Monday, November 24, 2014

Enhancing Cybersecurity with Big Data

Big data is creating profound business and social opportunities in every nearly field, enabling the discovery of previously hidden patterns and developing new insights to inform and guide decisions. At the same time, protecting the information of individuals and organizations from online threats remains an urgent priority so using big data tools and techniques to enhance cybersecurity is a natural development. For example, an organization might aggregate and analyze log data from all of its computing devices to identify malicious activities. In the absence of big data techniques, the task of storing, processing, and analyzing vast amounts of data is, for all but a few organizations, simply not feasible. Microsoft commissioned a study from the Ponemon Institute to understand whether and how organizations are using big data to improve cybersecurity, and to identify the challenges they face, including security and privacy considerations. The study surveyed more than 100 executive-level respondents in the United States and Europe representing their organization’s IT security, privacy, and compliance functions such as chief information security and privacy officers. The survey results suggest that while most companies have a strong interest in using big data to improve cybersecurity, concerns about the cost and complexity of big data solutions as well as privacy challenges, give them pause. Specifically, many respondents noted a conflict between privacy and security, coupled with ambiguity of how privacy will be protected in these applications. The report also details what security and privacy leaders require in big data solutions for cybersecurity. Finally, we offer five recommendations for organizations seeking to address both the security and privacy concerns of big data solutions.

Monday, November 17, 2014

1 in 3 indian companies vulnerable to cyber attacks

Nearly a third of Indian organizations do not possess the knowledge to prevent cyber attacks even as the information technology world is turning increasingly vulnerable, a recent study has found. According to consultancy EY's global information security survey 'Get Ahead of Cybercrime', released on Sunday, the biggest roadblocks in implementing cyber security effectively in organizations are lack of agility, budget and skilled manpower. The consultancy surveyed about 1,825 organizations across 60 countries, including 60 from India. While 54.55% of respondents in India said they were facing increasing online threats, 50.91% respondents said they were facing greater vulnerabilities in their information security risk environment. In spite of the greater awareness, 32.14% respondents said their organization's total information security budget will stay almost the same in the coming year despite increasing threats. Nearly half (46.3%) the companies surveyed said mobile technology will be a high focus area for online threat prevention in the coming year. According to the survey, fraud and cyber attacks to steal intellectual property or data are the top two threats faced by organizations in India. More than half (54.1%) the respondents said careless or unaware employees were the biggest vulnerability companies faced, while 40.9% named outdated information security controls or architecture and 22.7% said unauthorized access were the most common vulnerabilities.

Thursday, November 6, 2014

IBM introduces new cloud platform for threat analytics

IBM today unveiled a new cloud-focused enterprise security services portfolio that includes a threat-analytics platform for hybrid cloud environments. The IBM Dynamic Cloud Security portfolio covers four primary areas: securing users' connection to the cloud; protecting data stored in the cloud; detecting threats to the cloud; and optimizing security operations for both on-premises and cloud environments. The portfolio includes new cloud security software and service offerings, including the IBM Intelligent Threat Protection Cloud, which is a managed services platform for event monitoring and threat analytics. In addition to the Intelligent Threat Protection Cloud, which is built on IBM's Hadoop-based InfoSphere BigInsights for data analytics, IBM also redesigned its Managed Security Services platform for the cloud to provide better visibility and control of enterprise security operations. "The approach was to create a technology platform that allows us to control and manage an ecosystem of different security pieces across the seams of the environment," said Kris Lovejoy, general manager of IBM's security services division. The Dynamic Cloud Security portfolio also brings the IBM QRadar Security Intelligence analytics platform to the cloud for the first time. The QRadar platform offers cloud connector technologies to provide threat intelligence for cloud computing implementations, both those using IBM SoftLayer as well as other public cloud services. "The biggest part of IBM's security business is monitoring and analytics, and now that's being extended to the cloud," Lovejoy said. Lovejoy said the cloud-based threat analytics and threat intelligence platforms will allow Big Blue to aggregate data about a variety of potential threats and anomalies around the world, and make the data available to customers as actionable intelligence. IBM also has an on-premises version of the new threat analytics platform for customers who may be apprehensive about transmitting enterprise data to the public cloud for analysis. But Lovejoy said the on-premises version doesn't offer customers the wealth of information and actionable intelligence that's collected from other customers around the globe. In addition, she said, IBM doesn't store any of the enterprise data or event information that is used for threat analysis, and any data used is immediately destroyed following its analysis. "There are customers that have concerns about the cloud," Lovejoy said. "The biggest challenge for this is data privacy. Some customers will want to use the [public] cloud, and some will want us to build it on premise, which is expensive but we can do that. But most are going to want to use the cloud." Rick Holland, principal analyst at Forrester Research, said that while threat analytics is an important component for cloud security, there are other pressing needs that IBM will have to address with its cloud-centric customers. "For many organizations, they don't even know what applications and infrastructure are running in IaaS, PaaS [or] SaaS," Holland said. "Their most pressing need is an actual inventory so that they can then begin to understand the risks to these cloud assets. I'm consistently surprised by how little organizations, some of them very mature, know about their cloud based assets. If you have to have that visibility first, then you can think about securing it." Along with the threat analytics platform and threat intelligence, Lovejoy said IBM's Dynamic Cloud Security portfolio offers cloud identity and access management tools, cloud endpoint security and cloud network protection. The suite also provides API-based access on IBM's Bluemix developer platform to analytics tools that can scan Web applications and mobile apps for vulnerabilities. According to a new IBM study of nearly 150 Chief Information Security Information Officers , 85% said their organizations are now moving to cloud, but almost half expect a major cloud provider to suffer a security breach in the near future. Lovejoy said numbers like those were a major reason why IBM shifted its entire security product family to the cloud. "Taking over an enterprise's entire security services operation has been a core business for us," Lovejoy said. "Now that enterprises are moving more of their business off premise, we want to be able to manage those security services in the cloud too."

