Networks, including equipment, appliances and network services for financial services has become a case of plugging holes where needed. This has then led to acquiring network equipment and solutions as the need arises. With all the equipment in play, there is a need to simplify and integrate network solutions. This will then result in a more understandable, straight-fairly forward security solution.
According to finextra.com, the problem stems from disparate network equipment from different vendors. This is usually the case because no single vendor has a complete line of network equipment. Besides the network routers, switches and bridges, there are also the quality of service (QoS) appliances, dedicated firewalls, gateways, as well as storage (NAS/SAN), and routing (NAT and proxy) solutions.
Implementing Social Engineering
Unfortunately, each of today’s network equipment and appliances usually also has other associated services included or embedded in their systems, resulting in redundancies of functions. In terms of network security, each of these devices has their own solutions, whether as hardware or as built-in software. For instance, it is a de facto standard that a network device has its own anti-virus program. However, even worse than the redundancies, there are sometimes solutions at cross-purposes to one another.
The key to keeping on top of these security solutions is to integrate and simplify. Planning and mapping out the existing equipment will show which associated services are repeated across devices. Integrating these solutions would require some form of automation, including scripts and programs. This part is relatively simple, as most network appliances run Linux or Unix inside their boxes.
Integration will show which equipment or service is no longer needed. The savings is more evident in the services and licenses. Once you buy network equipment, it usually cannot be sold back to the vendor. However, the savings is in the associated fees like licensing and support for these devices, as well as for specific software running on these boxes.
How To Combat DDoS Attacks
Cyber-attacks are happening at an alarming rate and are increasing with the use of Distributed Denial of Service (DDoS) attacks which make online services unavailable by driving increased traffic to the service from a variety of sources. DDoS attacks are targeted toward making your website unavailable, rather than gaining access to proprietary information like most cyber-attacks. Using multiple people and multiple connected devices DDoS attacks are harder to anticipate. There are four types of DDoS attack methods including:
- TCP Connection Attacks – occupy any and all available connections to infrastructure devices
- Volumetric Attacks – congest the internet by using up as much bandwidth streams by flooding the servers as much as possible
- Fragmentation Attacks – reduce performance and make it difficult to fix the streams by flooding TCP fragments to the victim
- Application Attacks – target specific services and are difficult to detect and stop once discovered
Recent DDoS Attacks
DDoS attacks can be launched by individuals or businesses motivated by extortion, cyber vandalism, personal agendas or cyber warfare. According to The Guardian, the largest DDoS attack was a cyber-attack against Dyn’s servers that involved nearly 100,000 malicious endpoints caused by the Mirai botnet (made up of the Internet of Things (IoT) devices infected with special malware). In a Mirai botnet, there are much more devices to choose from making it a larger attack than your typical DDoS attack. The Mirai botnet strained the Dyn servers so much the result was a complete collapse.
Another DDoS attack was on Brian Krebs, a journalist who reports on internet criminals, DDoS hiring services, and identity thefts. Unfortunately, this time around Krebs was the one being reported on for being the victim of one of the largest DDoS attacks. According to The Economist, his network mitigation provider could handle the attack at first, but the 600 to 700 billion bits per second attack ultimately made him shut down his website.
These two attacks are just a few of the many that continuously happen. To help prevent DDoS attacks from occurring both the government and businesses need to invest more money and more effort. The government can assist by requiring security standards and businesses can assist by building better security into devices and networks they are connected to. There is no one answer to protecting against DDoS attacks, but there are measures both businesses and individuals can take to lessen the burden of an attack.
How businesses and individuals can protect themselves from DDoS attacks
DDoS attacks can happen at any time to any business which is it is suggested that businesses plan for DDoS attacks before they become victims to them. There is no one foolproof way to avoid DDoS attacks, but according to the Software Engineering Institute of Carnegie Melon University there are steps that can be taken to mitigate the risk including:
- Resilient architecture – resources should be geographically dispersed, data centers should not be connected to the same internet providers and data centers should not have one single point of failure
- Hardware – use hardware meant to handle DDoS attacks and use the hardware’s options to protect network resources
- Bandwidth – scale bandwidth to handle a large volume of traffic
- Outsource – find service providers that offer mitigation services for DDoS attacks
Individuals and their sites are in just as much risk. If you have your own website, you are in just as much risk, perhaps even more so as individuals will not have the same amount of resources to help deter and prevent attacks. It is important to understand how and why you must protect yourself from a DDoS attack. Take into consideration how you will block malicious traffic such as:
- Discuss DDoS protection with your hosting provider
- Route website traffic through a third-party that filters out malicious traffic
- Look into Project Shield, launched by Google Ideas, which helps individuals protect their website against DDoS attacks
The more businesses and the government work together the quicker a solution can be found to lessen the impact of DDoS attacks. Until security standards are set, it is encouraged that businesses and individuals prepare for a DDoS attack using the options mentioned above before becoming a victim.
2017 Round-up Of Big Tech Company Admissions To Massive Data Breaches
Contrary to the popular belief, the data breaches had not begun when companies started storing their sensitive information digitally. They have been there for as long as users and enterprises have maintained records and stored private data.
