[From the desk of Paul Davis – his opinions and no-one else’s]
Apart from the reporter’s opinions đ
So onto the news:
Nearly 370M IE users have just 6 weeks to upgrade
In August 2014, Microsoft took Internet Explorer (IE) users by surprise when it announced that most had to be running IE11 by Jan. 12, six weeks from today.
After that date, Microsoft will support IE9 only on the barely used Windows Vista and Windows Server 2008, and IE10 only on Windows Server 2012.
All others, including those with devices powered by Windows 7, Windows 8, Windows 8.1 and Windows 10, must run IE11 or Edge.
The retired browsers will continue working, but Microsoft will halt technical support and stop serving security updates for the banned versions.
The biggest chunk of affected IE users — an estimated 172 million — were those still running IE8, the six-year-old browser originally bundled with Windows 7 but which also ran on the now-retired Windows XP.
Companies that require older editions of IE to run Web apps or services can upgrade to IE11, then rely on that browser’s Enterprise Mode to mimic the older versions’ rendering engines.
Last week, Microsoft announced some enhancements to Enterprise Mode, including support for HTTP ports, and issued a kit that walks IT administrators through the chore of configuring Enterprise Mode.
That kit can be downloaded from here.
Another option for laggards who need backward compatibility with aged apps and services is to upgrade to IE11 but deploy Browsium Ion, an add-on that lets IT administrators enable legacy IE-dependent apps in IE11.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=88a46ef51b&e=20056c7556
Security Think Tank: Threat intelligence feeds not for everyone
Before signing up for threat intelligence and monitoring in real time, an organisation has to have its operational security practices running as a reasonably well-oiled machine.
They need to have security systems they can monitor and change control around critical pieces, as well as strong understanding of how the operational controls interact with each other.
Some organisations choose corrective approaches instead of detective and preventative.
Others prefer to manage their risks in non-technical ways, such as through contracts, service level agreements, litigation, insurance or financial mechanisms.
Threat intelligence is best applied when a firm wants to apply technical controls to a certain kind of risk.
The firm needs security controls to adapt, react and flex in real time to the changing technical landscape.
Security is complex and not every security control or technique makes sense for every firm.
It would be a mistake to conclude: âX is good; business Y does not use X, therefore business Y is not as good as it could be.â
Threat indicators are just one tool of many that an organisation should have in place.
It is important to have security processes in place beforehand to make the most of them.
This includes properly trained and educated staff, a resilient network based on securely designed applications and operational readiness.
Without these foundations, threat intelligence will ultimately have limited effectiveness.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=3c9bbd563a&e=20056c7556
Three key areas to limit cyber attack liability, says Kemp Little
âResponses to cyber attacks need to be organic and grow as organisations learn more,â Alison Rea, intellectual property and litigation senior associate at Kemp Little, told a seminar on cyber attacks in London.
âHowever, key to limiting liability is identifying the source of the attack, reducing the spread of stolen data and mitigating liability to third parties,â she said.
âIn the event of a cyber attack, organisations will typically be fire fighting on a number of different fronts.
They are going to want halt the attack and find out who is behind it, they are going to have to deal with the regulatory authority, they are going to want to assess their liability to customers and at the same time assess the liability of their own suppliers,â said Rea.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=3bf3528039&e=20056c7556
Cybercrime and shipping: the facts
How serious a threat to shipping is cybercrime.
The aviation sectorâs exposure to the global cyber threat was laid bare by the recent acts of a âwhite-hatâ hacker, who apparently infiltrated a commercial aircraftâs flight-management systems while it was in flight.
So, the question for the maritime sector is: do we honestly believe we are better prepared, or that the security challenge is any less pronounced than with the aviation sector?
Both sectors share extraordinary similarities: they are highly integrated value chains; they contribute massively to global wealth creation; and they rely upon broad-based technological integration with very high-value assets.
Moreover, every link of these value chains is dependent upon the third-party resilience of all members to ensure the security of the whole.
However, according to our recent analysis of 49 maritime transport companiesâ 2014 annual reports, just 22% identified cyber-crime as a potential risk.
This is despite the World Fuel theft, and the attack on the Port of Antwerp where container-release codes and port-handling capacity were compromised.
Through that wider lens, the internet was seen by the IISS to add trillions of dollars to international commerce each year.
And, remarkably, the losses attributable to cybercrime were estimated at 15-20% of the value it adds.