Monday, October 27, 2014

Kaspersky Probes ATM Malware Mystery

Kaspersky Lab this week reported that criminals have been emptying ATMs and infecting them with malware dubbed "Tyupkin." About 50 machines have been infected in eastern Europe, and the attacks have spread to the United States, India and China, based on statistics culled from VirusTotal, Kaspersk... More details here:

Saturday, October 11, 2014

Cloud security: The basics

Wednesday, October 8, 2014

Tuesday, October 7, 2014

Advanced iOS Virus Targeting Hong Kong Protesters

Cybersecurity researchers have uncovered a computer virus that spies on Apple’s iOS operating system for the iPhone and iPad, and they believe it is targeting pro-democracy protesters in Hong Kong. The malicious software, known as Xsser, is capable of stealing text messages, photos, call logs, passwords, and other data from Apple mobile devices, researchers with Lacoon Mobile Security said Tuesday. They uncovered the spyware while investigating similar malware for Google’s Android operating system last week that also targeted Hong Kong protesters. Anonymous attackers spread the Android spyware via WhatsApp, sending malicious links to download the program, according to Lacoon. It is unclear how iOS devices get infected with Xsser, which is not disguised as an app. Lacoon Chief Executive Michael Shaulov told Reuters that Xsser is the most sophisticated malware used to date in any known cyberattack on iOS users. “This is one the most interesting developments we have seen,” he said. “It’s the first real indication that really sophisticated guys are shifting from infecting PCs or laptops to going after iOS devices.” The code used to control that server is written in Chinese. The high quality of the campaign and the fact that it is being used to target protesters suggests that it is coming from a sophisticated attacker in China, Shaulov said. “It is the first time in history that you actually see an operationalized iOS Trojan that is attributed to some kind of Chinese entity,” he said. A Trojan is a term used by cyber researchers to describe malware that enters a device disguised as something harmless. Still, he said his company’s research team has yet to identify any specific victims of the iOS Trojan. Lacoon said on its blog that it is possible the attackers might have deployed the Trojan in other places, in addition to spying on pro-democracy protesters in Hong Kong. “It can cross borders easily, and is possibly being operated by a Chinese-speaking entity to spy on individuals, foreign companies, or even entire governments,” they said in a blog post describing their analysis.

Monday, October 6, 2014

CyberSecurity Free Webinar

Oct. 9. Cyberspace as Battlespace. 2 p.m. ET. Black Hat webinar. Free with registration.

Sunday, October 5, 2014

2FA for Feds

Two-factor authentication is gaining traction among online service providers as a way to prevent their customers' accounts from being hijacked.

2FA is relatively simple. In addition to a username and password, a single-use code is sent -- typically to a user's cellphone -- to verify the customer's identity.
Some government departments and branches of the military have been using 2FA for years. However, it usually involves a dedicated token -- just another gadget that has to be lugged around and can be lost, stolen or forgotten.
The complexity and expense of token-based systems has acted as a brake on the more widespread adoption of 2FA in the federal government.
In an effort to change that, Globalscape last week announced an alliance withSMS Passcode.

With governments at all levels looking for economical and effective security solutions, a 2FA system that uses something employees already have -- their mobile phones -- could be an attractive proposition.

While agencies still would need to pay licensing fees to Globalscape and SMS Passcode, much of the overhead of token-based systems could be eliminated.
"It dramatically increases security with only those licensing fees," Greg Hoffer, senior director of engineering for Globalscape, told TechNewsWorld. "That's a lot cheaper than solutions that are hardware based or Web-application firewall-based."

