The generations that matter

July 2018 Editor's Choice, Cyber Security, Security Services & Risk Management

There are endless reports, articles and commentaries about the differences between the generations, of people inhabiting the world today.

According to popular opinion among older people, the older generations are the hard-working ones who deserve some respect and the youngsters are the lazy good-for-nothings. Young people may have a different opinion, but what else would you expect from lazy good-for-nothings?

When it comes to the information security world, however, generations don’t matter. At least, human generations don’t matter as we are all under the whip from cyberattacks from all angles. The generation that does matter, is the generation of security solutions you have in place to protect yourself and your business from these attacks.

Doros Hadjizenonos.
Doros Hadjizenonos.

According to Doros Hadjizenonos, country manager, SADC at Check Point, we have entered the fifth generation of cyberattacks. Generation 1 happened in the late 1980s when virus attacks targeted standalone PCs and saw the rise of anti-virus products. Generation 2 happened in the mid-1990s when the Internet was used as an attack platform and this gave us the firewall as security.

Hadjizenonos says that Generation 3 happened in the early 2000s when cyber criminals started exploiting vulnerabilities in applications, which resulted in the industry developing intrusion prevention systems (IPS) as a defence. It was sometime around 2010 when Generation 4 attacks came into their own. This saw the rise of targeted, unknown, evasive, polymorphic attacks that drove the security industry to develop anti-bot and sandboxing products.

It was around 2017 when we saw the emergence of large scale and multi-vector mega-attacks using advanced attack technologies. This is Generation 5. Hadjizenonos explains that each generation had its own set of tools to protect organisations from becoming victims of an attack because the previous generation’s tools couldn’t hack it. In the fifth generation, he says we are in a similar situation and detection-only based solutions are not sufficient for these fast-moving Generation 5 attacks.

Over the hill security

Check Point recently conducted a survey of over 400 security professionals around the world to ascertain, among other data, what generation of protection their companies had in place and what the biggest threats are that they are dealing with. (The report is available for download at https://www.checkpoint.com/downloads/product-related/genv-survey-study.pdf.)

One of the uncomfortable findings is that most companies are still using older generations of cybersecurity in the hopes that this will protect them from the latest threats developed by cyber criminals. Check Point is of the opinion that “Hackers are exploiting the fact that most organisations rely on older generations of security. As the sophistication and scale of attacks has grown, previous generations of security, which merely detect, are no longer effective. What’s needed for the latest generation of cyberattacks is advanced real-time threat prevention that protects all networks, virtual, cloud, remote office and mobile operations.”

This means companies need the tools that can protect them from attacks from the outside and inside, as well as attacks by outsiders using insiders as an attack vector without their knowledge (such as with phishing).

And these threats apply to everybody. Many businesses in Africa are of the opinion that they have nothing to offer cyber criminals, which is insanely incorrect. Hadjizenonos notes that for a two-month period in the first half of 2018, the country most under attack globally was Botswana. The attacks were not to steal credit card information or anything old-school like that, but most were attacks that installed crypto-mining software on people’s machines and used them to mine cryptocurrency – like Bitcoin or Monero and others. These victims had their systems used to carry out this mining, with no benefit to the victims apart from a computer that would be slower than usual. Of course, once a criminal has access to your system, they can install anything they like or use your system and Internet connection to launch other attacks.

Moreover, since banks all over Africa are generally on top of their security, criminals are looking for softer targets and are finding them in the thousands of small- and medium-sized businesses that also have data to steal and connections to larger companies.

Fifth generation security is therefore a unified system built on an architecture that unifies all networks, cloud, and mobile infrastructure, supported by automatic and immediate threat intelligence. It must share information in real time with every component of the system, whether local or remote, and afford the same level of protection to the whole enterprise, whether it’s a PC or a server located onsite or in the cloud, or a mobile device. And, naturally, it needs to be managed centrally.

Hadjizenonos states that Check Point Infinity is the fifth generation security solution that meets all these needs and was designed for organisations battling fifth generation attacks. Read more about Infinity at https://www.checkpoint.com/downloads/product-related/solution-brief/sb-check-point-infinity.pdf.

New malware in Africa

There’s a new cyber threat on the block, and it’s sneakier than anything we’ve seen before, which is undoubtedly the reason why it’s the malware of choice for hackers across Africa right now.

