How Do You Protect Your Business When the Threat Landscape Is Always Evolving?

Security Ransomware

Staying ahead of the curve when it comes to security attacks can be a challenge many find to be nearly impossible to achieve. But why is it so difficult? Every day, attacks targeting juggernauts of industry are featured in breaking news. An example is the recent “Wannacry” ransomware attack, which affected thousands of computers all over the world—from Europe to Asia to North America, locking users out of their computers and demanding ransoms. What’s concerning about these attacks is not only the frequency of them, but how they quickly inspire imitators.  

New attacks using combinations of execution code to bypass defense systems are popping up. Even more concerning, ransomware/botnet attacks are now hijacking ICS to re-route ambulances causing life-threatening consequences. And the hard truth is this won’t stop; new malware will be written with multiple code execution paths that are designed to set off benign processes while under scan and then execute malicious code once your anti-virus deems it to be safe. 

You might be indignantly thinking why? My anti-virus is supposed to stop all threats—my vendor said so! Why is it so difficult to defend my organization? 

The short answer is that it doesn’t have to be. Having implemented and reverse engineered many security solutions, I can say honestly that you cannot adopt or rely upon a single strategy or single solution to defend your posture. It takes a holistic and tiered approach to be able to defend and take on attacks from different vectors. 

A long time ago, I was once on the offensive side acting out DDoS attacks while playing a game called “Counter-Strike.” Why is this relevant? It seems hard to believe, but this game helped me adopt a philosophy on cybersecurity that I will never forget and will use for the rest of my career. I hope you can take this philosophy to heart, and that it will also help you protect your business as well as yourself from being hacked. 

Know your risk. 

Designing a secure infrastructure starts with knowing your greatest risks and weaknesses. Think like a hacker. What is the most critical asset? What type of attacks are you vulnerable to? What would someone do to exploit it that risk? Knowing is the first step. 

Identify your risk. 

In the following tiers: Reputation, Operational, and Intellectual Property. Once you’ve identified your risk in these arenas, plan a defensive strategy accordingly.  

Defend. 

Your strategy should lead to you knowing your network better than anyone else. You are the first and last line of defense. Security solutions are simply technology, but without configuring that technology to its strictest potential, you will not win. Do not allow any attacker to exploit your posture. Conduct vulnerability assessments and risk audits. Conducting threat assessments regularly is a critical step in continually developing your security plan.

BYOD: Is it Worth the Risk?

The Bring Your Own Device (BYOD) phenomenon has become a highly debated topic in many organizations. While some enterprises are fully enveloped in the BYOD trend, others are hesitant to adopt this new strategy because of the numerous risks associated with it. Regardless, here is what you need to know to be BYOD-ready.

[Read more…]

High Severity GnuTLS bug

On May 23rd, Nikos Mavrogiannopoulo (one of the primary authors of the GnuTLS library) submitted a commit identifying the potential for “memory corruption” during the TLS/SSL handshake process. This specific bug makes it possible to initiate a server-based attack on a client system by corrupting its memory using a specially crafted ServerHello message.
[Read more…]

Heartbleed: A Case For Two-Factor Authentication

By now you’ve probably heard about a major vulnerability in the OpenSSL Project’s implementation of SSL known as Heartbleed. If you’re not familiar with SSL, it is a protocol designed to secure communication between an end-user (client) and application (server) using cryptography and keys intended to make it difficult to intercept and read protected traffic. The process of establishing that secure communication looks something like this:


[Read more…]

DDoS Ammunition: Are you protected?

Saar here, resident engineer at Myriad Supply. Today I’ll be discussing DDoS ammunition.

The FFIEC gives “recommendations” to banking institutions.  This is a non-binding recommendation, and there is no law per say that says you must have DDoS protection.  However, if someone suffers financial damages due to a DDoS attack on a bank, that person can hire an attorney who can then prove that the bank handled itself without due diligence in spite of government recommendations. So a reasonable judge will find the bank at fault and it would have to pay.  Add a class action, and you’re looking at a pretty hefty sum. In this article for example, http://www.scmagazine.com/banks-file-class-action-against-target-and-trustwave-over-massive-breach/article/339760/, the banks are suing Target for failing to have decent security, which cost them millions replacing stolen payment cards.

[Read more…]

Controller, Cloud Managed and Standalone WiFi Deployments, Oh My!

Hello all, the speaking.

 

In the WiFi world, there are three major types of wireless deployments. These are, as the title says, Controller Based, Cloud Managed, and Standalone; They are all different, and each one has its correct application, benefits, and vices. It has come to my attention that the differences among these groups aren’t understood well. Usually people are more interested in the brand name rather than the group it falls in. And that’s okay, I am here to help you choose the correct WLAN solution for your needs. Just to clarify, I will NOT be going into a discussion of which manufacturer falls into which category, or which one is better. That type of battle is best left alone for another day.

[Read more…]