The generations that matter

July 2018 Editor's Choice, Information Security, Security Services & Risk Management

There are endless reports, articles and commentaries about the differences between the generations, of people inhabiting the world today.

According to popular opinion among older people, the older generations are the hard-working ones who deserve some respect and the youngsters are the lazy good-for-nothings. Young people may have a different opinion, but what else would you expect from lazy good-for-nothings?

When it comes to the information security world, however, generations don’t matter. At least, human generations don’t matter as we are all under the whip from cyberattacks from all angles. The generation that does matter, is the generation of security solutions you have in place to protect yourself and your business from these attacks.

Doros Hadjizenonos.
Doros Hadjizenonos.

According to Doros Hadjizenonos, country manager, SADC at Check Point, we have entered the fifth generation of cyberattacks. Generation 1 happened in the late 1980s when virus attacks targeted standalone PCs and saw the rise of anti-virus products. Generation 2 happened in the mid-1990s when the Internet was used as an attack platform and this gave us the firewall as security.

Hadjizenonos says that Generation 3 happened in the early 2000s when cyber criminals started exploiting vulnerabilities in applications, which resulted in the industry developing intrusion prevention systems (IPS) as a defence. It was sometime around 2010 when Generation 4 attacks came into their own. This saw the rise of targeted, unknown, evasive, polymorphic attacks that drove the security industry to develop anti-bot and sandboxing products.

It was around 2017 when we saw the emergence of large scale and multi-vector mega-attacks using advanced attack technologies. This is Generation 5. Hadjizenonos explains that each generation had its own set of tools to protect organisations from becoming victims of an attack because the previous generation’s tools couldn’t hack it. In the fifth generation, he says we are in a similar situation and detection-only based solutions are not sufficient for these fast-moving Generation 5 attacks.

Over the hill security

Check Point recently conducted a survey of over 400 security professionals around the world to ascertain, among other data, what generation of protection their companies had in place and what the biggest threats are that they are dealing with. (The report is available for download at https://www.checkpoint.com/downloads/product-related/genv-survey-study.pdf.)

One of the uncomfortable findings is that most companies are still using older generations of cybersecurity in the hopes that this will protect them from the latest threats developed by cyber criminals. Check Point is of the opinion that “Hackers are exploiting the fact that most organisations rely on older generations of security. As the sophistication and scale of attacks has grown, previous generations of security, which merely detect, are no longer effective. What’s needed for the latest generation of cyberattacks is advanced real-time threat prevention that protects all networks, virtual, cloud, remote office and mobile operations.”

This means companies need the tools that can protect them from attacks from the outside and inside, as well as attacks by outsiders using insiders as an attack vector without their knowledge (such as with phishing).

And these threats apply to everybody. Many businesses in Africa are of the opinion that they have nothing to offer cyber criminals, which is insanely incorrect. Hadjizenonos notes that for a two-month period in the first half of 2018, the country most under attack globally was Botswana. The attacks were not to steal credit card information or anything old-school like that, but most were attacks that installed crypto-mining software on people’s machines and used them to mine cryptocurrency – like Bitcoin or Monero and others. These victims had their systems used to carry out this mining, with no benefit to the victims apart from a computer that would be slower than usual. Of course, once a criminal has access to your system, they can install anything they like or use your system and Internet connection to launch other attacks.

Moreover, since banks all over Africa are generally on top of their security, criminals are looking for softer targets and are finding them in the thousands of small- and medium-sized businesses that also have data to steal and connections to larger companies.

Fifth generation security is therefore a unified system built on an architecture that unifies all networks, cloud, and mobile infrastructure, supported by automatic and immediate threat intelligence. It must share information in real time with every component of the system, whether local or remote, and afford the same level of protection to the whole enterprise, whether it’s a PC or a server located onsite or in the cloud, or a mobile device. And, naturally, it needs to be managed centrally.

Hadjizenonos states that Check Point Infinity is the fifth generation security solution that meets all these needs and was designed for organisations battling fifth generation attacks. Read more about Infinity at https://www.checkpoint.com/downloads/product-related/solution-brief/sb-check-point-infinity.pdf.

New malware in Africa

There’s a new cyber threat on the block, and it’s sneakier than anything we’ve seen before, which is undoubtedly the reason why it’s the malware of choice for hackers across Africa right now.

In fact, though crypto-mining malware is relatively new on the cybercrime scene, it’s remained the top malware in key markets in Africa for several months. In April, Check Point’s Global Threat Index showed that Coinhive, Cryptoloot and XMRig were in the top six malware throughout South Africa, Kenya and Nigeria. Again in May, Coinhive ranked as the number one malware family in all three countries.

