classic | mobile
Follow us on:
Follow us on Facebook  Share via Twitter  Share via LinkedIn
 

Search...
Hi-Tech Security Solutions Business Directory
Residential Estate Security Handbook 2017


Securing your digital assets
July 2018, This Week's Editor's Pick, Cyber Security, IT infrastructure

The die is cast as far as cybercrime is concerned. The coming year will see more attacks and more manipulations and, naturally, more breaches that result in losses of data, money, reputation and who knows what else.

We will also see more people and companies confused as to why they were hit (those that know they have been hit), when everyone thought they were using the right protection.

Hi-Tech Security Solutions spoke with David Emm, principal security researcher, Kaspersky Lab, about the coming year in the cybersecurity world. He believes that one of the key areas of cyber-weakness companies will have to deal with is the human factor.

David Emm, Principal Security Researcher, Kaspersky Lab.
David Emm, Principal Security Researcher, Kaspersky Lab.

Whether attacks are targeted or random in nature, getting a foot in the door via an unsuspecting or careless employee is one of the main tactics for cyber criminals. By using one or more forms of social engineering, people wanting to gain access to company data and networks are expert at tricking people into divulging information, or clicking on phishing links which result in infected computers.

Emm says that while people are definitely a company’s weakest cybersecurity link, they can also be the strongest link. Companies that develop a security culture in which employees are educated and aware of the dangers and tactics employed by would-be hackers will find their staff becoming a strong weapon in preventing many intrusions and breaches.

Attack landscape

The attacks we are going to see more of are sophisticated, targeted attacks making use of the latest the cyber-world can deliver – such as zero-day vulnerabilities. These are the most dangerous as most companies have little defence against them. However, these types of attacks will be limited as there is quite a competition going on between ‘black hats’ looking to discover and then sell or use these vulnerabilities for profit, and ‘white hats’ that discover these exploits and take the responsible route in informing the relevant companies before making it public.

The primary attacks will, however, still be made via more ‘normal’ methods, such as advanced persistent attacks (APTs), hacking and the enormous number of malware applications out there. While larger companies generally have the ability to handle these attacks, the small- and medium-sized businesses don’t have the expertise.

Emm suggests that while your traditional antivirus solutions are not able to handle all the attacks thrown at people and companies today, they are still crucial in the overall defensive strategy against cybercrime as they can handle many of the ‘normal’ attacks. Companies then need to add more sophisticated tools such as behavioural analysis, sandboxing and heuristics to their arsenal for more advanced threats.

This is the first step in a three-step process to protect your assets in the digital age. Emm adds that the second is to back up your data to ensure that if a zero-day or some other attack (like ransomware) succeeds, you are not left helpless. (And backing up your data is generally considered best practice in any case.)

The third step is patching. Many successful attacks are carried out using vulnerabilities that were previously discovered and fixed, but the targets had not patched their systems.

Beyond your infrastructure

Sadly, it’s not enough to simply patch your infrastructure anymore. It has become common practice to see attackers targeting a company’s supply chain as an easier way to compromise the business. If an attacker can’t get into your systems, there’s a good chance one of the companies in your supply chain will not have the same level of protection. The attacker will then compromise this business in the hopes of using it to find a way into yours.

Emm says we’re also seeing an increase in profiling where, in order to avoid wasting money, attackers use ‘off-the-shelf’ malware to launch many attacks. When some of those succeed, they them focus on the victims to find the ones they believe will be profitable and they pay special attention to them using more sophisticated methods.

And it’s worth noting that ‘false flags’ are also being used more regularly. A false flag is when the attackers leave clues that indicate their malware was created by someone else to keep themselves off the radar when it comes to reprisals.

A perfect example was seen at the PyeongChang Winter Olympic Games in South Korea where unknown hackers attacked the Organising Committee’s servers. Among the fallout was that many people couldn’t attend the ceremonies as they were unable to print out their tickets. Fingers were pointed at North Korea, Russia, Iran and China, but it appears that the evidence was planted to throw investigators off the track – and we still don’t know who the real attacker was.

Going wireless

Wireless connectivity has become the norm in almost every location around the world, whether it is via Wi-Fi or cellular connections, or more advanced types of wireless networking designed for long-haul or high-bandwidth data communications. And while wireless communications is common, many people still think it is a less secure medium than traditional wired networking. Emm says this is not necessarily the case.

Working securely is not about locking down a location, he says, which is almost impossible given the plethora of devices we use for communications these days. It is about making sure you can do your work wherever you are, but being able to do it securely. Again, education plays an important factor in secure wireless computing and we need to ensure people are aware of the dangers.

For example, public Wi-Fi is not always secure, but making sure people use a VPN is a good start to protecting one’s data. Similarly, people should know what activities should be restricted to known networks; banking on a public network, for example, would not be advisable.

A matter of policy

On the topic of wireless communications, Hi-Tech Security Solutions reached out to Riaan Graham, sales director, sub-Saharan Africa at Ruckus Networks, to find out a little more about wireless security.

Riaan Graham, sales director, sub-Saharan Africa, Ruckus Networks.
Riaan Graham, sales director, sub-Saharan Africa, Ruckus Networks.

Expanding on Emm’s comments, Graham says security starts by looking at the policies you have in place for handling wireless communications, from BYOD (bring your own device) to current IoT (Internet of Things) devices making use of your infrastructure (of course, the policy does not exclude wired networks). This policy is not simply a document you have in case you need to prove that you had a plan, but it will dictate the level of security you build into your infrastructure, wireless or not. For this reason, he says it needs to be a well-researched and forward-looking document that incorporates all possibilities.

An important aspect of a wireless security policy, however, is to ensure that it is implemented correctly. This means not leaving your devices with the default state with the default passwords, as well as ensuring that encryption is activated. Even though there are those who claim to be able to bypass these protections, enabling them will reduce the threats you face significantly – and they are simple to implement.

Once again, he says education is key to teaching people how to be safe when communicating, both on a corporate and a personal level. He provides the case of a financial company that had taken the necessary steps from a technical perspective to secure their network, but then an employee brought in an USB drive with a music video on. The drive was infected with malware and subsequently infected the user’s computer and then spread.

Another option is to ‘ring-fence’ the most sensitive areas on the network, only allowing access to authorised people. However, even this can be a problem because companies are stuck in username/password authentication mode. Despite innumerable examples of how weak relying on a username and a password is, it is still the most widely used means to gain authentication to anything – be it bank accounts or personal data.

Certificate based authentication

The traditional alternative to username/password authentication would be to add another means of verifying you are who you claim to be – known as two-factor authentication – such as a one-time PIN or some third-party device. Biometrics has also been promoted as a more secure form of authentication, but it can prove expensive.

Graham says there is a new way of authentication – certificate-based authentication – that adds to the security of the user and the company’s digital assets. This allows companies to issue a certificate to authenticated devices (once you have authenticated yourself), allowing them easy access to the network in future. Based on the company security policy, a certificate (or licence) is granted to authenticated devices to access to the network, or specific areas or data therein.

In other words, the certificate determines what you may or may not do. If you try to log in with an uncertified device, you are denied access or restricted as to what you may do. This is especially useful for people who move around. Even if you are in a different branch, your certificate (or licence) will still provide you access to IT resources because it has been certified.

Different vendors are looking at this type of authentication and it is likely to become more common in future. For example, Ruckus has an on-boarding process in which the user is asked a number of questions the first time they log in from a device. Depending on the security policy, once the user is authenticated, their device is ‘licensed’ to access the network and they can go ahead.

This does not replace your traditional security measures however. Graham agrees with Emm that even the traditional antivirus solutions are still required – and they need to be kept up to date along with other software as a starting point to a good security posture. Just as a building starts off with foundations and eventually ends up with all the ‘cool stuff’, your security posture must start with foundations upon which you build a user friendly, accessible and distributed solution, with security built into everything.


