Importance of Multi-Factor authentication

August 16, 2017 at 4:00 pm | Posted in Cyber Security, Musings | Leave a comment
Tags: , , , ,

Yesterday it was announced that the Scottish Parliament was under a cyber-attack similar to the one that targeted Westminster earlier in the year.

The Attackers were trying to gain access to the email systems of MSP’s and Staff members of the parliament for their own gains. This time it looks as if the attack was stopped in its tracks.

I am fortunate enough to have worked with the Scottish Parliament closely in a previous role and I know a bit more about their security infrastructure than most. And, I am assuming that their methods of security have not changed to radically in the last three years.

The Scottish Parliament does use multifactor authentication for the majority of its users.

The importance of multifactor authentication is key to as to why this particular brute force attack was not as successful as previous one that hit Westminster as there was an added layer of security beyond that of username and password.

It still affected the Scottish Parliament but it is better to have some minor disruptions as opposed to having data stolen.

Australia vs New Zealand – Citizenship rights.

August 15, 2017 at 4:00 pm | Posted in Musings | Leave a comment
Tags: , , , ,

It is all kicking off in the Southern Ocean, and it is not being friendly.

Over the last few months there has been a story rumbling of various members of parliament having to resign their seats due to having dual citizenship.

Under Australian Law, it is illegal to stand for Parliament if you “knowingly” hold dual citizenship and across the Tasman Sea, New Zealand automatically grant’s citizenship if one of your parents is a New Zealander. Although you have to apply.

This Scandal has now affected with government with the Deputy Prime Minister being informed that he holds New Zealand citizenship. Something that he claims not to have known.

However, this story has taken a more interesting term as it turns out that the Labor Party in Australia instigated the investigation into his citizenship working closely with the Labor Party in New Zealand.
This story will rumble on.

One thing that is slowly being agreed on though is that the Australian Law needs to be changed as currently almost half of all Australian citizen’s hold dual citizenship of some form or another.

Labour Leadership & Venezuela – “Many people died on both sides of the Battle of Yavin – I condemn both the Death Star and the Rebel X-Wings.”

August 8, 2017 at 10:00 pm | Posted in Musings | Leave a comment
Tags: , ,

The pressure that has been mounting on the Leader of the Labour party to condemn the actions taken by the Venezuela government and that I wrote about last week. Now that Jeremy Corbyn has returned from his holiday the statement came.

Moreover, he failed to do so in a spectacular fashion.

Within the statement, he condemned the violence of both sides.

However, there is no equity in the violence here. The United Nations has now spoken out and lays the blame of the issues and unrest of Venezuela at the highest levels of the Venezuelan government and the Venezuelan government is oppressing human rights of its citizens.

You also get within the statement, that the economy was “too dependent on oil” and that there were “effective and serious attempts at reducing poverty.”

This is an effective attempt at reducing Poverty? Where over three in four people now live in poverty and where food now costs three times the minimum wage.
Any progress that has been made to reducing Poverty in Venezuela has now moved it back to levels not seen before the 1950’s.

As for dependency on the Oil, that is true but surely that should have been for the government of Venezuela to deal with they own the oil company. Instead, due to pricing controls manufacturing in the country collapsed by a third.

I condemn the Labour Leadership for their stance on the Venezuela Crisis and commend those in the Labour party that are taking a stand against it as many around the world are.

Jeremy Corbyn once said that by being “neutral in situations of injustice, you have chosen the side of the oppressor”

So yes Mr Corbyn, you have chosen the side of the Oppressor.

PS: Credit to Tom Harris, former Labour MP for the Death Star line.

Black Hat vs White Hat

August 7, 2017 at 4:00 pm | Posted in Cyber Security, Musings | Leave a comment
Tags: , , , , , ,

This Blog is entirely my own opinion and is no way tied to my employer. 

Last week, news broke that the cyber security analyst who stopped the Wannacry cyber security incident in May had been arrested in Las Vegas while attending the ethical hacking conference. He was accused and charged with having previously creating a piece of banking malware that gained notoriety around 2014.

Now, in this case as always the presumption is innocent until proven guilty.

However, it does pose significant questions as to those researchers who were previously wearing the “Black hat” and facing off against the security industry and later chose to go legitimate and become “white hats” in security industry.

If there is a sword of Damocles hanging over them about their past then it adds a further question as to if they want to go legitimate.

It all boils down to the principles of Sun Tzu and the Art of War. How far are States willing to overlook past crimes for the greater good.

Sun Tzu says on spies, in chapter 13 of Art of War
“Having CONVERTED SPIES, getting hold of the enemy’s spies and using them for our own purposes.”

Converted Spies are deemed the most useful by Sun Tzu as it enables other spies to be brought in based on the knowledge of the converted spy.

A thousands year old text still has relevance today and in the cyber security industry chapter 13 is especially relevant. As the knowledge that those researchers who were formally on the other side of the battle is extremely valuable.

It is entirely possible that regardless of whether the Wannacry researcher is guilty or not that the actions taken in the US have potentially put off future Black Hats from becoming White Hats and that the knowledge they would have brought is now lost.

Labour Leadership silence – Venezuela a better way of doing things?

August 3, 2017 at 5:00 pm | Posted in Musings | Leave a comment
Tags: , , , ,

In the past Week, the failing state of Venezuela finally took the steps to throw off the idea of democracy and finally descended into an Autocracy. With opposition leaders arrested by the secret police and parliament having now been effectively bypassed.

International condemnation has been swift from the US, EU and the UK.
However, the UN has been strangely silent on these matters.

Individual Labour party MP’s including the shadow foreign secretary have joined condemnation from other left wing parties throughout Europe in condemning the leadership of Venezuela. However, there has been largely silence from the Labour Leader’s office.

The Reason, because I fear that this is what the Labour Leader wants society to be like.
Corbyn & his leadership team have been praising Venezuela for the better part of two decades. Corbyn himself is quoted as saying of Venezuela.

“Showed us there is a different and better way of doing things. It’s called Socialism”

Well let us see what socialism has done to Venezuela?

  • 3rd Highest murder rate in the world.
  • Inflation at 2000%, shortages in basic food and medicines.
  • Bribery and corruption rampant.
  • Freedom of the Press destroyed with protests now going on three years.
  • Tampered elections and opposition politicians arrested and banned.
  • Poverty increasing dramatically.

This is a better way of doing things?
No its not, since the fall of the Soviet Union in the 90’s brought about a decrease in absolute poverty by nearly two thirds and Venezuela is now trying to reverse that statistic.

The Labour Leadership who have for nearly the past twenty years praised Venezuela now need to come out and condemn it and stop trying to claim that what Venezuela did was the right thing to do as it has been proven, as has been proven every time before it.

Socialism doesn’t work.

July 2017 Cyber Incident Report

August 2, 2017 at 3:00 pm | Posted in Cyber Security | Leave a comment
Tags: , , ,

So the White board has been wiped for the new financial month at work and now I can reveal the statistics behind the last financial month of the incidents recorded in July.
As a reminder the criteria to get on this list is that the Breach/Attack needs to be reported in major media outlet and be over 5000 records in size.

  • There were Six Cyber Attacks and Thirteen Data Breaches.
  • Over 150 million records were compromised.
  • Financial Costs of the Cyber Incidents this month is estimated to be over $1.2 Billion.
  • Insider Threats continue to be a weakness of all organisations.
  • Average time between each incident is just 2.3 Days.

The largest and perhaps the most interesting was the UK Parliament attack and the Nyetya malware attacks of late June, the effects of which are still being felt today. Companies such as TNT are still trying to recover from the attack that compromised their network.

Electronic Voting – It’s Hard to Hack a piece of Paper

August 1, 2017 at 3:00 pm | Posted in Cyber Security | Leave a comment
Tags: , , , , ,

One topic of conversation that comes up quite regularly for me is when people discuss electronic voting machines or voting online. With arguments in favour such as it will increase turnout and that it is more accessible. However, while I work In Cyber Security I will always be against electronic voting for the simple reason of, nothing is 100% secure.

Anyone in the security industry who says that a technology is 100% protected is lying.

There are still accusations that the US elections were tampered with and those rumours will continue for many years unless evidence is found. While it is possible to commit fraud using the UK’s traditional methods of pen plus paper and postal voting. The scale and the difficulties of doing it on a large scale is incredibly difficult.

This past week has reinforced my opinions on the weaknesses of electronic voting machines. At the Ethical hacking conferences in the USA this past week, various ethical hackers and researchers were invited to try and compromise the electronic voting machines used in past elections as recent as 2015.

