IBM expands the role of its hybrid-cloud security package

in ,

IBM is expanding the role of its security-software package for hybrid-cloud deployments by improving the gathering of security data collected within customer networks and drawing on third-party threat-intelligence feeds, among other upgrades.

IBM’s Cloud Pak for Security, which features open-source technology for hunting threats and automation capabilities to speed response to cyberattacks, can bring together on a single console data gathered by customers’ existing security point products.

IBM Cloud Paks are bundles of Red Hat’s Kubernetes-based OpenShift Container Platform along with Red Hat Linux and a variety of connecting technologies to let enterprise customers deploy and manage containers on their choice of private or public infrastructure, including AWS, Microsoft Azure, Google Cloud Platform, Alibaba and IBM Cloud.

[Get regularly scheduled insights by signing up for Network World newsletters.]

“Customers are overwhelmed with point security products—the average customer has more than 50—that make gaining insights and quickly responding to threats and attacks difficult,” said Justin Youngblood, vice president of IBM Security.

Cloud Pak for security was rolled out about a year ago, and a new release expands its integration capabilities to include feeds from data stored and accessed from distributed locations. The system now supports IBM’s Security Guardian system that Big Blue offers to protect databases, data warehouses and big data environments such as Hadoop.

With that information, the security team can determine where sensitive data resides across hybrid-cloud environments, as well as who has access to it, how it is used and the best way to protect it, Youngblood said.

Historically, customers have had different, siloed teams such as security operations management and data management that take care of databases, for example, and getting the information from those two groups to solve problems was slow and difficult, Youngblood said. Cloud Pak for Security coordinates security and data on one console so customers can more quickly remediate problems or define automated responses to threats, Youngblood said.

IBM said that the current Cloud Pak for Security release includes 25 pre-built connections to IBM and third-party data sources as well as 165 case-management integrations which describe out-of-the-box automation and orchestration playbooks to streamline response actions for security teams.

What comes next? Preparing for the future of IT

The new release also includes support for multivendor threat-intelligence databases.  Aside from its own X-Force Threat Intelligence Feed, the platform will also include pre-built integration with  AlienVault OTX, Cisco Threatgrid, MaxMind Geolocation, SANS Internet StormCenter and Virustotal.

“The idea is to help customers get enriched, up-to-date threat information from as many sources as possible so they can accurately and quickly respond to a threat situation,” Youngblood said. He said the continued integration of security intelligence is important as customers tie in more resources from cloud providers and support growing COVID-era remote-network workloads.

IBM said it will also offer a new managed service offering based on Cloud Pak for Security that would offer enterprise customers or other service providers a turnkey platform to support end-to-end threat management.

 

We’re Cloudscape.

We believe you should have the best backup solutions for your business.

We’ll get to know your business and determine the most appropriate solution to meet your technical requirements while being commercially sensible in cost and productive with time.

If you feel that your data isn’t being backed up correctly, please get in touch.

 

News Source: https://www.networkworld.com/

The 5 Biggest Cloud Computing Trends In 2021

in ,

The events of 2020 have turned most predictions for 2021 on their head. Top trends such as artificial intelligence (AI) and the internet of things (IoT) will still define the ways in which tech reshapes our lives in the next year. However, the most significant use cases now involve helping us to adapt and survive in the changing times we are living through.

No trend is more relevant to this than cloud computing. Cloud is the backbone of the data-driven, app-based tech ecosystem that has been vital in helping us manage this change. Everything from contact tracing to home delivery services, remote medicine, and working (and playing) from home has been revolutionized by cloud services.

Throughout 2021, we can expect to see the rate of this change accelerate as more businesses get to grips with adopting cloud models, and delivery of data from the cloud to our devices becomes more integral to our daily lives. Here are some of the ways in which I can see this playing out over the course of 2021:

 

1. Multi-cloud approaches will lead to a breakdown of barriers between providers

Currently, the big public cloud providers – Amazon, Microsoft, Google, and so on – take something of a walled garden approach to the services they provide. And why not? Their business model has involved promoting their platforms as one-stop-shops, covering all of an organization’s cloud, data, and compute requirements. In practice, however, the industry is increasingly turning to hybrid or multi-cloud environments (see below), with requirements for infrastructure to be deployed across multiple models.

What this means is that there are growing calls for the big providers to create bridges between their platforms. This runs contrary to their business models, which are reliant on an ability to upsell greater cloud capacity as well as additional services as their customer’s scale. Adopting a more collaborative approach doesn’t just enable customers to take greater advantage of the fast-growing multi-cloud trend, though. It will also benefit organizations needing to share data and access with partners in their supply chain, which may all be working across diverse applications and data standards. This is also space where we are likely to see growing levels of innovation from startups, creating services that simplify the process of operating between different public cloud platforms.

 

2. AI will improve the efficiency and speed of cloud computing

As far as the cloud goes, AI is a key enabler of several ways in which we can expect technology to adapt to our needs throughout 2021. Cloud-based as-a-service platforms enable users on just about any budget and with any level of skill to access machine learning functions such as image recognition tools, language processing, and recommendation engines. Cloud will continue to allow these revolutionary toolsets to become more widely deployed by enterprises of all sizes and in all fields, leading to increased productivity and efficiency.

