Archive

Posts Tagged ‘cybercrime’

Cybersecurity: Safety and Cost Equilibrium

October 21, 2019 Leave a comment

by Dean Chester

Cybersecurity has been a hot topic for quite a while and it’s not likely to change any time soon.

Equilibrium

“Equilibrium” by Guido Sorarù is licensed under CC BY 2.0

Every new day brings more data breaches and more online scams. No single entity is completely safe, it seems: hackers target both private individuals and companies. The size of an organization doesn’t matter either because the security of even the largest of them such as Yahoo and eBay can become compromised.

Not all cybercriminals are ambitious enough to go after corporate giants. Sadly, some also have smaller businesses covered. And when the security of those gets breached, the losses may look negligible to companies that deal with billions of dollars. For a small, family-run enterprise, such losses often become insurmountable and lead to it going out of business.

One of the main reasons why small companies are such an attractive target for hackers lies exactly in their size. Because of it, these businesses can’t afford to spend a lot of money on their Internet security. They can’t afford large teams of security specialists that – for all the owners know – may never actually prove useful. Obviously, such an idea is wrong, but as long as there are no apparent breaches (which situation can very well be a result of the said specialists’ work), it’s hard for some people to see value in supporting such a team.

It’s possible, of course, to find free or low-cost solutions and to save on one’s cybersecurity. But is it a responsible thing to do?

It’s been said time and again that when something is free, it’s because you are the product. Money spent on providing that free solution must come from somewhere, after all.

There are a few ways in which money can be made off of customers who use free cybersecurity software:

  • They can be shown ads coming from third-party vendors. The frequency of it can vary from “relatively unobtrusive” to “all the time”.
  • Speaking of advertisers, the customers’ private info can be sold to them to expand their bases of people to target. This is especially true for shadier providers of free services such as virtual private networks and the like, that is, services that have access to the users’ Internet activity. The information gathered by such a “free” service can be then used to better understand what ads to show to their client base.
  • As a more extreme example of the above, free users’ Internet bandwidth is known to have been sold to a third party that used it for its own purposes, and those purposes weren’t benign. In fact, they included creating a botnet and conducting DDoS attacks on certain websites.
  • Pestering free users with ads has another purpose as well: it’s easy to get tired of such an inconvenience so much that getting a paid version of the same service will seem like a cheaper option.
  • Related to the last one, free versions of antivirus and other computer security software most often do not have all the features that the paid ones do, making their users consider investing money into them.

Besides that, there are definite concerns about the levels of security and protection that those free solutions can provide. As they are free, it’s somewhat unreasonable to expect them to have the best technology available.

If it’s a private individual we’re talking about, it’s obviously up to them to decide if they want to skimp on their security or not. However, as far as companies are concerned, things are more complicated.

If a business becomes a target of a data breach, it doesn’t only endanger that business. Its clients’ personal data may also be obtained by the perpetrator, and that’s bad news for both the clients and the company’s reputation.

That’s why I don’t think it’s the best decision for a business to rely exclusively on free cybersecurity software. It may be enough to protect it but the chances are not terribly high.

However, the question of money still stands. Yes, in the case of a breach the company is going to lose even more, but it doesn’t make the wherewithal to get professional security tools just magically appear. So what can be done?

  • Reinforcing the weakest link of cybersecurity: to make sure employees won’t click any suspicious links or tell anyone their passwords is supremely important. It can be done by anyone with a good grasp of IT security, really, but ideally, it should be entrusted to professionals.
  • System penetration testing: while it should be performed regularly, it doesn’t require having permanent staff and can be done\by a security company.
  • Getting cybersecurity tools at a discount: almost all major software manufacturers hold a sale from time to time, allowing small businesses to save quite a lot if they’re buying many copies at once.
  • Getting a data breach insurance: if a breach does happen, this can help with covering the losses and subsequent expenses, including those inflicted by reputation damage.

Although finding the balance between security and keeping costs neutral is not an easy task for smaller businesses, it is necessary to take care of it. In the long run, the potential price of negligence is going to be much higher than spending on protection.

