The Workplace of the Future and What It Means for Network Security

The convergent trends of BYOD, the consumerization of IT and mobility are causing rapid shifts in employees’ expectations for their work environment. Employees are driving the change by working remotely and on their own devices resulting in the workplace itself becoming increasingly flexible. These trends, combined with the blurring of boundaries between consumer and enterprise technologies due to them, necessitate IT departments everywhere having to rethink their network security infrastructure. It’s an undeniable fact that for many employees, the notion of having a physical office is becoming increasingly irrelevant. In fact, since 2005, there has been a more than 60 percent increase in the number of employees working outside of a traditional office environment, according to Inc. Magazine. Those remote and mobile workers are demanding tools that let them access corporate networks and resources remotely from anywhere at anytime. However, many businesses aren’t providing the technologies that employees need fast enough. This is evidenced by the fact that a recent Unisys study showed that 71 percent of the workers who are driving the uptake of technology in the workplace are using unsupported apps that are outside the control of IT. This is one example of how employees are using their devices unsafely, and IT staff must find ways to limit the risk to their networks. Both smarter approaches and better remote access technologies are required to keep networks safe while providing employees the remote access they need. As we’ve discussed before, an ounce of prevention is worth a pound of cure, and employee education can greatly aide in the prevention of a wide range of potential threats. Beyond making...

Target and Neiman Marcus Hacks: The Network Security Lesson to Learn

Even if you’re not one of the tens of millions of customers that have had your credit card data stolen and sold on the black market, you’ve almost certainly heard about the Target hack that occurred in late 2013. In that attack, over 40 million credit cards and the personal information of up to 70 million people were compromised. More recently, Neiman Marcus publicly acknowledged that its network had been breached. According to Jim Finkle and Mark Hosenball at Reuters, it was revealed this week that at least three additional well-known US retailers have experienced similar, though smaller breaches. These types of network infiltrations are alarming for consumers and enterprises alike, although there is a valuable lesson to be learned from them. Despite the fact that Target has not yet disclosed how the cyber criminals managed to obtain access to its network, an inside source who spoke to Reuters believes the attackers used a type of malware called a RAM scraper. RAM scraping, as described by Re/code’s Arik Hesseldahl, is an old attack technique that is usually disguised as something innocuous and consequently may enter networks for all the usual reasons – unpatched security vulnerabilities in the system, unsecure endpoints, a mistakenly opened email attachment, etc. Even though point-of-sale (POS) systems have extremely strict encryption requirements, there is one instance, literally only a couple of milliseconds, where credit card information is decrypted so it can be processed and charged. That’s when the RAM scraping malware attacks. The malware is designed to recognize certain data, such as credit card numbers, and immediately save that information to a text file that...

The Internet of Vulnerable Things: Why Remote Access Security is Critical

A new worm that targets embedded devices started to spread during the holiday season. The Zollard worm, which targets various devices running on Linux, has brought to light the numerous security vulnerabilities Internet of Things (IoT) endpoints pose for corporate networks. Researchers at Symantec discovered the worm just before Thanksgiving and said “it appears to be engineered to target the Internet of Things.” It works by leveraging a PHP vulnerability that was patched in May 2012, and attacks un-patched devices, such as Linux-based home routers, set-top boxes, security cameras and more. The worm generates IP addresses randomly, sends out HTTP POST requests and then spreads itself. As Joerg Hirschmann, CTO of NCP, mentioned in a recent InformationSecurityBuzz article, “with more devices requiring secure communications between not just end users, but other devices, enterprises need to start preparing for every device to become a potential attack vector.” The worm clearly presents a looming threat, especially considering it is built to attack IoT devices, such as those listed above, that are rarely, if ever, patched. Enterprises have a wide range of seemingly innocuous IoT devices connected to their corporate networks, including conference-room devices and printers, which can be single-purpose, but are built on a Linux platform with network connectivity that hackers can breach. Spencer McIntyre, security researcher for SecureState, said “They’re small enough that a lot of administrators forget they’re there and forget to patch them, change default passwords, and things like that. But they’re running software that is well-known enough to contain vulnerabilities that can be leveraged by attackers.” Enterprises can protect themselves by ensuring all of the devices accessing their...