14.1 C
London
Thursday, November 23, 2017
Home Tags The 100

Tag: The 100

AXOS-enabled innovations allow industry-leading Calix Gfast portfolio to pull away from pack, bringing the industry’s only symmetrical gigabit solutions over copper and coax to MDUsPETALUMA, CA – November 15, 2017 – Calix, Inc. (NYSE:...
Eptica research finds top brands successfully answer just 44% of all queries Reading, 1 November 2017, UK brands are struggling to cope with a rising volume of queries and growing consumer expectations, according to the Eptica Multichannel Customer Con...
But few details are available as 90% of the island is still without power.
LONDON, 12 September 2017 – NewVoiceMedia, a leading global provider of cloud contact centre and inside sales technology that enables businesses to have more successful conversations, has been recognised in the Sunday Times Hiscox Tech Track 100, reflecting its rapid international expansion and commitment to driving innovation.NewVoiceMedia secured position 82 in the 17th annual league table, which ranks Britainrsquo;s private technology, media and telecoms companies with the fastest-growing sales. Published on 10 September, the 100... Source: RealWire
Current US and EU emissions testing is insufficient to confirm compliance.
Based on Jim Hensonrsquo;s favorite project, this will be old-school epic fantasy.
Increased user awareness of phishing threats, better antivirus technology, more industry-wide information sharing and cross-border efforts by law enforcement authorities will combine to turn the tide against ransomware this year, according to some security experts, but others expect the attacks to continue to increase. According to a security expert who requested anonymity, ransomware cybercriminals took in about $1 billion last year, based on money coming into ransomware-related bitcoin wallets. That includes more than $50 million each for three wallets associated with the Locky ransomware, and a fourth one that processed close to $70 million.

Cryptowall brought in close to $100 million before it was shut down this year.

CryptXXX gathered in $73 million during the second half of 2016, and Cerber took in $54 million, the expert said. Smaller ransomware families brought in another $150 million, and the FBI has reported $209 million in ransomware payments during the first three months of 2016.
In addition to this $800 million or so in known payments, there are many other Bitcoin wallets that are unknown to researchers and uncounted, pushing the estimated total to $1 billion for all of 2016. “The $1 billion number isn’t at all unreasonable and might even be low,” confirmed Mark Nunnikhoven, vice president of cloud research at Trend Micro. “It’s getting difficult to track the amount of money flowing into criminals’ Bitcoin wallets because they’ve started to try and hide the transactions across a large number of wallets,” he added. He said that there was a 400 percent increase in ransomware variants last year, and he expects to see a 25 percent growth in ransomware families in 2016. “What we’re seeing is a bit of a maturation in how to execute these attacks, so we’re expecting a leveling off to a more realistic growth curve,” he said. But criminals will continue innovating because of how profitable ransomware is. “I don’t think we’ll see the 100 percent growth that we saw from 2015 to 2016,” said Allan Liska, intelligence analyst at Recorded Future. “I think we’ll probably see a 50 percent growth.” The markets for stolen medical records, credit card numbers and email addresses are collapsing, he said. “Not only is it taking a while to get paid, but they’re not getting paid as much as they used to,” he said. Meanwhile, ransomware is an easy business to get into, the payout is immediate, and it offers an ongoing revenue stream. “There’s no incentive for them to discontinue ransomware,” he said. Some experts expect growth to be even higher. Successful ransomware attacks will double this year, predicted Tom Bain, vice president at CounterTack. “The reality is that every single customer I speak to, anyone in the industry really, this is their number one concern,” he said. Better defensive technology and collaboration will help, he said, but the problem is going to get worse before it starts to get better. Gartner analysts estimate that there were between 2 million and 3 million successful ransomware attacks in 2016, and that the frequency will double year over year through 2019. “I think they’re right,” said Bain. But not all experts think the future is quite that bleak. Raj Samani, vice president and CTO at Intel Security, predicts that anti-ransomware efforts will begin to pay off in the next few months. “We’ll see a spike earlier on this year, but then I anticipate our efforts with law enforcement to be successful,” he said. Intel, along with Kaspersky Labs, Europol, and the Dutch National High Tech Crime Unit formed an alliance this past summer, No More Ransom.
Since then, more than a dozen other law enforcement agencies have joined up, including Bosnia and Herzegovina, Bulgaria, Colombia, France, Hungary, Ireland, Italy, Latvia, Lithuania, Portugal, Spain, Switzerland, and the United Kingdom.
Several other security vendors have also joined up. “Now that we’ve got more law enforcement agencies on board, and more private sector firms, we expect to see an increase in successful take-down operations,” said Samani. In addition to working together to bring down ransomware operations, the group also distributes free anti-ransomware tools. That, combined with more user awareness about phishing and better detection technologies, will combine to stop the growth of this attack vector, Samani said. “As an industry, we’ve started to develop new products, sandboxing, threat intelligence exchanges,” he said. “It is getting better.” However, he warned that malware authors do have one significant advantage. “There’s an asymmetry of information,” he said. “They have tools and services that will allow them to run their malware through all the anti-virus engines out there.