Autonomous vehicles, smart city infrastructure, and pandemic response planning are all fields of research where the effects of smarter algorithms delivered through cloud services will be felt. Machine learning also plays a big part in the logistics processes that keep cloud data centres up and running. Cooling systems, networks of hardware, and power usage in these delicate and expensive environments can all be monitored and managed by AI algorithms in order to optimize running efficiency and minimize their impact on the environment. Research and development in this field are likely to continue to lead to new breakthroughs in data centre speed and efficiency.

 

3. Gaming will be increasingly delivered from the cloud, just like music and movies 

Amazon most recently joined the ranks of tech giants and startups offering their own platform for cloud gaming. Just as with music and video streaming before it, cloud gaming promises to revolutionize the way we consume entertainment media by offering instant access to vast libraries of games that can be played for a monthly subscription. During 2020, services were launched by Google, Microsoft, and Nvidia, while Sony’s has been available for several years now. Even though new Xbox and Playstation consoles are being developed, costing around $500, industry experts are predicting that the days when we need to spend hundreds on new hardware every few years to stay at the cutting edge of gaming may be drawing to a close, thanks to the coming-of-age of cloud gaming.

 

4. Hybrid and on-premise cloud solutions grow in popularity

Choosing between a public, private, or hybrid cloud environment has proved challenging for some organizations. Each route offers advantages and disadvantages when it comes to flexibility, performance, security, and compliance. But as cloud ecosystems have matured, many have found there’s no magic one-size-fits-all solution on the shelves. Hybrid or multi-cloud environments, where users pick and choose the individual elements of service providers’ offerings that suit their needs, have grown in popularity, leading to a situation where those providers have begun to reassess their models of delivery.

Amazon and Google, for example, have traditionally been market leaders that relied on selling their customers space on their public cloud platforms, whereas Microsoft and IBM have been more flexible with enabling users to deploy their cloud tools and technologies across their existing, on-premises networks. Now it seems that these providers have woken up to the need for different platforms and approaches within organizations – perhaps utilizing the public cloud to provide content delivery while storing and processing customer data and other controlled information via private or on-premise solutions. There will also be a growing demand for “bare metal” cloud space – raw storage and compute power where businesses can simply “lift and shift” their existing systems into the cloud without having to adapt them to run on pre-installed software or services. The need to consolidate these user requirements will be a driving force behind the direction in which cloud services evolve throughout 2021.

 

5. More of us will be working on Virtual Cloud Desktops

This is basically where the entire environment of our workstation is delivered as a managed cloud service to our laptop or desktop screen where we work. This means that organizations can take advantage of by-the-hour subscriptions for the time their employees spend working at their machines, eliminating the cost of hardware updates and the need to dispose of redundant technology.

Sometimes known as desktop-as-a-service, this model of computing is offered by Amazon via the Workspaces platform and Microsoft with Windows Virtual Desktop. Google also offers functionality through its Chromebook devices. In practice, this can increase efficiency across a workforce by ensuring everyone is using up-to-date, synchronized technology. It also benefits security as all devices can be managed in a centralized way, rather than having to make sure everyone on the network is following best practice. When people join or leave a company, the cost simply scales up as the number of hours spent using the platform increases or decreases. This flexible functionality means virtual desktop services are likely to become increasingly popular in the coming years.

 

We’re Cloudscape.

We believe you should have the best backup solutions for your business.

We’ll get to know your business and determine the most appropriate solution to meet your technical requirements while being commercially sensible in cost and productive with time.

If you feel that your data isn’t being backed up correctly, please get in touch.

 

News Source: https://www.forbes.com/

Marriott Hotels fined £18.4m for data breach that hit millions

in ,

The UK’s data privacy watchdog has fined the Marriott Hotels chain £18.4m for a major data breach that may have affected up to 339 million guests.

The Information Commissioner’s Office (ICO) said names, contact information, and passport details may all have been compromised in a cyber-attack.

The breach included seven million guest records for people in the UK.

The ICO said the company failed to put appropriate safeguards in place but acknowledged it had improved.

The first part of the cyber-attack happened in 2014, affecting the Starwood Hotels group, which was acquired by Marriott two years later.

But until 2018, when the problem was first noticed, the attacker continued to have access to all affected systems, including:

  • names
  • email addresses
  • phone numbers
  • passport numbers
  • arrival and departure information
  • VIP status
  • loyalty programme numbers

 

On that basis, the ICO said Marriott had failed to protect personal data as required by the General Data Protection Regulation (GDPR).

In some ways, you can feel sorry for Marriott.

In all the boardroom discussions about the company’s takeover of Starwood, I bet it never realised that a hacker was already lurking inside the valuable databases they were buying.

The cyber-criminals had been in the systems for years and were effectively thrown into the merger deal without Marriott having a clue.

Herein lies the issue, though – it seems the larger hotel didn’t check what it was buying.

