classic | mobile
Follow us on:
Follow us on Facebook  Share via Twitter  Share via LinkedIn

Hi-Tech Security Solutions Business Directory
Residential Estate Security Handbook 2017

Securing your digital assets
July 2018, This Week's Editor's Pick, Cyber Security, IT infrastructure

The die is cast as far as cybercrime is concerned. The coming year will see more attacks and more manipulations and, naturally, more breaches that result in losses of data, money, reputation and who knows what else.

We will also see more people and companies confused as to why they were hit (those that know they have been hit), when everyone thought they were using the right protection.

Hi-Tech Security Solutions spoke with David Emm, principal security researcher, Kaspersky Lab, about the coming year in the cybersecurity world. He believes that one of the key areas of cyber-weakness companies will have to deal with is the human factor.

David Emm, Principal Security Researcher, Kaspersky Lab.
David Emm, Principal Security Researcher, Kaspersky Lab.

Whether attacks are targeted or random in nature, getting a foot in the door via an unsuspecting or careless employee is one of the main tactics for cyber criminals. By using one or more forms of social engineering, people wanting to gain access to company data and networks are expert at tricking people into divulging information, or clicking on phishing links which result in infected computers.

Emm says that while people are definitely a company’s weakest cybersecurity link, they can also be the strongest link. Companies that develop a security culture in which employees are educated and aware of the dangers and tactics employed by would-be hackers will find their staff becoming a strong weapon in preventing many intrusions and breaches.

Attack landscape

The attacks we are going to see more of are sophisticated, targeted attacks making use of the latest the cyber-world can deliver – such as zero-day vulnerabilities. These are the most dangerous as most companies have little defence against them. However, these types of attacks will be limited as there is quite a competition going on between ‘black hats’ looking to discover and then sell or use these vulnerabilities for profit, and ‘white hats’ that discover these exploits and take the responsible route in informing the relevant companies before making it public.

The primary attacks will, however, still be made via more ‘normal’ methods, such as advanced persistent attacks (APTs), hacking and the enormous number of malware applications out there. While larger companies generally have the ability to handle these attacks, the small- and medium-sized businesses don’t have the expertise.

Emm suggests that while your traditional antivirus solutions are not able to handle all the attacks thrown at people and companies today, they are still crucial in the overall defensive strategy against cybercrime as they can handle many of the ‘normal’ attacks. Companies then need to add more sophisticated tools such as behavioural analysis, sandboxing and heuristics to their arsenal for more advanced threats.

This is the first step in a three-step process to protect your assets in the digital age. Emm adds that the second is to back up your data to ensure that if a zero-day or some other attack (like ransomware) succeeds, you are not left helpless. (And backing up your data is generally considered best practice in any case.)

The third step is patching. Many successful attacks are carried out using vulnerabilities that were previously discovered and fixed, but the targets had not patched their systems.

Beyond your infrastructure

Sadly, it’s not enough to simply patch your infrastructure anymore. It has become common practice to see attackers targeting a company’s supply chain as an easier way to compromise the business. If an attacker can’t get into your systems, there’s a good chance one of the companies in your supply chain will not have the same level of protection. The attacker will then compromise this business in the hopes of using it to find a way into yours.

Emm says we’re also seeing an increase in profiling where, in order to avoid wasting money, attackers use ‘off-the-shelf’ malware to launch many attacks. When some of those succeed, they them focus on the victims to find the ones they believe will be profitable and they pay special attention to them using more sophisticated methods.

And it’s worth noting that ‘false flags’ are also being used more regularly. A false flag is when the attackers leave clues that indicate their malware was created by someone else to keep themselves off the radar when it comes to reprisals.

A perfect example was seen at the PyeongChang Winter Olympic Games in South Korea where unknown hackers attacked the Organising Committee’s servers. Among the fallout was that many people couldn’t attend the ceremonies as they were unable to print out their tickets. Fingers were pointed at North Korea, Russia, Iran and China, but it appears that the evidence was planted to throw investigators off the track – and we still don’t know who the real attacker was.

Going wireless

Wireless connectivity has become the norm in almost every location around the world, whether it is via Wi-Fi or cellular connections, or more advanced types of wireless networking designed for long-haul or high-bandwidth data communications. And while wireless communications is common, many people still think it is a less secure medium than traditional wired networking. Emm says this is not necessarily the case.

Working securely is not about locking down a location, he says, which is almost impossible given the plethora of devices we use for communications these days. It is about making sure you can do your work wherever you are, but being able to do it securely. Again, education plays an important factor in secure wireless computing and we need to ensure people are aware of the dangers.

For example, public Wi-Fi is not always secure, but making sure people use a VPN is a good start to protecting one’s data. Similarly, people should know what activities should be restricted to known networks; banking on a public network, for example, would not be advisable.

A matter of policy

On the topic of wireless communications, Hi-Tech Security Solutions reached out to Riaan Graham, sales director, sub-Saharan Africa at Ruckus Networks, to find out a little more about wireless security.

Riaan Graham, sales director, sub-Saharan Africa, Ruckus Networks.
Riaan Graham, sales director, sub-Saharan Africa, Ruckus Networks.

Expanding on Emm’s comments, Graham says security starts by looking at the policies you have in place for handling wireless communications, from BYOD (bring your own device) to current IoT (Internet of Things) devices making use of your infrastructure (of course, the policy does not exclude wired networks). This policy is not simply a document you have in case you need to prove that you had a plan, but it will dictate the level of security you build into your infrastructure, wireless or not. For this reason, he says it needs to be a well-researched and forward-looking document that incorporates all possibilities.

An important aspect of a wireless security policy, however, is to ensure that it is implemented correctly. This means not leaving your devices with the default state with the default passwords, as well as ensuring that encryption is activated. Even though there are those who claim to be able to bypass these protections, enabling them will reduce the threats you face significantly – and they are simple to implement.

Once again, he says education is key to teaching people how to be safe when communicating, both on a corporate and a personal level. He provides the case of a financial company that had taken the necessary steps from a technical perspective to secure their network, but then an employee brought in an USB drive with a music video on. The drive was infected with malware and subsequently infected the user’s computer and then spread.

Another option is to ‘ring-fence’ the most sensitive areas on the network, only allowing access to authorised people. However, even this can be a problem because companies are stuck in username/password authentication mode. Despite innumerable examples of how weak relying on a username and a password is, it is still the most widely used means to gain authentication to anything – be it bank accounts or personal data.

Certificate based authentication

The traditional alternative to username/password authentication would be to add another means of verifying you are who you claim to be – known as two-factor authentication – such as a one-time PIN or some third-party device. Biometrics has also been promoted as a more secure form of authentication, but it can prove expensive.

Graham says there is a new way of authentication – certificate-based authentication – that adds to the security of the user and the company’s digital assets. This allows companies to issue a certificate to authenticated devices (once you have authenticated yourself), allowing them easy access to the network in future. Based on the company security policy, a certificate (or licence) is granted to authenticated devices to access to the network, or specific areas or data therein.

In other words, the certificate determines what you may or may not do. If you try to log in with an uncertified device, you are denied access or restricted as to what you may do. This is especially useful for people who move around. Even if you are in a different branch, your certificate (or licence) will still provide you access to IT resources because it has been certified.

Different vendors are looking at this type of authentication and it is likely to become more common in future. For example, Ruckus has an on-boarding process in which the user is asked a number of questions the first time they log in from a device. Depending on the security policy, once the user is authenticated, their device is ‘licensed’ to access the network and they can go ahead.

This does not replace your traditional security measures however. Graham agrees with Emm that even the traditional antivirus solutions are still required – and they need to be kept up to date along with other software as a starting point to a good security posture. Just as a building starts off with foundations and eventually ends up with all the ‘cool stuff’, your security posture must start with foundations upon which you build a user friendly, accessible and distributed solution, with security built into everything.

Supplied By: Technews Publishing
Tel: +27 11 543 5800
Fax: +27 11 787 8052
  Share via Twitter   Share via LinkedIn      

Further reading:

  • Does your machine deep learn to artificially talk NLP in a Bayesian structured neural pattern?
    September 2018, Technews Publishing, News
    So there! Now your very own Hi-Tech Security Solutions magazine is also equipped with the latest deep learning and artificial intelligence capabilities. Using the latest in cognitive neuroscientific algorithms, ...
  • Cameras in the control room
    September 2018, Leaderware, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring
    CCTV operators find themselves in a pivotal position regarding society, technology, security strategy, and the welfare of people. But who watches the watchers?
  • The ever-changing dynamics of risk management
    September 2018, Technews Publishing, This Week's Editor's Pick, Security Services & Risk Management, Transport (Industry), Conferences & Events, Associations, Training & Education
    Hi-Tech Security Solutions was at the TAPA South Africa 2018 conference once again. This is a short summary of the presentations delivered on the day.
  • TAPA 2018 sponsors
    September 2018, Technews Publishing, Transport (Industry), Associations
    There were six companies sponsoring the TAPA conference in July this year. During the conference they all had a few minutes to talk about what they do to enhance security in the logistics business.
  • Securing cargo for export
    September 2018, Technews Publishing, Transport (Industry), Security Services & Risk Management
    Hi-Tech Security Solutions discusses the air cargo handling process and what is done to ensure goods are secure and don’t pose a danger.
  • Making the right security decisions
    September 2018, Technews Publishing, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, Access Control & Identity Management, Perimeter Security, Alarms & Intruder Detection, Integrated Solutions, Conferences & Events, Training & Education
    The Residential Estate Security Conference 2018 took place in Johannesburg in August, covering a range of topics pertinent to the estate market.
  • The most important features of a management platform
    September 2018, Technews Publishing, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, Access Control & Identity Management, Cyber Security, Integrated Solutions
    Hi-Tech Security Solutions asks the industry for the top three features you should be looking for in a security management platform.
  • Integrated anything
    September 2018, Technews Publishing, This Week's Editor's Pick, Integrated Solutions, Security Services & Risk Management
    Babylon is designed to manage access automation systems; however, its utility goes beyond management to include automation and customisation capabilities across technology verticals.
  • The human factor in control rooms
    September 2018, Technews Publishing, Security Services & Risk Management
    What kind of person does it take to watch multiple video screens and make quick and responsible decisions when an incident occurs?
  • Stallion hosts technology day
    September 2018, Technews Publishing, News, Conferences & Events, Training & Education
    Stallion Security hosted its second annual technology day at the Da Vinci Hotel in Sandton to give its clients insight into some of the latest and greatest products and solutions available in the security market.
  • IoT: The starting gates
    September 2018, This Week's Editor's Pick, Integrated Solutions, IT infrastructure
    South Africa is already past the Internet of Things (IoT) hype cycle and well into the mainstream where projects and pilots are already becoming a commercial reality.
  • The platform you depend on
    September 2018, Oryx Systems, This Week's Editor's Pick, Perimeter Security, Alarms & Intruder Detection, Integrated Solutions
    Oryx Systems expands its security management platform to include mobile and video verification with a major upgrade coming in 2019.

Technews Publishing (Pty) Ltd
1st Floor, Stabilitas House
265 Kent Ave, Randburg, 2194
South Africa
Publications by Technews
Dataweek Electronics & Communications Technology
Electronic Buyers Guide (EBG)

Hi-Tech Security Solutions
Hi-Tech Security Business Directory (HSBD)

Motion Control in Southern Africa
Motion Control Buyers’ Guide (MCBG)

South African Instrumentation & Control
South African Instrumentation & Control Buyers’ Guide (IBG)
Terms & conditions of use, including privacy policy
PAIA Manual
    Mobile | Classic

Copyright © Technews Publishing (Pty) Ltd. All rights reserved.