Within 30 to 90 minutes, every machine type gifted to them was compromised with the researchers able to change hypothetical votes, play minesweeper and have the machines play videos.

Some of the machines could even be compromised remotely via wireless networks. It has been a pretty damning set of research and reinforces the point that with current technology no electronic voting machines cannot be 100% secure.

The ability to change thousands of votes just by messing with a spreadsheet and given the risk all organisations have against insider threats these machines cannot be considered physically secure either when not used in election season.

I’ll stick to my pen and paper for the time being.

Is a Data Breach going to bring down a Government?

July 29, 2017 at 8:30 pm | Posted in Cyber Security | Leave a comment
Tags: , , , ,

Earlier this week news came to light that information from the Swedish Transport Agency that a database containing the registration numbers of hundreds of thousands of Swedish citizens had been subject to a data breach.

Within this data was details of if people were in a witness protection program, armed service personal and police information. In short information that should never have been accessible by non-authorised parties.

However, unlike many data breaches this was not the result of a Hack but due to a lack of awareness and proper safeguards and oversight of an outsource project. The former head of the Agency has been found guilty and fined for negligence in the handling of this project and the data by the courts.

(The Maximum penalty in Sweden is just half a months’ Salary)

Now, this has taken on a political field.

This is one of the largest data breaches ever taken please in Sweden and it has emerged that Government ministers were aware of the breach happening last year but did not inform the Prime Minister for months and that when the PM did find out, this was also kept from both Parliament and other ministers.

Now the news has broken the Ministers responsible have been fired, resigned or moved. However, the threat of no confidence remains in both the Prime Minster and the ministers still in situ as it is going to be months before the data is fully secure.

This story will rumble on over the next month or so as the Swedish parliament is in recess at the moment but it is entirely possible that as more information becomes clear then a no confidence motion in the Swedish government might pass.

Time to Detection – Going Down but still a Gap

July 28, 2017 at 3:00 pm | Posted in Cyber Security | Leave a comment
Tags: , , ,

Another area discussed within the Cisco Mid-Year cyber security report is the time to detection of a breach.

In Security terms, the time taken from a breach happening to it being detected is now one of the key metrics that the industry prides itself in. In order to ensure that the attackers have as little time as possible in order to cause damage the time to detect needs to be as low as possible.

In immature security environments, it is entirely possible for attacks to remain undetected for months before it is realised that there has been a breach at all. Alternatively, even worse another party informs a company of a breach after discovering data on the internet.

In more mature security environments the time to detection is down to weeks rather than months but it is the cyber security industry and cisco in particular’s goal to get this number down to hours.

The most mature security environments are now down to around three and a half hours, which is a dramatic improvement of the nearly forty hours when Cisco started this research. However, there is still work to do as four hours is a long time for attackers to compromise a network and get what they want.

Leaving Burglars four hours to ransack your home is unacceptable and the same applies in cyber security.

A Newer Threat Emerges – Destruction of Service

July 27, 2017 at 9:38 am | Posted in Cyber Security | Leave a comment
Tags: , , ,

Another theme that emerged from the cisco mid-year cybersecurity report is the rise of destruction as a service.

Now many DDoS (Distributed Denial of Service) as a Service already exist and are can be purchased from the dark web for as little as $7 an hour and used to shut down any website you want by flooding their servers for an hour or so. These attacks are usually deployed against the various console systems over the Christmas period (Xbox live etc) in order to disrupt their services.

However, now attacks are not only seeking to disrupt and deny services but to destroy them.

Attackers are now seeking to remove the safety net that organisations rely on to restore systems following cyber incidents that disrupt their services. By wiping data instead of locking it and also compromising back-ups it is entirely possible for these new attacks to completely wipe out an organisation.

An example was the Netyra attack from a month ago which wiped out data across many industries and continues to impact companies affected. TNT for example is still trying to recover and is reporting that they still have parcels that they cannot deliver in their warehouses due to the destroyed records.

These attacks are a startling new trend in cyber security and Cisco and the rest of the industry’s strategy to try to combat these attacks is to reduce the time that it takes to detect a breach of systems before it can spread.

Next Page »

Create a free website or blog at WordPress.com.
Entries and comments feeds.