The ICO report makes clear Marriott beefed up the security of Starwood’s IT systems far too late and the hackers had free rein to move around, cherry-picking the data that would sell best on criminal forums.

The fine is nothing like the £99m the ICO planned to issue, but it’s still a massive deterrent for future companies.

It may make executives planning their next big mergers look more carefully and cautiously at the databases they’re about to acquire.

“Millions of people’s data was affected by Marriott’s failure,” commissioner Elizabeth Denham said.

“Thousands contacted a helpline and others may have had to take action to protect their personal data because the company they trusted it with had not.”

Different types of data were exposed for different guests, and some of the estimated 339 million may have represented duplicate records for repeat guests, making an exact count impossible.

Despite imposing a fine, the ICO acknowledged that Marriott had acted quickly once it found the flaw, and had improved its systems since.

In a statement, Marriott wrote that it “deeply regrets the incident”.

“Marriott remains committed to the privacy and security of its guests’ information and continues to make significant investments in security measures for its systems.

“The ICO recognises the steps taken by Marriott following the discovery of the incident to promptly inform and protect the interests of its guests,” it said.

 

We’re Cloudscape.

We believe you should have the best backup solutions for your business.

We’ll get to know your business and determine the most appropriate solution to meet your technical requirements while being commercially sensible in cost and productive with time.

If you feel that your data isn’t being backed up correctly, please get in touch.

 

News Source: https://www.bbc.co.uk/

Cybersecurity: One in three attacks are coronavirus-related

in ,

The UK’s National Cyber Security Centre (NCSC) is ‘stepping up support’ for the National Health Service to help protect UK hospitals and other healthcare organisations against cyberattacks.

The NCSC’s Annual Review 2020 reveals that the cyber arm of GCHQ has handled more 200 cyber incidents related to coronavirus during the course of this year – almost a third of the total number of incidents it was called in to help with over that period.

And due to the urgency of securing healthcare during the coronavirus pandemic, the NCSC has been helping the NHS to secure itself against cyberattacks.

That includes performing threat hunting on 1.4 million NHS endpoints in an effort to detect potentially suspicious activity and scanning over one million NHS IP addresses to detect cybersecurity weaknesses.

“The second half of the year for us, as it has for everyone else, has been dominated by the response to COVID,” said Lindy Cameron, CEO of the NCSC.

“What we’ve done as an organisation is really pivot towards the health sector to try and give them the best support we can in thinking about their cyber defence to let them focus on responding to the pandemic,” she added.

The NCSC also helped roll out Active Cyber Defence services, including Web Check, Mail Check and protective DNS, to 235 front-line health bodies across the UK, including NHS Trusts to help protect them against phishing attacks and other threats.

“We’ve taken our active cyber-defence portfolio and pivoted it towards the health sector with 230 health bodies using our active cyber defence. That’s all part of the support we’ve given to NHS Digital to help them help the health sector,” Dr Ian Levy, NCSC technical director, told ZDNet.

“We’re stepping up our support quite significantly,” he continued, adding: “Obviously it’s still for individual trusts to protect themselves along with NHS Digital and ourselves, but we’re really trying to take them the knowledge about the threat and actioning support in the sector at large”.

More than 160 instances of high-risk vulnerabilities have been shared with NHS Trusts during the course of this year while the NCSC has also had to deal with over 200 incidents related to the UK’s coronavirus response – including Russian cyber espionage targeting coronavirus vaccine development.

The 200 coronavirus-related incidents make up a significant chunk of the total number of 723 cyberattacks involving almost 1,200 victims that the NCSC has helped deal with during the course of the past year, a figure up from 658 in the previous year – and the highest number of incidents since the NCSC was set up. It’s also a number that’s likely to continue rising as cybercriminals get more ambitious.

The review also notes that the NCSC has dealt with three times more ransomware attacks than it did last year as attacks become more targeted and more aggressive.

“The expertise of the NCSC, as part of GCHQ, has been invaluable in keeping the country safe: enabling us to defend our democracy, counter high levels of malicious state and criminal activity, and protect against those who have tried to exploit the pandemic,” said Jeremy Fleming, director of GCHQ.

“The years ahead are likely to be just as challenging, but I am confident that in the NCSC we have developed the capabilities, relationships and approaches to keep the UK at the forefront of global cybersecurity,” he added.

 

We’re Cloudscape.

We believe you should have the best backup solutions for your business.

We’ll get to know your business and determine the most appropriate solution to meet your technical requirements while being commercially sensible in cost and productive with time.

If you feel that your data isn’t being backed up correctly, please get in touch.

 

News Source: https://www.zdnet.com/

Defending Against the Dark Web – Dark Web Monitoring

in ,

Every year billions of identity records find their way onto the web through data breaches.  This represents hundreds of millions of compromised online accounts, with much of this data finding its way into the depths of the dark web.

While good password management practices are crucial, they only go so far in terms of protecting your data, as your information can find its way onto the dark web through no fault of your own.  The scale of the problem means that it’s inevitable that your data will, sooner or later, end up on the dark web.  Once it’s there, there is no getting it back, but by knowing it’s there you can take action to secure online accounts before serious harm can occur.