Credit(s)
Supplied By: Technews Publishing
Tel: +27 11 543 5804
Fax: +27 11 787 8052
Email: vivienne@technews.co.za
www: www.technews.co.za
  Share via Twitter   Share via LinkedIn      

Further reading:

  • Too safe to escape
    July 2018, Technews Publishing, News
    A recent story I was told highlights how we still take security for granted in our daily lives. Most people try to ensure that their houses, townhouses and apartments have some form of security in place ...
  • TAPA 2018 conference
    July 2018, Technews Publishing, TAPA (Transported Asset Protection Association), Calendar of Events
    TAPA 2018 conference    27 July, 2018 Emperors Palace, Gauteng The ever-changing dynamics of risk management. TAPA members no charge. Non members – R1620 excl VAT per person The South African chapter ...
  • Residential Estate Security Conference
    July 2018, Technews Publishing, Calendar of Events
    Residential Estate Security Conference    14 August, 2018 Indaba Hotel, Fourways, Johannesburg Following sold-out events in Durban in March 2018, Hi-Tech Security Solutions, in cooperation with Rob Anderson, ...
  • CCTV reviews and the display of relevant information
    July 2018, Leaderware, This Week's Editor's Pick
    Recorded video is often far from ideal. There are a number of things that can affect the quality and state of video and influence whether the review or analysis can lead to relevant facts.
  • Where safety, security and Industry 4.0 meet
    July 2018, Technews Publishing, This Week's Editor's Pick, Integrated Solutions, Industrial (Industry)
    Integrated security offers more than simply a means to keep unwanted people out of industrial settings, its benefits extend to supporting and enhancing daily operations.
  • Protecting the machines
    July 2018, Technews Publishing, This Week's Editor's Pick, Cyber Security, Integrated Solutions, Industrial (Industry)
    Security operations at industrial sites need to include cybersecurity and it needs to be treated with the same importance as the physical security of the site as well as health and safety standards.
  • Securex 2018 pulls the (right) crowds
    July 2018, Technews Publishing, Access Control & Identity Management, CCTV, Surveillance & Remote Monitoring, Cyber Security, Integrated Solutions
    With over 6000 visitors attending and exhibitors expressing their satisfaction with not only the number, but also the calibre of the visitors, this year’s Securex was a winner.
  • Advances in NVR and VMS capabilities
    July 2018, Technews Publishing, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, IT infrastructure, Products
    Hi-Tech Security Solutions looks at what the latest trends are in the NVR and VMS worlds, along with some of the latest products.
  • SLAs - Read the fine print
    July 2018, Technews Publishing, This Week's Editor's Pick, Security Services & Risk Management
    By insisting on an appropriate maintenance contract, security technology can be used to the full extent of its possible life.
  • The generations that matter
    July 2018, Technews Publishing, This Week's Editor's Pick, Cyber Security, Security Services & Risk Management
    According to Doros Hadjizenonos, country manager, SADC at Check Point, we have entered the fifth generation of cyberattacks.
  • EOH introduces managed Security-as-a-Service
    July 2018, EOH Security & Building Technologies, News, Cyber Security, Security Services & Risk Management
    EOH has introduced a solution to modern security concerns through a managed Security-as-a-Service suite of offerings.
  • Online platform for targeted staff recruitment
    July 2018, Technews Publishing, This Week's Editor's Pick, News, Training & Education
    Hi-Tech Security Solutions launches online platform for targeted staff recruitment.

 
 
         
Contact:
Technews Publishing (Pty) Ltd
1st Floor, Stabilitas House
265 Kent Ave, Randburg, 2194
South Africa
Publications by Technews
Dataweek Electronics & Communications Technology
Electronic Buyers Guide (EBG)

Hi-Tech Security Solutions
Hi-Tech Security Business Directory (HSBD)

Motion Control in Southern Africa
Motion Control Buyers’ Guide (MCBG)

South African Instrumentation & Control
South African Instrumentation & Control Buyers’ Guide (IBG)
Other
Terms & conditions of use, including privacy policy
PAIA Manual
         
    Mobile | Classic

Copyright © Technews Publishing (Pty) Ltd. All rights reserved.