SXSW: Three Cybersecurity, Remote Access Takeaways from Austin

The South by Southwest (SXSW) Interactive Festival wrapped up last week in Austin, Texas, where 65,000 industry movers and shakers learned about some of the most innovative technology expected to hit the market over the next few years. What was on the minds of presenters, panelists, and attendees alike? “The Future” – all of its possibilities and its promise. Given all of these technology advancements, it makes sense that some of the panels and conversations happening in Austin took on a more cautious tone and focused on the surrounding cybersecurity concerns. We’ve identified three panels from SXSW that addressed cybersecurity directly – or brought to light security issues that weren’t on the agenda – and provide these lessons for each. 1. ‘Everything is Connected, Everything is Vulnerable’ Marc Goodman is hardly the first network security expert to predict that cyberthreats will become increasingly pervasive and damaging in the coming years. But few people have gone into such detail about these threats, as Goodman did during his SXSW panel, “Future Crimes of the Digital Underworld.” Goodman, the author of “Future Crimes: Everything Is Connected, Everyone Is Vulnerable,” brought with him to Austin a laundry list of possible new targets for hackers, including but not limited to Internet of Things devices like pacemakers, baby monitors, insulin dispensers, and even drone aircraft. He warned, “We’re not going to solve these problems by burying our heads and pretending they don’t exist.” For network administrators, that means acknowledging that these devices could enter their workplace, and then taking steps to neutralize any threat they may pose. As we’ve written before when discussing the Internet...

Europe: More than Just ‘Stumbling Forward’ to Improved Cybersecurity

Two years ago almost to the day, months before cyberattacks entered the world’s collective consciousness, the European Union took the bold step of publishing an ambitious cybersecurity strategy. The strategy aims to outline the best path forward for identifying and responding to emerging digital threats. Orchestrators of the plan, “An Open, Safe and Secure Cyberspace,” believed that it would be a central step towards creating an environment in which the digital economy could thrive, having so far been largely isolated from attacks but known to be vulnerable. As the European Commission’s Catherine Ashton said, “For cyberspace to remain open and free, the same norms, principles and values that the EU upholds offline, should also apply online.” Since its inception in 2013, the EU’s Cybersecurity Strategy has focused on five pillars, namely: Achieving cyber resilience Reducing cyber crime Building cyber defense policies Deploying new cybersecurity technologies Creating a central international cybersecurity policy. Even in this short period of time, significant strides have been made towards adoption. The NIS Directive has been a cornerstone piece of legislation resulting from the plan. It requires EU member states to adopt a national strategy that “sets out concrete policy and regulatory measures to maintain a level of network and information security.” The Directive also requires private entities to disclose major cyberattacks. As Defense One points out, this amount of progress is no small feat, as institutions within the EU generally “stumble forward” because of the fragmentation that is inherent to the union. In the case of the Cybersecurity Strategy, three separate EU institutions – the Directorate General for Home Affairs, the European Council and European External Action...

The Trouble with the Endpoint

Much to the dismay of network administrators, IT security today is complex and multi-faceted, from the varied attack vectors to the different types of attackers themselves. But there is always one constant: the endpoint. When those endpoints are attacked, and end users cannot access services, data and applications, it is futile for a business to even host and offer them. The client, that is the device, not the human being using it, has undergone enormous changes over the last decade, thereby putting the burden on IT professionals to evolve their networks accordingly. The PC, with Windows 95, was the starting point. Next came myriad Microsoft operating system updates, followed by new form factors like tablets and smart phones, which introduced a whole new dimension. With each new client, the applications changed as well. Browsers and apps opened up unfamiliar, sometimes encrypted, and sometimes proprietary, data channels, from the Internet right down to the file system. And of course, attackers have kept track of those changes and adapted their methods accordingly over the years. To cope with these ever-evolving forms of attack, network administrators developed innovative defense mechanisms. Classic anti-virus tools were followed by sandboxes that tried to detect and block malware by offering these programs a limited, simulated runtime environment. The most recent approach uses micro-VMs, which try to contain malware within the kernel process level. Additionally, businesses now use a whole arsenal of security measures, ranging from the humble password to two-factor authentication, firewalls and encryption, to name but a few. And nothing is wrong with these measures. After all, an endpoint that uses anti-virus software is better...

