classic | mobile
Follow us on:
Follow us on Facebook  Share via Twitter  Share via LinkedIn
 

Search...
Hi-Tech Security Solutions Business Directory
Residential Estate Security Handbook 2017


The generations that matter
July 2018, This Week's Editor's Pick, Cyber Security, Security Services & Risk Management

There are endless reports, articles and commentaries about the differences between the generations, of people inhabiting the world today.

According to popular opinion among older people, the older generations are the hard-working ones who deserve some respect and the youngsters are the lazy good-for-nothings. Young people may have a different opinion, but what else would you expect from lazy good-for-nothings?

When it comes to the information security world, however, generations don’t matter. At least, human generations don’t matter as we are all under the whip from cyberattacks from all angles. The generation that does matter, is the generation of security solutions you have in place to protect yourself and your business from these attacks.

Doros Hadjizenonos.
Doros Hadjizenonos.

According to Doros Hadjizenonos, country manager, SADC at Check Point, we have entered the fifth generation of cyberattacks. Generation 1 happened in the late 1980s when virus attacks targeted standalone PCs and saw the rise of anti-virus products. Generation 2 happened in the mid-1990s when the Internet was used as an attack platform and this gave us the firewall as security.

Hadjizenonos says that Generation 3 happened in the early 2000s when cyber criminals started exploiting vulnerabilities in applications, which resulted in the industry developing intrusion prevention systems (IPS) as a defence. It was sometime around 2010 when Generation 4 attacks came into their own. This saw the rise of targeted, unknown, evasive, polymorphic attacks that drove the security industry to develop anti-bot and sandboxing products.

It was around 2017 when we saw the emergence of large scale and multi-vector mega-attacks using advanced attack technologies. This is Generation 5. Hadjizenonos explains that each generation had its own set of tools to protect organisations from becoming victims of an attack because the previous generation’s tools couldn’t hack it. In the fifth generation, he says we are in a similar situation and detection-only based solutions are not sufficient for these fast-moving Generation 5 attacks.

Over the hill security

Check Point recently conducted a survey of over 400 security professionals around the world to ascertain, among other data, what generation of protection their companies had in place and what the biggest threats are that they are dealing with. (The report is available for download at https://www.checkpoint.com/downloads/product-related/genv-survey-study.pdf.)

One of the uncomfortable findings is that most companies are still using older generations of cybersecurity in the hopes that this will protect them from the latest threats developed by cyber criminals. Check Point is of the opinion that “Hackers are exploiting the fact that most organisations rely on older generations of security. As the sophistication and scale of attacks has grown, previous generations of security, which merely detect, are no longer effective. What’s needed for the latest generation of cyberattacks is advanced real-time threat prevention that protects all networks, virtual, cloud, remote office and mobile operations.”

This means companies need the tools that can protect them from attacks from the outside and inside, as well as attacks by outsiders using insiders as an attack vector without their knowledge (such as with phishing).

And these threats apply to everybody. Many businesses in Africa are of the opinion that they have nothing to offer cyber criminals, which is insanely incorrect. Hadjizenonos notes that for a two-month period in the first half of 2018, the country most under attack globally was Botswana. The attacks were not to steal credit card information or anything old-school like that, but most were attacks that installed crypto-mining software on people’s machines and used them to mine cryptocurrency – like Bitcoin or Monero and others. These victims had their systems used to carry out this mining, with no benefit to the victims apart from a computer that would be slower than usual. Of course, once a criminal has access to your system, they can install anything they like or use your system and Internet connection to launch other attacks.

Moreover, since banks all over Africa are generally on top of their security, criminals are looking for softer targets and are finding them in the thousands of small- and medium-sized businesses that also have data to steal and connections to larger companies.

Fifth generation security is therefore a unified system built on an architecture that unifies all networks, cloud, and mobile infrastructure, supported by automatic and immediate threat intelligence. It must share information in real time with every component of the system, whether local or remote, and afford the same level of protection to the whole enterprise, whether it’s a PC or a server located onsite or in the cloud, or a mobile device. And, naturally, it needs to be managed centrally.

Hadjizenonos states that Check Point Infinity is the fifth generation security solution that meets all these needs and was designed for organisations battling fifth generation attacks. Read more about Infinity at https://www.checkpoint.com/downloads/product-related/solution-brief/sb-check-point-infinity.pdf.

New malware in Africa

There’s a new cyber threat on the block, and it’s sneakier than anything we’ve seen before, which is undoubtedly the reason why it’s the malware of choice for hackers across Africa right now.

In fact, though crypto-mining malware is relatively new on the cybercrime scene, it’s remained the top malware in key markets in Africa for several months. In April, Check Point’s Global Threat Index showed that Coinhive, Cryptoloot and XMRig were in the top six malware throughout South Africa, Kenya and Nigeria. Again in May, Coinhive ranked as the number one malware family in all three countries.

All three are prolific crypto-mining malware, which – unlike other malware – hijack your system instead of holding it to ransom. While Coinhive leeches your machine’s computational resources to mine Monero cryptocurrency when an unsuspecting user visits a web page, Cryptoloot uses your central processing unit (CPU) or graphics processing unit (GPU) power to add new transactions to the blockchain, thereby releasing new currency. Similarly, XMRig is an open source CPU mining software used to mine Monero cryptocurrency.