To lessen the risk of rising capital costs, maritime organisations need to start quantifying their cyber exposure, just like they do for every other category of risk.
This will help them to make informed decisions about a capital-usage strategy that will strike the right balance between risk mitigation, retained and funded risk, and risk transfer.
This exercise will not be simple.
It will require hard, intellectual yards.
But, to date, nowhere near enough maritime organisations have started the journey.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=2bf3b6c56f&e=20056c7556
Cyber Risk As A Top 10 Global Risk for Businesses
Cyber security has long become a standing issue for boardrooms, a core focus area for major corporations.
The perceived risk of cyber-attacks is so great that for the first time this year, it was categorized by 1,400 business leaders worldwide as one of the top 10 risks, among economic slowdown, increasing competition and property damage, according to the AON Global Risk Management Report.
According to Stephen Cross, Chief Innovations Officer at the company, âModeling of cyber risk is complex and difficult as it lacks sufficient historical data coupled with the fact that such data is captured in a sporadic and unstructured manor.
It is also a very fast moving target.
How do you adequately forecast for a cyber hurricane.
Your cyber security is a strong as the weakest link in your supply chainâ.
1- Damage to Brand/Reputation
3- Regulatory/legislative changes
5- Failure to attract or retain top talent
6- Failure to innovate/meet customer needs
7- Business interruption
9- Cyber risk (computer crime/hacking/ viruses/malicious codes)
10- Property damage
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=92ed9e9825&e=20056c7556
Indian firms underequipped to handle cyber threats: KPMG Read more at: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=3f071eb867&e=20056c7556
MUMBAI: The banking and financial services sector continues to be a top target for cyber attacks which continue to rise every year, a survey by consulting firm KPMG revealed.
Yet the spends on cyber security continue to be low and also lag in priority in board rooms, it said
The survey revealed that 72%of the respondents had faced some sort of cyber attack over the past year, up from 43% a year ago.
Besides, it also found that financial motives were a key driver for cyber crime
74% of the respondents felt that the banking and financial services sector was most vulnerable to the cyber risk threat.
But cyber defence expenditure formed less than 5% of the total IT spends.
A survey by KPMG of 250 respondents across the sectors shows that 94% of the respondents felt that cybercrime was one of the major threats to their businesses.
However only 41% had it ( cyber crime related issues) as a part of their board room agenda.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=d6044df13f&e=20056c7556
Here’s Air Forceâs $49.5M Plan to Outsource Cyberweapon and Counterhack Software
An official contract for the “Offensive Cyberspace Operations Defensive Cyberspace Operations Real-Time Operations and Innovation Cyber Development Custom Software Engineering Services” program is slated for publication Jan. 29, 2016.
SHELTER, the nickname for the mouthful of a project title, is a 5.5-year deal that would add to the Defense Departmentâs growing arsenal of cyberweapons.
Technically referred to as “exploits,” “payloads” and “implants” in a draft contract released Monday, these sophisticated, malicious programs are not exclusive to defense company computer labs.
Via the Internet black market, hidden behind firewalls, anyone — including terrorists — can buy them from script kiddies, financially motivated hackers or other anonymous sources. (The Pentagon definition for exploit is “software or a sequence of commands that takes advantage of a vulnerability in order to cause unanticipated behavior to occur on computer software, hardware or something electronic, usually computerized.)
Private sector professionals are wanted for hack attack and counterhack software development efforts.
The branch, for example, needs a contractor for the “development and/or identification of capabilities” to “exploit and mitigate previously known and unknown hardware and operating system vulnerabilities.”
The contractors also will build tools to neutralize malicious code found seeping through the Defensewide “global information grid” network.
Speed is key to dominance in cyberspace, and professionals will be expected to “find vulnerabilities with or without source code,” in accordance with “government established timelines,â the draft contract states.
The price ceiling for the deal is $49.5 million and the Air Force is taking questions on the proposal until Dec. 18.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=584da48748&e=20056c7556
Akerman and Thomson Reuters Legal Managed Services Announce Collaboration On Groundbreaking U.S. Data Privacy and Security Legal Service Offering
CHICAGO, Dec. 1, 2015 /PRNewswire/ — Akerman LLP, a top 100 U.S. law firm serving clients across the Americas, today announced the advent of the Akerman Data Law Center, a dynamic, technology-driven, data privacy and security law service offering developed in collaboration with Thomson Reuters Legal Managed Services.