They can install our products and they know how our products work because we openly talk about them.

This is one of the big security challenges.” This story, "Security expert: Ransomware took in $1 billion in 2016" was originally published by CSO.
Whether you received a new iPhone for the holidays or you just want to breathe new life into an older one, these are the apps you need. The returns are in, and we're declaring our slate of winning iPhone apps. There were no votes cast, however, nor...
No breaches should result from compromised identities, say gov bods A White House commission on improving cybersecurity has come up with a list of recommendations for US president-elect Donald Trump’s administration – including a target for no big hacks to involve identity-based compromises. The US Commission on Enhancing National Cybersecurity has identified 16 key recommendations on security and growing the digital economy. The report (pdf, 100 pages) lays out an ambitious goal that by 2021 there should be no major breaches in which identity – especially the use of passwords – is the primary vector of attack. This goal will require the development and broad adoption of improved identity authentication technologies. The commission name-checked the Fast IDentity Online (FIDO) Alliance as an organisation that can help in achieving this goal: “Other important work that must be undertaken to overcome identity authentication challenges includes the development of open-source standards and specifications like those developed by the Fast IDentity Online (FIDO) Alliance,” it said. In a blog post, the FIDO Alliance outlined how the US government achieve its goal to move beyond passwords. Brett McDowell, executive director of the FIDO Alliance, said: “Through continued partnership between industry and government – and by following the Commission’s recommendations around identity and authentication – I am confident the new US administration, with the help of global consortia like the FIDO Alliance, can make meaningful progress toward that five-year goal of eliminating identity-related data breaches.” “The commission has recognized that solving the password problem and closing off identity as an easily exploited vector of attack is a clear priority,” he added. The FIDO Alliance has more than 250 members including device manufacturers, banks, payment card networks, several governments and dozens of security and biometrics vendors.
Its main goal is to push simpler, stronger authentication. FIDO’s work includes drafting specifications for simpler, stronger authentication experiences that reduce reliance on passwords and protect people from phishing and the misuse of login credentials exposed as the result of data breaches. Microsoft, Google, PayPal and the Bank of America are all part of the alliance. Last month the UK government unveiled a national cybersecurity strategy that similarly charted a course towards moving beyonds passwords for online authentication, as previously reported. “A common theme in both countries has been the need to balance security with usability, privacy and interoperability,” FIDO’s McDowell concluded. George Avetisov, chief exec and co-founder of biometric technology firm HYPR, agreed that authentication needs to be at the top of the list of the new President's actions to improve overall cybersecurity. The rapid adoption of technologies like "selfie pay" have shown that there is an urgent need to shift away from passwords and over to “easy to use” identity solutions, he added. PKWARE CTO Joe Sturonas noted the absence of much description about encryption in the lengthy report. “It’s notable that the word encryption appears only twice across the 100 pages of the commission on enhancing national cybersecurity," Sturonas said. "For a paper that talks specifically about the NIST cybersecurity Framework and IoT (there are 52 mentions of IoT), it seems as though encryption should have come up a little more. "For an Administration that presided over the OPM breach, it might stand to reason that encryption of sensitive data might have taken a more prominent role in the recommendations for the next Administration.

