visibility across the entire IT infrastructure, including hybrid hardware and software deployments. Security solutions that consider the various connected systems deployed across the network can more efficiently identify potential threats, share threat intelligence, and coordinate a unified and appropriate response. 

With increasingly sophisticated cyberattacks that happen at machine-level speeds, artificial intelligence (AI) and machine learning (ML) are more important than ever. Humans alone cannot respond quickly and effectively enough. Organizations embracing digital transformation of business processes need to embrace the digital transformation of security systems, as well. These types of security systems, often built into integrated platforms, provide real-time identification, analysis, and threat responses that eliminate security gaps and embrace dynamic changes. 

Short- and Long-Term Success with the Right Security Platform

Although more organizations are embracing a platform approach, many platforms still focus on a single security element. Businesses should consider whether the platform solution they look to implement truly offers end-to-end protection across the entire IT infrastructure, including across the network, endpoints, and cloud. 

Partners can enable coordination across their customers’ entire suite of security technologies with a platform approach that converges networking and security built on a common foundation. A unified, centralized source of threat intelligence enables a more collaborative response to emerging threats, making it easier for security teams to mitigate network security gaps and improve overall response protocols. 

Modern business requires advanced, modern solutions that flexibly respond to changes. The right platform should continuously adapt to the digital threat landscape and digital attack surface changes facing the organization. With a broad, integrated security platform, partners can more easily maintain and even improve their customers’ cyber health, enabling them to take advantage of digital innovation without compromising security. 

We strive to build network and security integrated service for our customers.

Read More
0
Posted on Author rmaximum Categories Cyber Security, Infrastructure

Creating a Cloud Risk Framework with Internal Audit Support

As organizations increasingly migrate to cloud computing they could be putting their data at significant risk. Positioning the internal audit (IA) function at the forefront of cloud implementation and engaging IA to create a cloud risk framework tool can provide organizations a view on the pervasive, evolving and interconnected nature of risks associated with cloud computing. Engaging IA in discussions with the business and IT units early on also is critical to addressing potential risks.

Not Every Cloud Has a Silver Lining

“Cloud computing is changing the technology landscape, and the changes are only likely to intensify,” says Khalid Wasti, a director at Deloitte & Touche LLP. “For many organizations, the question is not whether the cloud should be part of their technology strategy, but when and how.” Under pressure to provide solutions, organizations may be tempted to leverage cloud services quickly, without weighing the associated risks, such as:

 

Data breaches—Particularly in multi-tenant cloud service databases. A flaw in one client’s application could give an attacker entrance to other clients’ data as well. Breaches could expose email databases, putting email accounts of thousands of end customers at risk of increased spam and phishing scams. Worse yet, data breaches could also reveal customers’ passwords, and even personal and financial information, to hackers.

Data loss—Malicious hackers, natural disasters or lapses in provider services could result in a loss of customer data. For example, bugs in web-based email services could lead to the disappearance of users’ messages, folders, inboxes or entire email accounts. Data loss could be particularly detrimental to organizations that are required to store information in compliance with industry regulations, such as healthcare organizations that must comply with the Health Insurance Portability and Accountability Act.

Downed reservations systems and websites—Whether due to denial of service attacks, severe storms or technical glitches, outages could result in thousands of inconvenienced customers (for example, airline travelers) and the disruption of traffic (and commerce) at client websites.

When a company opts for the speed and convenience of moving to the cloud, it also may relinquish control not only of its own data, but that of its customers.

Internal Audit and the Cloud Risk Framework

“Cloud computing presents a new frontier for many organizations, and IA can help provide the context and risk framework an organization should consider when moving to the cloud,” says Michael Juergens, principal, Deloitte & Touche LLP. “For internal auditors, meeting the challenges of cloud computing may mean stretching beyond their traditional audit roles, adding greater value as they assist the organization in building the required control environment,” he adds.

As an initial step, an organization should work with IA to create a cloud risk framework tool. “The tool can help the organization get to the heart of risks by providing a view on the pervasive, evolving and interconnected nature of risks associated with cloud computing,” adds Mr. Wasti. These include governance, risk management and compliance; delivery strategy and architecture; infrastructure security; identity and access management; data management; business resiliency and availability; and IT operations. Such a tool can also improve efficiency in compliance and risk management efforts and be used to develop risk event scenarios that require integrated responses.

To be more effective, the framework tool should be customized to include regulatory, geographic, industry and other specific issues that impact the organization. As IA modifies its organizational risk framework and guides the risk conversation with IT and the business, the following issues pertaining to infrastructure security, identity and access management and data management should be taken into account:

Infrastructure Security—Companies should verify that cloud providers have acceptable procedures in areas such as key generation, exchange, storage and safeguarding, as flawed security could result in the exposure of infrastructure or data.

Identity and Access Management—Organizations should consider how their authorization and access models will integrate with new cloud services and assess whether they are using appropriate identity and authorization schemes.

Data Management—Because organizations may have to relinquish control over their data to cloud providers, it is crucial that they fully understand how data will be handled in the cloud environment.

Moving Forward

Implementing a cloud strategy changes the risk landscape in profound ways. As some risks are minimized, others spring up in their place. “Recognizing and responding to this shifting organizational risk profile is IA’s purview,” says Charlie Willis, a senior manager at Deloitte & Touche LLP. “Because internal auditors understand the interplay between business processes and risk, they can help business leaders to articulate their appetite for risk and help develop strategies for mitigating it,” he adds. As the organization adopts technology initiatives that involve cloud computing, IA should consider taking proactive steps, including the following:

Engage stakeholders—Encourage IT and business executives to have an informed conversation about the move to the cloud. Help stakeholders understand the potential for rogue IT environments. Explore which applications and data are candidates for transfer to a cloud environment and be prepared to discuss the risk implications of the move.

Review the organizational risk framework—Revise the company’s risk framework, minimizing risks that are no longer a concern. This framework tool should measure the organization’s cloud capability state across the different cloud risk domains.

Evaluate potential cloud vendors—IT will be most familiar with the range of vendors, and the business leaders will be able to articulate the objectives of a move to the cloud. “IA should also be engaged in risk discussions,” notes Mr. Willis, “along with the organization’s security, risk and compliance groups, and help the organization develop an assessment profile for vendors.

Donec ornare, est sed tincidunt placerat, sem mi suscipit mi, at varius enim Mauris ienim id purus ort. Aene auat riss. Proin viverra. enim maurisupn est sed tincidunt placerat, ienim id purus ort

 

Read More
0