The Akerman Data Law Center will provide tailored research, multi-jurisdictional surveys and regulatory gap analyses in a wide array of data and privacy risk areas empowering clients to quickly and cost-effectively understand and handle routine compliance matters while mitigating risks before they become crises.
With Akerman’s multi-disciplinary team of regulatory compliance and data law lawyers within reach, the firm can also provide legal interpretation and day-to-day counseling specifically tailored to each client’s distinctive situation and needs.
Akerman also is partnering with Neota Logic.
The Akerman Data Law Center will utilize Neota Logic’s advanced expert system technology platform, a form of artificial intelligence, to interpret and operationalize the legal knowledge and guide clients to counsel where counsel is needed.
By combining rules, reasoning, decision management and document automation, Neota Logic applications set a new standard in delivering business solutions.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=c3e096f8bd&e=20056c7556
Cybercrime demands new ways of policing, RCMP says
The Mounties will outline the national police forceâs cybercrime strategy today.
RCMP Commissioner Bob Paulson told a security conference last week that police exhibit rooms are stacked with digital devices â and the trick is finding ways to extract the valuable evidence on them.
In a report last year, the RCMP said cybercrime demands new ways of policing to keep pace with illicit exploitation of emerging technologies such as cloud computing, social-media platforms, anonymous online networks and virtual currency schemes.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=75550e1a41&e=20056c7556
Report: Insiders Still Top Breach Threat
Experian’s just released third annual Data Breach Industry Forecast report for 2016 predicts that big hacks will continue to grab the headlines but small breaches will cause “a lot more damage,” he says.
To help reduce incidents involving negligence by insiders, Bruemmer strongly recommends organizations bolster their “job specific” privacy and security training.
Those efforts “start of the board level,” he says. “It has to be a priority and it has to cascade down not only through the covered entity organizations but also through the business associates.”
One of the biggest breach prevention shortcomings among healthcare organizations and their business associates, Bruemmer says, is “not knowing where their data is within their own networks,” he notes. “There are so many interconnected systems. …
In the healthcare field, you have so many connected devices that carry protected health information – that’s a real problem.”
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=ff6191ace5&e=20056c7556
Security expert expects APTs to dwindle in 2016
The prevalence and intensity of cyberattacks is expected to subside in 2016, in comparison to 2015, according to research from Kaspersky Lab.
Speaking at the Cyber Security Summit in Port Dickson, Malaysia, Vitaly Kamluk, Principal Security Researcher, Global Research & Analysis Team (GReAT), Kaspersky Lab, in his conference presentation entitled âAPAC â Regional Threat Overview,â suggested that the prevailing trend and data supports the thinking that Advanced Persistent Threats (APTs) are expected to dwindle in 2016.
To date, 12 different types of APTs were detected in 2015, including Wild Neutron, Darkhotel, Naikon and Duqu 2.0.
Each cyberattack held varying levels of intensity in terms of damages and malicious activities executed.
According to another senior security expert, Sergey Lozhkin, Senior Security Researcher, GReAT, Kaspersky Lab, the access to hacking and networks breaching tools is still widely available, despite the exposure and shutting down of the âundernetâ or illegal resource site otherwise known as the Dark Web.
Illegal hacking tools including hacking codes, data exfiltration viruses as well as Botnets are available on the Dark Web.
But due to governmental and law enforcement measures, the more common or unrestricted Dark Web sites have been shut down.
But Lozhkin warned, âThe Dark Web is not dead.
It is merely re-buildingâ.
In his presentation âThe Evolution of Ransomware: Dangers of Cryptolockersâ, he said that the Dark Web might end up becoming more secure as it is able to deliver two-factor authentication and certificates for access to resource sites.
Bitcoin is still the currency of choice on the Dark Web, with hacking tools and botnets available for the right price.
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=b992c709a7&e=20056c7556
Asking DHS to hack your systems
Brian Krebs, author of the popular Krebs on Security blog, reported on Dec. 1 that DHS’ National Cybersecurity Assessment and Technical Services (NCATS) have been “quietly launching stealthy cyberattacks against a range of private U.S. companies â mostly banks and energy firms.
These digital intrusion attempts, commissioned in advance by the private sector targets themselves, are … designed to help ‘critical infrastructure’ companies shore up their computer and network defenses against real-world adversaries.”