 

Dark web monitoring – your last line of defence against Dark Web criminals

Dark web monitoring services scour the corners of the dark web where stolen data is frequently sold using tools called “scrapers” and “web crawlers.”  These services monitor the dark web and can be used to spot stolen information such as:

  • Usernames
  • Passwords
  • Email Addresses
  • Credit card numbers
  • Financial Account information
  • Personal ID numbers

They monitor activity across various types of dark web locations, including:

  • Chat spaces and Forums
  • Blogs
  • Social media sites
  • Web Pages
  • Peer-to-peer sharing networks
  • Web Services, servers and file transmissions

Beware of the difference between Dark Web Monitoring and Dark Web Scans.  Scanning tools allow you to scan the dark web at a point in time, whereas a monitoring service operates continuously, meaning there’s a greater chance of spotting stolen data early, enabling damage-mitigating action to be taken.

As soon as your information is discovered on the dark web you’ll be notified and can then take the necessary steps to secure your account(s).

 

What action should I take if my information is found on the dark web?

Change Passwords

You should change the password of the affected account as soon as possible.  If any other accounts share the same (or similar) password ensure you change these immediately too.

 

Contact your bank and inform them of the situation (if applicable)

If financial information is uncovered on the dark web you should contact the relevant Financial service provider and explain the situation.  Affected accounts will be frozen and remedial action might involve opening new accounts with new cards.

 

Examine account statements (if applicable)

Examine recent account activity for suspicious transactions.  Notify your bank or card provider of any transactions that you didn’t make to avoid being held liable.

 

Monitor your credit reports

If the online criminals gather enough articles of identifying information they may be able to use it to commit identity theft.  Often criminals use a stolen identity to apply for credit cards and take out loans in the victim’s name, so examine your credit reports and look for loans, card applications and other activity that you don’t recognise.

 

Dark Web Monitoring is not a ‘fix all’ solution

Dark Web Monitoring helps you catch data that has slipped through the net into the criminal underworld, however, it has its limitations.  Monitoring shines a light on the more accessible areas of the dark web, areas identified as being hotpots for the trading of stolen information.  It doesn’t however monitor the dark web in its entirety, as it would be impossible to routinely monitor the vast number of possible site addresses that could exist.  It’s also important to remember that monitoring doesn’t necessarily identify information at first exposure, meaning damage could occur to your accounts long before dark web monitoring spots your credentials.

However, combined with a comprehensive data security strategy that includes strong password protection and watertight authentication protocols, Dark Web Monitoring is a useful tool to help you counter the forces of darkness that exist of the infamous Dark Web.

 

Struggling to find a solution that fits around your business?

At Cloudscape, we use our extensive experience to deliver custom-fit technology solutions to SMEs in London and the home counties. Technology should serve your business’ aims and aspirations, it shouldn’t be something to mould your operation around. We are experts in Cloud-computing and we know how empowering Cloud Services can be when leveraged correctly, so let us help you tailor Office 365 so that it works for your business and the unique challenges you face. Call us on 0207 952 8123 or send us an email info@cloudscape.it.

Defending against the Dark Web – How to keep your Data out of the hands of cybercriminals

in ,

Now that we’ve looked at what the Dark Web is and how data can end up on it, let’s explore some of the simple steps you can take to ensure your business’ sensitive data doesn’t find its way into the hands of dark web criminals.

In April of this year, video conferencing platform “Zoom” suffered a data breach which led to the release of over half a million account logins onto the dark web.  Events of this nature are often highly publicised leading users to feel frustrated and angry at their details being compromised, and rightly so!

While you don’t want any of your accounts to be compromised, in some cases damage can be avoided by simply changing your account login details after becoming aware of the breach.  However, this won’t be the end of the story if you and your staff routinely practice poor password hygiene…

 

Recycling is great…but not when it comes to passwords!

For every online profile you set up, you should configure a unique, complex and long password.  Each password should bear no resemblance to that for any other account, and you should avoid using words, phrases or number/letter sequences that have any personal meaning to you.

Ensuring each password is unique is particularly important, as using identical or similar passwords for multiple accounts may allow hackers to wreak havoc across your digital estate using a  technique known as ‘credential stuffing.’

 

What is Credential Stuffing?

Basically, it involves hackers either acquiring or buying a bundle of stolen account credentials and then trying each login on a number of other sites in the hope of gaining access.  This technique leads to success for the hackers due to the fact that an estimated 73% of passwords are duplicated (according to Microsoft).  Even if a user changes their password on the breached account, the stolen credentials may be the key to another account somewhere on the web.

Sometimes the hackers also take the stolen credentials and apply variations to them to gain access to other accounts.

 

Password practice – 15 ways to keep your accounts secure

We’ve outlined the importance of long, complex and unique passwords, but what else can you do to keep your account impenetrable?

Use password encryption

Non-reversible, end-to-end encryption adds an extra layer of protection to passwords in transit and in the event that a data breach should occur.

 

Deploy multi-factor authentication

Multi-factor authentication requires the additional access criteria to be met in addition to a correct username/password combination.  This additional piece of information could be:

  • Something only the authorised user would know. A pin, answer to a security question etc.
  • Something only the authorised user would possess. This might involve sending a code via text message to the user’s smartphone to verify identity.
  • Biometric data. Facial recognition, fingerprint or voice recognition data.

Now widely available, you may be able to activate multi-factor authentication within the apps and services you currently use.

 

Test Passwords

Password testing tools are available online to help you determine the strength of your account passwords.  Microsoft’s Safety & Security Center also contains such a tool.

 

Avoid Dictionary words

“Dictionary Attacks” involve the use of software programs which cycle through tens of thousands of dictionary words in the hope of finding a match.  Sometimes additional characters are added to common words too, so to stay safe it’s best to avoid dictionary words altogether.

 

Keep mobile devices secure

With mobile devices increasingly being used for business purposes, device security has never been more vital.  A lost or stolen device can easily be compromised unless strong access controls are implemented.  Secure all portable devices with pin/password protection as well as a fingerprint or facial recognition controls where available.

 

Don’t ask employees to change passwords frequently

While this may seem counterintuitive, requiring users to change passwords regularly has been shown to increase the likelihood of password duplication.  There also an increased chance of passwords being written down.  Only request that users change passwords when a threat to account integrity is uncovered.

 

Apply special protections to “Privileged Accounts”

Consider using the likes of PAM (Privileged access management software) to apply extra safeguards to privileged accounts, which are prized targets for cybercriminals.  Unlike general user accounts, privileged account credentials should be changed on a regular basis.

 

Be mindful of the information you put online

Phishing scammers often use publicly available information in order to steal account information.  They may use the information you make public via social media or even your business’ website in order to impersonate trusted individuals with close links to your business.

 

Don’t manually record passwords

Recording account credentials on paper or digitally is a risky business.  Such records could end up getting lost or stolen and could give criminals widespread access to your sensitive data across multiple accounts.

 

Guard against malware!

You password management efforts will be for nothing if malware present on your system allows hackers to record your every keystroke.  Deploy technical measures to scan for and deal with malware, such as anti-virus software and vulnerability scans.  Ensure software and operating systems are well maintained to minimise points-of-entry for hackers.

 

Use a Password manager

Password managers allow you to safely and securely store all your account passwords in one place behind a wall of encryption.  Password managers can also be used to create and store highly-secure autogenerated passwords designed to give maximum security.

Just make sure that you set up a strong master password!

 

Struggling to find a solution that fits around your business?

At Cloudscape, we use our extensive experience to deliver custom-fit technology solutions to SMEs in London and the home counties. Technology should serve your business’ aims and aspirations, it shouldn’t be something to mould your operation around. We are experts in Cloud-computing and we know how empowering Cloud Services can be when leveraged correctly, so let us help you tailor Office 365 so that it works for your business and the unique challenges you face. Call us on 0207 952 8123 or send us an email info@cloudscape.it.

The Shady Side of the Internet – The Dark Web

in ,

You’ve probably come across the term “Dark Web” at some point, but what does this somewhat ominous term refer to?

Dark Web refers to sites that are hosted behind several layers of encryption, and because of this encryption, the site operators and contributors remain hidden as it is very tricky to trace a Dark Web site back to the source.  Most of these sites are used for a wholly or partially illegal purpose, as their clandestine nature means morally questionable activities can be carried out under a veil of secrecy and anonymity. Without going into the unpalatable details, many sites on the Dark web are used for purposes such as:

  • The distribution of illegal drugs.
  • Gathering spaces for extremist ideologies
  • The sale of counterfeit documentation
  • The sale of illegal weaponry
  • Human trafficking activities
  • The sale and distribution of stolen goods.
  • The sale and distribution of stolen data.

It, therefore, goes without saying that the dark web is home to some very unsavoury characters.

It is also used by individuals who are intensely paranoid about their online privacy, particularly concerning their communications. While online privacy is a concern for many, there are definitely better ways to conceal private conversations than taking them into a seedy criminal underworld that’s rife with malware.

 

I don’t think I’ve encountered such sites, how do you access them?

You cannot stumble across a dark web site through a Google search, to find the dark web you have to go looking for it.  And while much of the activity on the dark web is illegal, browsing the sites is not – although it’s something we certainly wouldn’t recommend!

Dark Web sites exist behind encryption, so in order to access a site, you have to use the same encryption tool as the site you’re trying to access.  You also have to possess the site’s URL, as you cannot access dark web sites via domain name searches.

Again, accessing the dark web is a risky business and we strongly advise against it.  You may encounter criminals, be exposed to a range of extremely potent malware designed to steal your data or inadvertently engage in activity that could be considered a criminal offence.

 

So why do I need to know about the Dark Web?

It’s important to be aware of the Dark Web from an online security perspective.  As we’ve mentioned, criminals use the dark web to trade illegal commodities, and one of these commodities is stolen data.  Indeed, if you were to suffer a data breach carried out by a cybercriminal there the chances of your data being traded on the dark web is relatively high.

 

How could my data end up on the Dark Web?

