Tag Archive for Security

| May 12, 2015
One comment

What Triggers a Data Breach?

What Triggers a Data Breach?Cyber-insurer Ace Group recently published data they say predicts a data breach. Based on their data (and the need to sell premiums) the insurer claims that all firms are at risk for a data breach. Matthew Prevost, vice president, ACE Professional Risk recently claimed data breaches are inevitable.

When it comes to cyber risk, it is not a question of if or when, but how – how can an organization proactively prepare for and then quickly respond to cyber-related breaches and interruptions?

data breaches are inevitableACE has a unique position to speculate, according to ClaimsJournal ACE has over 15 years of experience with cyber-risk. The firm has cataloged a considerable amount of lost data. They recently shared several key insights from their proprietary dataFierceITSecurity explains that based on cyber insurance provider ACE data, the top triggers for data breaches are:

  1. top triggers for data breaches Network security attacks – 25%
  2. Lost or stolen devices – 20%
  3. Human error -16%
  4. Rogue employees – 15%
  5. Faulty policies – 9%
  6. Use of paper – 6%
  7. Software error – 3%

The firm’s data says that lost and stolen devices that led to data breaches are:

  1. Laptops – 70%
  2. Memory devices – 28%
  3. Smartphones – 2%

stolen devicesFormer employees accounted for 25 percent of insider attacks, and financial incentive was the motive in 72 percent of insider attacks, according to ACE.

rb-

I have written about the cyber insurance market here and here. The most surprising factoid to me is that lost or stolen smartphones lead to data breaches 2% of the time. Perhaps the ACE data is old, or the security marketers have spread FUD and hubbub about the need for MDM, EMM, and remote wipes just to make a buck.

Do you agree with ACE’s stats? 

Related articles
  • Why small businesses should consider cyber liability insurance (hiscoxsmallbizblog.com)

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , ,
| May 7, 2015
Comments Off on World’s First Hacker?

World’s First Hacker?

World's First Hacker ?The story of the first hacker could be a 21st-century tale. It includes a zero-day exploit, patent trolling, a live demo, egos, and industrial espionageNew Scientist has identified its candidate for the world’s first hacker. The hacker found a security hole in Marconi’s wireless telegraph technology and used it to publicly show the inventor up.

The first hacker

Nevil Maskelyne haclerNew Scientist’s first hacker was, Nevil Maskelyne. Nevil Maskelyne was a stage magician who disrupted a public demo of Marconi’s wireless telegraph in 1903. He disrupted the demo by wirelessly sending insults in Morse code through Marconi confidential channels. Visitors to the Bach Seat should be sophisticated enough to know the risks of running a live demo, but 110+ years ago, they didn’t.

According to the author, the first hack occurred at the Royal Institution in London. As Marconi associate, John A. Fleming (inventor of the vacuum tube) was preparing the Marconi equipment for a public demo of the long-range wireless communication system developed by his boss, the Italian radio pioneer Guglielmo Marconi when something unplanned happened.

Scientific hooliganism

Marconi's wirelessBefore the demonstration was scheduled to begin, the demo gear began to receive a message. The unplanned message included a poem that accused Marconi of “diddling the public.” Then it started in with some Shakespeare.

Arthur Blok, Fleming’s assistant, figured that someone else was beaming powerful wireless pulses into the theater. The new signal was strong enough to interfere with Marconi’s equipment. Unfortunately for Marconi and Fleming, Nevil Maskelyne figured out the hack first. Mr. Maskelyne’s hack proved that Marconi’s gear was insecure. It also proved it was likely that they could eavesdrop on supposedly private messages too.

Wood towers supporting Marconi aerial at Cornwall England

In response, Fleming fired posted a complaint in The Times. In the paper he dubbed the hack “scientific hooliganism.”  He asked the newspaper’s readers to help him find the hacker.

However, Maskelyne, whose family had made a fortune making “spend-a-penny” locks in pay toilets outed himself four days later. He justified his actions on the grounds that he revealed the security holes for the public good. (Sound familiar?)

Maskelyne who taught himself wireless technology had a great deal of experience with wireless. According to the article, he would use Morse code in “mind-reading” magic tricks to secretly communicate with a partner. And in 1900, Maskelyn sent wireless messages between a ground station and a balloon 10 miles away. But, his ambitions were frustrated by Marconi’s broad patents. The overly broad patent left him embittered towards the Italian. Maskelyne would soon find a way to get back at Marconi. It turned out that the Eastern Telegraph Companyworried that Marconi’s wireless would kill their global wired communications business hired Maskelyne as a spy.

Revealed security holes for the public good

eavesdrop on the "confidential channelMaskelyne built a 50-meter radio mast near the Marconi Wireless offices. From these offices Marconi was beaming wireless messages to vessels as part of its highly successful “secure” ship-to-shore messaging business. From there, Maskelyne could easily eavesdrop on the “confidential channel” Marconi wireless messages.

Maskelyne gleefully revealed the lack of security by writing in the journal The Electrician in November 1902,

I received Marconi messages with a 25-foot collecting circuit [aerial] raised on a scaffold pole. When eventually the mast was erected the problem was not interception but how to deal with the enormous excess of energy.

To further publicize his results and perhaps extract some revenge on Marconi, Maskelyne staged his Royal Institution poetry broadcast.

The New Scientist concludes that Maskelyne’s name had been forgotten but now he is in the history books as the world’s patron saint of hackers.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers and anything else that catches his attention since 2005. You can follow him at LinkedInFacebook and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , ,
| April 21, 2015
Comments Off on EDU- The Most Bot-Infested Sector

EDU- The Most Bot-Infested Sector

EDU- The Most Bot-Infested SectorDarkReading confirms, what I have pointed out to Bach Seat readers for a while, education people are terrible at IT security. The latest evidence comes from a BitSight report which concludes that the more bots in-house, the more a company is likely to have reported a data breach. The report finds that the education sector harbors the most botnet infections, according to a new study. The study highlights how bot infections correlate with a higher rate of data breaches.

education sector harbor the most botnet infectionsThe DarkReading article says BitSight, a security ratings firm, studied public breach disclosure data between March 2014 and March 2015 across the finance, retail, healthcare, utilities, and education industries. The study concluded that organizations with a botnet grade of B or below had experienced data breaches at a rate of 2.2 times more than organizations with an A grade. The report says there is a correlation between botnet infestations and data breaches; “This does not mean the infections were the cause of the breaches; rather, it means that the infections and breach incidents are correlated.

The education sector fared poorly. Only 23% of institutions got an A as their botnet grade, and 33% get an F. The main botnets dogging schools and universities:

  • Jadtre (59.2%) – Downloads other malware and steals info;
  • Flashback (22.1%) – The Java exploit targeting Apple OS X;
  • TDSS (8.3%) – Discovered in 2011 It infects the master boot record of the target machine among other things it deletes other malware;
  • Zeus (6%) – Financial credential-stealing malware, and
  • Sality (4.4%) One of the longest-lived botnets. It was first discovered in 2003. Sality is considered to be one of the most complex and formidable forms of malware to date.

Ed TechThe report notes Flashback is malware that targets Apple computers by taking advantage of a Java vulnerability. Mac computers are popular among younger generations and educational institutions, intensifying the proliferation of this malware in education. Although the Flashback botnet itself has largely been shut down, the large number of infections that still exist indicates that people are running machines that have not been updated; thus, they are still vulnerable to other forms of infection.

Other industries received better scores better than Education.
• 74% of Financial Services firms got an A
• 57% of Retailers receive an A grade
• 53% of healthcare received an A grade
• 50% of Utilities received an A

there is a correlation between botnet infestations and data breachesThe report concludes that organizations with bot-infected machines are more likely to report a data breach. “The implications for organizations across industries are that botnet infections cannot be ignored. Companies with poor botnet grades have been breached far more often than those with good grades, and actions should be taken to mitigate these risks.

rb-

Been there done that … EDU people don’t get IT security. They don’t understand how much PII they collect and randomly hang onto. Their systems send data in clear text across the inter-tubes to change schools.

Someone is going to get breached and sued and maybe they will learn.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , ,
| March 25, 2015
Comments Off on Password Pain Continues

Password Pain Continues

Password Pain ContinuesDespite claims to the contrary, the password isn’t dead yet. Help Net Security points out new research from SecureAuth that documents how dependent many firms are on passwords. In fact, the research found that 40% of IT decision-makers admit that passwords are their only IT security measure. The IT leaders also believe it will take 5 years to see a significant shift in organizations’ reliance on passwords. The author says this is a worrying revelation, considering how many security breaches are the result of compromised credentials.

The researchers found that the entertainment, hospitality, and leisure industry is taking the most risks with its data as 65% of respondents from this sector admit their organizations only use passwords as a security method. (rb- No wonder they keep getting hacked!)

The author claims that SeaureAuth found that 45% of public sector organizations only use passwords. (rb- Another reason to limit how much data they collect on citizens)

Despite companies relying on passwords alone, the survey revealed that 63% of respondents believe their current authentication methods are effectively protecting valuable assets. The survey also revealed that firms worry about protecting different resources:

  • 29% say protecting the company’s VPN is critical
  • 28% believe protecting on-premise applications is a top priority
  • 20% stated protecting Cloud and SaaS is the most important, and
  • 18% said mobile takes precedence.

Nick Mansour, Executive Vice President of Worldwide Sales at SecureAuth explained,

As the skills of hackers continue to evolve, organizations are going to have to wise up to new methods of information access security, such as adaptive authentication which can leverage real-time threat intelligence, biometrics and even behavioral analysis.