Dean Chester is a cybersecurity expert and author. He is absorbed in online security and takes all measures to ensure that non-tech-savvy users can be protected on the Internet.

Damage Control: Making what’s visible in Citrix/Terminal Servers invisible

July 22, 2015 Comments off

Kurt Mueffelmann, CEO and President, CryptzoneArticle contributed by Kurt Mueffelmann, President and CEO, Cryptzone

The Citrix XenDesktop™ and XenApp™ solutions, and Windows Terminal Servers, are commonly used to provide remote access to network resources. They are typically located between the internet and the internal network, providing an entry point into internal servers—something that makes them an attractive target for hackers.

Citrix/Terminal Servers provide highly valuable functionality for session-based access from the server to the network, which must be very open to allow for all the differing user profiles and use cases. The challenge is that all traffic from every user using a Citrix/Terminal Server is seen on the network as coming from a single IP address, which might represent dozens of different user types, all with various levels of clearance.

For a traditional firewall, this means that an access rule is necessary to allow the server to access every resource that any user on that server could need. In practice, these access rules often become a permit all for the Citrix/Terminal Server. This open door to the network represents a significant security risk.

What cyber criminals can’t see, they can’t compromise.

Taking the recent Anthem breach and many other notable breaches that were the result of stolen credentials into account, it’s safe to say that nothing is out of reach. Accepting that Citrix/Terminal Server access will be compromised is the most proactive cybersecurity strategy you could take. Here’s why: hackers are, simply, the best at what they do. Research supports his theory: incident response provider Mandiant recently reported that 97 percent of organizations have been breached at least once.

Citrix/Terminal Server access rules allow users sharing an IP address to access every resource on a network segment. Once inside the network a cyber criminal who possess stolen credentials, can “see” applications and services, whether authorized or not. Enterprises need to move away from IP-centric architectures to a role-based security model, dynamically provisioning access depending on the user’s role and contextual attributes.

Once past denial, and on to acceptance, an organization can fully embrace a practical Citrix/Terminal Server security plan by focusing on minimizing risk. While the majority of cybersecurity spending historically has gone toward building up a perimeter, limiting the amount of damage intruders can do after they’re in is a powerful paradigm shift in a CXO’s strategy.

It’s time to flip cybersecurity strategies on their head.

The focus now becomes about user access and entitlements, including tight user-based controls around network access from virtual desktops. Enterprises must move away from IP-centric architectures to a role-based security model that maintains the distinction between individual users connecting through a Citrix or Windows Terminal, then dynamically provisions access on the network and application level depending on the user’s role and contextual attributes.

Dynamic access control considers factors such as, “Is the user on a laptop at home, or on an unrecognized tablet on an unsecure Wi-Fi network?” “Should access be granted in the latter case to sensitive data?”

Disruptive solutions allow organizations to limit the damage that can be done by cyber attacks (via privileged account and third-party users) by using identity and context to dynamically secure access to individual resources—essentially making the rest of an enterprise’s infrastructure invisible. They prevent the exposure of sensitive and confidential information to only allow an individual to access what they are authorized to access. This not only prevents someone from authenticating into a network if something seems amiss, but can also limit any damage a bad actor can take if they get in with stolen credentials.

This concept is taking hold at places like Coca-Cola, Google and others. It’s IT’s job to ensure that every enterprise, regardless of their size or resources, can reap the same benefits. In order to truly protect corporate data and resources, tighter user-based controls around network access from virtual desktops is critical.

Experimental Film Fest

A refuge for art house, avant-garde, experimental, exploratory, and silent cinematic creations

False Pretense Films

Films with a Twist

I'm Just Trying to Help

Helpful Hints, Tips, Tricks, and Info

5K a Day 2017

Our 2017 fitness goal

The securityNOW Podcast Show

Cybersecurity News and Interviews

LoneStarFreedomPress

Phoenix Republic - The Lone Star Gambit / Sovereign's Journey

%d bloggers like this: