[From the desk of Paul Davis – his opinions and no-one else’s]
\nApart from the reporter’s opinions \ud83d\ude09
\nSo onto the news:<\/p>\n
Nearly 370M IE users have just 6 weeks to upgrade
\nIn August 2014, Microsoft took Internet Explorer (IE) users by surprise when it announced that most had to be running IE11 by Jan. 12, six weeks from today.
\nAfter that date, Microsoft will support IE9 only on the barely used Windows Vista and Windows Server 2008, and IE10 only on Windows Server 2012.
\nAll others, including those with devices powered by Windows 7, Windows 8, Windows 8.1 and Windows 10, must run IE11 or Edge.
\nThe retired browsers will continue working, but Microsoft will halt technical support and stop serving security updates for the banned versions.
\nThe biggest chunk of affected IE users — an estimated 172 million — were those still running IE8, the six-year-old browser originally bundled with Windows 7 but which also ran on the now-retired Windows XP.
\nCompanies that require older editions of IE to run Web apps or services can upgrade to IE11, then rely on that browser’s Enterprise Mode to mimic the older versions’ rendering engines.
\nLast week, Microsoft announced some enhancements to Enterprise Mode, including support for HTTP ports, and issued a kit that walks IT administrators through the chore of configuring Enterprise Mode.
\nThat kit can be downloaded from here.
\nAnother option for laggards who need backward compatibility with aged apps and services is to upgrade to IE11 but deploy Browsium Ion, an add-on that lets IT administrators enable legacy IE-dependent apps in IE11.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=88a46ef51b&e=20056c7556<\/p>\n
Security Think Tank: Threat intelligence feeds not for everyone
\nBefore signing up for threat intelligence and monitoring in real time, an organisation has to have its operational security practices running as a reasonably well-oiled machine.
\nThey need to have security systems they can monitor and change control around critical pieces, as well as strong understanding of how the operational controls interact with each other.
\nSome organisations choose corrective approaches instead of detective and preventative.
\nOthers prefer to manage their risks in non-technical ways, such as through contracts, service level agreements, litigation, insurance or financial mechanisms.
\nThreat intelligence is best applied when a firm wants to apply technical controls to a certain kind of risk.
\nThe firm needs security controls to adapt, react and flex in real time to the changing technical landscape.
\nSecurity is complex and not every security control or technique makes sense for every firm.
\nIt would be a mistake to conclude: \u201cX is good; business Y does not use X, therefore business Y is not as good as it could be.\u201d
\nThreat indicators are just one tool of many that an organisation should have in place.
\nIt is important to have security processes in place beforehand to make the most of them.
\nThis includes properly trained and educated staff, a resilient network based on securely designed applications and operational readiness.
\nWithout these foundations, threat intelligence will ultimately have limited effectiveness.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=3c9bbd563a&e=20056c7556<\/p>\n
Three key areas to limit cyber attack liability, says Kemp Little
\n\u201cResponses to cyber attacks need to be organic and grow as organisations learn more,\u201d Alison Rea, intellectual property and litigation senior associate at Kemp Little, told a seminar on cyber attacks in London.
\n\u201cHowever, key to limiting liability is identifying the source of the attack, reducing the spread of stolen data and mitigating liability to third parties,\u201d she said.
\n\u201cIn the event of a cyber attack, organisations will typically be fire fighting on a number of different fronts.
\nThey are going to want halt the attack and find out who is behind it, they are going to have to deal with the regulatory authority, they are going to want to assess their liability to customers and at the same time assess the liability of their own suppliers,\u201d said Rea.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=3bf3528039&e=20056c7556<\/p>\n
Cybercrime and shipping: the facts
\nHow serious a threat to shipping is cybercrime.
\nThe aviation sector\u2019s exposure to the global cyber threat was laid bare by the recent acts of a \u2018white-hat\u2019 hacker, who apparently infiltrated a commercial aircraft\u2019s flight-management systems while it was in flight.
