Email remains the Top threat Vector – The Crown Prince of Nigeria has died

September 13, 2017 at 4:23 pm | Posted in Cyber Security | Comments Off on Email remains the Top threat Vector – The Crown Prince of Nigeria has died
Tags: , , , , ,

It is one of the oldest methods of attack that still functions on the internet. The email, you all know the email that I am referring too. The email stating that the Crown prince of Nigeria has died, that he was your long lost relative, and if you wire some money into a holding account you can inherit £123,456,789.00

This scam has been going for a long time even dating back to letters but it reinforces a point that the bad guys got smarter.

Many of the most prominent Data Breaches in the last decade have come from a compromised email. With Social Media it is incredibly easy to find out if someone is a HR manager and to email him or her a file called “Recruiting target Q3” while pretending to be their boss.

This is Phishing and it is one of the more common ways to compromise a network.

Email security is an area that not only requires diligence and protection but also vast resources, as the data from TALOS shows over 85% of all email traffic is still currently spam but that despite it being filtered there are still billions of emails that are legitimate.

August email report

That is still a large haystack in which to hide needles that are phishing emails.
And it only needs one for someone to get into a network and for the network to be compromised.

Advertisements

Monitoring Logins – Why have I logged in from the far east?

August 30, 2017 at 4:00 pm | Posted in Cyber Security | Comments Off on Monitoring Logins – Why have I logged in from the far east?
Tags: , , , ,

During my recent trip to the United States, I was logging onto email systems and other systems from a different country and outside normal expected times. As such the systems, I was logging into (both professional and personal) demanded additional levels of authentication beyond username and password.

Multifactor authentication has now advanced to the point that tracking user behaviour (location, MAC address and login times for example) can be used as an additional authentication layer as opposed to a traditional token code.

You can view your successful and unsuccessful login on most personal websites to confirm it Is you and it is important to do this.
Monitoring logins is an easy and effective method of mitigating Data Breaches as if you can identify that a user or account is logging in from an unexpected location when they are not expected to be there you can lock the account down and prevent potential data breach.

Many attacks and breaches have been caused by stolen credentials and by simply monitoring login activity then this particular avenue of attack can be mitigated and the threat reduced.

Returning to Normal Schedule – Intuitive Networks

August 29, 2017 at 4:17 pm | Posted in Cyber Security | Comments Off on Returning to Normal Schedule – Intuitive Networks
Tags: , , ,

For the majority of the last few weeks I have been abroad in the United States attending a conference with work to discuss strategies for the upcoming financial year but also to learn more about what is coming up.

There is a lot coming up in terms of technology and strategy from Cisco but for the time being I think the best way to see what is coming is to ask Peter Dinklage.

Innovation and intuition is the most human element of all, we learn and we adapt we go from there.

Time to Detection – Going Down but still a Gap

July 28, 2017 at 3:00 pm | Posted in Cyber Security | Comments Off on Time to Detection – Going Down but still a Gap
Tags: , , ,

Another area discussed within the Cisco Mid-Year cyber security report is the time to detection of a breach.

In Security terms, the time taken from a breach happening to it being detected is now one of the key metrics that the industry prides itself in. In order to ensure that the attackers have as little time as possible in order to cause damage the time to detect needs to be as low as possible.

In immature security environments, it is entirely possible for attacks to remain undetected for months before it is realised that there has been a breach at all. Alternatively, even worse another party informs a company of a breach after discovering data on the internet.

In more mature security environments the time to detection is down to weeks rather than months but it is the cyber security industry and cisco in particular’s goal to get this number down to hours.

The most mature security environments are now down to around three and a half hours, which is a dramatic improvement of the nearly forty hours when Cisco started this research. However, there is still work to do as four hours is a long time for attackers to compromise a network and get what they want.

Leaving Burglars four hours to ransack your home is unacceptable and the same applies in cyber security.

The encryption traffic conundrum solved?

June 22, 2017 at 4:00 pm | Posted in Cyber Security | Comments Off on The encryption traffic conundrum solved?
Tags: , , , ,

A challenge that has risen in recent years is the rise of encryption on internet communication traffic. Many websites are now HTTPS, especially if you submit any private details.

It also means that many cyber criminals have also adopted encrypted traffic communication in order to protect themselves and make it harder for traditional security solutions to spot malware meaning that Malware spread through encrypted traffic has become a major source of data breaches.

Currently in order to deal with this threat vector the solution is to decrypt all files resulting in a potential trade-off between security and privacy.

Cisco however, has just announced a new approach by using analytics to analyse the intent of encrypted traffic and assess whether an encrypted file is in fact malicious. This is achievable by using Cisco Talos’ intelligence of current and suspected attack vectors.

Early trials are showing it to be extremely effective and I look forward to seeing it in person and in action soon as this could solve several issues that currently are challenges to the security industry.

Create a free website or blog at WordPress.com.
Entries and comments feeds.