The Beginning
Some of the first publicly disclosed data breaches date back to the 1980s. In 1984, the international credit information conglomerate TRW (currently known as Experian), was hacked. The hackers stole about 90 million records. Two years later, the Canada Office of Inadequate Security announced that 16 million records of Revenue Canada were compromised. However, until the past two decades the term “data breach” was not so widely popular.
Yahoo
Earlier this fall Yahoo reported one of the largest data breaches ever. The company announced that undisclosed third parties stole more than 1 billion user accounts in August 2013. The case is separate from another data breach the company disclosed in September. It involved the compromising of nearly 500 million user accounts in late 2014. The stolen user data from the new breach included names, e-mail addresses, phone numbers, passwords, personal information but no credit card details.
Hewlett-Packard and the Navy
At the Thanksgiving Eve, the Hewlett-Packard Enterprise revealed that unknown individuals compromised the laptop of one of their employees. As a result, the social security numbers and the names of 134,386 former and current Navy sailors leaked. The U.S. Navy also confirmed that as of now, there was no evidence to suggest the misuse of information.
Verizon
In March 2016, Verizon Enterprise Services announced that it had been a victim of a cyber-attack that affected 1.5 million of its corporate clients. The hackers managed to access some basic contact information. They did not compromise the customers’ proprietary network information. Subsequently, a member of an underground cybercrime forum posted a thread to advertise the sale of a database containing the contact details of 1.5 million customers of Verizon. The seller offered the entire package for $100,000. It was also possible to purchase a set of 100,000 records for 10,000 each. Interested parties could also buy detailed information about security issues in Verizon’s official site. The telecom provider did not disclose the cause of the breach. However, the company confirmed that it already found and fixed the vulnerability the hackers used to collect the data.
Myspace
In May, this year, Time Inc., Myspace‘s new owner admitted the publishing of a large set of stolen Myspace login details for sale in an online hacker forum. The company did not disclose the exact number of compromised accounts. According to internal sources, there were about 427 million passwords and 360 million user accounts available for sale online. Supposedly, the leaked data was several years old and just a part of the overall user data from the old Myspace platform before the site relaunch with the added security in 2013.
Also in May 2016, LinkedIn reported the second data breach in its history. A hacker named Peace managed to steal 6.5 million encrypted passwords. Soon after that, they appeared for sale in a Russian dark net forum.
Tumblr
Tumblr also confirmed a 2013 data breach affecting an undisclosed number of users. According to the analysts, the number of compromised accounts exceeded 60 million unique e-mail addresses and passwords. When announcing the breach, Tumblr confirmed that the passwords were not in plain text but were “hashed” instead. This process converts the password into a different string of digits. The company did not report what algorithm the hacker used to hash the login details. A hacker called Peace put the data on sale on the darknet platform.
What do the numbers say?
According to the 2016 Cost of Data Breach Study conducted by Ponemon Institute and commissioned by IBM, the average total cost of the data breach for all the 383 companies surveyed, increased from $3.79 million in 2015 to $4 million in 2016. The average amount paid for a compromised record increased slightly, from $154 to $158. In the United States, the average per capita cost of a data breach in 2016 was $221, and in India, it was $61. While the average total organizational cost in the United States was $7.01 million, it was $1.6 million in India and $1.87 million in South Africa. On average, it takes the companies 229 days to identify data breaches caused by malicious attacks. If a human error caused the data breach, it typically takes the organization 162 days to identify it, the study suggested.
Verizon examined more than 100,000 incidents and analyzed over 2,260 data breaches in 2015. Per its 2016 Data Breach Investigations Report by Verizon, almost half of the security breaches in the technology companies involved Denial of Services (DoS) attacks. According to the researchers, this is mainly because the technology companies nowadays rely heavily on digital data, cloud computing, and employee’s mobility.
Can you really prevent a hacker attack?
Although no company is immune to hacker attacks, there are several ways to protect your consumers’ private data. First, you may invest in high-qualified IT security personnel and provide them real career growth within the company. In addition to that, you may develop, test and implement a working strategy in case your main anti-DoS service fails unexpectedly.
It is also important to use different network circuits for your main systems so that one of them could not act as a gateway to more important ones. According to the security professionals, a great majority of the incidents involved cyber-attacks on web apps. One way to prevent it is to use two-factor authentication. Another option is to establish a patch process for third-party plugins.
Securing IoT
The Internet of Things, often referred to as IoT, is the connection of devices to the Internet that collect and exchange data. Nearly everything we own or want to own these days can be connected through the IoT such as a Fitbit, Apple Watch, cars, smart kitchen appliances, door locks and Bluetooth trackers, just to name a few.
This is just the beginning! Can you imagine what we will be able to connect through the IoT by the end of 2017? According to Business Insider Intelligence, “there will be more than 24 billion IoT devices on Earth by 2020.” This opens up a world of possibilities for consumers and manufacturers! It also opens up the increasing need for security surrounding the IoT. Currently, there isn’t much security required with the IoT, but manufacturers, the government and consumers should start making it a primary focus.