Another benefit of the SMS solution is that it's location aware, he noted.
"If a log-in attempt originates in China and we know your mobile phone is in the U.S. or Canada, the system will block the log-in attempt," Hoffer explained. "So it increases security through geo-awareness."

Holiday Anxiety

With the holiday season approaching, visions of the Target data breach fiasco -- not sugar plums -- will be dancing in many shoppers' heads.
What's a consumer to do? For one thing, consumers can pay closer attention to what's appearing on their credit card statements. They don't have to wait for those statements to arrive in the mail, either. They can check transactions online -- and many regularly do so.

"They should also consider using credit cards that provide more detailed information about credit card transactions," Sean Leonard, founder and CEO of Penango, told TechNewsWorld. "That makes it easier for both the credit card company and consumer to detect fraud."

Using a credit card to make purchases is preferable to using a debit card, according to Leonard.

"Purchasing with a credit card is better than purchasing with a debit card. Getting money lost to debit card fraud back is a lot harder than disputing a charge on credit card statement," he said.

"If all you have is debit cards," said Leonard, "you should use the credit card feature of the debit card."

Consumers Fed Up With Data Breaches

With news of massive data breaches becoming almost a weekly occurrence, consumers are beginning to lose their patience with the custodians of their personal information.

Survey results from 2,000 consumers released last week by HyTrust, suggest that 51 percent of those polled would bolt from any business involved in a data breach that compromised personal information such as address, Social Security number or credit card details.

Suspicions have been growing among consumers that businesses aren't doing enough to protect the data they eagerly collect from their customers, Eric Chiu, president and founder of HyTrust, told TechNewsWorld.

"We're seeing repeats of the same sorts of attacks over and over," he said. "It means that in the retail world, everyone is playing kick the can. They're not addressing what needs to be addressed now and putting the consumer first."

The survey also revealed some harsh attitudes toward businesses involved in a data breach. Almost half of the respondents (45.6 percent) said companies should be considered "criminally negligent" the moment a breach occurs.
Attitudes on that front appear to be colored by age, though. Only 34 percent of 25-34 year olds were in favor of immediate blame, while 51 percent of respondents 65 and older wouldn't hesitate to lower the hammer on a company involved in a breach.

The same is true for consumers who vowed to vote with their feet against a company that suffered a breach. Three out of every five respondents (60.2 percent) in the 35-44 age bracket said they'd take their business elsewhere, compared to 51 percent overall.

A large majority of the consumers participating in the survey (80.3 percent) felt the officers of a company should be held accountable for a breach.
"Since the Target breach, there's been almost weekly breaches," Chiu said. "Consumers are tired of it. They feel that companies are not really paying attention."

Saturday, October 4, 2014

4 Things Chase Customers Should Do in Wake of Recent Hack

If you’re a Chase bank customer, you’re right to feel powerless right now.
Hackers broke into JPMorgan’s computer systems and stole more than 80 million customers’ personal information, including their names, emails, physical addresses, and phone numbers.
Anyone who used online banking or the Chase smartphone app were affected.
It’s time to play defense.
1. Watch out for scammers. Hackers now have enough information to contact you, and they know you’re a JPMorgan Chase (JPM) customer.
Don’t trust any phone calls, emails, or letters claiming to be from the bank. Instead, directly call the number on your bank card or a previous statement.
Scam artists will seek even more information from you — like your birthday, Social Security number or bank account number — so they can tap into your account and steal your money.
And beware: Scammers will likely scan your Facebook, Twitter, or LinkedIn page first. Expect them to sound like a bank that knows about your personal habits.
2. Don’t change your login or get new cards — yet. According to the bank, hackers didn’t manage to steal usernames, passwords, account numbers or Social Security numbers.
As such, don’t rush to change these things. It’s an unnecessary inconvenience.
More importantly, though, you might have to change all these things later. The New York Timesreported that hackers got root access to the bank’s computer system. That’s as deep as it gets.
So hackers might still be lurking in the bank’s computers — even if the bank claims it closed the hole and has “no evidence” hackers are still inside its network.
3. Check your bank statement regularly. If hackers are still in the bank’s computers, they could grab even more information.
Operate under the assumption you’re at risk of fraud all the time. Carefully review your bank and credit card statements for any unexpected charges — especially tiny ones.
Fraudsters typically test a stolen debit or credit card by charging a few cents on the card. They do it to avoid catching your attention.
4. Stay put. Don’t switch to a different bank. This is the hardest advice to take, because it’s rooted in a sense of despair.
The sad reality is, all banks are under attack.
And if you’re thinking about switching to a geographically close community bank, consider it a trade-off.
The largest banks — Chase, Bank of America, Citigroup, Wells Fargo, and so on — will get hacked more often, because they are bigger targets.
But smaller banks get attacked, too. And they don’t have the means to protect you as well, because they have less money to hire top-notch security teams.
You’re exposed everywhere anyway. That’s the argument of Kate Carruthers, who spent more than a decade doing IT for major Australian, New Zealand and U.S. banks.
“If people knew how these systems are handled and how clunky they are, they wouldn’t use banks,” she said. “But the reality is, they have to. They don’t have a choice.”

India readies cyber commandos to thwart attacks in cyber space

At a time when is feeling the heat owing to growing number of cyber warriors globally, especially in neighboring countries like China, a flurry of activities are happening in the country both at the government level as well as private organizations.

The government has already started taking initiatives to set up a that would work towards preventing sabotage, espionage and cyber originating from within or outside the country. In January this year, Shivshankar Menon, National Security Advisor to the Prime Minister had informed that the National Security Council is working out the final details for its implementation the architecture.

However, the biggest challenge for the success of the initiative is the shortage of cyber security experts, also known as cyber commandos.

Earlier this year, the University Grants Commission had sent a letter to the vice chancellors of all the technical universities to introduce cyber security and information security as subjects at the undergraduate and post-graduate level. While few of the universities have already initiated the process, it is taking time in the absence of any proven course curriculum.

In order to address the skill gaps and the demand of cyber warriors that India may require in the future, EC Council (International Council of E-Commerce Consultants), a provider of certifications and training on information security has now come out to cater to the future need. In association with its training partners in India, the US-based company is expecting to offer training to about 40,000 people on areas such as Ethical Hacking, Computer Hacking Forensics Investigation, Security Analysis and Penetration Testing.

“We already have fought two world wars. There is a belief that if a third world war is fought, then it is going to be controlled through computer network. Someone, if gets control over hospitals, weaponries and government departments can easily create havoc in any country. And that’s why there is a greater need of cyber warriors in any country today,” said Akash Agarwal, Country Manager of EC-Council in India.

Presently, few of the universities offer information security as a subject as a part of their Criminology Department. For example, the department of Criminology at the University of Madras offers courses on Information Security and Digital Forensic.

According to different estimates, there was a financial loss of around $390 billion globally last year because of cyber attacks and frauds. Presently, China is the most vulnerable country to cyber attacks with over 40% of the attacks targeted against the country followed by the United States.

India is said to be the eighth most vulnerable country in the world as far as cyber attacks are concerned. Even though estimates say India receives around 2.5% of the cyber attacks happen globally, the impact of those could be humongous considering the financial loss as well as loss of sensitive information.

“We need to understand from the fact that the dependence of the economy and the governance – whether it is banking, e-commerce, travel booking, electric transfers and payment systems – is becoming more and more. The moment you talk about growth in these areas, your first concern is whether the transactions are secure,” said Kamlesh Bajaj, CEO of Data Security Council (DSCI), a Nasscom initiative.

“So it is the trust level in all of these systems, that is critical and that trust will come from security,” he added.

In a report submitted to the Home Ministry and the National Security Council last year, DSCI had proposed the government to appoint a Cyber Security Coordinator at the national level. It had also underscored on the need of public private partnership to respond to the challenges thrown by cyber security.

India, according to various estimates, would require around 500,000 by 2015 to cater to the growing need for securing the cyber space.

Presently, China is estimated to have 25 million cyber commandos. Even a small country line North Korea is believed to have over 15,000 cyber warriors.

Even though there is a lack of any published figure, industry experts believe that India may be having about 2000 people who are capable of monitoring attacks and taking remedial measures, though it is more unorganised now.

CyberSecurity Jobs in India

5 lakh jobs by 2015 in cyber security 

India will require five lakh cyber security professionals by 2015 to support its fast growing internet economy as per an estimate by the Union ministry of information technology. These jobs will come up across industries. The financial sector alone is expected to hire over 2 lakh people while telcos, utility sectors, power, oil & gas, airlines, government (law & order and egovernance ) will hire the rest. 

A large number of these jobs will be around cyber policing and ethical hacking, to check for network vulnerabilities . The need for cyber experts has grown exponentially as the country is heading towards an internet explosion mostly fuelled by e-commerce, e-banking , egovernance and the social media. 

The Data Security Council of India (DSCI), a Nasscom body that frames guidelines related to data security and data privacy for corporates, said, "Security will fuel the growth of businesses. Trust is critical to build customer confidence and trust comes only through safety. Global clients are increasingly demanding high-level compliance to data security, privacy and cyber security regulations."