Friday, 28 April 2017

UK Likely To Face National Cyber Emergency, says NCSC

The UK is likely to face a level-1 cyber attack at some point in the future, according to the National Cyber Security Centre (NCSC)

View full story

ORIGINAL SOURCE: Computer Weekly

The post UK Likely To Face National Cyber Emergency, says NCSC appeared first on IT SECURITY GURU.



from UK Likely To Face National Cyber Emergency, says NCSC

Fraudsters Are Emptying Bank Accounts By Diverting Calls And Text Messages

A recent This is Money investigation found that one victim from London lost £22,300 when fraudsters raided their Santander accounts using this method. Another two victims had £19,500 drained from their Santander accounts after criminals intercepted the bank’s text messages.

View full story

ORIGINAL SOURCE: ActionFraud

The post Fraudsters Are Emptying Bank Accounts By Diverting Calls And Text Messages appeared first on IT SECURITY GURU.



from Fraudsters Are Emptying Bank Accounts By Diverting Calls And Text Messages

Info On Home Depot Customers Exposed (But No Financial Data)

A spread sheet listing about 8,000 customers, along with their transaction and a range of personal information, was posted for an unknown amount of time, on a Home Depot web site.

View full story

ORIGINAL SOURCE: AJC

The post Info On Home Depot Customers Exposed (But No Financial Data) appeared first on IT SECURITY GURU.



from Info On Home Depot Customers Exposed (But No Financial Data)

Facebook and Google Were Victims of $100M Payment Scam

When the Justice Department announced the arrest last month of a man who allegedly swindled more than $100 million from two U.S. tech giants, the news came wrapped in a mystery. The agency didn’t say who was robbed, and nor did it identify the Asian supplier the crook impersonated to pull off the scheme.

View full story

ORIGINAL SOURCE: Fortune

The post Facebook and Google Were Victims of $100M Payment Scam appeared first on IT SECURITY GURU.



from Facebook and Google Were Victims of $100M Payment Scam

FTSE Share Prices Suffer As Cyber Attacks Cost Global Investors £42bn

The permanent cost of a breach is equivocal to 1.8% of company value, which would cost FTSE 100 firms a loss of £120 million in market capitalisation. The study shows that investors have already lost at least £42 billion due to public domain cyber security incidents since just 2013.

View full story

ORIGINAL SOURCE: CBR

The post FTSE Share Prices Suffer As Cyber Attacks Cost Global Investors £42bn appeared first on IT SECURITY GURU.



from FTSE Share Prices Suffer As Cyber Attacks Cost Global Investors £42bn

Top CISOs and cyber security Directors meet in London for exclusive debates

The third annual IT Security Analyst & CISO Forum Debates will take place this year in London on the 17th May at No 4 Hamilton Place from 2pm – 6pm.  This unique event consists of four panel debate sessions made up of some of the UK’s top CISOs from HSBC, GSK, Canon, National Grid, Publicis Groupe and other global IT Security Association Leaders.  The panels will provide attendees with insight from cyber security leaders on: what to do when recovering from a data breach, the 365-day countdown until GDPR, solving the skills shortage and whether IoT is overhyped or a force to be reckoned with.

“The CISO debates are time well spent. We tackle a broad range of security issues,” said Steve Williamson, Director, Risk & ITCP Mgmt, GlaxoSmithKline. “The debate is rich and stimulating as it is fed by many years of collective experience across different industries. I also value the opportunity to network with peers and analysts from different companies.”

Quentyn Taylor, Director of Information Security, Governance and Risk, Canon Europe agreed, stating: “The IT Security Analyst and CISO Forum Debates is one of the most insightful conferences I have attended, great speakers, superb panels and tremendously useful content.”

Ray Stanton, Group CISO, National Grid, added: “The CISO debates provide an excellent forum for discussion on real items that are affecting the industry and I have always found – unlike other debates – try to give some practical take-a-ways for attendees, while having some fun!”

The IT Analyst and CISO Forum Debates is a well-established and invaluable event that will give registered attendees the inside track on some of the hottest boardroom topics. Professionals interested in the event can register here and be eligible for CPE credits towards SSCP®/CISSP® and ISACA certifications.

Full timetable:

2:00pm – 2:45pm: 365 day countdown to GDPR: The ultimate checklist to make sure you’re ready

 Moderator: Jonathan Armstrong, Partner, Cordery

Panellists: Carolyn Lees, Global IT Director, Permira Advisers LLP; Quentyn Taylor, Director of Information Security, Governance and Risk, Canon Europe; Steve   Williamson, Director, Risk & ITCP Mgmt, GlaxoSmithKline; Victoria Hordern, Counsel at Hogan Lovells International LLP.

2:50pm – 3:35pm: How to hire the right people in cyber security

Moderator: Ray Stanton, Group CISO, National Grid

Panellists: Allan Boardman, Business Information Security Officer, GSK; Avtar Sembhi, Global Head of Global Banking & Markets and Commercial Banking ISR at HSBC; Talal Rajab, Head of Programme – Cyber and National Security at TechUK; Simon Hember, Group Business Development Director at Acumin Consulting

3:35pm – 4:00pm: BREAK

4:00pm – 4:45pm: How to stop a data breach from destroying your reputation

 Moderator: Andrew Kellett, Principal Analyst, OVUM

Panellists: Mark Deem, Partner, Cooley LLP; Dan Raywood, contributing editor, Infosecurity Magazine; Neil Stinchcombe, Director, Eskenzi PR, Thom Langford, CISO, Publicis Groupe; Sarb Sembhi, CTO, CISO & DPO.

4:50pm – 5:30pm: Is IoT overhyped or a force to be reckoned with?

 Moderator: Pete Wood, CEO First Base and Whitehats.co.uk and Security Board ISACA

Panellists: Lubna Dajani, CSO, Intercede; John Moor, MD, IoTSF; Quentyn Taylor, Director of Information Security, Governance and Risk, Canon Europe

PLEASE NOTE: Places are limited to IT Security Professionals who are currently working for commercial or government organisations and provide a commercial email on registration. Delegates MUST provide a company email address on registration, otherwise we will refuse your booking.

 

The post Top CISOs and cyber security Directors meet in London for exclusive debates appeared first on IT SECURITY GURU.



from Top CISOs and cyber security Directors meet in London for exclusive debates

People would sacrifice photos on their phones for just £8.81, Kaspersky Lab study reveals

While people claim to value their memories more than any other form of data stored on their digital devices, they are happy to sell them for little money, research by Kaspersky Lab shows. A survey has shown that for 49 per cent of people, private and sensitive photos of themselves are the most precious data they have on their devices, followed by photos of their children and spouses. The thought of losing these precious memories is considered more distressing for them than the prospect of a car accident, breaking up with a partner, or a quarrel with a friend or family member. However, when confronted with the decision to delete this data for money, people nevertheless gave their digital data – such as photos – away for as little as £8.81.

When asked, people say that digital memories have a special place in their hearts, perhaps because these memories are considered to be irreplaceable. Over two-fifths, for example, say they wouldn’t be able to replace photos and videos of their travels (45 per cent), their children (44 per cent) or themselves (40 per cent). The survey shows that the thought of losing these precious memories is considered very distressing by most people. In fact, this latest study from Kaspersky Lab indicates that people often value their devices and photos even more than their partners, friends and pets.

Kaspersky Lab asked people how distressed they would be in a number of different scenarios, including the illness of a family member, a breakup with a partner, a car accident, the loss of their digital photos, contacts, and more. Across the globe, the illness of a family member ranked in first place as the most distressing incident that they could experience. The loss or theft of a device, and the loss of digital photos, ranked second and third in multiple regions across the globe leaving car accidents, a break up with a partner, a bad day at work, quarrels with family members and friends, and even in some cases, a pet’s illness, lower in the ranks of distressing incidents.

However, an experiment conducted for Kaspersky Lab by media psychologists at the University of Wuerzburg also showed researchers a contradictory result: despite them claiming to love for their data, people are also ready to sell it for surprisingly little money.

The participants of the experiment were asked to place a monetary value on the data stored on their smartphones – including photos of family and friends, contact information and personal documents. Surprisingly, the values people placed on their data were significantly lower than expected, considering the distress they said they would experience if they were to lose that data. People tended to put more money against their financial and payment details (an average £11.32) than other forms of data. Contact information was considered to be worth £10.10 on average and general photos were valued at only £8.81 on average.