\nSo, the question for the maritime sector is: do we honestly believe we are better prepared, or that the security challenge is any less pronounced than with the aviation sector?
\nBoth sectors share extraordinary similarities: they are highly integrated value chains; they contribute massively to global wealth creation; and they rely upon broad-based technological integration with very high-value assets.
\nMoreover, every link of these value chains is dependent upon the third-party resilience of all members to ensure the security of the whole.
\nHowever, according to our recent analysis of 49 maritime transport companies\u2019 2014 annual reports, just 22% identified cyber-crime as a potential risk.
\nThis is despite the World Fuel theft, and the attack on the Port of Antwerp where container-release codes and port-handling capacity were compromised.
\nThrough that wider lens, the internet was seen by the IISS to add trillions of dollars to international commerce each year.
\nAnd, remarkably, the losses attributable to cybercrime were estimated at 15-20% of the value it adds.
\nTo lessen the risk of rising capital costs, maritime organisations need to start quantifying their cyber exposure, just like they do for every other category of risk.
\nThis will help them to make informed decisions about a capital-usage strategy that will strike the right balance between risk mitigation, retained and funded risk, and risk transfer.
\nThis exercise will not be simple.
\nIt will require hard, intellectual yards.
\nBut, to date, nowhere near enough maritime organisations have started the journey.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=2bf3b6c56f&e=20056c7556<\/p>\n
Cyber Risk As A Top 10 Global Risk for Businesses
\nCyber security has long become a standing issue for boardrooms, a core focus area for major corporations.
\nThe perceived risk of cyber-attacks is so great that for the first time this year, it was categorized by 1,400 business leaders worldwide as one of the top 10 risks, among economic slowdown, increasing competition and property damage, according to the AON Global Risk Management Report.
\nAccording to Stephen Cross, Chief Innovations Officer at the company, \u201cModeling of cyber risk is complex and difficult as it lacks sufficient historical data coupled with the fact that such data is captured in a sporadic and unstructured manor.
\nIt is also a very fast moving target.
\nHow do you adequately forecast for a cyber hurricane.
\nYour cyber security is a strong as the weakest link in your supply chain\u201d.
\n1- Damage to Brand\/Reputation
\n3- Regulatory\/legislative changes
\n5- Failure to attract or retain top talent
\n6- Failure to innovate\/meet customer needs
\n7- Business interruption
\n9- Cyber risk (computer crime\/hacking\/ viruses\/malicious codes)
\n10- Property damage
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=92ed9e9825&e=20056c7556<\/p>\n
Indian firms underequipped to handle cyber threats: KPMG Read more at: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=3f071eb867&e=20056c7556
\nMUMBAI: The banking and financial services sector continues to be a top target for cyber attacks which continue to rise every year, a survey by consulting firm KPMG revealed.
\nYet the spends on cyber security continue to be low and also lag in priority in board rooms, it said
\nThe survey revealed that 72%of the respondents had faced some sort of cyber attack over the past year, up from 43% a year ago.
\nBesides, it also found that financial motives were a key driver for cyber crime
\n74% of the respondents felt that the banking and financial services sector was most vulnerable to the cyber risk threat.
\nBut cyber defence expenditure formed less than 5% of the total IT spends.
\nA survey by KPMG of 250 respondents across the sectors shows that 94% of the respondents felt that cybercrime was one of the major threats to their businesses.
\nHowever only 41% had it ( cyber crime related issues) as a part of their board room agenda.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=d6044df13f&e=20056c7556<\/p>\n
Here’s Air Force\u2019s $49.5M Plan to Outsource Cyberweapon and Counterhack Software
\nAn official contract for the “Offensive Cyberspace Operations Defensive Cyberspace Operations Real-Time Operations and Innovation Cyber Development Custom Software Engineering Services” program is slated for publication Jan. 29, 2016.
\nSHELTER, the nickname for the mouthful of a project title, is a 5.5-year deal that would add to the Defense Department\u2019s growing arsenal of cyberweapons.