Windows 10 logoFrighteningly only 44% of SecureAuth respondents have plans to change or enhance their security model in the next two years. The forthcoming Microsoft Windows 10 can help firms evolve their authentication processes. Help Net Security reports that Windows 10, includes a new feature called Windows Hello. Windows Hello will allow users to authenticate themselves using biometrics. The SecureAuth study reports that only 28% of IT decision makers believe that businesses will biometrics in 5 years’ time.

The article reports that Microsoft (MSFT) considers Windows Hello authentication more secure than using passwords – so secure, in fact, that it can be used in government organizations, the defense, financial, and health care industry. Microsoft’s  Joe Belfiore wrote

Our system enables you to authenticate applications, enterprise content, and even certain online experiences without a password being stored on your device or in a network server at all

Facial recognitionMr. Belifore says Windows Hello will work with existing fingerprint readers. Windows Hello will also work with facial or iris detection by combining special hardware and software; “The cameras use infrared technology to identify your face or iris and can recognize you in a variety of lighting conditions.”

Mr. Belfiore also introduced Windows Passport, a programming system that can be used to provide a more secure way of letting you sign in to sites or apps. The article explains that unlike with passwords, with which you authenticate yourself to apps, sites, and networks, Passport allows Windows 10 to do that in your stead: again, without sending up a password to their servers. Mr. Belfiore says:

Windows 10 will ask you to verify that you have possession of your device before it authenticates on your behalf, with a PIN or Windows Hello on devices with biometric sensors. Once authenticated with ‘Passport’, you will be able to instantly access a growing set of websites and services across a range of industries

rb-

Couldn’t Redmond pick a name other than Passport? Reminds me of the Hotmail days.

There is of course the age-old problem of what to do if your biometric signature is stolen. You can easily change your iris with a sharp stick, but that does not seem very efficient.

What do you think?

Will Windows 10 biometrics take off?

View Results

Loading ... Loading ...

 

Related articles
  • Second factor authentication can help prevent security breaches (cloudentr.com)

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

 

Category: Uncategorized | Tags: , , , , , , , , , ,
| March 24, 2015
Comments Off on Few Americans Have Changed Behavior post-Snowden

Few Americans Have Changed Behavior post-Snowden

Few Americans Have Changed Behavior post-SnowdenEdward Snowden revealed the U.S. Government’s domestic spying program. The revelations changed the world. The data collection programs have impacted US businesses ‘ ability to sell abroad. Recent regulations introduced in China have knocked Apple (AAPL), Cisco (CSCO), McAfee, and Citrix (CTXS) out of growing markets.

U.S. Government's spying programsLisa Vaas, at Sophos’ Naked Security blog, points us to a recent  Pew Research Center survey that documents the impact of TLA spying and data collection on the home-front. Most Americans (87%) have heard about the National Security Agency’s (NSA) surveillance programs since Snowden began leaking documents nearly two years ago. The Pew research found that nearly one-third of American adults have taken steps to protect their information from government surveillance programs that monitor phone and digital communications.

Aware of the NSA’s surveillance programs

Out of those surveyed who are at least somewhat aware of the NSA’s surveillance programs (30% of adults),

  • 34% have taken at least one step to keep their information hidden or shielded from the government.
  • 25% are using more complex passwords
  • 17% changed their privacy settings on social media
  • 15% use social media less often
  • 15% have avoided certain apps
  • 14% say they speak more in person instead of communicating online or on the phone
  • 13% have uninstalled apps
  • 13% have avoided using certain terms in online communications

government surveillance programsWhen it comes to how well the courts are balancing the needs of law enforcement and intelligence agencies with citizens’ right to privacy:

  • 49% say courts and judges are not balancing those interests;
  • 48% say they are.

OK to spy on foreigners

The article says the public approves of monitoring plenty of people, including foreign citizens, foreign leaders, and American leaders:

  • 82% say it’s acceptable to monitor communications of suspected terrorists;
  • 60% believe it’s acceptable to monitor the communications of American leaders;
  • 60% think it’s OK to monitor the communications of foreign leaders;
  • 54% say it’s acceptable to monitor communications from foreign citizens;
  • 57% say that the monitoring of citizens’ communications is unacceptable;
  • 65% – think it’s OK to monitor people who pepper their communications with words such as “explosives” and “automatic weapons” in search engine queries;
  • 67% think it’s OK to monitor people who visit anti-American websites.

Social media privacyAmericans are split about just how much we should worry about surveillance – particularly when it comes to their own digital behavior.

  • 39% describe themselves as concerned about government monitoring of their activity on search engines.
  • 38% say they’re concerned about government monitoring of their activity on their email messages.
  • 37% express concern about government monitoring of their activity on their cell phone.
  • 31% are concerned about government monitoring of their activity on social media sites, such as Facebook or Twitter.
  • 29% say they’re concerned about government monitoring of their activity on their mobile apps.
Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , ,
« Older Entries   Recent Entries »