Furthermore, the experiment showed that it is people’s most precious memories which they are most likely to exchange for money. When participants were offered payment (based on the sums above) for the deletion of their data (no data was actually deleted), it was the photos of family and friends, personal documents and photos of the participants themselves that were the data categories most often approved for deletion.

“The experiment showed us interesting and reflective results: while people believe that they understand the value of their data, the emotional value isn’t reflected in their everyday actions. On the one hand, people seem to be aware of the types of data that are more important to them– they believe their digital memories, such as photos, are extremely distressing to lose. On the other hand, people have a low awareness of the value of their data, and are putting little monetary value against their data as a result. They know it’s emotionally important, but they are not able to appreciate its value yet. They would need someone to actively remind them of what their data is worth before they share it, or allow someone to delete it.” – said Andrei Mochola, Head of Consumer Business at Kaspersky Lab.

For more information about the experiment and study, please see the report: “Risking data heartache: it hurts to lose the data you love”.

The post People would sacrifice photos on their phones for just £8.81, Kaspersky Lab study reveals appeared first on IT SECURITY GURU.



from People would sacrifice photos on their phones for just £8.81, Kaspersky Lab study reveals

Destined for deletion: APTs harness wipers and fileless malware in targeted attacks

The first three months of 2017 saw a sharp rise in the sophistication of nation-state backed cyber-attacks, with threat actors turning their attention to wipers, as well as financial crime. These and other trends are covered in Kaspersky Lab’s first quarterly summary of its subscriber-only threat intelligence reports.

The new quarterly APT Trends reports will be freely available and will highlight significant developments in targeted attacks as well as emerging trends that demand immediate attention from business and other organisations. The content of the Q1 report is drawn from Kaspersky Lab experts’ observations of APT actors’ activity during the quarter.

Highlights in Q1, 2017 include:

  • Wipers are being harnessed by targeted threat actors, both for cybersabotage and for deleting tracks after cyberespionage operations. An evolved generation of Wipers was used in the new wave of Shamoon The subsequent investigation led to the discovery of StoneDrill and its code similarities to the NewsBeef (Charming Kitten) group. A StoneDrill victim was found in Europe.
  • Targeted attackers diversify into money theft. The long term tracking of the Lazarus group has identified a sub-group that Kaspersky Lab has called BlueNoroff, actively attacking financial institutions in different regions, including a high profile attack in Poland. BlueNoroff is believed to be behind the infamous Bangladesh Bank heists.
  • Fileless malware is being used in attacks by both targeted threat actors and cybercriminals in general – helping to avoid detection and make forensic investigations harder. Kaspersky Lab’s experts have found examples in the lateral movement tools used in the Shamoon attacks, in attacks against Eastern European banks, and in the hands of a number of other APT actors.

The targeted threat landscape is evolving constantly, and attackers are increasingly well-prepared, looking for and leveraging new gaps and opportunities. This is why threat intelligence is so important: it arms organisations with understanding and reveals the actions they need to take. For example, the threat landscape in Q1 highlights the need for memory forensics and incident response to combat fileless malware attacks, and security that can detect anomalies across the network’s ongoing activity,” said Juan Andres Guerrero-Saade, Senior Security Researcher, Global Research and Analysis Team, Kaspersky Lab.

Kaspersky Lab’s Global Research and Analysis team currently tracks more than a hundred threat actors and sophisticated malicious operations targeting commercial and government organisations in over 80 countries. During the first quarter of 2017, the company’s expertise created 33 private reports for subscribers of its Intelligence Services, with Indicators of Compromise (IOC) data and YARA rules to assist in forensics and malware-hunting.

For more information please contact: intelreports@kaspersky.com

The post Destined for deletion: APTs harness wipers and fileless malware in targeted attacks appeared first on IT SECURITY GURU.



from Destined for deletion: APTs harness wipers and fileless malware in targeted attacks

Thursday, 27 April 2017

XMR Squad Is Charging German Companies €250 for “DDoS Tests”

A group calling itself XMR Squad has spent all last week launching DDoS attacks against German businesses and then contacting the same companies to inform them they had to pay €250 ($275) for “testing their DDoS protection systems.”

View full story

ORIGINAL SOURCE: Bleeping Computer

The post XMR Squad Is Charging German Companies €250 for “DDoS Tests” appeared first on IT SECURITY GURU.



from XMR Squad Is Charging German Companies €250 for “DDoS Tests”

Many Security Vulnerabilities Could Be Due To People Learning To Code Using Bad Web Tutorials

German researchers found 117 security vulnerabilities they believe were introduced by popular web tutorials.

View full story

ORIGINAL SOURCE: IBTimes

The post Many Security Vulnerabilities Could Be Due To People Learning To Code Using Bad Web Tutorials appeared first on IT SECURITY GURU.



from Many Security Vulnerabilities Could Be Due To People Learning To Code Using Bad Web Tutorials

China May Have Tried To Hack Missile Defense System

Trump’s Buy America, Hire America order could hinder Pentagon’s tech buying

A cybersecurity company in the U.S have reason enough to believe that Chinese hackers sponsored by the state could have tried to hack into an organization that had close connections with the US-built missile system based in South Korea.

According to a spokesperson from the company, China is pretty involved in cyber espionage regularly. He also said that they have enough evidence to prove that the Chinese hackers targeted at least one party that has connections with the missile placements.

According to him, prompt defensive measures placed in the organization helped prevented the attack.

Read more details 

The post China May Have Tried To Hack Missile Defense System appeared first on Cyber Security Portal.



from Annadiane Annadiane – Cyber Security Portal https://cybersecurityportal.com/china-may-tried-hack-missile-defense-system/

Ransomware Attacks Are Taking A Greater Toll On Victim’s Wallets

The average ransomware payment has risen to $1,077, up from $294 a year earlier, Symantec said

View full story

ORIGINAL SOURCE: Network World

The post Ransomware Attacks Are Taking A Greater Toll On Victim’s Wallets appeared first on IT SECURITY GURU.



from Ransomware Attacks Are Taking A Greater Toll On Victim’s Wallets

Orange Email Closure

In fact, EE is now just one month away from officially killing off a whole list of UK email domains, formerly part of Orange Email.

View full story

ORIGINAL SOURCE: EE

The post Orange Email Closure appeared first on IT SECURITY GURU.



from Orange Email Closure

UK Government Irate at Twitter’s Surveillance API Crackdown

The UK government has criticized Twitter for restricting police and intelligence agency access to data which it says could be used to identify terrorist plots, according to the Telegraph newspaper.

View full story

ORIGINAL SOURCE: Tech Crunch

The post UK Government Irate at Twitter’s Surveillance API Crackdown appeared first on IT SECURITY GURU.



from UK Government Irate at Twitter’s Surveillance API Crackdown

AWS and the General Data Protection Regulation (GDPR)

Just over a year ago, the European Commission approved and adopted the new General Data Protection Regulation (GDPR). The GDPR is the biggest change in data protection laws in Europe since the 1995 introduction of the European Union (EU) Data Protection Directive, also known as Directive 95/46/EC. The GDPR aims to strengthen the security and protection of personal data in the EU and will replace the Directive and all local laws relating to it.

AWS welcomes the arrival of the GDPR. The new, robust requirements raise the bar for data protection, security, and compliance, and will push the industry to follow the most stringent controls, helping to make everyone more secure. I am happy to announce today that all AWS services will comply with the GDPR when it becomes enforceable on May 25, 2018.

In this blog post, I explain the work AWS is doing to help customers with the GDPR as part of our continued commitment to help ensure they can comply with EU Data Protection requirements.

What has AWS been doing?

AWS continually maintains a high bar for security and compliance across all of our regions around the world. This has always been our highest priority—truly “job zero.” The AWS Cloud infrastructure has been architected to offer customers the most powerful, flexible, and secure cloud-computing environment available today. AWS also gives you a number of services and tools to enable you to build GDPR-compliant infrastructure on top of AWS.

One tool we give you is a Data Processing Agreement (DPA). I’m happy to announce today that we have a DPA that will meet the requirements of the GDPR. This GDPR DPA is available now to all AWS customers to help you prepare for May 25, 2018, when the GDPR becomes enforceable. For additional information about the new GDPR DPA or to obtain a copy, contact your AWS account manager.