Dark web criminals use a number of methods to steal valuable data:

Malware

Hackers use a variety of malware types to harvest data from various settings.  Most types are designed to extract login credentials, particularly those used to access banking sites or sites that allow the hacker to leverage some kind of financial reward from the account information.  Keyloggers, info stealers and banking malware are common examples and are often picked up through malicious email attachments, drive-by downloads and interactions with malicious websites.

Phishing scams

Phishing scams involve the use of social engineering to encourage victims to voluntarily hand over personal information.  The scammers often masquerade as a trusted organisation or someone known to the victim in order to build a bond of trust before requesting information (again, usually login details).  Phishing scams can be avoided if you know what to look out for, so staff training is one of the best way businesses can defend themselves against Phishing fraudsters.

Weak account protections

Hackers use methods such as Brute force attacks in order to gain access to online accounts.  The weaker the account password the greater the chance that such an attack will be successful.  Once the hacker knows your password they might use it to make purchases or steal money from an account.  Alternatively, they could bundle it into a collection of stolen account credentials and sell this bundle on the Dark Web.

Unsecure connections

Techniques such as ‘man in the middle attacks’ allow hackers to intercept data travelling across insecure networks such as public WiFi.  Levels of security on such networks are often low, leaving users vulnerable to a range of attacks.

Sometimes ‘rogue hotspots’ are also used.  This involves the hacker setting up a public Wi-Fi portal that imitates a legitimate hotspot nearby.  These hotspots can then be used to listen in on traffic, distribute malware or even direct users towards malicious websites.

Attacks on large companies

The databases of large corporate entities are a prized target for the most sophisticated cybercriminals.  Social media giants, software-as-a-service companies and financial institutions have to spend large sums of money on cybersecurity, in order to defend the vast quantities of customer data they hold in their servers.  While such breaches are relatively uncommon when they do occur attacks can result in millions of articles of sensitive data being leaked onto the dark web.

 

Struggling to find a solution that fits around your business?

At Cloudscape, we use our extensive experience to deliver custom-fit technology solutions to SMEs in London and the home counties. Technology should serve your business’ aims and aspirations, it shouldn’t be something to mould your operation around. We are experts in Cloud-computing and we know how empowering Cloud Services can be when leveraged correctly, so let us help you tailor Office 365 so that it works for your business and the unique challenges you face. Call us on 0207 952 8123 or send us an email info@cloudscape.it.

How a remote workforce is shifting priorities

in ,

The pandemic has accelerated the move to digital transformation, forcing IT and cybersecurity teams to evaluate how they work to ensure that organizations remain secure. In particular, challenges have included the widespread adoption of hardware packages but also guaranteeing that employees have 24/7 access to their organizations’ IT infrastructure and files that are essential to work.

When reflecting on LogMeIn’s journey during the pandemic, it’s hard to imagine that it has been six months since we transitioned nearly 4,000 employees to a complete global work from home policy for the duration of the COVID-19 situation. Of course, the majority of CIOs also had to make this decision, but as a SaaS provider of remote work solutions, I had the extra pressure of aiding our customers to do the exact same. It’s staggering to think that at the height of lockdown, the use of our remote access services increased by 300%.

The pandemic has shone a light on what organizations can do to help others, for me and my team helping our community connect with their colleagues easily and safely with the use of our products has remained at the forefront throughout and has driven us to continue improving.

From equipping employees with devices to ensuring remote access while maintaining compliance and security – there were many critical pieces to consider to keep a company’s operations running from afar. In the absence of company-issued devices, some had to quickly develop ‘zero-touch device delivery’ plans. And while collaboration tools have proven essential in keeping teams connected and foster productivity, many had to tackle quickly implementing these tools and onboarding teams. Above all, the coordination between IT, Security, HR, and Business Operations in continuity plans cannot be overstated. Seamless interaction and decision making among these teams was key to successfully executing plans.

Preparing for increased data traffic

The huge number of remote workers around the globe has created unprecedented network traffic. IT teams have had to implement real-time monitoring to manage capacity and scalability. Product and operations teams must continue to be fully functional even though they are remote from each other. Our capacity management teams focused on capacity validation in light of the increase in the use of our video conferencing and remote access solutions, GoToMeeting and GoToMyPC.

While designed to scale, we have had to significantly increase server capacity, CPU allocations, memory and network capacity. We used a combination of colocation data centres and a large public-cloud infrastructure globally to ensure this flexibility for internal teams and our customers.

Benefits of a decentralized structure

Having a decentralised structure has proven to be a winning strategy. This allowed us to operate contact points for incidents at multiple locations around the world and to respond quickly to individual disruptions on our own network. As LogMeIn is cloud and SaaS-based, so our customers can be productive from anywhere and have access to essential business tools from outside the office.

Increasing overall security

With this increase in the network activity, also comes increased security risks. IT and security teams are continually tracking new user behavior, while ingesting threat reporting on COVID-19 threats. A remote workforce requires IT to ensure employees have access to the resources they need, all while maintaining security throughout the business. This has required deploying remote access tools, updating single sign-on policies and increasing multi-factor authentication to ensure that all materials are secure and accessed by the right person. It has been a fine line for our customers to walk, but we are leading by example through the internal use of our products.