In fact, though crypto-mining malware is relatively new on the cybercrime scene, it’s remained the top malware in key markets in Africa for several months. In April, Check Point’s Global Threat Index showed that Coinhive, Cryptoloot and XMRig were in the top six malware throughout South Africa, Kenya and Nigeria. Again in May, Coinhive ranked as the number one malware family in all three countries.

All three are prolific crypto-mining malware, which – unlike other malware – hijack your system instead of holding it to ransom. While Coinhive leeches your machine’s computational resources to mine Monero cryptocurrency when an unsuspecting user visits a web page, Cryptoloot uses your central processing unit (CPU) or graphics processing unit (GPU) power to add new transactions to the blockchain, thereby releasing new currency. Similarly, XMRig is an open source CPU mining software used to mine Monero cryptocurrency.

At the end of the day, this might affect your business in one of two ways. Either the hacker’s mining operation will consume large volumes of power and leave a horrible surprise in your electricity bill, or the operation will overload the CPU of the infected machines, slowing down your hardware performance dramatically. This is because the malware will defer your machine’s critical tasks to keep the mining operation in progress. Basically, your machines will gradually slow down and heat up, causing a significant reduction in user productivity.

What’s more, hackers can also infect your company’s web servers, embedding the mining javascript in your sites’ HTML pages. Needless to say, the consequences of this could be extensive – compromising both your business’ reputation and customer relationships.

And because cryptominers can infect any device – browsers, servers, desktops and mobile phones – the only way you can protect against the exploitation of your servers is by filtering out mining components within websites and removing miners from mobile devices. Basically, you need a multi-layered security approach.

For more information contact Check Point South Africa, +27 11 510 0120, [email protected], www.checkpoint.com.



Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

Prime time for palm vein identification
Fulcrum Biometrics Editor's Choice
Ingenico and Fujitsu Frontech North America, represented by Fulcrum Biometrics in South Africa, unveil queue-busting solution for secure in-store commerce.

Read more...
A closed security concept for test halls and perimeter
Dallmeier Electronic Southern Africa Editor's Choice
At its factory facilities in Vilsbiburg, Germany, Flottweg SE relies on tailored video security technology from Dallmeier for perimeter security and workplace safety.

Read more...
What to do in the face of growing ransomware attacks
Technews Publishing Cyber Security Security Services & Risk Management
Ransomware attacks are proliferating, with attackers becoming more sophisticated and aggressive, and often hitting the same victims more than once, in more than one way.

Read more...
Texecom launches the Midnight Black Collection
Technews Publishing Perimeter Security, Alarms & Intruder Detection Products
Working in harmony with darker environments, the Midnight Black Collection has been created for businesses and sites that require or prefer a security solution which offers discreet protection that compliments their surroundings.

Read more...
SAN market set for growth
Technews Publishing News IT infrastructure
Storage-area network (SAN) market to hit US$ 26,86 billion in revenue by the end of 2029 due to factors like widespread adoption of Hybrid SAN-NAS solutions.

Read more...
Optimising remote technical support
Technews Publishing Asset Management, EAS, RFID Products
Sanden Intercool Kenya improves efficiency, removes manual processes with FIELDForce from MACmobile, making its technical backup and support staff more productive, while also optimising record keeping.

Read more...
Where does SA logistics stand as far as cybersecurity is concerned?
Logistics (Industry) Security Services & Risk Management
Lesiba Sebola, director of information technology at Bidvest International Logistics, says it is paramount to safeguard IT infrastructure given how central it has become to operations.

Read more...
Enterprise threats in 2023
News Cyber Security
Large businesses and government structures should prepare for cybercriminals using media to blackmail organisations, reporting alleged data leaks, and purchasing initial access to previously compromised companies on the darknet.

Read more...
Advanced server performance and energy efficient design
Editor's Choice IT infrastructure Products
Dell PowerEdge server portfolio expansion offers more performance, including up to 2.9x greater AI inferencing while Dell Smart Flow design and Dell Power Manager software advancements deliver greater energy efficiency.

Read more...
Free-to-use solar score for South African homes
Technews Publishing Editor's Choice
The LookSee Solar Score is one of the first of its kind to provide insight into the potential of solar power for South Africa’s residential properties.

Read more...