\nTechnically referred to as “exploits,” “payloads” and “implants” in a draft contract released Monday, these sophisticated, malicious programs are not exclusive to defense company computer labs.
\nVia the Internet black market, hidden behind firewalls, anyone — including terrorists — can buy them from script kiddies, financially motivated hackers or other anonymous sources. (The Pentagon definition for exploit is “software or a sequence of commands that takes advantage of a vulnerability in order to cause unanticipated behavior to occur on computer software, hardware or something electronic, usually computerized.)
\nPrivate sector professionals are wanted for hack attack and counterhack software development efforts.
\nThe branch, for example, needs a contractor for the “development and\/or identification of capabilities” to “exploit and mitigate previously known and unknown hardware and operating system vulnerabilities.”
\nThe contractors also will build tools to neutralize malicious code found seeping through the Defensewide “global information grid” network.
\nSpeed is key to dominance in cyberspace, and professionals will be expected to “find vulnerabilities with or without source code,” in accordance with “government established timelines,\u201d the draft contract states.
\nThe price ceiling for the deal is $49.5 million and the Air Force is taking questions on the proposal until Dec. 18.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=584da48748&e=20056c7556<\/p>\n
Akerman and Thomson Reuters Legal Managed Services Announce Collaboration On Groundbreaking U.S. Data Privacy and Security Legal Service Offering
\nCHICAGO, Dec. 1, 2015 \/PRNewswire\/ — Akerman LLP, a top 100 U.S. law firm serving clients across the Americas, today announced the advent of the Akerman Data Law Center, a dynamic, technology-driven, data privacy and security law service offering developed in collaboration with Thomson Reuters Legal Managed Services.
\nThe Akerman Data Law Center will provide tailored research, multi-jurisdictional surveys and regulatory gap analyses in a wide array of data and privacy risk areas empowering clients to quickly and cost-effectively understand and handle routine compliance matters while mitigating risks before they become crises.
\nWith Akerman’s multi-disciplinary team of regulatory compliance and data law lawyers within reach, the firm can also provide legal interpretation and day-to-day counseling specifically tailored to each client’s distinctive situation and needs.
\nAkerman also is partnering with Neota Logic.
\nThe Akerman Data Law Center will utilize Neota Logic’s advanced expert system technology platform, a form of artificial intelligence, to interpret and operationalize the legal knowledge and guide clients to counsel where counsel is needed.
\nBy combining rules, reasoning, decision management and document automation, Neota Logic applications set a new standard in delivering business solutions.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=c3e096f8bd&e=20056c7556<\/p>\n
Cybercrime demands new ways of policing, RCMP says
\nThe Mounties will outline the national police force\u2019s cybercrime strategy today.
\nRCMP Commissioner Bob Paulson told a security conference last week that police exhibit rooms are stacked with digital devices \u2013 and the trick is finding ways to extract the valuable evidence on them.
\nIn a report last year, the RCMP said cybercrime demands new ways of policing to keep pace with illicit exploitation of emerging technologies such as cloud computing, social-media platforms, anonymous online networks and virtual currency schemes.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=75550e1a41&e=20056c7556<\/p>\n
Report: Insiders Still Top Breach Threat
\nExperian’s just released third annual Data Breach Industry Forecast report for 2016 predicts that big hacks will continue to grab the headlines but small breaches will cause “a lot more damage,” he says.
\nTo help reduce incidents involving negligence by insiders, Bruemmer strongly recommends organizations bolster their “job specific” privacy and security training.
\nThose efforts “start of the board level,” he says. “It has to be a priority and it has to cascade down not only through the covered entity organizations but also through the business associates.”
\nOne of the biggest breach prevention shortcomings among healthcare organizations and their business associates, Bruemmer says, is “not knowing where their data is within their own networks,” he notes. “There are so many interconnected systems. …
\nIn the healthcare field, you have so many connected devices that carry protected health information – that’s a real problem.”
