classic | mobile
Follow us on:
Follow us on Facebook  Share via Twitter  Share via LinkedIn
 

Search...
Hi-Tech Security Solutions Business Directory
Residential Estate Security Handbook 2017


The generations that matter
July 2018, This Week's Editor's Pick, Cyber Security, Security Services & Risk Management

There are endless reports, articles and commentaries about the differences between the generations, of people inhabiting the world today.

According to popular opinion among older people, the older generations are the hard-working ones who deserve some respect and the youngsters are the lazy good-for-nothings. Young people may have a different opinion, but what else would you expect from lazy good-for-nothings?

When it comes to the information security world, however, generations don’t matter. At least, human generations don’t matter as we are all under the whip from cyberattacks from all angles. The generation that does matter, is the generation of security solutions you have in place to protect yourself and your business from these attacks.

Doros Hadjizenonos.
Doros Hadjizenonos.

According to Doros Hadjizenonos, country manager, SADC at Check Point, we have entered the fifth generation of cyberattacks. Generation 1 happened in the late 1980s when virus attacks targeted standalone PCs and saw the rise of anti-virus products. Generation 2 happened in the mid-1990s when the Internet was used as an attack platform and this gave us the firewall as security.

Hadjizenonos says that Generation 3 happened in the early 2000s when cyber criminals started exploiting vulnerabilities in applications, which resulted in the industry developing intrusion prevention systems (IPS) as a defence. It was sometime around 2010 when Generation 4 attacks came into their own. This saw the rise of targeted, unknown, evasive, polymorphic attacks that drove the security industry to develop anti-bot and sandboxing products.

It was around 2017 when we saw the emergence of large scale and multi-vector mega-attacks using advanced attack technologies. This is Generation 5. Hadjizenonos explains that each generation had its own set of tools to protect organisations from becoming victims of an attack because the previous generation’s tools couldn’t hack it. In the fifth generation, he says we are in a similar situation and detection-only based solutions are not sufficient for these fast-moving Generation 5 attacks.

Over the hill security

Check Point recently conducted a survey of over 400 security professionals around the world to ascertain, among other data, what generation of protection their companies had in place and what the biggest threats are that they are dealing with. (The report is available for download at https://www.checkpoint.com/downloads/product-related/genv-survey-study.pdf.)

One of the uncomfortable findings is that most companies are still using older generations of cybersecurity in the hopes that this will protect them from the latest threats developed by cyber criminals. Check Point is of the opinion that “Hackers are exploiting the fact that most organisations rely on older generations of security. As the sophistication and scale of attacks has grown, previous generations of security, which merely detect, are no longer effective. What’s needed for the latest generation of cyberattacks is advanced real-time threat prevention that protects all networks, virtual, cloud, remote office and mobile operations.”

This means companies need the tools that can protect them from attacks from the outside and inside, as well as attacks by outsiders using insiders as an attack vector without their knowledge (such as with phishing).

And these threats apply to everybody. Many businesses in Africa are of the opinion that they have nothing to offer cyber criminals, which is insanely incorrect. Hadjizenonos notes that for a two-month period in the first half of 2018, the country most under attack globally was Botswana. The attacks were not to steal credit card information or anything old-school like that, but most were attacks that installed crypto-mining software on people’s machines and used them to mine cryptocurrency – like Bitcoin or Monero and others. These victims had their systems used to carry out this mining, with no benefit to the victims apart from a computer that would be slower than usual. Of course, once a criminal has access to your system, they can install anything they like or use your system and Internet connection to launch other attacks.

Moreover, since banks all over Africa are generally on top of their security, criminals are looking for softer targets and are finding them in the thousands of small- and medium-sized businesses that also have data to steal and connections to larger companies.

Fifth generation security is therefore a unified system built on an architecture that unifies all networks, cloud, and mobile infrastructure, supported by automatic and immediate threat intelligence. It must share information in real time with every component of the system, whether local or remote, and afford the same level of protection to the whole enterprise, whether it’s a PC or a server located onsite or in the cloud, or a mobile device. And, naturally, it needs to be managed centrally.

Hadjizenonos states that Check Point Infinity is the fifth generation security solution that meets all these needs and was designed for organisations battling fifth generation attacks. Read more about Infinity at https://www.checkpoint.com/downloads/product-related/solution-brief/sb-check-point-infinity.pdf.

New malware in Africa

There’s a new cyber threat on the block, and it’s sneakier than anything we’ve seen before, which is undoubtedly the reason why it’s the malware of choice for hackers across Africa right now.

In fact, though crypto-mining malware is relatively new on the cybercrime scene, it’s remained the top malware in key markets in Africa for several months. In April, Check Point’s Global Threat Index showed that Coinhive, Cryptoloot and XMRig were in the top six malware throughout South Africa, Kenya and Nigeria. Again in May, Coinhive ranked as the number one malware family in all three countries.

All three are prolific crypto-mining malware, which – unlike other malware – hijack your system instead of holding it to ransom. While Coinhive leeches your machine’s computational resources to mine Monero cryptocurrency when an unsuspecting user visits a web page, Cryptoloot uses your central processing unit (CPU) or graphics processing unit (GPU) power to add new transactions to the blockchain, thereby releasing new currency. Similarly, XMRig is an open source CPU mining software used to mine Monero cryptocurrency.