In addition to account managers, we have teams of compliance experts, data protection specialists, and security experts working with customers across Europe to answer their questions and help them prepare for running workloads in the AWS Cloud after the GDPR comes into force. To further answer customers’ questions, we have updated our EU Data Protection website. This website includes information about what the GDPR is, the changes it brings to organizations operating in the EU, the services AWS offers to help you comply with the GDPR, and advice about how you can prepare.

Another topic we cover on the EU Data Protection website is AWS’s compliance with the CISPE Code of Conduct. The CISPE Code of Conduct helps cloud customers ensure that their cloud infrastructure provider is using appropriate data protection standards to protect their data in a manner consistent with the GDPR. AWS has declared that Amazon EC2, Amazon S3, Amazon RDS, AWS Identity and Access Management (IAM), AWS CloudTrail, and Amazon Elastic Block Storage (Amazon EBS) are fully compliant with the CISPE Code of Conduct. This declaration provides customers with assurances that they fully control their data in a safe, secure, and compliant environment when they use AWS. For more information about AWS’s compliance with the CISPE Code of Conduct, go to the CISPE website.

As well as giving customers a number of tools and services to build GDPR-compliant environments, AWS has achieved a number of internationally recognized certifications and accreditations. In the process, AWS has demonstrated compliance with third-party assurance frameworks such as ISO 27017 for cloud security, ISO 27018 for cloud privacy, PCI DSS Level 1, and SOC 1, SOC 2, and SOC 3. AWS also helps customers meet local security standards such as BSI’s Common Cloud Computing Controls Catalogue (C5) that is important in Germany. We will continue to pursue certifications and accreditations that are important to AWS customers.

What can you do?

Although the GDPR will not be enforceable until May 25, 2018, we are encouraging our customers and partners to start preparing now. If you have already implemented a high bar for compliance, security, and data privacy, the move to GDPR should be simple. However, if you have yet to start your journey to GDPR compliance, we urge you to start reviewing your security, compliance, and data protection processes now to ensure a smooth transition in May 2018.

You should consider the following key points in preparation for GDPR compliance:

  • Territorial reach – Determining whether the GDPR applies to your organization’s activities is essential to ensuring your organization’s ability to satisfy its compliance obligations.
  • Data subject rights – The GDPR enhances the rights of data subjects in a number of ways. You will need to make sure you can accommodate the rights of data subjects if you are processing their personal data.
  • Data breach notifications – If you are a data controller, you must report data breaches to the data protection authorities without undue delay and in any event within 72 hours of you becoming aware of a data breach.
  • Data protection officer (DPO) – You may need to appoint a DPO who will manage data security and other issues related to the processing of personal data.
  • Data protection impact assessment (DPIA) – You may need to conduct and, in some circumstances, you might be required to file with the supervisory authority a DPIA for your processing activities.
  • Data processing agreement (DPA) – You may need a DPA that will meet the requirements of the GDPR, particularly if personal data is transferred outside the European Economic Area.

 

AWS offers a wide range of services and features to help customers meet requirements of the GDPR, including services for access controls, monitoring, logging, and encryption. For more information about these services and features, see EU Data Protection.

At AWS, security, data protection, and compliance are our top priorities, and we will continue to work vigilantly to ensure that our customers are able to enjoy the benefits of AWS securely, compliantly, and without disruption in Europe and around the world. As we head toward May 2018, we will share more news and resources with you to help you comply with the GDPR.

By Stephen Schmidt, Vice President and Chief Information Security Officer, Amazon Web Services

The post AWS and the General Data Protection Regulation (GDPR) appeared first on IT SECURITY GURU.



from AWS and the General Data Protection Regulation (GDPR)

Centrify warns password vaults alone not enough to stop data breaches

Centrify, the leader in securing hybrid enterprises through the power of identity services, today announced significant enhancements to its best-in-class privileged identity management (PIM) solution to stop breaches that abuse privilege. By minimising the attack surface and controlling privileged access to the hybrid enterprise, Centrify’s new capabilities enable organisations to move from static, long-lived privilege assignments to a just-in-time model where advanced monitoring detects and alerts in real-time on the creation of backdoor accounts that make it easy to bypass a password vault.

Securing privileged access in today’s hybrid enterprise is mandatory in achieving a mature risk posture. According to the The Forrester Wave: Privileged Identity Management, Q3 2016, 80 per cent of breaches leverage privileged credentials to gain access to the organisation. The increasingly hybrid nature of infrastructure, driven by the adoption of cloud-based workloads, is driving the need to secure privileged access across on-premises, private-cloud and public cloud infrastructure and apps with a single solution. And while most PIM solutions have traditionally focused on vaulting the credentials for shared accounts on-premises, password vaults alone do not provide the level of privileged access security required to stop the breach.

“Data breaches are happening at an alarming rate and to stop them Centrify is taking a unique approach to controlling privileged access in the hybrid enterprise that simplifies the implementation of PIM best practices and strengthens an organisation’s risk posture,” said Bill Mann, chief product officer at Centrify. “By contrast, password vaults alone are not enough, best practices require organizations add and integrate point products to the vault, which leaves gaps in security and increases risk. We’ve closed those gaps with an integrated solution that combines password vaulting with brokering of identities, MFA enforcement and just-enough privilege, all while securing remote access and monitoring all privileged sessions.”

Only a Full PIM Solution Can Stop the Breach

A recent Forrester study examined four levels of Identity Access Management (IAM) maturity. It found a direct correlation between the number of PIM best practices an organisation has implemented and the number of security incidents it encounters. Centrify’s new PIM capabilities enable these best practices, adding to Centrify’s already comprehensive set of integrated services that help organisations increase their IAM maturity level and security posture.

  1. Establish Identity Assurance. Centrify ensures accountability by having users log in as themselves and attributing all activity to the individual. Its advanced host-based auditing capabilities now include process-level monitoring in addition to existing shell-based monitoring to attribute all activity to the individual instead of a shared account or alias. This new advanced monitoring adds a layer of security that is virtually impossible to spoof.
  2. Limit Lateral Movement:  Centrify enables organisations to reduce the attack surface by governing privileged access and ensuring users’ privileges only apply on the approved server. Now you can require access approvals for role assignment and make them short-lived.  Centrify’s proven host-based privilege management ensures that the user’s approved privileges apply only to the target system, and cannot be used across the network on other computers. And if credentials are compromised, hackers and malware will not have the privileges that would allow them to wreak havoc within your network.
  3. Institute Least Privilege: Centrify now uniquely governs access to both privileged accounts and privilege elevation via roles enabling organisations to implement true cross-platform least privilege access. Centrify lowers the risk of a security breach by granting just-in-time privilege and just-enough-privilege through temporary and time-bound access that leverages request and approval workflows. Audit trails and compliance reporting capabilities now include who has access, who approved that access and how that access was used across privileged accounts and privileged roles.
  4. Monitor Privileged Use: Centrify now monitors for the creation of backdoors whose existence make privileged access to infrastructure convenient instead of secure. Centrify’s advanced monitoring capabilities detect the growing threatscape and alert in real time through SIEM integration on rogue creation of SSH keys that enable privileged access that bypasses the password vault.

According to the Forrester study, organisations that reach the highest levels on the maturity scale are 50 per cent less likely to have a breach. In addition, these organisations save 40 per cent in security costs over their less mature counterparts, and spend $5 million less in breach costs.

See how Centrify Stops the Breach.

The post Centrify warns password vaults alone not enough to stop data breaches appeared first on IT SECURITY GURU.



from Centrify warns password vaults alone not enough to stop data breaches

Why sharing is not always caring in the public sector

A report by the Local Government Association (LGA) last year found that shared services are so embedded across local authorities that they have become standard practice. The LGAs shared services map shows that the vast majority of councils are working together in some form to save money.[i]

There are over 400 local authorities in the UK and each are charged with delivering around 800 services, including public transport, local amenities, education, social services, maintenance of roads, among many others. With the pressure on councils to improve services , increase collaboration and save money, shared services have become a popular reform for public agencies and the scheme has so far saved UK tax payers half a billion pounds.[ii]

The hope is to reduce overheads and increase efficiency by consolidating support services like HR, finance and procurement, as well as back office services and customer services, the maintenance of databases for children and young people, public health services, and community information systems. However, results from a recent survey from Iron Mountain suggest that, despite the considerable benefits across many functional areas, sharing services across neighbouring authorities might not deliver the greatest advantages for information management and security.

