Network Security from a Cyber Attacker's View

| March 23, 2016

article image
Attackers are finding their way around perimeter defenses and into corporate networks—and IT security professionals are taking anywhere from 158 to 256 days to detect breaches.IT looks at the network as a hierarchical map of connections. Attackers, however, see a completely different picture

Spotlight

Reliance Communications

Reliance Group’s flagship company, Reliance Communications, is India’s foremost and truly-integrated telecommunications service provider, with a customer base of over 118 million, including over 2.8 million individual overseas retail customers. Reliance Communications’Corporate clientele consists of over 40,000 Indian and multinational corporations, including small and medium enterprises, and close to 300 of the finest enterprise and carrier companies globally. Reliance Communications also owns the world’s largest private under-sea cable system under its subsidiary Global Cloud Xchange, which offers a comprehensive portfolio of solutions customized for Carriers, Enterprises and New Media Companies globally. The Company has pan-India operations across the full spectrum of wireless, wire-line, long-distance, voice, data, video and Internet communication services, offering services on the 3G, GSM and CDMA technology platforms. RCOM also ranks among the top providers of wireless communicat

OTHER ARTICLES

Progress Is the Promise in National Cybersecurity Strategy

Article | March 23, 2020

How can progress be measured when it comes to shifts in national security strategy and practice? Several assessment variables might include changes in official national guidance, legal authorities, types of campaigns or operations, lexicon used in national security discourse, and early results of the application of those changes. Since 2016, with the introduction of the construct of persistent engagement and the subsequent development of defend forward, all these variables have changed in a positive manner.

Read More

A Closer Look at the Microsoft Exchange Server Cyberattacks

Article | May 13, 2021

We recently posted an article that highlighted the high-profile Microsoft Exchange hack that impacted hundreds of thousands of organizations across the globe. (This article offered some recommendations on how this could have been avoided as well as a special three-month offer to help any company who may have been affected.) Since this cyber attack, even more details are emerging. For example, the White House recently urged victims to quickly patch applications and systems and pushed for them to do it as quickly as possible. One senior administration official emphasized that the window to update these systems could be measured in hours, not even days.

Read More

Creating and rolling out an effective cyber security strategy

Article | April 16, 2021

What’s more, organisations should also keep in mind that prevention alone is not enough; according to IBM, the average breach detection and containment times currently sits in the region of 280 days. In this time, it’s easy for cyber attackers to gain a foothold in an environment and quickly cause damage. “When developing a cyber security strategy, traditionally enterprises have focused on the threat prevention with little attention given to detection and often none to response,” said Martin Riley, director of managed security services at Bridewell Consulting.

Read More

Noxious Zero-Click Attack: What Is It And How To Avoid It

Article | January 19, 2021

For years, we have been told that cyber-attacks happen due to human-errors. Almost every person has stressed about training to prevent cyber-attacks from taking place. We have always been on the alert to dodge errant clicks or online downloads that might infect devices with security threats. However, not all attacks need a user’s oversight to open the door. Although avoiding clicking on phishing emails is still significant but there is a cyber threat that does not need any human error and has been in the recent news. It is known as Zero-Click attack where some vulnerabilities can be misused by hackers to launch attacks even without interaction from the victim. Rather than depending on the hardware or software flaws to get access to the victim’s device, zero-click attacks eliminate the human error equation. There is nothing a victim can do once coming into the limelight of the hacker. Also, with the flourishing use of smartphones around the world that entails all the personal information and data, this thread has expanded enormously. How Zero-Click Attacks Occur? The core condition for successfully pulling off a zero-click is creating a specially designed piece of data which is then sent to the targeted device over a wireless network connection including mobile internet or wifi. This then hit a scarcely documented vulnerability on the software or hardware level. The vulnerability majorly affects the messaging or emailing apps. The attacks that have begun from Apple’s mail app on iPhone or iPad, have now moved ahead on Whatsapp and Samsung devices. In iOS 13, the vulnerability allowed zero-click when the mail runs in the background. It enables attackers to read, edit, delete, or leak the email inside the app. Later these attacks moved to Samsung’s android devices having version 4.4.4 or above. The successful attacks provide similar access to the hackers as an owner, entailing contacts, SMS, and call logs. In 2019, a breach on Whatsapp used the voice call functionality of the app to ring the victim’s phone. Even if the victim didn’t pick the call and later deleted it, the attacks still installed malicious data packets. These grants access to the hacker to take complete control of call logs, locations, data, camera, and even microphone of the device. Another similar attack had happened due to the frangibility in the chipset of WI-FI that is used in streaming, gaming, smart home devices, and laptops. The zero-click attack blooms on the increase of mobile devices as the number of smartphones have reached above 3 billion. How To Avoid Zero-Click Attacks? Most of the attacks of zero-click target certain victims including corporate executives, government officials, and journalists. But anyone using a smartphone is a possible target. These attacks cannot be spotted due to the lack of vulnerabilities. So the users have to keep the operating system along with the third-party software updated. Also, it is a must to give minimal permissions to apps that are being installed on the device. Moreover, if you own a business and are afraid of the zero-click attacks on your company’s app, you can always seek IT consultations from top-notch companies orhire developersthat will help in developing applications with hard-to-creep-into programming languages where detecting an attack is efficient.

Read More

Spotlight

Reliance Communications

Reliance Group’s flagship company, Reliance Communications, is India’s foremost and truly-integrated telecommunications service provider, with a customer base of over 118 million, including over 2.8 million individual overseas retail customers. Reliance Communications’Corporate clientele consists of over 40,000 Indian and multinational corporations, including small and medium enterprises, and close to 300 of the finest enterprise and carrier companies globally. Reliance Communications also owns the world’s largest private under-sea cable system under its subsidiary Global Cloud Xchange, which offers a comprehensive portfolio of solutions customized for Carriers, Enterprises and New Media Companies globally. The Company has pan-India operations across the full spectrum of wireless, wire-line, long-distance, voice, data, video and Internet communication services, offering services on the 3G, GSM and CDMA technology platforms. RCOM also ranks among the top providers of wireless communicat

Events