[From the desk of Paul Davis – his opinions and no-one else’s, apart from the reporter’s opinions ]
I had a request to change the format of the date in the Subject line to make it easier to sort. So I made the change.
* How Many Layers Does Your Email Security Need?
* Why Boards Need To Get Smart About Cyber Innovation — Now
* Move over Healthcare, Ransomware Has Manufacturing In Its Sights
* Nearly Half of Organizations Unsure if Cyber Insurance will Payout for Evolving Email Attacks
* Anonymous Targets London Stock Exchange as #OpIcarus Advances
How Many Layers Does Your Email Security Need?
Cyber criminals have realized that email gateways are quite capable of blocking generic spam and have moved to different techniques, including targeted attacks.
Targeted attacks have adapted precisely to evade traditional methods most email gateways use to try to block unknown malware, such as the following techniques:
First off, techniques like Sender Protection Framework (SPF), Domain Keys Identified Mail (DKIM), and Domain-based Message Authentication Reporting and Conformance (DMARC) are designed to validate the identity of the sender, protecting against spoofed emails that appear to come from a friendly sender.
However, very few organizations bother to turn these capabilities on.
Be sure to use the same technologies when sending your own email.
Secondly, your gateway needs to extract and explode all the elements of an email attachment to be able to deeply analyze it for malicious intent.
Finally, it is essential to ensure URLs are scanned at time of click.
In practical terms, this means that URLs contained in emails must be rewritten with pointers that force them to go through a cloud-based web gateway whenever they are clicked upon.
So, how many layers does your email security need?
You always need at least one more layer of email security than the attacker can defeat.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=807b0e2484&e=20056c7556
Why Boards Need To Get Smart About Cyber Innovation — Now
Ariel Evans is an American Israeli cybersecurity expert, entrepreneur and business developer.
Evans is the go-to person in Israel that connects cyber startup companies to funding and business development opportunities.
Today she manages over Israeli 30 companies, secures them venture funding, M&A opportunities, and channel sales.
She has raised over $200 million in the U.S. with private equity and venture capital firms.
What are the biggest trends that you have seen in cybersecurity over the past five years?
Cybersecurity has become a boardroom conversation.
It is no longer adequate to speak solely in terms of technological vulnerabilities such as insufficient patching of servers and network specific devices.
Instead, organizations have begun to appraise the value of their assets and calculate how secure they are against a cyber-attack.
How has the role of the chief information security officer (CISO) changed?
The CISO is no longer a network guru, but instead a risk manager.
What does an organization need to know in order to understand how effective their cybersecurity program is?
Lots.
Again, cybersecurity is a compilation of people, processes, and tools.
If just one leg of that three-legged stool is broken, the stool fails.
What are the most common issues that organizations face in cybersecurity?
The most common issue is the lack of skilled people.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=871d9a04b3&e=20056c7556
Move over Healthcare, Ransomware Has Manufacturing In Its Sights
Fortinet research conducted over the past several months shows that manufacturing is likely to be the next industry specifically targeted by ransomware.
In our latest report we detail two specific trends that support this conclusion.
The first is an alarming spike in custom ransomware attacks targeted at the manufacturing industry, and the second is the development of a new generation of ransomware that is especially devastating.
Between October 1, 2015 and April 30, 2016, Fortinet monitored and collated network traffic for 59 mid-sized to large manufacturers, spread out over 9 countries in key markets across the Americas, EMEA, and APAC.
During those seven months, we recorded 8.63 million attempted attacks on those 59 manufacturers.
And 78% of this malicious activity was targeted at large manufacturers with 1000 or more employees.
That is a lot of attacks.
With downtime and losses often calculated by the minute, manufacturers infected with ransomware would be highly motivated to pay a ransom in order to get their production floor back up and running.
And this wasn’t your average ransomware.
This new ransomware had undergone significant enhancements.
Recent variants of the Locky ransomware that we saw, for example, had traded custom encryption algorithms for much more solid and robust Windows APIs and RSA encryption.
This seems to have clearly been an attempt to thwart organizations that try to decrypt their files without paying the ransom.
Another ransomware variant we have been tracking is DMA Locker.
Once it infects an organization, DMA Locker uses remote command-and-control servers to generate unique encryption keys.
Because these encryption keys are generated off-site, reverse engineering the encryption is not currently possible.
Which also means that if DMA Locker isn’t entirely removed from an infected network, repeat flare-ups by the exact same ransomware can generate additional ransom demands.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=b469b254c6&e=20056c7556
Nearly Half of Organizations Unsure if Cyber Insurance will Payout for Evolving Email Attacks
LONDON, Jun 07, 2016 (BUSINESS WIRE) — Mimecast Limited, a leading email and data security company, today issued a warning to organizations relying on cyber insurance: your policies may not be fully up-to-date in covering new social engineering email attacks, leaving firms at risk for taking the full financial brunt of these attacks.
New Mimecast research* into the growing cyber insurance industry and evolving email attack techniques reveals that almost half (45%) of firms with cyber insurance are unsure if their policy is up-to-date for covering new cyber social engineering attacks, and only 10% believe it is completely up-to-date.
Just 43% of firms with cyber insurance are confident that their policies would pay out for whaling financial transactions.
Nearly two-thirds (64%) of firms don’t have any cyber insurance at all.
With the cybersecurity landscape constantly evolving, cyber insurers will have great difficulty keeping their coverage up-to-date.
A comprehensive cyber resilience strategy is only effective alongside regular employee training on the latest threats combined with appropriate technology fail-safes.”
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=0895c864b3&e=20056c7556
Anonymous Targets London Stock Exchange as #OpIcarus Advances
The LSE website went offline at 9AM (08:00 GMT) local time, at the beginning of working hours, last Thursday, and was inaccessible for two hours.
LSE representatives have refused to comment on the issue, and kept the hack secret, but experts believe the site was exposed to a distributed denial of service (DDoS) attack, suggesting that no critical information was compromised.
The attack was carried out within a framework called Operation Icarus, a stated effort by hackers to battle injustice by compromising banking sites around the globe.
Confirmed hacks include those on the Bank of Greece, the Central Bank of the Dominican Republic, the Dutch Central Bank, the Swiss National Bank, the Central Bank of Venezuela and the Federal Reserve Bank of San Francisco.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=68108d7b00&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If you know someone else who would be interested in this Newsalert, please forwarded this email.
If you want to be added to the distribution list, please click this: Subscribe to this list (http://paulgdavis.us3.list-manage.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
Unsubscribe from this list (http://paulgdavis.us3.list-manage1.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=d2f96da285)
Update subscription preferences (http://paulgdavis.us3.list-manage.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)