According to Krebs, “DHS said that in Fiscal Year 2015 NCATS provided support to 53 private sector partners.”
According to information posted on the U.S.
Computer Emergency Readiness Team website, “NCATS leverages existing ‘best in breed’ cybersecurity assessment methodologies, commercial best practices and integration of threat intelligence that enable cybersecurity stakeholders with decision making/risk management guidance and recommendations.” An assessment “can range from one day to two weeks depending on the security services required.”
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=a13dfe9693&e=20056c7556
DDoS attacks up 53% in Q3; cloud top target: Report
Verisign observed a significant increase in the frequency of DDoS attacks in Q3, representing a 53 percent increase over the previous quarter.
In fact, DDoS activity in Q3 increased to the highest it has been in any quarter over the last two years.
In terms of size, more than one-third of attacks peaked over 5 Gbps while one in five attacks peaked over 10 Gbps.
Fifty-nine percent of attacks peaked at more than 1 Gbps; 20 percent of attacks were greater than 10 Gbps.
Verisign saw the average attack size increase to 7.03 Gbps, 27 percent higher than Q2 2015.
For the fourth consecutive quarter, the industry most frequently targeted by DDoS attacks was IT Services/Cloud/SaaS, representing 29 percent of mitigation activity in Q3.
Media and Entertainment represented 26 percent of mitigations, followed by financial (15 percent), public sector (13 percent), telecom (12 percent), and e-commerce/online advertising (5 percent).
Continuing the trend of the year, the most common DDoS attack types were Network Time Protocol (NTP), Domain Name System (DNS) and Simple Service Discovery Protocol (SSDP) UDP floods, which accounted for approximately 65 percent of attacks in the quarter.
The balance of attacks mitigated were TCP floods (20 percent) and application layer attacks (15 percent).
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=ed05ce5f6d&e=20056c7556
Top malware families targeting business networks
Check Point has revealed the most common malware families being used to attack organisationsâ networks during October 2015.
They identified more than 1,500 different malware families globally active in October.
Globally, three malware families (Conflicker, Sality and Cutwail) accounted for 40% of all recorded attacks, revealing a trend for attacks focusing on remote control of infected PCs, enabling them to be used for launching DDoS and spam campaigns.
Attacks using malware families that enable ransomware scams and theft of usersâ credentials also rose sharply.
As well as the Neutrino ransomware exploit kit, Fareit malware, which steals usersâ credentials from web browsers and emails, increased dramatically, taking it from 93rd position in September up to the 10th most common malware seen during October.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=179adc7d5f&e=20056c7556
Malware, ransomware twice as likely to hit state, local networks
State and local governments networks are nearly twice as likely to be infected with malware or ransomware than those in small and medium businesses, according to new data released by Sentinel IPS, a cybersecurity threat management firm.
Education-sector networks also suffer from high infections rates.
After evaluating over 30 million alerts from its users around the world, Sentinel IPS found that 67 percent of government networks and 72 percent of education networks triggered critical malware or ransomware alerts, compared to just 39 percent of other networks triggering similar alerts.
Organizations with fewer, less-advanced cybersecurity resources — like budget-strapped government offices — are easy prey for hackers, the report suggested.
Additionally, agencies trying to protect a variety of different systems with limited resources are more vulnerable to ransomware attacks, Tim Francis, cyber enterprise lead at Travelers, told DarkReading.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=bf8a34b27e&e=20056c7556
Moody’s to consider data breach risk in healthcare credit ratings
Moody’s Investor Services will start factoring a healthcare providers’ cybersecurity strength into their credit ratings, the agency said this week, as hackers continue to infiltrate the sector.
Moody’s says they think of cyberthreats the same way as other “extraordinary event risks” like natural disasters.
Any impact to the company’s credit depends on how long the attack went on and how bad it was.
The greater the severity and impact to the company and consumers, the greater the chance it could impact credit.
The report, “Cross Sector — Global: Cyber Risk of Growing Importance to Credit Analysis,” points out several influential factors Moody’s uses when evaluating credit impact due to a cyberattack: nature and scope of the targeted institution or assets, how long services were interrupted, and the length of time it took to restore operations to normal.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=d8543b0a33&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If you know someone else who would be interested in this Newsalert, please forwarded this email.
If you want to be added to the distribution list, please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=89e0861b25)
** Update subscription preferences (http://paulgdavis.us3.list-manage.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)