Considering how a lack of encryption of data itself has been a major point of vulnerability in every recent breach that has occurred, it is concerning that the commission on enhancing national cybersecurity has not emphasized encryption in their recommendations,” he added. Open-source standards and specifications developed by the Fast Identity Online (FIDO) Alliance will allow for the best and most secure available experience online experience, according to HYPR. ® Sponsored: Flash enters the mainstream.
Visit The Register's storage hub
Report outlines ways to lock down critical infrastructure as well as IoT - and the urgent need to expand the security workforce by 2020 with 100,000 new jobs. As part of a broader effort to strengthen national security and inform future administrations, the US Commission on Enhancing National Cybersecurity last week issued recommendations that encompass critical infrastructure and convergence driven by the Internet of Things, workforce development, public-private partnership, and information sharing. President Obama established the Commission in February of this year to improve cybersecurity across the country. Twelve commissioners representing industry, academia, and former government officials were appointed to develop recommendations.  The 100-page "Securing and Growing the Digital Economy" report by the commission, which contains short- and long-term guidance for improving cybersecurity across the public and private sectors, comes at a time when cyber threats are constant and becoming more dangerous.  "It's bad and getting worse," says Gus Hunt, former CTO of the CIA and current cybersecurity lead at Accenture Federal Services, of the current state of cybersecurity. "If you think about the threat level that has begun to emerge, things are not looking up." The Commission's recommendations are outlined in six key areas: Security of the information infrastructure and digital networks Acceleration and investment in security and growth of digital networks and digital economy Preparing consumers for the digital age Building cybersecurity workforce capabilities Equipping government to effectively and securely function in the digital age An open, fair, competitive, and secure global digital economy Peter Lee, a member of the Commission and CVP at Microsoft Research, explained how the Commission came up with its recommendations. "Soon after we got started in March, we held a series of public meetings where we took in quite a lot of input from stakeholders in different parts of the cybersecurity landscape," he says. "I came with a perspective on the tech industry, where technology might be going, and what the interests would be between Silicon Valley and the US government, as well as how that partnership might be harnessed to make improvements," Lee says. "I also have the responsibility of managing a large part of Microsoft Research, and tend to have a more technical and future-oriented view," which helped inform his insight. The Internet of Things was a key concern, especially with respect to critical infrastructure (CI). Commissioners urged government to address the convergence of IoT and CI by establishing programs for government agencies and private organizations to evaluate potential cyberattacks and determine next steps. "These programs would move beyond tabletop exercises and seek to establish public-private joint collaboration by examining specific cyber protection and detection approaches and contingencies, testing them in a simulation environment, and developing joint plans for how the government and private sector would execute coordinated protection and detection activities, responding together, in alignment with the National Cyber Incident Response Plan," the report states. Over the next decade, the distinction between critical infrastructure and other products (cars, consumer goods) will continue to fade as devices become more connected, says Lee.   "As time goes on, the computing technology in your child's teddy bear is going to be every bit as meaningful to the nation's cybersecurity as the computer control for our national electric grid," he notes. Connected devices will evolve to the point where even simple consumer products could become a meaningful element of a botnet. The Commission recommended that the government set baseline standards for connected products and label them accordingly so consumers have a better idea of their security. This would help improve consumer education and awareness of cybersecurity, says Hunt. "Security has to be built in, easily engaged with, and when possible, completely transparent for the user because users don't understand [security]," he explains. "They make mistakes, and they make all of us vulnerable." Workforce development is another key issue, says Lee, and both government and industry experts interviewed by the Commission cited a lack of supply of cybersecurity practitioners. The report states the next president should initiate a program to train 100,000 new cybersecurity practitioners by 2020. This program would develop security talent through local and regional partnerships among employers, educational institutions, and community organizations, according to the report. The government and private sector should also collaborate to sponsor a network of security bootcamps, with the idea of building critical skills in a shorter timeframe. National cybersecurity should be viewed as a shared responsibility, both experts agree. Education should start as early as K-12 levels so children learn basic security practices at a young age. Identity management is important to address because a tremendous amount of security breaches begin with the theft of a user ID or password, Lee says.The Commission urged government to make authentication stronger and easier to use, something he says Microsoft has done to prevent intrusions caused by password theft. However, neither the government nor private sector can make the necessary improvements alone. For this reason, the Commission called for a more active collaboration and partnership between the public and private sectors. This relationship extends to information sharing, which can be powerful for mitigating risk, Lee notes. Bad actors have an advantage because they embrace the latest technologies and receive direct rewards for new tools and exploits. Those trying to mitigate threats can do so by sharing information as threats emerge. "If we can create a situation where network operators are able to share data more safely and quickly, the damage caused by botnets can be dramatically reduced," for example, says Lee. A challenge for companies in sharing information is navigating legal liability risks, he notes. The report recommends government work with the private sector to identify changes in regulations or policies that would encourage companies to more freely share risk management practices. "Cyber, most interestingly, is the world's first frictionless weapon system," says Accenture's Hunt. "We're at a juncture where we have to go at this in a new way, with focus and vigor and hopefully, bring together the government, state, and private sector," Hunt says. Related Content: Kelly is an associate editor for InformationWeek. She most recently reported on financial tech for Insurance & Technology, before which she was a staff writer for InformationWeek and InformationWeek Education. When she's not catching up on the latest in tech, Kelly enjoys ... View Full Bio More Insights
DDoS attacks on the horizon as White House cybersecurity report issues recommendations CloudFlare has warned of another massive botnet that appears to be ramping up and targeting the US West Coast. In a blog post, the content delivery network said it has been watching a flood of attack traffic that started two weeks ago and appears to have been coming from one person testing out its abilities before moving it to 24-hour management. The news of another botnet that may equal or surpass the Mirai botnet comes as a report from the White House's special cybersecurity commission delivered its recommendations to the president, in which it highlighted the issues and called for more action on mitigating and eliminating such threats. Remarkably, CloudFlare concluded from observing the attack traffic – which peaked at 172Mpps (million packets per second), equivalent to 400Gbps (gigabits per second) – that the botnet was being turned on and off seemingly by an individual working a nine-to-five job. "The attack started at 1830 UTC and lasted non-stop for almost exactly 8.5 hours, stopping at 0300 UTC," the company wrote. "It felt as if an attacker 'worked' a day and then went home." That same attacker then did the same thing every day for over a week before his daily schedule suddenly shifted to a 24-hour attack – suggesting that it was taken over by an organized group. But perhaps most importantly, the attack traffic was not due to the Mirai botnet, which has been causing havoc in recent weeks.