All three are prolific crypto-mining malware, which – unlike other malware – hijack your system instead of holding it to ransom. While Coinhive leeches your machine’s computational resources to mine Monero cryptocurrency when an unsuspecting user visits a web page, Cryptoloot uses your central processing unit (CPU) or graphics processing unit (GPU) power to add new transactions to the blockchain, thereby releasing new currency. Similarly, XMRig is an open source CPU mining software used to mine Monero cryptocurrency.

At the end of the day, this might affect your business in one of two ways. Either the hacker’s mining operation will consume large volumes of power and leave a horrible surprise in your electricity bill, or the operation will overload the CPU of the infected machines, slowing down your hardware performance dramatically. This is because the malware will defer your machine’s critical tasks to keep the mining operation in progress. Basically, your machines will gradually slow down and heat up, causing a significant reduction in user productivity.

What’s more, hackers can also infect your company’s web servers, embedding the mining javascript in your sites’ HTML pages. Needless to say, the consequences of this could be extensive – compromising both your business’ reputation and customer relationships.

And because cryptominers can infect any device – browsers, servers, desktops and mobile phones – the only way you can protect against the exploitation of your servers is by filtering out mining components within websites and removing miners from mobile devices. Basically, you need a multi-layered security approach.

For more information contact Check Point South Africa, +27 11 510 0120, [email protected], www.checkpoint.com.



Credit(s)




Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

SMARTpod talks to Armata’s Richard Frost
Technews Publishing SMART Security Solutions Videos
SMARTpod, the podcast by SMART Security Solutions, recently spoke to Richard Frost from Armata about the company's new 'all-in-one' cybersecurity bundle designed to relieve cyber stress in the SMB market.

Read more...
Boost revenue streams for MNOS
News & Events Security Services & Risk Management Financial (Industry)
ReveNet has introduced its new solution, designed to safeguard and potentially boost revenue streams in an increasingly challenging landscape for MNOS. The new platform combines advanced analytics and is built on trust, transparency, and sustainability principles.

Read more...
Here’s to a SMART 2025
SMART Security Solutions Editor's Choice News & Events
This is the final news brief from SMART Security Solutions for 2024, and the teams would like to take this opportunity to thank our readers, advertisers and partners and wish everyone a safe and secure festive season.

Read more...
Smart surveillance and cyber resilience
Axis Communications SA Surveillance Information Security Government and Parastatal (Industry) Facilities & Building Management
South Africa’s critical infrastructure sector has to step up its game regarding cybersecurity and the evolving risk landscape. The sector has become a prime target for cybercriminals on top of physical threat actors, and the consequences of an incident can be far-reaching.

Read more...
NIS2 compliance amplifies skills shortages and resource strain
Information Security Security Services & Risk Management
A new Censuswide survey, commissioned by Veeam Software reveals the significant impact on businesses as they adapt to this key cybersecurity directive, with 95% of EMEA businesses siphoning other budgets to try and meet compliance deadline.

Read more...
Physical security technology trends to watch in 2025
Technews Publishing News & Events
There are some exciting developments and significant changes, some technical and some operational, taking place in the market that security professionals should be aware of as they plan for the year ahead.

Read more...
SA company develops world-first safe K9 training for drug detection
Editor's Choice News & Events Security Services & Risk Management Government and Parastatal (Industry)
The Braveheart Bio-Dog Academy recently announced the results of its scientific research into training dogs to accurately detect drugs and explosives without harming either the dogs or their handlers.

Read more...
Autonomous healing systems are the future
Infrastructure Information Security AI & Data Analytics
Autonomous healing software, an emerging technology, is gaining traction for its potential to transform how organisations manage software maintenance, security, and system performance.

Read more...
Understanding South Africa’s Cybercrimes Act
Information Security Security Services & Risk Management
The Cybercrimes Act No.19 of 2020 is a comprehensive legislative response to the evolving landscape of cyberthreats in South Africa. Its effectiveness, however, relies on enforcement, which relies on implementation, international cooperation, and collaboration between the public and private sectors.

Read more...
AI-powered automation for an operational efficiency edge
Editor's Choice AI & Data Analytics IoT & Automation
In the fast-moving world of digital transformation, businesses are under immense pressure to accelerate their operations and adapt quickly to stay competitive in an era dominated by AI and technological advancements.

Read more...