Inoculate your computers from the Cyber Criminals

Cyber Criminals are developing new ways to attack and make money. Like all industries they want to make more money this year too. We have to learn to inoculate our computers so that we have as low a chance as possible to get infected.

We have to find ways to make this goal of theirs as difficult as possible.

This year I will lose 5 pounds –
This year we will make more money with plan ABC.
Funny thing about our aspirations, they seem to be hampered by our past decisions(I should not have eaten that extra piece of cake).
Or in Cybersecurity:
I know we did not patch these 5 computers, but the risk is low so we did not make the effort.

And lo and behold a new Intel Processor bug or flaw has been found(today 1/3/2018) that unfortunately is present in all Intel processors since 1995. Ars-Technica has a good explanation of this complex bug that ultimately needs to be patched by all Operating Systems. So look for this in the next patch update in your operating system patches.

There is a database in CERT that uncatalogued vulnerabilities:

At US-CERT number VU#584653 and the CPU bug has bene called ‘Meltdown’ and ‘Spectre’

New update — Google’s Project Zero found this bug last year sometime and disclosed it to manufacturers(Intel, AMD, and ARM). It seems AMD also has a variant of this bug.

This is a typical issue, as the computer manufacturers, and their peripherals are constantly running into old bugs. and racing to fix the bugs with patch updates. So there is a constant Bug -> Patch Update  process that leaves us always marginally secure even if we update on a regular basis.

In this particular case of the Intel bug, there is no patch from Microsoft yet (Day30 in my image below) it should come in 2nd week Tuesday January  9th. And likely the hackers have not developed malware yet. But for everyone that does not patch in the future (there are at least 20% of computers that do not patch on time) they will get hacked.

So as we discussed in the past in “From Vulnerability Found to Patched Safe”

The issue is to patch on a regular basis even though one has to reboot and lose capability(in this new patch resulting from Intel bug the system will run slower). In security one may want to have several different computer types even though that does not make it a “standard setup”.

 

To reduce Cyber Risk one may not be doing efficient actions, but it is an age old problem of more security == less function.

You can’t just walk out the door, you have to stop and use some time to find your key and lock the door.

In computers we have to patch computers and sometimes the patches are old patches  that have been around for ages, and if you do not patch a hacker will use a trick to hack you, use your computers for their needs.

 

Contact us to develop a process for you that will ensure your systems are patched properly.

 

January 4th: Added Google Project Zero information.

What will 2018 bring to Cybersecurity?

Happy New Year 2018 very soon!!!

This is a good time to review the technologies that are shaping our lives which means what to Cybersecurity?


Amazon, iPhone devices, Android devices… these are technological breakthroughs that are quickly changing their technological landscape to either enhance user friendliness and features or to be the better brand or flagship product type in the technological category they belong. This means more Internet connectivity, not less.

What does more Internet mean? Does more function mean less security? Based on statistics, one thing is for sure, this means cybersecurity will be more important in 2018. Because as you will see more connectivity means a ripple will cause more problems, so we _have_ to focus on cybersecurity a certain amount or this decision of apathy to cybersecurity will cause you regret.

If we look back to the year 2015, in one of our blogposts, we discussed the relevance of the Cisco VNI (Visual Networking Index) forecast. In 2015, the projection as to how many devices will be connected to the Internet to be an immense 24 billion devices by 2019. Current day VNI projection are showing a much larger number than the 2015 projection, with numbers now at 29.1 billion, although closer, we should get even better projections as time goes on.

What is the relevance of this then? It means the number of connections to the Internet has grown exponentially, no mention of the data usage we have when plugged in to the net. More devices, means more occurrences of net usage. More net usage means a wider variety of data transfer and traffic. More data traffic means more open opportunity to risk factors that may lead to higher risk in cybersecurity.

What is alarming is when we think about how much of that number is criminal traffic and how much of that is checking your defenses. We want to advance to a new level by increasing capabilities but we may be overlooking that more capabilities mean more chances of risk. In many cases, we don’t see the possibilities of where risk may come about, because we are focused on making it work or creating revenue. So do we see the increase of possibilities and opportunities that we have increases technological capabilities and Risk analysis complexity?

That is why, developing a risk analysis process is important. It is not only a review of how much and what kind of Internet occurrences you have but a check on the data load you use. Alongside this realization of data transfer, it is pertinent that you do optimal checks and create regular controls updates within your your organization. Having an external risk auditor will help a lot in knowing how much more protection you need to uphold or how much risk oversight you need to work on. If you value the investment you have worked on, it always pays back to also value its maintenance through cyber protection. Contact us, to learn more.

From Vulnerability Found, To Patched Safe

 

While we are preparing for the holidays and the New Year, may it be Christmas/ Hanukkah or otherwise, the hackers are also busy prepping for their busiest time of the year. Although the Holidays is a season to be jolly, it is not a reason to slack off in keeping up with your Cyber Security.

The following image shows a potential timeline of when a vulnerability is found, disclosed to public, Anti-virus software rewritten, patch released, and patch installed.

Notice there is a number of days with no defense in your machines, and that is why a patch that is released should be installed soon.

Why do we say that hackers are also busy? This is because when people tend to lower down their guard, thinking that everyone is busy with the flow of the season, it is also the time that our Cyber protection becomes lenient and weak. When the defense turns less, then the attacker works harder to find these weakness and then it snowballs.

The reason for the easy attacks by the criminal hackers is because we become complacent and do not patch vulnerabilities when we should, and as you can see the vulnerability has been known by the wily attackers for some time… which makes time your enemy.