The creation of virtual war rooms

During other disruptions in operations, IT leadership would typically assemble a “war room” to tackle the challenges head-on. But in this crisis, where leadership and operations teams are dispersed, we have been forced to create a “virtual war room.” This has certainly changed the dynamics and created the need for new processes and approaches. Communication and the chain of command must be made clear and known by all parties. IT teams must adapt quickly, as there’s no time for second-guessing.

What can be expected

It’s vital that businesses have a contingency plan in place to ensure that they are prepared for future scenarios. In today’s work environment, we can accurately see what IT equipment employees have, what new equipment had to be deployed for the new normal of working from home, how quickly systems could be set up and running and the time frame it took to go back to normal IT work. Alongside a contingency plan and the development of guidelines, IT teams must continue to focus on how current processes and systems are run and what they need to do to guarantee that they can continue working with no unexpected issues.

Due to the quick shift to remote working, it is essential that companies take care of their digital transformation. At present, they are realizing the underlying value of digital work and have identified where they might need to strengthen their digital transformation in the long term. It’s vital that organizations now not only improve their current processes but also partner with other sectors in their business including legal, finance and HR, to develop the right guidelines and ensure employees are on track with the new digital corporate philosophy.

 

We’re Cloudscape.

We believe you should have the best backup solutions for your business.

We’ll get to know your business and determine the most appropriate solution to meet your technical requirements while being commercially sensible in cost and productive with time.

If you feel that your data isn’t being backed up correctly, please get in touch.

 

News Source: https://www.techradar.com/

Huawei equipment must be removed from UK’s 5G networks by 2025

in ,

Stating there is clear evidence of collusion between Huawei and the Chinese state, the Parliament’s Defence Committee has recommended that Huawei-supplied equipment should be removed from the UK’s 5G networks by 2025 instead of 2027 which is the existing deadline.

The Parliament’s Defence Committee is chaired by Conservative MP Tobias Elwood and other MPs in the committee are Stuart Anderson MP, Sarah Atherton MP, Martin Docherty-Hughes MP, Richard Drax MP, Rt Hon Mr Mark Francois MP, Rt Hon Kevan Jones MP, Mrs Emma Lewell-Buck MP, Gavin Robinson MP, Rt Hon John Spellar MP, and Derek Twigg MP.

On Wednesday, the Defence Committee released its report on The Security of 5G, offering a number of recommendations and advice for the government to find a balance between technological advancement and the UK’s national security, including rushing out Huawei from the country’s 5G networks and introducing the Telecoms Security Bill at the earliest.

 

Huawei equipment should be replaced by 2025 instead of 2027

The Committee expressed its support for the government’s goal of removing Huawei from the UK’s 5G networks by 2027 but said that in light of recent developments, it is feasible to push forward the deadline to 2025 and the government must compensate operators if the 2027 deadline is moved forward.

The shifting of the deadline must have been prompted due to UK network operators quickly signing long-term contracts with the likes of Nokia, Ericsson, and Samsung after the government announced its decision to remove Huawei-supplied equipment from the UK’s 5G networks by 2027.

In late September, BT selected Nokia as its principal 5G RAN vendor in the UK, allowing the Finnish company to supply its AirScale Single RAN (S-RAN) portfolio for both indoor and outdoor coverage, including 5G RAN, AirScale base stations, and Nokia AirScale radio access products. Aside from offering higher capacity benefits to consumers at ultra-low latencies, Nokia will also reduce complexity, increase cost efficiency, optimize BT’s 2G and 4G networks, and help develop BT’s OpenRAN ecosystem.

In June, Ericsson agreed to a “substantial network modernisation programme” with O2. The deal involved Ericsson deploying its 5G RAN network across the UK and also upgrading O2’s existing 2G/3G/4G sites. “Leading products and solutions from the Ericsson Radio System portfolio will be used in the deployment, which includes new multiband and wide-band 5G radios as well as new 5G-optimized basebands to build sustainable sites in preparation for future increases in 5G coverage and capacity,” the company said.

Indicating that merely forcing Huawei out of the UK is not the final solution but one of the steps the government needs to take to preserve the UK’s national security, the Defence Committee said the government, as well as mobile service operators, should continue investment in OpenRAN technology to move away from the current consolidated vendor environment to one in which operators no longer have to consider which vendor to source from.

The government should also work with mobile network operators to bring in new vendors to the UK and also encourage the development of industrial capability in the UK, the Committee recommended.

“We must not surrender our national security for the sake of short-term technological development. This is a false and wholly unnecessary trade-off. A new D10 alliance, that unites the world’s ten strongest democracies, would provide a viable alternative foundation to the technological might of authoritarian states, whose true motives are, at times, murky.

“Democracies the world over are waking up to the dangers of new technology from overseas, that could inadvertently provide hostile states access to sensitive information through the backdoor,” said Tobias Ellwood MP, Chair of the Defence Committee.