CloudFlare notes that whoever is behind it is using different software and different methods, namely "very large L3/L4 floods aimed at the TCP protocol." The attacks are focused on "a small number of locations mostly on the US west coast." White House Meanwhile, the 100-page report [PDF] from the Commission on Enhancing National Cybersecurity digs into the issue of cybersecurity and what the US government should do about it, concluding that it needed to do a lot and to do it as quickly as possible. It identifies six "imperatives" and makes 16 recommendations with no fewer than 53 "action items" in relation to them. In the broadest terms, the report urges the president to get the US government to work closely with the private sector to come up with ways to both handle cybersecurity problems and develop new programs to tackle future problems. The sheer size and breadth of recommendations demonstrates just how much ground has to be made up on cybersecurity.

And President Obama appears to believe so too, noting that his administration "will take additional action wherever possible ... to make progress on its new recommendations before the end of my term." He also strongly recommends the report to the Trump Administration and Congress. "We must provide sufficient resources to meet the critical cybersecurity challenges called out in the Commission's report," the president says in a blog post announcing the report. "We have the opportunity to change the balance further in our favor in cyberspace – but only if we take additional bold action to do so." Among a series of bureaucratic suggestions, such as creating new working groups, the report also makes some policy recommendations, including encouraging the use of strong encryption and focusing on IoT security. The very first action item in the report, however, focuses on the risk that botnet and DDoS attacks represent: "The Administration should focus first on mitigating and, where possible, eliminating denial-of-service attacks, particularly those launched by botnets," it states. "It should then expand its scope to other attacks on Internet infrastructure, including the Domain Name System." ® Sponsored: Customer Identity and Access Management
EnlargeZboralski reader comments 13 Share this story The attacker who infected servers and desktop computers at the San Francisco Metropolitan Transit Agency (SFMTA) with ransomware on November 25 apparently gained access to the agency's network by way of a known vulnerability in an Oracle WebLogic server.

That vulnerability is similar to the one used to hack a Maryland hospital network's systems in April and infect multiple hospitals with crypto-ransomware.

And evidence suggests that SFMTA wasn't specifically targeted by the attackers; the agency just came up as a target of opportunity through a vulnerability scan. In an e-mail to Ars, SFMTA spokesperson Paul Rose said that on November 25, "we became aware of a potential security issue with our computer systems, including e-mail." The ransomware "encrypted some systems mainly affecting computer workstations," he said, "as well as access to various systems. However, the SFMTA network was not breached from the outside, nor did hackers gain entry through our firewalls. Muni operations and safety were not affected. Our customer payment systems were not hacked.

Also, despite media reports, no data was accessed from any of our servers." That description of the ransomware attack is not consistent with some of the evidence of previous ransomware attacks by those behind the SFMTA incident—which Rose said primarily affected about 900 desktop computers throughout the agency.

Based on communications uncovered from the ransomware operator behind the Muni attack published by security reporter Brian Krebs, an SFMTA Web-facing server was likely compromised by what is referred to as a "deserialization" attack after it was identified by a vulnerability scan. A screen at a Muni train station shows the malware message from HDDCryptor. Blorq, via Reddit A security researcher told Krebs that he had been able to gain access to the mailbox used in the malware attack on the Russian e-mail and search provider Yandex by guessing its owner's security question, and he provided details from the mailbox and another linked mailbox on Yandex.

Based on details found in e-mails for the accounts, the attacker ran a server loaded with open source vulnerability scanning tools to identify and compromise servers to use in spreading the ransomware, known as HDDCryptor and Mamba, within multiple organizations' networks. Krebs reported that the e-mails he reviewed showed many paid the attacker, including one organization that sought recommendations from the ransomware operator on how to prevent future attacks.
In response, the ransomware operator sent a link to a November 2015 advisory from Oracle regarding a vulnerability in the Apache Commons library of server-side Java components. That vulnerability, which uses maliciously crafted data objects to exploit how the affected libraries "deserialize" them to unpack them for processing, is the same class of vulnerability used to attack MedStar, the Maryland health system that had multiple hospitals lose access to critical systems in April as the result of a ransomware attack.
In that case, the attacker (who deployed Samsam crypto-ransomware across MedStar's network) also apparently used an open source vulnerability scanning tool (JexBoss) to find and compromise a server running the open source JBoss platform. Rose told Ars that ticket machines for Muni trains were not directly affected by the ransomware. "In coordination with our partners at Cubic Transportation Systems, which operates [the ticketing kiosk system] Clipper, we took the precaution of turning off the ticket machines and faregates in the Muni Metro subway stations, starting on Friday until 9am Sunday," he wrote. "This action was to minimize any potential risk or inconvenience to Muni customers." He added that the SFMTA's payroll system was not hit by the attack, "but access to it was temporarily affected.

There will be no impact to employees' pay." SFMTA did not pay the 100-Bitcoin (about $73,000) ransom demanded by the attacker, Rose said.
SFMTA's internal information technology team is instead restoring systems from backups. "Existing backup systems allowed us to get most affected computers up and running this morning, and our information technology team anticipates having the remaining computers functional in the next two days." Rose also said that the Department of Homeland Security and FBI were contacted immediately after the discovery of the malware, and SFMTA has been working with the agencies to isolate the malware used in the attack and investigate who may have been behind it.