 

Ever seen a honeybee hive? The bees defend their hives vigorously, regardless of the time of day or season of the year. They attack-to-defend, to secure the hive at the slightest sense of a perceived threat. That is how optimal your Cyber defense should work. That is how wide your Cyber security should be manifested. It should cover all impact levels and all angles whether the threat may be old or new, small or huge.

 

Just like the bees, to keep your system up to date in “sensing perceived threats”, regular sweep and periodic re-enforcement of defenses must be done by updating your system patches. Before running any computer patches on your system, it is always a good decision to perform a system backup at a certain point. This is for you to be able to reset your systems at its most recent format should the patch go bad in the middle of its installation.  Keep in mind that a patch is a fix to system vulnerabilities (that has been out for months), and it is only now that a fix has been created. Although it took time to create the patch, it is still imperative that the patch be run to ensure that probable threats to your system are reduced if not totally eradicated; and for your computer to work properly improving its performance and usability.

 

Question is, how do you know which patch to run? This depends on the probable risks you are able to determine, based on the major threats and concerns you have sited. To illustrate in a process map, think of it this way:

 

  1. Determine the major threats to your working system. Major threats are external forces that you have no control of, that may interrupt or invade your secure cyber space. This may include:

 

  1. Unauthorized access
  2. Insider threat
  3. Data loss due to external sharing
  4. Insecure interfaces
  5. Fraud / Hijacked accounts

 

  1. Next, determine the major concerns that you need to work on to defend your system against the major threats. Major concerns are the areas that cover the major threat and of which you have the capacity to control. Examples are:

 

  1. Data Loss / Leakage
  2. Privacy and confidentiality of information
  3. Legal and regulatory compliance
  4. Compromised security

 

  1. Identify the impact of the threats and the likelihood that they will occur affecting your major concerns. This depends on your usage to the system. These are the magnitude of the identified Risks that you need to work on. Remember the formula for risk analysis as:

 

Risk = Likelihood * Impact

 

The higher the impact of the major threats, the higher the risk factor.

 

  1. Determine the controls and oversite that you need to work on and improve/update your network processes to fix or to be ready to defend your systems aggressively. This is where necessary patching comes in.

 

Since patching is a strenuous process (doing back up, uninstalling all system instances, then patching), it is where most people slack off. You cannot expect not to be robbed if the gate of your house is closed but the front door is open. It may take a while getting used to checking for bug fixes, but vigilance is the key to reducing risks.

 

So if we patch less (due to holidays or otherwise) and we are not as vigilant as we should be amidst the season break, then … you can expect that Hackers are indeed getting busy.

Contact us this year or next to discuss your details.

Cybersecurity: Grin and Bear It

We must have Cybersecurity no matter the business.

No one wants the criminal hackers to have a say in our legitimate business. It will not only bring risks into your business; it may even bring unwanted losses or even damage to our reputation.

Cybersecurity is like securing your home every time, whenever, or wherever you may be. Security and safety is not only checking on your doors, your windows or parts of your house that can easily be invaded by unwanted criminals but also making sure that these areas remain locked with a higher defense mechanisms. Also look beyond what may attack or put your house in danger, whether this may be seen or unseen, or at times may be incidental.

Imagine your house is situated on a very busy highway. How do you go about protecting it? How will you manage putting up a higher defense that could secure your house not only of direct attackers, but also of passers-by that might indirectly put your safety into jeopardy? It will be a judgement call on the kind of defense that you choose. A well-thought-of-decision as your defenses should always be up, whether you are awake, asleep or away from your home.

So how do we decide on what to do? If we know that we need it (like a lock in your house or apartment). What kind of lock do we buy? So how do we decide on what to do? If we know that we need it (like a lock in your house or apartment). What kind of lock do we buy?

Is cost a deciding factor? Or is it the integrity and evidence of protection bring more weight?

Enough with the analogies… We have to spend some money on security the question is how much and what do we buy?

Here are some truths that you may want to contemplate on as you decide on what to use for your base security:

  1. Even though anti-virus software is only 50% effective these days, we have to have some.  We have to protect ourselves from all the recirculating old viruses running around.
  2. We have to have a next generation firewall, as this firewall uses the latest techniques to to protect and remove some more unwanted software (malicious software or malware)
  3. The next step really depends on what you have to defend – if you do a lot of credit card transactions at a retail level with standard credit card machines then you have to place the CC systems on a separate network called a VLAN (Virtual Local Are Network).

 

Cybersecurity must defend everything you use: Windows, Linux, Apple operating systems, firewall, vpn access, data-hard drives, the cloud, notebooks, mobile devices, wifi, network switches and more. Small oversight issues in most cases bring about more damage to your business, to your pocket or even your reputation. So, think about these first, so that you can decide conscientiously for your Cybersecurity.

So it depends on how and what you use on whether a higher Cybersecurity posture is needed.

Did you know the hackers are taking advantage of weak defenses with regard to any part of your network. Unfortunately it takes more vigilance than just having IT people on staff. It requires independent review to ensure as much as possible that the devices have defenses up to where they should be.

I say “Grin and Bear IT”  to make sure you understand even a review of defenses is important .

We can help you review by using industry established methods within ISACA and the CISA (Certified Information System Audit ) rules.

There are constant new patches for cybersecurity reasons, example: “ROBOT” capitalizes on `9-year old vulnerability and vendors issue patch.  

As you see 19years ago a flaw was introduced in encryption software that is now inherent in most software. In the coming days and weeks many vendors will patch their software. If you do not have a system of patching and checking your computer machines.

Contact US to get your site audited and reviewed.