“The West must urgently unite to advance a counterweight to China’s tech dominance. As every aspect of our lives becomes increasingly reliant on access to data movement we must develop a feasible, practical and cost-effective alternative to the cheap, high-tech solutions which can be preyed upon and which come stooped with conditions which ensnare a state into long-term allegiance to China,” he added.

 

Telecoms Security Bill a must to preserve national security

The Defence Committee also batted for the Telecoms Security Bill, stating that the bill will bring regulations up to date and will allow the government to compel operators to act in the interests of security. Recommending the introduction of the bill no later than 31 December this year, it said the bill will help the government avoid a situation where short-term commercial considerations are placed ahead of those for national security and defence.

The Telecoms Security Bill is slated to be introduced in the Parliament in the coming days and once it is passed, it will make it illegal for network operators to retain Huawei-supplied equipment or to purchase equipment from the company beyond 2027.

“Members sought a commitment from the Government to remove Huawei equipment from our 5G network altogether. That is why we have concluded that it is necessary, and indeed prudent, to commit to a timetable for the removal of Huawei equipment from our 5G network by 2027. Let me be clear: this requirement will be set out in law by the telecoms security Bill. By the time of the next election, we will have implemented in law an irreversible path for the complete removal of Huawei equipment from our 5G networks,” said Oliver Dowden, the Secretary of State for Digital, Culture, Media and Sport in July.

 

We’re Cloudscape.

We believe you should have the best backup solutions for your business.

We’ll get to know your business and determine the most appropriate solution to meet your technical requirements while being commercially sensible in cost and productive with time.

If you feel that your data isn’t being backed up correctly, please get in touch.

 

News Source: https://www.teiss.co.uk/

BA GDPR Data Breach Fine Lowered to £20m Due to COVID-19

in ,

The fine against British Airways for GDPR failings has been reduced to £20m from the original £183m intent to fine issued last July.

An ICO investigation found the airline was processing a significant amount of personal data without adequate security measures in place, leading to a cyber-attack during 2018, which it did not detect for more than two months. It said the amount to be fined (£20m) was considered with both representation from BA and the economic impact of COVID-19 on the business.

The ICO also said, as the breach happened in June 2018, before the UK left the EU, the ICO investigated on behalf of all EU authorities as lead supervisory authority under the GDPR. The penalty and action have been approved by the other EU DPAs through the GDPR’s cooperation process.

According to the penalty notice, a proposed penalty of £183.39m was issued on July 4 2019 with a extension till March 21 2020 agreed in December. On April 3 2020, the ICO wrote to BA requesting information regarding the impact of COVID-19 on its financial position, and having considered BA’s representations, both BA and the ICO “agreed to a series of further extensions of the statutory deadline to 30 September.

Rachel Aldighieri, managing director of the Data & Marketing Association (DMA), said: “Brexit and coronavirus have put businesses under immense financial strain and a fine of this magnitude will get the attention of board members of organizations across the UK. They will certainly not want to risk receiving similar disciplinary action from the ICO.

“This is the largest fine issued by the ICO to date under the new GDPR laws, highlighting the importance all businesses should place on the security of customers’ data and the need to build in safeguards to protect it.”

In the attack, an attacker is believed to have potentially accessed the personal data of approximately 429,612 customers and staff. This included names, addresses, payment card numbers and CVV numbers of 244,000 BA customers. Other details thought to have been accessed include the combined card and CVV numbers of 77,000 customers and card numbers only for 108,000 customers.

Usernames and passwords of BA employee and administrator accounts as well as usernames and PINs of up to 612 BA Executive Club accounts were also potentially accessed.

The ICO said that since the attack BA has made considerable improvements to its IT security. Information Commissioner Elizabeth Denham said: “People entrusted their personal details to BA and BA failed to take adequate measures to keep those details secure.

“Their failure to act was unacceptable and affected hundreds of thousands of people, which may have caused some anxiety and distress as a result. That’s why we have issued BA with a £20m fine – our biggest to date.”

Piers Wilson, head of product management at Huntsman Security, said: “Whether this was a result of clever bargaining by BA, the investigation process uncovering mitigating factors, an acknowledgement of the ravages of COVID-19 on the airline industry or the ICO deliberately setting a high initial target with a more realistic goal in mind, it could give the message that fines will not be as severe as businesses and some in the security and privacy industry expect.”

Vanessa Barnett, commercial and IP partner at Keystone Law, added: “In the grand scheme of things, it’s important that the punishment fits the wrongdoing: whilst the GDPR certainly has teeth and can really bite quite hard, it’s great to see the ICO continuing with its attitude of proportionality that existed pre-GDPR. Don’t forget that before GDPR the statutory limit was £500,000.

“£500,000 to £20m is a big jump and will still very much focus the (compliance) minds! The ICO may have felt some moral pressure not to whack BA even more in the midst of a global pandemic which is affecting it hugely and luckily, its enforcement framework allows that.”

 

We’re Cloudscape.

We believe you should have the best backup solutions for your business.

We’ll get to know your business and determine the most appropriate solution to meet your technical requirements while being commercially sensible in cost and productive with time.

If you feel that your data isn’t being backed up correctly, please get in touch.

 

News Source: https://www.infosecurity-magazine.com/