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=ff6191ace5&e=20056c7556<\/p>\n
Security expert expects APTs to dwindle in 2016
\nThe prevalence and intensity of cyberattacks is expected to subside in 2016, in comparison to 2015, according to research from Kaspersky Lab.
\nSpeaking at the Cyber Security Summit in Port Dickson, Malaysia, Vitaly Kamluk, Principal Security Researcher, Global Research & Analysis Team (GReAT), Kaspersky Lab, in his conference presentation entitled \u201cAPAC \u2013 Regional Threat Overview,\u201d suggested that the prevailing trend and data supports the thinking that Advanced Persistent Threats (APTs) are expected to dwindle in 2016.
\nTo date, 12 different types of APTs were detected in 2015, including Wild Neutron, Darkhotel, Naikon and Duqu 2.0.
\nEach cyberattack held varying levels of intensity in terms of damages and malicious activities executed.
\nAccording to another senior security expert, Sergey Lozhkin, Senior Security Researcher, GReAT, Kaspersky Lab, the access to hacking and networks breaching tools is still widely available, despite the exposure and shutting down of the \u201cundernet\u201d or illegal resource site otherwise known as the Dark Web.
\nIllegal hacking tools including hacking codes, data exfiltration viruses as well as Botnets are available on the Dark Web.
\nBut due to governmental and law enforcement measures, the more common or unrestricted Dark Web sites have been shut down.
\nBut Lozhkin warned, \u201cThe Dark Web is not dead.
\nIt is merely re-building\u201d.
\nIn his presentation \u201cThe Evolution of Ransomware: Dangers of Cryptolockers\u201d, he said that the Dark Web might end up becoming more secure as it is able to deliver two-factor authentication and certificates for access to resource sites.
\nBitcoin is still the currency of choice on the Dark Web, with hacking tools and botnets available for the right price.
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=b992c709a7&e=20056c7556<\/p>\n
Asking DHS to hack your systems
\nBrian Krebs, author of the popular Krebs on Security blog, reported on Dec. 1 that DHS’ National Cybersecurity Assessment and Technical Services (NCATS) have been “quietly launching stealthy cyberattacks against a range of private U.S. companies \u2014 mostly banks and energy firms.
\nThese digital intrusion attempts, commissioned in advance by the private sector targets themselves, are … designed to help ‘critical infrastructure’ companies shore up their computer and network defenses against real-world adversaries.”
\nAccording to Krebs, “DHS said that in Fiscal Year 2015 NCATS provided support to 53 private sector partners.”
\nAccording to information posted on the U.S.
\nComputer Emergency Readiness Team website, “NCATS leverages existing ‘best in breed’ cybersecurity assessment methodologies, commercial best practices and integration of threat intelligence that enable cybersecurity stakeholders with decision making\/risk management guidance and recommendations.” An assessment “can range from one day to two weeks depending on the security services required.”
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=a13dfe9693&e=20056c7556<\/p>\n
DDoS attacks up 53% in Q3; cloud top target: Report
\nVerisign observed a significant increase in the frequency of DDoS attacks in Q3, representing a 53 percent increase over the previous quarter.
\nIn fact, DDoS activity in Q3 increased to the highest it has been in any quarter over the last two years.
\nIn terms of size, more than one-third of attacks peaked over 5 Gbps while one in five attacks peaked over 10 Gbps.
\nFifty-nine percent of attacks peaked at more than 1 Gbps; 20 percent of attacks were greater than 10 Gbps.
\nVerisign saw the average attack size increase to 7.03 Gbps, 27 percent higher than Q2 2015.
\nFor the fourth consecutive quarter, the industry most frequently targeted by DDoS attacks was IT Services\/Cloud\/SaaS, representing 29 percent of mitigation activity in Q3.
\nMedia and Entertainment represented 26 percent of mitigations, followed by financial (15 percent), public sector (13 percent), telecom (12 percent), and e-commerce\/online advertising (5 percent).
\nContinuing the trend of the year, the most common DDoS attack types were Network Time Protocol (NTP), Domain Name System (DNS) and Simple Service Discovery Protocol (SSDP) UDP floods, which accounted for approximately 65 percent of attacks in the quarter.
\nThe balance of attacks mitigated were TCP floods (20 percent) and application layer attacks (15 percent).
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=ed05ce5f6d&e=20056c7556<\/p>\n
Top malware families targeting business networks
\nCheck Point has revealed the most common malware families being used to attack organisations\u2019 networks during October 2015.
\nThey identified more than 1,500 different malware families globally active in October.
\nGlobally, three malware families (Conflicker, Sality and Cutwail) accounted for 40% of all recorded attacks, revealing a trend for attacks focusing on remote control of infected PCs, enabling them to be used for launching DDoS and spam campaigns.
\nAttacks using malware families that enable ransomware scams and theft of users\u2019 credentials also rose sharply.
\nAs well as the Neutrino ransomware exploit kit, Fareit malware, which steals users\u2019 credentials from web browsers and emails, increased dramatically, taking it from 93rd position in September up to the 10th most common malware seen during October.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=179adc7d5f&e=20056c7556<\/p>\n
Malware, ransomware twice as likely to hit state, local networks
\nState and local governments networks are nearly twice as likely to be infected with malware or ransomware than those in small and medium businesses, according to new data released by Sentinel IPS, a cybersecurity threat management firm.
\nEducation-sector networks also suffer from high infections rates.
\nAfter evaluating over 30 million alerts from its users around the world, Sentinel IPS found that 67 percent of government networks and 72 percent of education networks triggered critical malware or ransomware alerts, compared to just 39 percent of other networks triggering similar alerts.
\nOrganizations with fewer, less-advanced cybersecurity resources — like budget-strapped government offices — are easy prey for hackers, the report suggested.
\nAdditionally, agencies trying to protect a variety of different systems with limited resources are more vulnerable to ransomware attacks, Tim Francis, cyber enterprise lead at Travelers, told DarkReading.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=bf8a34b27e&e=20056c7556<\/p>\n
Moody’s to consider data breach risk in healthcare credit ratings
\nMoody’s Investor Services will start factoring a healthcare providers’ cybersecurity strength into their credit ratings, the agency said this week, as hackers continue to infiltrate the sector.
\nMoody’s says they think of cyberthreats the same way as other “extraordinary event risks” like natural disasters.
\nAny impact to the company’s credit depends on how long the attack went on and how bad it was.
\nThe greater the severity and impact to the company and consumers, the greater the chance it could impact credit.
\nThe report, “Cross Sector — Global: Cyber Risk of Growing Importance to Credit Analysis,” points out several influential factors Moody’s uses when evaluating credit impact due to a cyberattack: nature and scope of the targeted institution or assets, how long services were interrupted, and the length of time it took to restore operations to normal.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=d8543b0a33&e=20056c7556<\/p>\n
============================================================
\nFeedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)<\/p>\n
If you know someone else who would be interested in this Newsalert, please forwarded this email.
\nIf you want to be added to the distribution list, please click this: ** Subscribe to this list (http:\/\/paulgdavis.us3.list-manage.com\/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)<\/p>\n
** Unsubscribe from this list (http:\/\/paulgdavis.us3.list-manage.com\/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=89e0861b25)<\/p>\n
** Update subscription preferences (http:\/\/paulgdavis.us3.list-manage.com\/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)<\/p>\n","protected":false},"excerpt":{"rendered":"
[From the desk of Paul Davis – his opinions and no-one else’s] Apart from the reporter’s opinions \ud83d\ude09 So onto the news: Nearly 370M IE users have just 6 weeks to upgrade In August 2014, Microsoft took Internet Explorer (IE) users by surprise when it announced that most had to…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-1175","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1175","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1175"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1175\/revisions"}],"predecessor-version":[{"id":3662,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1175\/revisions\/3662"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1175"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1175"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1175"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}