Security of IoT should be the primary focus for manufacturers
Hundreds of companies manufacture items connected through the IoT including, Honeywell, GE, Apple, Google, Microsoft, Fitbit, Garmin and Cisco, just to name a few. Security for manufacturers is often left behind because it is not always required for the devices or manufacturers do not know how to secure their devices. In the coming years though, security will have to move to the forefront of manufacturer’s minds.
According to the 2016 Vormetric Data Threat Report, the protection of sensitive data is the top concern among enterprises. Because many of these control systems have been in place for so long, well before cybersecurity was even an issue, they don’t have the security to outsmart hackers. It is up to manufacturers to keep pace with the growing security concerns and security measures that should be put in place to make the public be and feel more secure with their products connected through IoT. How can manufacturers be guaranteed to do this: through the help of the government.
How to ensure security becomes a primary focus for manufacturers
If manufacturers aren’t forced to have top-notch security on their devices they are putting themselves at risk for hacking and unhappy customers. One way to ensure security becomes a priority to manufacturers is having the government set security standards. With robots, drones and self-driving cars being at the forefront of the IoT, consumers are at a higher, more serious security risk. Without security surrounding these “big-ticket” assets we are giving hackers an entryway to homes and cars, prized possessions for consumers. Once the government sets security standards for manufacturers, it is also important for consumers to be knowledgeable of the items they are purchasing and how they are using them.
Consumers need to shift their focus to security of the IoT
As much as it is up to the government to set security standards for manufacturers to follow, it is up to consumers to do research on these connected devices and be informed how not to not make themselves vulnerable to being hacked. The more devices consumers own, the more vulnerable they are to an attack. According to Forbes, they suggest protecting yourself from security threats by:
- Changing the default password on the device you purchased
- Understand what data is being collected by reading the terms and conditions
- Consider how many connected devices you really need
- Always update your software
- Understand your device
In the coming years, manufacturers, government security standards and consumers must set the bar on protecting their devices and consumer information from security threats. While waiting for manufacturers and governments to act, consumers must begin to set security standards and secure our own devices, the less vulnerable we are to potential security threats.
How Can Healthcare Institutions Improve Information Security In 2017?
The US healthcare sector manages highly sensitive, confidential, and diverse data, ranging from personal identification, private health records to financial information. Among all of America’s important infrastructures, it has remained a succulent target of constant attacks from countless anonymous malicious hackers. Besides the traditional financial or medical insurance fraud, the hackers also attack computer-controlled medical devices.
Information Security Statistics
In 2015, 223 healthcare executives among which CIO’s, CTO’s, Chief Security Officers, participated in the KPMG’s “Health Care and Cyber Security” survey. 81 percent of them confirmed that computer systems suffered from one or more cyber-attacks within the past year.Furthermore, per Gemalto’s report “Data Breach Index for the first half of 2015”,
the healthcare sector experienced the most recent data breaches of the 16 critical infrastructure sectors. Gemalto’s researchers estimated that out of 888 reported events, 188 were of the healthcare industry. The 6th Annual Benchmark Study on Privacy & Security of Healthcare Data by Ponemon Institute, almost 90 percent of healthcare organizations questioned, experienced a data breach in the last two years. In addition to that, 45 percent of them had more than five data breaches in the same period. The researchers also estimated that cyber-attacks could cost the healthcare industry $6.2 billion. Next to that, in its report 2017 Threat Predictions, McAfee Labs and Intel Security predicts that the healthcare industry would face new threats through connected devices.
Cyber Security for Healthcare
As hackers become more focused and sophisticated in time, the cyber security issues will continue to grow in 2017. In the example of healthcare, there are many areas of improvement, experts say.
Cyber security is not only a technology risk but a business risk as well. Therefore, at least one of the healthcare institutions’ executives should be well versatile in both. It is important to have a member of the management team who is savvy about cyber-security and can develop and execute the internal risk management strategy. Such a strategy may include educating employees at all levels about cyber-crimes threats, developing a proper plan for action in case of data breach.
Despite the growing threats of cyber-crimes, few U.S. healthcare institutions invested in a professional and well-coordinated cyber-security department. The designated cyber security team will be in charge for the development and execution of a security implementation plan, as well as for risk analysis. Other areas include managing the data breach properly if it ever happens.
Furthermore, it is also important to establish a solid security culture within the organization. The first step towards it is to educate the personnel at all levels and to conduct regular information security sessions on an ongoing basis.
Train your employees to disable remote sharing, to use a secure connection at the firewall and never to skip the regular software updates. Apart from that, make sure to use strong passwords and change them regularly. Discourage your employees from writing down passwords. You may also implement multifactor authentication and even fingerprint scans if needed. Use only encrypted connections.
It is also important to deactivate properly the accounts of former employees. In case you no longer need a specific software, make sure you fully uninstall it. If you need to dispose of old computers, sanitize them beforehand to ensure there is no data on them. To avoid potential data breach, you may also consider prohibiting network access by visitors.
The culture of commitment to the privacy and security of sensitive data is an ongoing effort. If healthcare institutions manage to achieve compliance, it could protect both themselves and patients.