Ransomware: What you need to know now

| September 5, 2017

article image
Reporters Fahmida Rashid and Steve Ragan talk about the latest ransomware threats, the holes in IT security and the burdens on enterprises.

Spotlight

Sensefinity

We connect the physical world with your IT, creating the Internet of Things (IoT). Via our simple to use, inexpensive sensor-platform and our scalable cloud-platform we can find fast and easy ways to integrate machine-data into today's IT systems to uncover hidden value. Sensefinity, the Internet of Things.

OTHER ARTICLES

MERGING AND SORTING FILES IN LINUX: EASIER THAN YOU THINK

Article | November 24, 2020

There are several reasons to choose Linux over other operating systems such as Windows and macOS. Linux is an open-source, secure, and very lightweight operating system consuming minimal system resources. It also has huge community support and has a ton of distros (variants) to choose from. While we have already posted a bunch of articles on simple file handling methods in Linux, sending email from the terminal, and more, we are going to walk you through the simple yet efficient process of merging and sorting files in Linux. Just like with any other operation in Linux, there are several ways you can sort and merge the files in Linux. Choosing which method to use solely depends on the user and based on what needs to be accomplished. In this article, we will show you some easy yet powerful file sorting and merging methods in Linux while pointing out the differences and importance of each method. Cat Cat is one of the easiest and simple commands in Linux that can combine multiple files into one. All you have to do is list all the files that you wish to merge into a single file along with the new file name you wish to create. If a file with the name of the final output already exists, then it will be overwritten by the one being created. Here is a very simple implementation of cat command. $ cat file1 file2 file3 file4 > Newfile However, if you wish to append information from multiple files into an already existing file, you can use ">>" instead of ">." Below is an example $ cat file1 file2 file3 file4 >> Newfile The cat command can also be used in many ways. It is also one of the most flexible and simple ways of reading the content of the file. To view the content of a file called file1, simply use the below command. $cat file1 Join Join is another command to merge the data of multiple files. While it is as easy and simple as the cat command is, it has a catch. Unlike cat, join cannot just simple combine the data of multiple files. Instead, the command allows users to merge the content of multiple files based on a common field. For instance, consider that two files need to be combined. One file contains names, whereas the other file contains IDs, and the join command can be used to combine both these files in a way that the names and their corresponding IDs appear in the same line. However, users need to make sure that the data in both these files have the common key field with which they will be joined. There are several reasons to choose Linux over other operating systems such as Windows and macOS. Linux is an open-source, secure, and very lightweight operating system consuming minimal system resources. It also has huge community support and has a ton of distros (variants) to choose from. While we have already posted a bunch of articles on simple file handling methods in Linux, sending email from the terminal, and more, we are going to walk you through the simple yet efficient process of merging and sorting files in Linux. Just like with any other operation in Linux, there are several ways you can sort and merge the files in Linux. Choosing which method to use solely depends on the user and based on what needs to be accomplished. In this article, we will show you some easy yet powerful file sorting and merging methods in Linux while pointing out the differences and importance of each method. azure linux Shutterstock Cat Cat is one of the easiest and simple commands in Linux that can combine multiple files into one. All you have to do is list all the files that you wish to merge into a single file along with the new file name you wish to create. If a file with the name of the final output already exists, then it will be overwritten by the one being created. Here is a very simple implementation of cat command. $ cat file1 file2 file3 file4 > Newfile However, if you wish to append information from multiple files into an already existing file, you can use ">>" instead of ">." Below is an example $ cat file1 file2 file3 file4 >> Newfile The cat command can also be used in many ways. It is also one of the most flexible and simple ways of reading the content of the file. To view the content of a file called file1, simply use the below command. $cat file1 Join Join is another command to merge the data of multiple files. While it is as easy and simple as the cat command is, it has a catch. Unlike cat, join cannot just simple combine the data of multiple files. Instead, the command allows users to merge the content of multiple files based on a common field. For instance, consider that two files need to be combined. One file contains names, whereas the other file contains IDs, and the join command can be used to combine both these files in a way that the names and their corresponding IDs appear in the same line. However, users need to make sure that the data in both these files have the common key field with which they will be joined. Syntax $join [OPTION] FILE1 FILE2 Example: Assume file1.txt contains ... 1 Aarav 2 Aashi 3 Sukesh And, file2.txt contains ... 1 101 2 102 3 103 The command ... $ join file1.txt file2.txt will result in: 1 Aarav 101 2 Aashi 102 3 Sukesh 103 Note that by default, the join command takes the first column as the key to join multiple files. Also, if you wish to store the final data of the two files joined into another file, you can use this command: $ cat file1.txt file2.txt > result.txt Paste The paste command is used to join multiple files horizontally by performing parallel merging. The command outputs the lines from each file specified, separated by a tab as a delimiter by default to the standard output. Assume there is a file called numbers.txt containing numbers from 1 to 4. And there are another two files called countries.txt and capital.txt containing four countries and their corresponding capitals, respectively. The command below will join the information of these three files and will be separated by a tab space as a delimiter. $ paste numbers.txt countries.txt capital.txt However, you can also specify any delimiter by adding a delimiter option to the above command. For example, if we need the delimited to be "-" you can use this command: $ paste -d “-” numbers.txt countries.txt capital.txt Sort The sort command in Linux, as the name suggests, is used to sort a file as well as arrange the records in a particular order. Sort can also be paired with multiple other Linux commands such as cat by simply joining the two commands using a pipe "|" symbol. For instance, if you wish to merge multiple files, sort them alphabetically and store them in another file, you can use this command: $ cat file1.txt file2.txt file3.txt | sort > finalfile.txt There are several reasons to choose Linux over other operating systems such as Windows and macOS. Linux is an open-source, secure, and very lightweight operating system consuming minimal system resources. It also has huge community support and has a ton of distros (variants) to choose from. While we have already posted a bunch of articles on simple file handling methods in Linux, sending email from the terminal, and more, we are going to walk you through the simple yet efficient process of merging and sorting files in Linux. Just like with any other operation in Linux, there are several ways you can sort and merge the files in Linux. Choosing which method to use solely depends on the user and based on what needs to be accomplished. In this article, we will show you some easy yet powerful file sorting and merging methods in Linux while pointing out the differences and importance of each method. azure linux Shutterstock Cat Cat is one of the easiest and simple commands in Linux that can combine multiple files into one. All you have to do is list all the files that you wish to merge into a single file along with the new file name you wish to create. If a file with the name of the final output already exists, then it will be overwritten by the one being created. Here is a very simple implementation of cat command. $ cat file1 file2 file3 file4 > Newfile However, if you wish to append information from multiple files into an already existing file, you can use ">>" instead of ">." Below is an example $ cat file1 file2 file3 file4 >> Newfile The cat command can also be used in many ways. It is also one of the most flexible and simple ways of reading the content of the file. To view the content of a file called file1, simply use the below command. $cat file1 Join Join is another command to merge the data of multiple files. While it is as easy and simple as the cat command is, it has a catch. Unlike cat, join cannot just simple combine the data of multiple files. Instead, the command allows users to merge the content of multiple files based on a common field. For instance, consider that two files need to be combined. One file contains names, whereas the other file contains IDs, and the join command can be used to combine both these files in a way that the names and their corresponding IDs appear in the same line. However, users need to make sure that the data in both these files have the common key field with which they will be joined. Syntax $join [OPTION] FILE1 FILE2 Example: Assume file1.txt contains ... 1 Aarav 2 Aashi 3 Sukesh And, file2.txt contains ... 1 101 2 102 3 103 The command ... $ join file1.txt file2.txt will result in: 1 Aarav 101 2 Aashi 102 3 Sukesh 103 Note that by default, the join command takes the first column as the key to join multiple files. Also, if you wish to store the final data of the two files joined into another file, you can use this command: $ cat file1.txt file2.txt > result.txt Paste The paste command is used to join multiple files horizontally by performing parallel merging. The command outputs the lines from each file specified, separated by a tab as a delimiter by default to the standard output. Assume there is a file called numbers.txt containing numbers from 1 to 4. And there are another two files called countries.txt and capital.txt containing four countries and their corresponding capitals, respectively. The command below will join the information of these three files and will be separated by a tab space as a delimiter. $ paste numbers.txt countries.txt capital.txt However, you can also specify any delimiter by adding a delimiter option to the above command. For example, if we need the delimited to be "-" you can use this command: $ paste -d “-” numbers.txt countries.txt capital.txt There are several other options available for the paste command, and more information can be found here. Sort The sort command in Linux, as the name suggests, is used to sort a file as well as arrange the records in a particular order. Sort can also be paired with multiple other Linux commands such as cat by simply joining the two commands using a pipe "|" symbol. For instance, if you wish to merge multiple files, sort them alphabetically and store them in another file, you can use this command: $ cat file1.txt file2.txt file3.txt | sort > finalfile.txt The above command is going to merge the files, sort the overall content, and then store it in the finalfile.txt You can also use the sort command to simply sort a single file containing information: $ sort file.txt The command above does not change or modify the data in file.txt and is, therefore, just for displaying the sorted data on the console. There are several other ways of merging and sorting files and data in the Linux operating system. What makes Linux unique is its ability to pair up multiple commands to achieve its purpose. Once users start to make themselves acquainted with these commands, it can save a lot of time and effort while performing tasks with more precision and efficiency.

Read More

EMAIL SECURITY CONCEPTS THAT NEED TO BE IN YOUR EMAIL INFOSEC POLICY

Article | June 16, 2021

Compliance requirements have become more complex because of the continual evolution of security threats and vulnerabilities. Many organizations fail to create an extensive security program to cover their challenges. Emails are one of the most susceptible channels for cyber-criminals to operate. This is why every organization must pay keen attention to email security policies in cybersecurity. Because emails are prone to cyberattacks, enterprises and individuals must take critical measures to secure their email accounts against unauthorized access. Malicious actors use phishing to trick recipients into sharing sensitive information, either by impersonating trusted contacts or legitimate business owners. Email is still one of the most vulnerable avenues for hackers and cyber crooks. Here are the critical email security concepts that need inclusion into your information security policy.

Read More

What is Ransomware and What You Need to Know to Stay Safe?

Article | March 5, 2020

While there may be more than 1 billion pieces of malware prowling the internet for a chance to infect victims, one particular piece of nastiness has been inflicting financial losses and security headaches for years.Known as ransomware, its sole purpose is to block access to computer systems or files until the victim pays a ransom. These ransom demands fluctuate wildly, from the equivalent of a couple of hundred dollars to several hundred thousand. In the simplest terms, ransomware is a piece of malicious software that prevents users from using their devices or accessing their personal or important files, unless a sum of money is paid. Payment is usually demanded in cryptocurrency, such as Monero or Bitcoin. Victims are told to purchase these digital assets and then transfer them to the attackers.

Read More

Zero Trust – Demystified

Article | July 29, 2020

1. Zero Trust – Demystified Everyone seems to be talking about Zero Trust in the security world at the moment. