AI - Could Be the Next Hole in your Security Posture

2018/01/29 by admin

Over the Christmas holidays, the advertisements for Alexa, Google Home and similar were about ever other commercial on television. I have to admit I don’t really see a need to ask a personal digital assistant to turn on music, add something to a shopping list or tell me what the weather is like outside - but then again, I can see the attraction for some.

If you did receive a digital assistant or are thinking of getting one please read the following article:

AI in the Workplace: How Digital Assistants Impact Cybersecurity

Information Security - January 29, 2018 - Sage Singleton

Digital Assistants (sometimes seen as AIs) are becoming ubiquitous in living rooms and smartphones everywhere. Now, these devices are taking the leap to the business world. With Amazon’s announcement of the Alexa for Business Platform, AIs may soon be able to assist with everything from conference calls to office supply orders. All that utility may come at the cost of security, however, since these AI devices are vulnerable to potential hacking.

Digital Assistants Enter the Business World
Digital assistants have exploded in popularity over the last two years. Amazon’s Echo devices were the website’s number-one-selling product last year, and Google and Apple are eyeing increasing market shares as new developments for Google Home and Apple HomeKit close the AI gap.

Amazon has made recent moves to conquer the small business market and is the first in the burgeoning AI industry to attempt to do so. The Alexa for Business Platform brings additional functionality (Alexa’s “skills”) to offices everywhere. There are still some hurdles for the technology; lingering privacy concerns leave some businesses wondering whether the addition of a digital assistant will leave their company vulnerable to a security breach.

Digital Assistants and Security
Digital assistants like Alexa, Google Assistant, and Siri use voice recognition technology as their primary interface. This means they are always listening, even when they are not in use. For a hacker, this makes any digital assistant a potential listening device, a security flaw that was proven in a report released by British security researcher Mark Barnes. With access to the microphone, corporate espionage and identity theft are real concerns.

Privacy
Privacy is another major hurdle before digital assistants gain widespread adoption in the corporate world. Private data exchanges can use a protocol called end-to-end encryption, which restricts data access to just the sender and receiver.

Unfortunately, end-to-end encryption is not always the default, and many devices and programs don’t use it, leaving any collected data open to mining by third parties — Google’s Allo messaging app uses voice recognition technology without end-to-end encryption.

A team from Zhejiang University found another startling vulnerability for digital assistants using ultrasonic signals. Aptly named the DolphinAttack, the technique uses ultrasonic frequencies above the human hearing range to issue commands to nearby AIs. The attack effectively turns these devices into a backdoor, since a hacker can simply ask a device equipped with Alexa, Siri, or Google Assistant to visit a phishing website, call a phone number, or disable a web-connected security system.

Businesses are increasingly finding themselves the target for these types of attacks. In a process called “whale phishing”, hackers specifically target high-value individuals in corporate offices for phishing scams, identity theft, and more. Larger businesses are vulnerable since they offer hackers bigger targets for these types of breaches.

Protecting Your Business from Attack
The Better Business Bureau’s 2017 survey of cybersecurity issues among small businesses reports that one out of five companies has been the victim of a cyber-attack. Many of these attacks can be traced to lost personal data like passwords or an employee’s identity, raising concerns for digital assistants and their potential use as listening devices.

Beyond general statistics, it’s hard to identify the frequency of hacks specifically related to digital assistants, but the vulnerabilities are hard to ignore. Web-connected devices of all types can potentially be used as entry points into secure systems; a North American casino was the victim of data theft using a Wi-Fi connected fish tank. Barnes recommends not putting smart devices in spaces where compromising information could be overheard.

If the benefits of a digital assistant outweigh the potential drawbacks, you can take steps to minimize your risk of a security breach, both physically and digitally. The Better Business Bureau’s survey shows that cyber-attacks can even come from internal employees. Implementing a prevention plan and a response plan can offer the best protection for your business.

The Future of AIs and Cybersecurity
The rapid development of machine learning and voice-powered AIs points to a rapidly changing future. Chips developed by MIT hint at the development of digital assistants that no longer require a web connection to process AI-related tasks like voice recognition, potentially closing many of the security flaws these devices possess.

Whether these devices can overcome their security flaws and mainstream into the corporate world is unclear, but the rapid development of their underlying technologies indicates big changes on the horizon for offices everywhere. Some of the concerns about listening devices may also be exaggerated; as Barnes reminds readers in his article, almost all of us already have a smartphone mic in our pocket that we are okay with.

Check out the full article ->

Over a Quarter of Ransomware now targets Corporates

2017/12/01 by admin

From InfoSecurity - Phil Muncaster

The number of ransomware attacks targeting business users in 2017 rose to 26% as the number of new families discovered halved, according to new stats released this week by Kaspersky Lab.

The Russian AV firm claimed that 26.2% of attacks over the past year were aimed at corporates, with just over 4% targeting SMBs.

This would seem to represent just a small increase from the 22.6% of attacks aimed at business users in 2016. However, the vendor said these figures didn’t include the three mega ransomware worm campaigns of WannaCry, NotPetya (ExPetr) and BadRabbit.

There are other signs of an evolution in the ransomware landscape: the number of new malware families discovered by Kaspersky Lab dropped from 62 last year to just 38 in 2017.

However, it appears as if cyber-criminals are instead looking to modify existing strains in order to bypass security filters: the number of mods grew from 54,000 last year to 96,000 this.

Ransomware remains a serious threat to organizations, with two-thirds (65%) of those hit claiming to have lost a “significant” amount or even all of their data. Even the 29% that managed to decrypt their data said they lost a “significant” number of files.

Over a third (36%) ignored the advice of police and security experts and paid the ransom, but one in six never managed to recover their data.

There are also signs that ransomware is having a longer-lasting impact on the victim organization: 34% claimed they took a week or longer to recover from such an incident, versus 29% in 2016.

“The headline attacks of 2017 are an extreme example of growing criminal interest in corporate targets. We spotted this trend in 2016, it has accelerated throughout 2017, and shows no signs of slowing down,” argued senior malware analyst, Fedor Sinitsyn.

“Business victims are remarkably vulnerable, can be charged a higher ransom than individuals and are often willing to pay up in order to keep the business operational. New business-focused infection vectors, such as through remote desktop systems are not surprisingly also on the rise.”

This vector became increasingly popular in 2017, used to spread Crysis, Purgen/GlobeImposter and Cryakl ransomware variants, among others.

However, there was some good last year, after decryption keys were published for strains including ES-NI, xdata, Petya/Mischa/GoldenEye and Crysis — although the latter was subsequently resurrected.

Have a question about how to protect yourself against ransomware - Contact us

KnowBe4 Releases Email Exposure Check Pro

2017/09/07 by admin

KnowBe4 Releases Email Exposure Check Pro to Help Organizations Identify At-Risk Users

September 6, 2017 - PRWeb -

KnowBe4, provider of the most popular security awareness training and simulated-phishing platform, today announced the release of the new version of its Email Exposure Check (EEC). The new version is called the EEC Pro, has powerful additional features and is still provided at no cost.

While employees give out their corporate email for various reasons, IT is hard-pressed to keep track and

manage the risk. EEC Pro helps IT by identifying an organization’s at-risk users by crawling social media information and scouring hundreds of breach databases to identify risk associated with user emails and identities. The more at-risk email addresses a company has, the bigger its attack surface, and the higher its risk. EEC Pro only requires filling out a form, and works in two stages. The first stage performs deep web searches to find publicly available organization data provided on sites such as LinkedIn and Facebook. This allows the EEC Pro to show what organizational structure an attacker would be able to easily pull together and use to craft targeted attacks.

The second stage of EEC Pro utilizes the Have I Been Pwned data breach service to find users that have had their account information released in any of several hundred breaches. These users are particularly at-risk because an attacker knows more about them, potentially including their actual passwords. As the final step, EEC Pro provides a detailed summary report to the IT team, including an overview of the data found, a summary of organizational risk levels, and a link to a web report that contains a full list of all users found, the breaches the users were found in, and an overview of the data included in the breach. This allows IT managers to ensure exposed emails or exposed passwords are modified.

“Since 91% of data breaches start with a successful phishing attack, an organization must act reasonably or do what is necessary or appropriate to protect its data and take steps to identify weaknesses that expose their employees,” said Stu Sjouwerman, Founder and CEO of KnowBe4. “Employees are the last line of defense within an organization. We want to make it as easy as possible for IT professionals to reduce their attack surface and strengthen their weakest links. You need to create a ‘Human Firewall.’”

Exposed emails and passwords can lead to recent data breaches such as those experienced by security companies Mandiant and Enigma where compromised passwords were not changed.

For more information on KnowBe4 or the Email Exposure Check Pro, contact us via email or give us a call.

Don’t be Held Hostage by Ransomware - CFO Magazine

2017/06/07 by admin

In this article from CFO Magazine, it is unfortunate that an attack such as the WannaCry/WanaCrypt0r has to occur to be the impetus of organizations and endusers alike to take security to the next level, but the five steps are crucial. You may not be immune, but you can reduce the chances of becoming a victim.

Kelly Bissell - June 6th, 2017

Five fundamental steps your company can follow to curb its chances of falling victim to a ransomware attack

If there’s a positive spin that can be placed on last month’s ransomware attacks, it’s that the topic of cybersecurity has finally emerged from the shadows and into the public eye. When 200,000 systems began to be infected across more than 150 countries on May 12, security became not just a matter for a few black-hat specialists and a wave of creative naming — from WannaCry to WanaCrypt0r and everything in between — it was suddenly everybody’s business.

Of course, businesses recognize they’re not immune from cyberattacks, and threat intelligence and law enforcement agencies have warned that such attacks can be expected to accelerate in frequency. In short, ransomware is rampant. Often delivered via e-mail, ransomware, also known as cryptoware, it’s used to attack a company’s data by encrypting it until a ransom is paid to an unknown source — in some respects, the criminals who use it are the “stand and deliver” highwaymen of the modern age.

Any approach to handling ransomware must take into account that it triggers fast-moving situations and that there’s no guarantee that an approach that works for one organization will also work for another. But here are five fundamental steps your company can take to curb its chances of its falling victim to a ransomware attack:

1.Adopt prevention programs. Most ransomware attacks start as a phishing attack. Prevention training and awareness programs can help employees recognize telltale signs of phishing scams and how to handle them. Guide your employees on how to recognize and avoid fraudulent e-mails or what to do in the event of a social engineering attack. Keep testing internally to prove the training is working.

2.Strengthen e-mail controls. Ransomware attacks are frequently delivered via e-mail. Strengthening e-mail controls can often prevent malicious e-mails from reaching employees. Make sure you have strong spam filters and authentication. Scan incoming and outgoing e-mails to detect threats and filter executable files. Consider a cloud-based e-mail analytics solution and how e-mail is configured and file extensions are displayed.

3.Improve CMDB. Companies need to be very diligent about building a complete configuration management data base (CMDB). It may be surprising, but most companies do not know all the IT systems in their environment across all subsidiaries and business lines. If you don’t know what you have, how can you protect it?

4.Insulate your infrastructure: Attackers are getting smarter, and it’s easier for unsuspecting employees to make mistakes by failing to recognize malicious e-mails. There’s a host of solutions here, from removing or limiting local workstation administration rights to seeking out the right configuration combinations (including virus scanners, firewalls, and so on). Regular patches of operating systems and applications can foil known vulnerabilities: Microsoft patches related to this particular threat was one kind of measure that Accenture used back in March 2017 as part of our normal patching cycle.

5.Plan for continuity. Ransomware attacks are far from random — they are highly targeted and intentional, meaning that many can be averted via meticulous prevention. But even with the best defenses in place, successful attacks can occur. Having a strong business continuity plan for recovery — one that’s regularly reviewed, updated, and tested— makes it easier to avoid paying ransom. Recovery objectives must be aligned to the critical tasks within an acceptable timeframe. Workstations and file servers shouldn’t be constantly connected to backup devices. Further, the backup solution should store periodic snapshots rather than regular overwrites of previous backups, so that in the event of a successful attack, backups will not be encrypted.

SnoopWall Named one of the 10 Fastest Growing Security Companies for 2017

2017/06/07 by admin

Silicon Review Recognizes SnoopWall as Rapidly Growing Breach Prevention Company

NASHUA, N.H., June 5, 2017 /PRNewswire/ — SnoopWall, Inc. (www.snoopwall.com), the world’s first breach prevention company, on the heels of being named as the Top Ranked Security company, three years in a row, by the CyberSecurity 500, has been named one of the 10 Fastest Growing Security Companies for 2017, by the prestigious Silicon Valley publication, The Silicon Review.

“We’re active throughout the globe in more than 32 countries, helping small to medium size enterprises (SME’s) defend against breaches in the most cost-effective way, through our trusted channel partners. It’s truly an exciting growth phase for SnoopWall,” said Mark Bermingham, Global Vice President of Worldwide Channels.

“This award is given to a select group of tech companies each year based upon customer adoption and growth metrics. We’re pleased to include SnoopWall, a fast-growing breach prevention security company,” said Editorial Team of The Silicon Review.

“After keeping the pace of 300% growth rate, year over year, we’re thrilled to be named one of the 10 Fastest Growing Security Companies for 2017,” said Gary S. Miliefsky, CEO of SnoopWall, Inc. Miliefsky was also recently named to the Owler Top 100 High Tech CEOs of 2017 of more than 2,200 surveyed.

Have a question about SnoopWall - give us a call