Shared concerns

New research[iii] from Iron Mountain around information management in the UK local authorities and beyond shows that the benefits of sharing are questioned by many frontline information professionals, with concerns about information loss highlighted by almost half (49%) of those surveyed.

We found that around nine (92%) in ten local authorities currently share or plan to share some of their services with neighbouring local authorities. Just under half (44%) of Records and Information Management (RIM) staff welcome the greater efficiencies and best practice that come from shared services.

However, we found that concerns exist amongst information professionals and their managers over whether sharing services delivers key information management benefits such as reduced workload, improved performance, mutual support between professionals, or effective integration of information across authorities. In fact, in each case only around one in three of the RIM professionals surveyed expect to experience such benefits. The more senior business leaders on the other hand, are inclined to view the achievement of these benefits more optimistically.

Integration risks

One of the main concerns highlighted by the research is that the need to move information between organisations places it at greater risk of loss or exposure, with almost half (49%) of records and information managers, and a third of business leaders believing this is an issue.

Worries exist about the lack of accountability, or too many points of accountability, that can make it impossible to maintain a continuous and secure chain of custody as information moves between local councils sharing services. Such a situation could result from different local authorities and their partners taking different approaches to information storage and security.

Impact of inconsistency

Every organisation has unique business challenges and goals, and good information governance should address the specific information requirements of that organisation. However, the survey reveals that an inconsistent approach to information management, with different local authorities dealing with information in different ways, is one of the greatest challenges of sharing services. Around one-in-three respondents agreed that the differing information security approaches are potentially exposing information to risk.

We also found that three quarters (74%) of respondents agree that a lack of budget and skills is holding back their ability to make the most of their information. As a result, a third (34%) of information professionals want their organisation to decide how best to manage its information. The same number (33%) would welcome the opportunity to collaborate with records and information managers in other local authorities, but on their own terms, through networking and the sharing of ideas and best practice.

Tips for a shared future

Local authorities clearly recognise the importance of good information management and are keen to manage information effectively and securely. But what actions can local authorities take to improve the outcomes for shared services projects by overcoming the obstacles outlined above?

Our research suggests that the risk of security breach and loss of information is increasing. Any resulting reputational damage would be extremely unwelcome for councils should the worst happen, and managers are therefore urged to take into account the following best practice.

  • Conduct an audit – in order to improve the way your organisation handles information, you need to be aware of existing governance policies and processes.
  • Measure change – always measure the ‘before/after’ of any change you make – no matter how small. Benchmark these changes against KPIs such as efficiency.
  • Take control – lead by example by demonstrating the importance of good information management – particularly when it comes to reducing risk. Remind your team to log where documents are at all times, keep sensitive information secure, change passwords and lock computers.
  • Raise awareness of success – efficient processes and information security are critical to your and your council’s reputations. When you make improvements, spread the word.

By Phil Greenwood, Director at Iron Mountain

Overcoming the inherent barriers that hold shared services back is the key to realising the vision of shared services in the public sector. By empowering managers to take control of the information they handle, a continuous chain of information custody can be created that will drive cultural change, and ultimately reduce information risk.

[1] http://www.local.gov.uk/shared-services-map [1] http://www.local.gov.uk/shared-services-map [1] The research was conducted by Coleman Parks on behalf of Iron Mountain in January 2016. 205 interviews took place, split evenly between Records Managers and Lines of Business staff at local authorities in the UK. Lines of business staff included those with the following job titles: Director of ICT, CIO, Finance Director, Director of Strategy and Transformation, Head of Quality Assurances and Commercial Director. In this article ‘business leaders’ refers to LOBs (Lines of Business staff).

The post Why sharing is not always caring in the public sector appeared first on IT SECURITY GURU.



from Why sharing is not always caring in the public sector

Wednesday, 26 April 2017

It always comes to this: why making the right security designs up front matters.

When we started WiKID, we knew we had to be as secure as or more secure than the leading players at the time (RSA, Vasco, mostly, way back then). We decided that using asymmetric keys generated on users' devices was the best way to overcome objections to software-based tokens. After all, R,S & A had developed public key encryption to overcome the weaknesses of shared secret encryption.

Fast-forward and the dominant form of consumer-oriented two-factor authentication is "two-step" authentication using a shared secret-based protocol (even after hackers successfully stole the shared secretsof a major 2FA vendor) or worse, using SMS. Of course, we know the saying that marketing trumps technology. This seemed like a typical case of that. No one much cared about the increased security offered by asymmetric encryption.

But, security is a slightly different beast because: 1. Attackers are always getting better. 2. Regulationsand compliance can force a market to change despite marketing. The #PCI-DSS Council may be in the process of doing that with their most recent guidance on multi-factor authentication, stating that multi-step authentication leaks account information and should not be used. NIST has said that using SMS as an authentication mechanism is deprecated.

In a way, this will be easier for many systems administrators. Most VPNs and remote access services by default support OTP-based 2FA via RADIUS (which also allows authorization in AD/LDAP another recommended practice) and they do not support a multi-step authentication process. There is no way, for example, to do two-step authentication on a Cisco ASA. But, two-factor authentication is easy and can be added to ASA Admin accounts as well, a great idea and soon to be required for PCI's non-console admin access requirements.



from It always comes to this: why making the right security designs up front matters.

HipChat hacked, users’ account information potentially compromised

Atlassian’s group chat platform for business was hacked over the weekend. The service, HipChat, has reset all of it’s users’ passwords after a security incident was flagged due to a vulnerability in a third-party library used by HipChat.com.

A security notice was released on Monday (24 April), with the company saying hackers could potentially have accessed a significant amount of personal data. Users’ account information such as names, email addresses, hashed passwords as well as the room metadata are thought to have been accessed in the breach.

The attack is thought to have affected less than 0.05% where hackers may have infiltrated private messages and content within rooms on one of the servers on the HipChat Cloud web tier.

Although Atlassian have claimed they have isolated the incident and that was no evidence that the breach impacted other Atlassian systems, the breach of personal information is of extreme significance and concern, which was highlighted by Robert Capps, VP of business development at NuData Security. He says “With just a name and email address, there is an outsized risk to consumers from targeted phishing and malware attacks. Stolen consumer data can be combined with other personally identifiable information (PII) from other hacks and breaches, to amass even more detailed profiles of users that are traded and sold to other hackers and fraudsters. These bundles of data contain much more complete information about specific individuals providing greater opportunities for fraud to take place.”

Many infosecurity experts were quick to praise HipChat’s rapid and efficient response to the breach. Javvad Malik, Security Advocate at AlienVault said “they have done a good job of communicating the breach to customers in a timely manner, indicating that they had monitoring controls in place to look for breaches. The company also provided reassurance on the security of its systems with passwords being hashed with bcrypt. It also followed up with the good step and advice to customers to reset their passwords.

Javvid also advised that “customers should also be sure to change their passwords on other systems if they were reusing the same one. “While HipChat has apparently covered all the bases and should be commended for their swift and appropriate response. There is the small issue of other data that could have been potentially accessed by attackers.”

Paul Edon, Director at Tripwire noted that the leaked data was “hashed and salted”, making it difficult to crack adding “it sounds as though HipChat take their cyber security seriously.” Paul did, however, have one concern regarding whether the breach came from a known vulnerability. “If “unknown” well done HipChat for the speed at which they identified the breach and took the necessary action to remediate further loss or damage. However, if the vulnerability was “known” then this is another case where security best practise – vulnerability and patch management would have almost certainly prevented the breach.”

As a precaution, HipChat have invalidated passwords on all potentially affected HipChat-connected user accounts and sent those users instructions on how to reset their passwords. In response to the attack, the company are also preparing a server update.

ESET IT security specialist, Mark James also noted to how quick HipChat were to reacting saying “password resets are good and notifying affected users quickly is a major plus. We often hear about these types of breaches months if not years after they have happened, but in this case we have seen a good description of events with plenty of information about who, what and when.”

 

The post HipChat hacked, users’ account information potentially compromised appeared first on IT SECURITY GURU.



from HipChat hacked, users’ account information potentially compromised

77% Of All Ransomware Detected in 4 Industries

NTT Security, the specialised security company of NTT Group, has launched its 2017 Global Threat Intelligence Report (GTIR), which analyses global threat trends based on log, event, attack, incident and vulnerability data [1 October 2015 to 31 September 2016]. Analysing content from NTT Group operating companies, including NTT Security, Dimension Data, NTT Communications and NTT Data, and data from the Global Threat Intelligence Center (formerly known as SERT), the report highlighted the latest ransomware, phishing and DDoS attack trends and demonstrates the impact of today’s threats against global organisations.