At the end of the day, this might affect your business in one of two ways. Either the hacker’s mining operation will consume large volumes of power and leave a horrible surprise in your electricity bill, or the operation will overload the CPU of the infected machines, slowing down your hardware performance dramatically. This is because the malware will defer your machine’s critical tasks to keep the mining operation in progress. Basically, your machines will gradually slow down and heat up, causing a significant reduction in user productivity.

What’s more, hackers can also infect your company’s web servers, embedding the mining javascript in your sites’ HTML pages. Needless to say, the consequences of this could be extensive – compromising both your business’ reputation and customer relationships.

And because cryptominers can infect any device – browsers, servers, desktops and mobile phones – the only way you can protect against the exploitation of your servers is by filtering out mining components within websites and removing miners from mobile devices. Basically, you need a multi-layered security approach.

For more information contact Check Point South Africa, +27 11 510 0120, doros@checkpoint.com, www.checkpoint.com.


Credit(s)
Supplied By: Technews Publishing
Tel: +27 11 543 5800
Fax: +27 11 787 8052
Email: vivienne@technews.co.za
www: www.technews.co.za
  Share via Twitter   Share via LinkedIn      

Further reading:

  • Does your machine deep learn to artificially talk NLP in a Bayesian structured neural pattern?
    September 2018, Technews Publishing, News
    So there! Now your very own Hi-Tech Security Solutions magazine is also equipped with the latest deep learning and artificial intelligence capabilities. Using the latest in cognitive neuroscientific algorithms, ...
  • Cameras in the control room
    September 2018, Leaderware, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring
    CCTV operators find themselves in a pivotal position regarding society, technology, security strategy, and the welfare of people. But who watches the watchers?
  • The ever-changing dynamics of risk management
    September 2018, Technews Publishing, This Week's Editor's Pick, Security Services & Risk Management, Transport (Industry), Conferences & Events, Associations, Training & Education
    Hi-Tech Security Solutions was at the TAPA South Africa 2018 conference once again. This is a short summary of the presentations delivered on the day.
  • TAPA 2018 sponsors
    September 2018, Technews Publishing, Transport (Industry), Associations
    There were six companies sponsoring the TAPA conference in July this year. During the conference they all had a few minutes to talk about what they do to enhance security in the logistics business.
  • Securing cargo for export
    September 2018, Technews Publishing, Transport (Industry), Security Services & Risk Management
    Hi-Tech Security Solutions discusses the air cargo handling process and what is done to ensure goods are secure and don’t pose a danger.
  • Making the right security decisions
    September 2018, Technews Publishing, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, Access Control & Identity Management, Perimeter Security, Alarms & Intruder Detection, Integrated Solutions, Conferences & Events, Training & Education
    The Residential Estate Security Conference 2018 took place in Johannesburg in August, covering a range of topics pertinent to the estate market.
  • The most important features of a management platform
    September 2018, Technews Publishing, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, Access Control & Identity Management, Cyber Security, Integrated Solutions
    Hi-Tech Security Solutions asks the industry for the top three features you should be looking for in a security management platform.
  • Integrated anything
    September 2018, Technews Publishing, This Week's Editor's Pick, Integrated Solutions, Security Services & Risk Management
    Babylon is designed to manage access automation systems; however, its utility goes beyond management to include automation and customisation capabilities across technology verticals.
  • The human factor in control rooms
    September 2018, Technews Publishing, Security Services & Risk Management
    What kind of person does it take to watch multiple video screens and make quick and responsible decisions when an incident occurs?
  • Stallion hosts technology day
    September 2018, Technews Publishing, News, Conferences & Events, Training & Education
    Stallion Security hosted its second annual technology day at the Da Vinci Hotel in Sandton to give its clients insight into some of the latest and greatest products and solutions available in the security market.
  • Londoloza becomes a part of Fidelity ADT
    September 2018, Fidelity Security Group, News, Security Services & Risk Management
    Fidelity ADT has announced that Londoloza Protection Group will now form a part of Fidelity ADT. This partnership will integrate Londoloza customers into the Fidelity Security Group, under the Fidelity ADT umbrella.
  • IoT: The starting gates
    September 2018, This Week's Editor's Pick, Integrated Solutions, IT infrastructure
    South Africa is already past the Internet of Things (IoT) hype cycle and well into the mainstream where projects and pilots are already becoming a commercial reality.

 
 
         
Contact:
Technews Publishing (Pty) Ltd
1st Floor, Stabilitas House
265 Kent Ave, Randburg, 2194
South Africa
Publications by Technews
Dataweek Electronics & Communications Technology
Electronic Buyers Guide (EBG)

Hi-Tech Security Solutions
Hi-Tech Security Business Directory (HSBD)

Motion Control in Southern Africa
Motion Control Buyers’ Guide (MCBG)

South African Instrumentation & Control
South African Instrumentation & Control Buyers’ Guide (IBG)
Other
Terms & conditions of use, including privacy policy
PAIA Manual
         
    Mobile | Classic

Copyright © Technews Publishing (Pty) Ltd. All rights reserved.