Cyber Threats in 2015: New Attack Vectors, More Severe Incidents

One year ago today, Target was gearing up for Black Friday sales and projecting a strong end to the year. That was the company’s primary focus. The same could be said for Neiman Marcus and Home Depot. And no one had even heard of Heartbleed or Shellshock yet. Needless to say, much has changed in the last year. If 2014 ends up going down in the history books as the “Year of the Cyberattack,” then what does 2015 have in store for network administrators? We’re already started to see the predictions start to roll in, the first coming from the report, “The Invisible Becomes Visible,” by Trend Micro. The report paints the new network security threat landscape as becoming much more broad and diverse than it has ever been, evolving beyond the advanced persistent threats (APTs) and targeted attacks that have been the favorite weapon of hackers. Trend Micro CTO Raimund Genes told InfoSecurity that cyberattack tools now require less expertise to use and don’t cost as much. He listed “botnets for hire … downloadable tools such as password sniffers, brute-force and cryptanalysis hacking programs … [and] routing protocols analysis” as just a few of hackers’ new favorites. Given these new threats, how can network administrators shore up their network security for 2015 and beyond? The ‘Three-Legged Stool’ of Network Security As network administrators build out their network security infrastructure, it’s best to focus on the so-called “three-legged stool” approach – prevention, detection and response. Network security cannot be limited to simply installing prevention measures and hoping for the best. Why? Because there is no one universal, surefire way...

7 Security Threats You May Have Overlooked

If there’s been a silver lining to the string of devastating cyberattacks against some of the biggest organizations in the world over the last year, it’s that the list of “what not to do” has continued to grow, putting other companies on notice. If you use a third-party vendor, for example, make sure their networks are just as secure as your own. When there are known security vulnerabilities, reconsider using end of life operating systems like Windows XP on your devices. These are some of the most prominent recent lessons, but there are plenty of other threats to network security lurking just below the surface. And these are the vulnerabilities that attackers will look to exploit. After all, why would they target a well-defended vector when there may be an easier point-of-entry somewhere else? That would be like a burglar trying to break down a locked door, instead of checking first to see if maybe a window was left cracked open. In today’s business environment, the list of overlooked network security threats is endless. Information security professionals are modern-day gladiators, tasked with defending corporate data and networks against both known and unknown threats, but no matter how skilled they are, there will always be new threats to their networks. Here are seven to think about: 1. Rogue Employees 2. Delayed Device Deprovisioning 3. A Single, Vulnerable Security Vendor 4. Out of Date Software 5. Failure to Adapt to New Technology 6. Security Solutions and Policy Misalignment 7. Shadow IT REGISTER FOR WEBINAR Most working environments would be lucky to be vulnerable to only one of these. The reality is,...

Shellshock Leaves Deep Impact on Network Security

For the last 30 years, a common line of code found in a piece of software has quietly been a dormant security vulnerability – but now, news of the exploit has gone public, sending the network security community into reaction mode. The Shellshock vulnerability can be traced back to Bash, a command shell that is commonly used across the Internet on Linux and UNIX platforms. Bash translates user commands into language a computer can understand and then act upon. In the case of Shellshock, hackers could exploit Bash by issuing arbitrary software commands, potentially allowing them to control systems. In the immediate aftermath of Shellshock’s discovery, security experts claimed the exploit had surpassed last spring’s Heartbleed as the worst software vulnerability of all time. One reason is that Shellshock’s reach could be even greater than the Heartbleed vulnerability, which only affected software using the OpenSSL encryption protocol. Shellshock’s reach could even extend to Internet of Things devices, since their software is built on Bash script. For the last few weeks, website administrators have been making the necessary updates to protect users. Within a week of the vulnerability going public, Amazon, Google and Apple responded with patches and internal server updates. Even so, it will take some time for the fallout from Shellshock to subside. The Year of the Cyberattack Continues This year has not been kind to the network security community. Although the Target breach occurred in 2013, the fallout has continued well into this year. Then came attacks at Neiman Marcus, eBay and, just last month, Home Depot. And, of course, Heartbleed and Shellshock. Even in the last...