View full story

ORIGINAL SOURCE: Information Age

The post 77% Of All Ransomware Detected in 4 Industries appeared first on IT SECURITY GURU.



from 77% Of All Ransomware Detected in 4 Industries

Hackers Uncork Experimental Linux-targeting Malware

Hackers have unleashed a new malware strain that targets Linux-based systems. The Linux/Shishiga malware uses four different protocols (SSH, Telnet, HTTP and BitTorrent) and Lua scripts for modularity, according to an analysis of the nasty by security researchers at ESET. Shishiga relies on the use of weak, default credentials in its attempts to plant itself on insecure systems through a bruteforcing attack, a common hacker tactic. A built-in password list allows the malware to try a variety of different passwords to see if any allow it in.

View full story

ORIGINAL SOURCE: The Register

The post Hackers Uncork Experimental Linux-targeting Malware appeared first on IT SECURITY GURU.



from Hackers Uncork Experimental Linux-targeting Malware

Mirror Group Agrees To Pay Hefty Bill in Damages Over Phone Hacking

Mirror Group Newspapers have been hit with a bill running into tens of millions of pounds after dozens of phone hacking victims settled their claims for damages. Lord Archer and his wife Dame Mary, who was hacked while he was serving a prison sentence, were among dozens of well known figures who reached an agreement with the newspaper. Other victims included former Home Secretary, Charles Clarke, ex-England football manager, Kevin Keegan and actress Patsy Kensit all settled claims after having their private conversations and messages hacked by journalists.

View full story

ORIGINAL SOURCE: The Telegraph

The post Mirror Group Agrees To Pay Hefty Bill in Damages Over Phone Hacking appeared first on IT SECURITY GURU.



from Mirror Group Agrees To Pay Hefty Bill in Damages Over Phone Hacking

A Week Later, Hacked Spyware Vendors Haven’t Warned Their 130,000 Customers

An alleged email apparently shows one employee explicitly telling staff not to warn customers the company was hacked. Tens of thousands of people are in the dark. Motherboard recently reported hackers had targeted two companies that sell spyware to the everyday consumer—Retina-X and FlexiSpy. Hackers made off with a mix of over 130,000 customer records, as well as company documents and even text messages and photos captured by Retina-X’s malware. A week later, and affected customers say neither company has informed them about the data breaches, with one company allegedly telling staff to lie to victims who inquired about the hack.

View full story

ORIGINAL SOURCE: Motherboard

The post A Week Later, Hacked Spyware Vendors Haven’t Warned Their 130,000 Customers appeared first on IT SECURITY GURU.



from A Week Later, Hacked Spyware Vendors Haven’t Warned Their 130,000 Customers

Chipotle Says Its Payments System Was Hacked

Chipotle Mexican Grill cannot catch a break. Just as the fast-casual chain reported that sales have rebounded after a prolonged slog in the wake of a food safety outbreak, executives told Wall Street analysts that the company’s payment processing system was hacked. “We want to make our customers and investors aware we recently detected unauthorized activity on a network that supports payment processing for purchases made in our restaurants,” chief financial officer Jack Hartung told analysts during an investor presentation. He said that Chipotle (CMG, +3.67%) had implemented additional security measures, actions it believes stopped the unauthorized activity, which the restaurant chain estimates occurred between March 24 through April 18. Chipotle says it is also working with a cyber security firm, law enforcement, and the payment processor to address the matter.

View full story

ORIGINAL SOURCE: Fortune

The post Chipotle Says Its Payments System Was Hacked appeared first on IT SECURITY GURU.



from Chipotle Says Its Payments System Was Hacked

Brits don’t trust businesses to protect their personal information

The majority of UK consumers – 87 percent – are worried about the security of their personal information online, following numerous stories of data breaches hitting the headlines over the past 12 months.

That’s according to a new report from Yoti and YouGov, which surveyed over 2,000 consumers in the UK to find out how people feel about sharing their information online.

Notably, the report found that almost half (46 percent) of 18-34 year olds have given false information online. The main reason given for this was to avoid unwanted contact or spam, demonstrating that consumers do not trust that businesses will use their details appropriately.

With individuals repeatedly asked to share personal and sensitive information in exchange for goods or services, it’s clear that there are frustrations with the current process. 45% of adults still feel uncomfortable when entering personal details online, and just over one in ten British adults have been a victim of identity theft.

“Given the ever-growing number of high profile data breaches, it’s no surprise that most UK consumers are increasingly worried about sharing their personal data,” said Robin Tombs, CEO, Yoti. “People have to trust that both big and small businesses will secure their information and not let it fall into the wrong hands. But with countless stories of data leaks, often from well-known brands, it’s no wonder this trust has gone. More and more people recognise that they can take control. By choosing to replace weak passwords with biometrics and minimising the amount of sensitive and personal data they share, they will protect their information and enable businesses to tighten their security.”

Additional findings include:

  • 38% of people who have sent a passport or driving licence to a company as proof of ID are then worried about how that information is stored
    • This was most concerning for those aged 35-44 years, with just under half (47%) saying they felt worried about this
  • 46% of respondents would be likely to use a smartphone app that allowed them to prove their identity in the same way as using an official ID document instead of using their paper documents repeatedly.

The report also highlights the need for companies to consider whether their current way of collecting customer information during the onboarding process meets the quick, convenient and easy experience demanded by today’s digital society.

You can download the full report here.

The post Brits don’t trust businesses to protect their personal information appeared first on IT SECURITY GURU.



from Brits don’t trust businesses to protect their personal information

UK tech industry drives IT jobs growth by 12%

The latest Robert Walters UK Jobs Index has revealed that job vacancies for IT professionals rose by 12% in the first quarter of 2017 compared to the same time last year.

Developers and software engineers were particularly sought after, accounting for 14% of total demand while vacancies for IT managers made up 4% of the total number of roles.

Ahsan Iqbal, Associate Director, Robert Walters comments:

“The UK it sector has enjoyed strong steady growth over the past several years and was largely resistant to the slowdown in hiring seen by other sectors in the midst of political and economic uncertainty last year.”

“However, the start of 2017 has nevertheless see a signifincant increase in IT hiring, with developers particularly sought after. Demand from startup firms in fin tech has played a significant role in this, in addition to large established companies investing heavily in cyber security.”

“With several high profile data breaches over the past few years involving prominent companies, employers are increasingly recognising the importance of a robust cyber scurity function and are prepared to invest in securing top talent in this field.”

MID LEVEL IT MANAGERS SOUGHT

In addition to the need for IT professionals with strong technical skills, employers are also increasingly recognising the importance of IT staff who can play a critical role in ensuring IT policy is integrated with other departments across the business.

Ahsan Iqbal continues:

“IT professionals with strong technical proficiency are highly sought after by firms across a range of industries, but IT managers with effective communication and stakeholder management skills are in particularly high demand.”

“As effective cyber security policies become an increasingly high priority, the ability for IT teams to liaise with other areas of the business to develop effective strategies is becoming increasingly vital.”

“As a result, IT managers who can demonstrate the ability to collaborate with other teams and develop strong internal working relationships are highly sought after, with employers prepared to offer generous salaries to secure top talent.”

The post UK tech industry drives IT jobs growth by 12% appeared first on IT SECURITY GURU.



from UK tech industry drives IT jobs growth by 12%

Wonga breach highlights the cybersecurity threat

Recently payday lender Wonga suffered a monumental data breach with personal details from hundreds of thousands of accounts likely to have been illegally accessed. More than a quarter of a million customers have since been warned that their personal data may have been stolen.

This is yet another substantial attack. This comes on top of the recent hugely damaging attacks on a number of well-known UK brands including Tesco Bank and telecoms provider Three.

The UK’s Information Commissioner’s Office (ICO) in recent times has been getting harsher with companies for security failings, specifically where that allowed a cyber attacker to access customer data.

In the case of Three it has experienced multiple breaches. In late 2016 three men were arrested after they accessed the personal data of thousands of the company’s customers, including names and addresses. The attackers used authorised logins to Three’s database of customers eligible for an upgraded handset and the customer information from more than 133,000 users was compromised in the incident.

Wonga is also likely to feel the wrath of the ICO’s power very soon given the size of the breach that has occurred. These cyberattacks are part of a growing trend of attacks on consumer-facing organisations.