At the end of the day, this might affect your business in one of two ways. Either the hacker’s mining operation will consume large volumes of power and leave a horrible surprise in your electricity bill, or the operation will overload the CPU of the infected machines, slowing down your hardware performance dramatically. This is because the malware will defer your machine’s critical tasks to keep the mining operation in progress. Basically, your machines will gradually slow down and heat up, causing a significant reduction in user productivity.

What’s more, hackers can also infect your company’s web servers, embedding the mining javascript in your sites’ HTML pages. Needless to say, the consequences of this could be extensive – compromising both your business’ reputation and customer relationships.

And because cryptominers can infect any device – browsers, servers, desktops and mobile phones – the only way you can protect against the exploitation of your servers is by filtering out mining components within websites and removing miners from mobile devices. Basically, you need a multi-layered security approach.

For more information contact Check Point South Africa, +27 11 510 0120, doros@checkpoint.com, www.checkpoint.com.


Credit(s)
Supplied By: Technews Publishing
Tel: +27 11 543 5804
Fax: +27 11 787 8052
Email: vivienne@technews.co.za
www: www.technews.co.za
  Share via Twitter   Share via LinkedIn      

Further reading:

  • Too safe to escape
    July 2018, Technews Publishing, News
    A recent story I was told highlights how we still take security for granted in our daily lives. Most people try to ensure that their houses, townhouses and apartments have some form of security in place ...
  • TAPA 2018 conference
    July 2018, Technews Publishing, TAPA (Transported Asset Protection Association), Calendar of Events
    TAPA 2018 conference    27 July, 2018 Emperors Palace, Gauteng The ever-changing dynamics of risk management. TAPA members no charge. Non members – R1620 excl VAT per person The South African chapter ...
  • Residential Estate Security Conference
    July 2018, Technews Publishing, Calendar of Events
    Residential Estate Security Conference    14 August, 2018 Indaba Hotel, Fourways, Johannesburg Following sold-out events in Durban in March 2018, Hi-Tech Security Solutions, in cooperation with Rob Anderson, ...
  • CCTV reviews and the display of relevant information
    July 2018, Leaderware, This Week's Editor's Pick
    Recorded video is often far from ideal. There are a number of things that can affect the quality and state of video and influence whether the review or analysis can lead to relevant facts.
  • Where safety, security and Industry 4.0 meet
    July 2018, Technews Publishing, This Week's Editor's Pick, Integrated Solutions, Industrial (Industry)
    Integrated security offers more than simply a means to keep unwanted people out of industrial settings, its benefits extend to supporting and enhancing daily operations.
  • Protecting the machines
    July 2018, Technews Publishing, This Week's Editor's Pick, Cyber Security, Integrated Solutions, Industrial (Industry)
    Security operations at industrial sites need to include cybersecurity and it needs to be treated with the same importance as the physical security of the site as well as health and safety standards.
  • Securex 2018 pulls the (right) crowds
    July 2018, Technews Publishing, Access Control & Identity Management, CCTV, Surveillance & Remote Monitoring, Cyber Security, Integrated Solutions
    With over 6000 visitors attending and exhibitors expressing their satisfaction with not only the number, but also the calibre of the visitors, this year’s Securex was a winner.
  • Advances in NVR and VMS capabilities
    July 2018, Technews Publishing, This Week's Editor's Pick, CCTV, Surveillance & Remote Monitoring, IT infrastructure, Products
    Hi-Tech Security Solutions looks at what the latest trends are in the NVR and VMS worlds, along with some of the latest products.
  • SLAs - Read the fine print
    July 2018, Technews Publishing, This Week's Editor's Pick, Security Services & Risk Management
    By insisting on an appropriate maintenance contract, security technology can be used to the full extent of its possible life.
  • Securing your digital assets
    July 2018, Technews Publishing, This Week's Editor's Pick, Cyber Security, IT infrastructure
    Cyberattacks can’t be prevented, but companies and individuals have ways to keep the attackers out. However, the coming year will see more attacks and more losses because of poor cyber planning.
  • EOH introduces managed Security-as-a-Service
    July 2018, EOH Security & Building Technologies, News, Cyber Security, Security Services & Risk Management
    EOH has introduced a solution to modern security concerns through a managed Security-as-a-Service suite of offerings.
  • Online platform for targeted staff recruitment
    July 2018, Technews Publishing, This Week's Editor's Pick, News, Training & Education
    Hi-Tech Security Solutions launches online platform for targeted staff recruitment.

 
 
         
Contact:
Technews Publishing (Pty) Ltd
1st Floor, Stabilitas House
265 Kent Ave, Randburg, 2194
South Africa
Publications by Technews
Dataweek Electronics & Communications Technology
Electronic Buyers Guide (EBG)

Hi-Tech Security Solutions
Hi-Tech Security Business Directory (HSBD)

Motion Control in Southern Africa
Motion Control Buyers’ Guide (MCBG)

South African Instrumentation & Control
South African Instrumentation & Control Buyers’ Guide (IBG)
Other
Terms & conditions of use, including privacy policy
PAIA Manual
         
    Mobile | Classic

Copyright © Technews Publishing (Pty) Ltd. All rights reserved.