With the growth in size and frequency of attacks it is imperative for businesses to protect themselves, especially with new European laws coming into force in 2017. Companies should feel more inclined to consider security precautions as a priority, but crucially, by giving cybersecurity the attention it deserves and investing in well-managed security controls, damage control won’t be necessary.

Organisations also have a responsibility to invest in well-managed security tools, which have controls designed to prevent, detect, contain and remediate data breaches. Furthermore, organisations should take care to share simple safeguarding techniques amongst employees and make sure that they are educated around the type of attacks to expect, however ultimately, protection systems need to be put in place to keep hackers out.

As employees are an organisation’s greatest tool, the way they contribute to securing the company should also be well-managed. Those tasked with keeping an organisation secure need to ensure staff have the knowledge, tools and ability to keep themselves and the organisation safe from the myriad of threats that are looking to jump over low barriers or get through chinks in the security armour.

Responsibility for keeping the defence against attacks and threats watertight should permeate throughout the whole organisation as any weaknesses in the armour can, and at some point will, be exploited.

Effective cyber defence requires paying attention to the technologies that are available and using them in the way they are supposed to be used. Companies that take this approach will construct effective barriers meaning hackers will go elsewhere and find an easier target to attack.

Coming back to Wonga, customers who are thought to have been affected have received a message from the payday lender telling them: “We believe there may have been illegal and unauthorised access to some of your personal data on your Wonga.com account.”

The message said that Wonga was working to establish the full details but data breached “may have included one or more of the following: name, email address, home address, phone number, the last four digits of your card number (but not the whole number) and/or your bank account number and sort code.”

This is unlikely to provide much comfort to customers affected. As with other consumer brands that have been affected by cybercrime, customer trust and the value of the company itself will both be damaged – most likely very significantly.

The share price of many companies that have been attacked very often haven’t recovered since cyberattacks took place and indeed studies have also shown that company values often remain lower following a cyberattack. As with the telecoms provider Three, Wonga’s customers also have the choice of other providers. Trust therefore is a business necessity and vital to both gain and keep customers.

What is clear is that Wonga will now have to work very hard to repair its reputation. Other organisations – especially those that are consumer facing – will need to take note of the damage of such cyberattacks or data breaches. This is an issue the whole executive boardroom should be concerned about.

Ultimately the only certainty is that attacks will continue to grow in size and sophistication making the need for effective cybersecurity all the more important. The recent breach at Wonga is proof of that.

By Duncan Hughes, Systems Engineering Director, EMEA, A10 Networks

The post Wonga breach highlights the cybersecurity threat appeared first on IT SECURITY GURU.



from Wonga breach highlights the cybersecurity threat

Tuesday, 25 April 2017

Still Pumping and Dumping

Pump and Dump spam campaign still piling on the improbabilities.

The post Still Pumping and Dumping appeared first on ITsecurity.



from Still Pumping and Dumping

Artificial Intelligence in the Real and Virtual Worlds

Artificial Intelligence and Games While most of the tech media’s ‘next big thing’ buzz is still focused on VR, that technology is beginning to settle into the early days of its role. Gaming and technology blogs will soon be looking for a new source of excitement. With some of the recent products and demonstrations, it […]

The post Artificial Intelligence in the Real and Virtual Worlds appeared first on ITsecurity.



from Artificial Intelligence in the Real and Virtual Worlds

Report: Most Banks Confident in Their Cyber Defense, But Lack Real-World Testing

Nearly 80% of bank executives are confident about their cybersecurity strategies, according to a new report from Accenture, but lack the ability to test their strategies in a real-world testing environment. The report is based on a global survey of 275 senior security executives across the banking and capital markets sectors.

View full story

ORIGINAL SOURCE: CIO Dive

The post Report: Most Banks Confident in Their Cyber Defense, But Lack Real-World Testing appeared first on IT SECURITY GURU.



from Report: Most Banks Confident in Their Cyber Defense, But Lack Real-World Testing

Webroot Antivirus Mistakenly Flags Windows as Malware

A malware signature update issued by the company on Monday triggered the software into mistakenly flagging Windows system files as malware, melting down millions of managed systems around the world.

View full story

ORIGINAL SOURCE: ZDNet

The post Webroot Antivirus Mistakenly Flags Windows as Malware appeared first on IT SECURITY GURU.



from Webroot Antivirus Mistakenly Flags Windows as Malware

Ops, Hackers Can Exfiltrate Data From Air-gapped Networks Through a Malware Controlled via a Scanner

A group of Israeli researchers has devised a new technique to exfiltrate data from a PC in an air-gapped network through malware controlled via scanners.

The team was composed of Ben Nassi, a graduate student at the Cyber Security Research Center at Ben-Gurion University, and his advisor Yuval Elovici, based on an idea of the prominent cryptographer Adi Shamir.

The technique could be used by hackers to establish a covert communication channel between a malicious code running on the target machine in an air-gapped network and the attacker.

View full story

ORIGINAL SOURCE: Security Affairs

The post Ops, Hackers Can Exfiltrate Data From Air-gapped Networks Through a Malware Controlled via a Scanner appeared first on IT SECURITY GURU.



from Ops, Hackers Can Exfiltrate Data From Air-gapped Networks Through a Malware Controlled via a Scanner

Close to 9,000 Servers Across Asean Infected With Malware

In an operation targeting cybercrime across Asean, the Interpol says it has identified thousands of compromised systems that included command-and-control (C2) servers infected with malware and websites run by governments.

Some 8,800 of the servers across eight countries were found to be infected with various malware codes including those targeting financial institutions and used to launch DDoS (distributed denial-of-service) attacks. Investigations involving these systems were still ongoing, according to a statement released by Interpol, which ran the Asean operation out of its Global Complex for Innovation in Singapore.

View full story

ORIGINAL SOURCE: ZDNet

The post Close to 9,000 Servers Across Asean Infected With Malware appeared first on IT SECURITY GURU.



from Close to 9,000 Servers Across Asean Infected With Malware

Phishing Attacks Responsible for Three-Quarters of all Malware

With phishing now widely used as a mechanism for distributing ransomware, a new NTT Security reveals that 77% of all detected ransomware globally was in four main sectors – business & professional services (28%), government (19%), health care (15%) and retail (15%).

While technical attacks on the newest vulnerabilities tend to dominate the media, many attacks rely on less technical means. According to the GTIR, phishing attacks were responsible for nearly three-quarters (73%) of all malware delivered to organizations, with government (65%) and business & professional services (25%) as the industry sectors most likely to be attacked at a global level. When it comes to attacks by country, the U.S. (41%), Netherlands (38%) and France (5%) were the top three sources of phishing attacks.

View full story

ORIGINAL SOURCE: Help Net Security

The post Phishing Attacks Responsible for Three-Quarters of all Malware appeared first on IT SECURITY GURU.



from Phishing Attacks Responsible for Three-Quarters of all Malware

Two thirds of UK consumers worry brands put their private data at risk

Brands face an uphill battle to offer personalised services online, as new research reveals two thirds (67%) of UK consumers are concerned about how brands use their personal information, such as their name, email, location, and marital status. The same proportion (66%) worry their personal data security could be compromised by the latest IoT gadgets, including smart-watches, fitness trackers, and home devices such as Amazon’s Echo.

As consumers demand a more personalised shopping experience online, these statistics are a worry for brands who rely on customer insight to tailor their services. Further to this, brands face a challenge in restoring confidence with shoppers with General Data Protection Regulations (GDPR) enforcing an opt-in/opt-out policy for consumers.

The 2017 State of Consumer Privacy and Trust survey, a wide-ranging poll of over 4,000 adults in the UK and US from Gigya, the leader in customer identity management, found widespread alarm about how major brands approach data privacy. Concern about the security of personal IoT devices rises to almost three-quarters (73%) in the US.

In general, concern about data privacy rises, marginally, across generations, with a 13% delta between the 18-24 year olds (60%) and over-65s (73%), and most age groups in between also hovering around 70%. The pattern repeats, with similar scores (62% and 72%, respectively), when respondents were asked their opinions of data security on IoT devices.

The study also revealed that more UK respondents think brands’ privacy policies have become weaker (32%) in the face of escalating cyber security attacks, and tougher regulation, rather than stronger (26%).

Richard Lack, Managing Director of EMEA at Gigya, said: “Marketers have been quick to embrace the web, social media and smart devices to engage with consumers on a level that has completely transformed brand relationships. These relationships now rely on the unprecedented free-flow of increasingly sensitive customer data, in exchange for convenience, better recommendations, or access to that data across all of our devices.” He continued: “But marketers are about to experience a seismic shift in the way they collect and manage data. GDPR, which is just a little more than a year away, will keep brands honest by forcing an ‘opt-in’ policy on consumer data for the first time and radically changing the way that personally identifiable information is defined. This research pinpoints an urgent need for retailers and marketers to restore public confidence in the year ahead. They must put GDPR compliant systems in place to prevent a mass consumer ‘opt-out’ when the new regulations are enforced.”

The survey also found UK respondents doubt their data privacy will improve under Theresa May’s government; in fact, a higher percentage (18%) reckon it will be less secure, than think it will be more secure (17%). In the US, a third (32%) think the Donald Trump administration will make their data more secure, compared with a quarter (26%) who think it will be less secure.

Lack continued: “It is important brands don’t think they’re off the hook just because the public increasingly recognises its own role in keeping data private and secure. Yes, as consumers, we must be aware of the risks, and take precautions. But as technology evolves, and regulation tightens, brands must take the issues of data security firmly in hand, understanding the value of trusted relationships.”

The post Two thirds of UK consumers worry brands put their private data at risk appeared first on IT SECURITY GURU.



from Two thirds of UK consumers worry brands put their private data at risk

STEM prodigies battle it out in competition to find next generation of cyber talent

Today, some of the UK’s brightest 12-18 year olds will compete in the National Finals of CyberCenturion, a country-wide cyber defence competition led by global security company Northrop Grumman and Cabinet Office-backed Cyber Security Challenge UK, with support from the US Air Force Association. Battling it out at the Institution of Engineering and Technology (IET), ten teams will compete in a high-pressured, face-to-face challenge to protect a fictional company from vicious cyber-attacks.

The candidates will be tasked with defending a start-up drone-based food delivery service – named ‘Always Food Available’ – using their evolving cyber security skills to identify vulnerabilities in the company’s network and systems, repair the vital issues and maintain the company’s services, while fending off adversaries.

The ten finalist teams are the top performers from a series of intense qualifying rounds which took place over the last six months between more than 100 teams from across the UK and Overseas Territories.

A key element of CyberCenturion’s success is that competitors do not need any prior experience in cyber defence; participants are provided with the training and preparation materials required. This makes the programme accessible and encourages broad participation. Diversity is critical in the profession; as the cyber threat becomes more complex, workforce diversity is important in bringing different perspectives, academic backgrounds, experience and problem-solving approaches to addressing the challenges.

CyberCenturion aims to engage thousands of talented young individuals curious about cyber security and eager to put any existing cyber skills to the test. It mirrors the US CyberPatriot competition, part of a major youth STEM education programme in the US presented by the Northrop Grumman Foundation and created by the US Air Force Association, aimed at inspiring youth to pursue careers in cyber security or other STEM disciplines critical to global security.

The competitors include some of the brightest young minds in STEM from across the UK, from Essex to Edinburgh. This includes Maths Olympiad winners, Gold CREST award recipients and an individual who has written an artificial intelligence programme that can beat humans at chess.

As a national, team-based cyber security contest, CyberCenturion is designed to address the nationwide STEM skills gap by opening up cyber security education to youth groups from every sphere of life; from cadet corps, Scout groups and Girl Guides, to school clubs and community groups. Cyber security association (ISC)2 predicts a shortfall of 1.8 million cyber security professionals by 2022 if current hiring trends continue, highlighting how valuable initiatives like these are, building a diverse cyber workforce, filling the ever-expanding technology skills gap and inspiring the next generation of digital defenders.

The winning team will receive a bundle of technology equipment for their school to help further promote STEM and cyber careers in the school and to provide them with a competitive edge for their future careers. They will also receive trophies and medals, as well as building key networks with individuals in the industry who could help them work towards a future career in cyber.

Andrew Tyler, Chief Executive, Northrop Grumman Europe, said: “There is currently a severe shortage of diverse young people entering careers in STEM subjects, and it is up to industry leaders like Northrop Grumman to help rectify this situation. The CyberCenturion competition is highly relevant today; through this initiative we are helping to inspire and build a diverse cyber workforce to address this global imperative. We are encouraging them to use their skills in a safe and productive way, and to consider a career in the cyber security sector. CyberCenturion is continuing to grow; this year saw more than one hundred teams enter. We believe that in the years to come, we’ll see many of these talented individuals defending the UK, and even global companies from cyber-attacks.

Nigel Harrison, acting COO and Co-Founder at Cyber Security Challenge UK, said: “For the last three years, Northrop Grumman has partnered with us to deliver one of the country’s most successful cyber security competitions for this age group. It’s incredibly important to inspire the next generation of cyberists and encourage them to consider cyber security as a potential career as early as possible. Competitions like this are a great way of achieving this, in a safe and secure environment. CyberCenturion also helps to take cyber out of the classroom; while we have many school teams playing, CyberCenturion is ideal for cadets, Scouts or Guides or even groups of enthusiastic individuals, supported by an adult. We would encourage any young people to give it a try, they could surprise themselves, and us.”

Professor Jeremy Watson CBE, President of the Institution of Engineering and Technology said: “We are delighted that Cyber Security Challenge UK and Northrop Grumman have chosen the IET as the venue for this event. We place a high value on STEM education, as the future of engineering and technology relies on the next generation to bring new skills and insights to the industry. Cyber security is still a relatively new sector and although its importance is growing, awareness of the field is often low compared to other engineering disciplines. Initiatives such as CyberCenturion are critical to ensuring we find and nurture talent and develop a task force that will secure our country in the future.”

Registration for the next CyberCenturion competition is now open, click here to register or to find out more.

Cyber Security Challenge UK offers a series of games and competitions for all ages, visit www.cybersecuritychallenge.org.uk to sign up to play today.

The post STEM prodigies battle it out in competition to find next generation of cyber talent appeared first on IT SECURITY GURU.



from STEM prodigies battle it out in competition to find next generation of cyber talent

One in Eight Consumers in England Have Had Their Healthcare Data Breached, Accenture Survey Reveals

One in eight consumers in England (13 percent) have had their personal medical information stolen from technology systems, according to results of a new survey from Accenture.

The survey of 1,000 consumers in England revealed that the vast majority (78 percent) believe healthcare providers have a great deal of responsibility for keeping digital healthcare data secure, compared to only 40 percent who believe it is their personal responsibility. Despite this, the findings show that more than half (56 percent) of those who experienced a breach were victims of medical identity theft and more than three-quarters of those victims (77 percent) had to pay approximately £172 in out-of-pocket costs per incident, on average.

In addition, the survey found that the breaches in England were most likely to occur in pharmacies — the location cited by more than one-third (35 percent) of consumers who experienced a breach — followed by hospitals (29 percent), urgent care clinics (21 percent), physician’s offices (19 percent) and retail clinics (14 percent). More than one-third (36 percent) of English consumers who experienced a breach found out about it themselves or learned about it passively through noting an error on their health records or credit card statement. Only one-fifth (20 percent) were alerted to the breach by the organization where it occurred, and even fewer consumers (14 percent) were alerted by a government agency.

Among those who experienced a breach, the majority (70 percent) were victims of medical information theft with more than a third (39 percent) having personal information stolen. Most often, the stolen identity was used for fraudulent activities (cited by 82 percent of data-breached respondents) including fraudulently filling prescriptions (42 percent) or fraudulently receiving medical care (35 percent). And, a quarter of consumers in England (25 percent) had their health insurance ID number or biometric identifiers (18 percent) compromised. Unlike credit-card identity theft, where the card provider generally has a legal responsibility for significant account holder losses, victims of medical identity theft often have no automatic right to recover their losses.

“Patients must remain more vigilant than ever in keeping track of personal information including credit card statements and health records which could alert them to breaches,” said Aimie Chapple, managing director of Accenture’s UK health practice and client innovation in the UK & Ireland. “Similarly, health organizations must monitor patient information more carefully and remain transparent with those affected in the event of a breach to swiftly resolve the issue without losing consumers to competitors.”

Despite the myriad breaches occurring, consumers still trust their healthcare providers (84 percent), labs (80 percent) and hospitals (79 percent) to keep their healthcare data secure more than they trust the government (59 percent) or health technology companies (42 percent) to do so. About two-thirds of consumers in England (65 percent) either maintained or gained trust in the organization from which their data was stolen, following a breach. And, more than half (68 percent) of English consumers said they want to have at least some involvement in keeping their healthcare data secured, whereas only a quarter (28 percent) said that they have such involvement today.

In response to the breach, nearly all (95 percent) of the consumers who were data-breach victims reported that the company holding their data took some type of action. Some organizations explained how they fixed the problem causing the breach (cited by 29 percent), explained how they would prevent future breaches (23 percent) or explained the consequences of the breach (22 percent). Of those that experienced a breach, over half (53 percent) of respondents felt the breach was handled somewhat well while only 15 percent of respondents felt the breach was handled very well, indicating there is potential room to improve.

“The time to assure consumers that their personal data is in secure, capable hands is now,” Chapple said. “When a breach occurs, healthcare payers and providers should be able to swiftly notify those affected, with a plan of action on how to remedy the situation and prevent it from happening again.”

The post One in Eight Consumers in England Have Had Their Healthcare Data Breached, Accenture Survey Reveals appeared first on IT SECURITY GURU.



from One in Eight Consumers in England Have Had Their Healthcare Data Breached, Accenture Survey Reveals

Monday, 24 April 2017

China Hacked South Korea Over Missile Defense

Chinese state-backed hackers have recently targeted South Korean entities involved in deploying a U.S. missile-defense system, says an American cybersecurity firm, despite Beijing’s denial of retaliation against Seoul over the issue. In recent weeks, two cyberespionage groups that the firm linked to Beijing’s military and intelligence agencies have launched a variety of attacks against South Korea’s government, military, defense companies and a big conglomerate, John Hultquist, director of cyberespionage analysis at FireEye Inc., said in an interview. The California-based firm, which counts South Korean agencies as clients, including one that oversees internet security, wouldn’t name the targets.
View full story

ORIGINAL SOURCE: Netral News

The post China Hacked South Korea Over Missile Defense appeared first on IT SECURITY GURU.



from China Hacked South Korea Over Missile Defense

Facebook and Twitter are Stopping Hackers by Paying to be Hacked

Facebook, Twitter and Snapchat are paying hackers to find glitches in their system. Technological giants are shelling out possibly £156,000 to these ‘ethical hackers’ every day. One of the hackers has spoken out about his job. Known as Topiary online, Jake Davis is a former ‘black hat’ – meaning he was an illegal hacker. The 24-year-old was arrested at his Shetland home in 2011 but escaped a possible 10 year jail sentence. Serving just 38 days, Davis had been tagged by a police anklet for 21 months. But now he is a ‘white hat’, and is exposing tech companies’ flaws so they can patch them up.

View full story

ORIGINAL SOURCE: Metro

The post Facebook and Twitter are Stopping Hackers by Paying to be Hacked appeared first on IT SECURITY GURU.



from Facebook and Twitter are Stopping Hackers by Paying to be Hacked

Aadhaar Data Leak: Personal Information of More than 1 Million Jharkhand Pensioners Released Online

In a major gaffe, personal details of around 1.5 million penioners in Jharkhand were made public on a state website of social security. The details also included people’s Aadhaar card and bank account information. The details were put on the website because of a programming error, according to the Hindustan Times. There are nearly 1.6 million pensioners in Jharkhand and around 1.4 million have linked their bank account with their Adhaar numbers to get direct benefit of subsidies. The personal details of the pensioners were made available on the Women and Child & Social Security of the Government of Jharkhand’s website, maintained by the Jharkhand Directorate of Social Security.

View full story

ORIGINAL SOURCE: IB Times

The post Aadhaar Data Leak: Personal Information of More than 1 Million Jharkhand Pensioners Released Online appeared first on IT SECURITY GURU.



from Aadhaar Data Leak: Personal Information of More than 1 Million Jharkhand Pensioners Released Online

Lifespan Notifies Patients of Potential Data Breach

Rhode Island’s largest health care provider says an employee’s laptop containing patient information was stolen, but there’s no indication that any patient’s information has been accessed or used as a result of the theft. The Providence Journal reports (http://bit.ly/2q4kfy1) that Lifespan recently sent a notice about the potential data breach to about 20,000 patients. The hospital network says the computer was stolen from a car on Feb. 25. The employee immediately reported the theft to police and Lifespan. Lifespan says it began investigating and changed the employee’s credentials out of an abundance of caution. The laptop may have had work emails containing information about patients and their medication prescriptions, but it didn’t have Social Security numbers, medical diagnoses and other sensitive information in the network’s database.

View full story

ORIGINAL SOURCE: Washington Times

The post Lifespan Notifies Patients of Potential Data Breach appeared first on IT SECURITY GURU.



from Lifespan Notifies Patients of Potential Data Breach

Primary School is ‘Hacked by Extremists’ Who Threaten ‘Persecution’ in Website Rant

Police are investigating after “malicious” messages were left on a school website by Turkish nationalists in an apparent hacking attempt. Parents of students at North Mundham primary in Sussex were left concerned after the school’s website was taken over by a long message written in Turkish. The school website has been changed to a plain white background with a red logo, believed to be linked to cyber hacking group Ayyildiz Tim. The group describes itself as “patriotic”, claiming to be soldiers of the virtual world and aiming to stop anti-Turkish messages while carrying out propaganda activities.

View full story

ORIGINAL SOURCE: The SUN

The post Primary School is ‘Hacked by Extremists’ Who Threaten ‘Persecution’ in Website Rant appeared first on IT SECURITY GURU.



from Primary School is ‘Hacked by Extremists’ Who Threaten ‘Persecution’ in Website Rant

Cyber security centre of excellence to open at Cardiff University

A new research centre set up to provide world-leading research into the ever-growing problem of cyber security has today been launched by Cardiff University and Airbus.

 The Centre of Excellence in Cyber Security Analytics will be located at Cardiff University’s School of Computer Science and Informatics and will be the first centre of its kind in Europe.

 Together with experts from Airbus, researchers will carry out world-leading studies into machine learning, data analytics, and artificial intelligence for cyber-attack detection. This research will aim to protect corporate IT networks, intellectual property, and critical national infrastructure.

 The centre, which forms part of a strategic Memorandum of Understanding between the two parties, will also develop industry-relevant academic programmes in cyber security at the University, in an attempt to fill the skills gap that currently exists in the field.

 The agreement will also support knowledge sharing between Airbus and Cardiff University, with the potential for secondments and industrial placements to be made available for researchers and students.

 Cardiff University’s Dr Pete Burnap, Director of the Centre of Excellence for Cyber Security Analytics, said: “Cyber security analytics is about improving our resilience to cyber-attacks through data modelling to detect and block malicious behaviour before it causes its full impact; but also about understanding what motivates the behaviour, what its likely impact will be, and how to communicate security alerts among decision and policy-makers.

 “The centre is interdisciplinary by design and will draw together expertise in cyber security from across the whole University.”

 Dr Kevin Jones, Head of Cyber Security Innovation at Airbus, said: “Collaborating with leading Universities such as Cardiff to research and develop sophisticated machine learning and data analytics for attack detection is a key approach in the future protection of critical systems.  The launch of the Centre of Excellence in Cyber Security Analytics is an enabler for the rapid transfer of research into operational activities and ensures that researchers are able to access the latest techniques and data, and in addition are supported by Airbus experts.”

 In tandem with the launch of the Centre of Excellence, Cardiff University has recently been awarded almost £2m in external funding from a range of sources, including UK research councils, industry and government, to launch major new programmes over the next 3 years, aimed at developing cutting-edge machine learning algorithms to detect cyber threats targeting various internet-enabled environments, including online social media to control systems in critical national infrastructure.

 Together, Cardiff University and Airbus have already received more than £1m of funding for cyber security, including studying risks to the systems underpinning critical national infrastructure. This was part-funded by the Endeavour programme backed by Airbus and Welsh Government.

 Cardiff University’s Vice-Chancellor, Professor Colin Riordan, said: “This exciting new partnership is a great example of how Cardiff University’s expertise is linking up with world-leading businesses to make a better future for Wales and the world.

“Cyber security research is of critical importance in our digital society so it’s extremely important that we find innovative, real-world solutions to help detect, and protect against, dangerous cyber-attacks.”  

The post Cyber security centre of excellence to open at Cardiff University appeared first on IT SECURITY GURU.



from Cyber security centre of excellence to open at Cardiff University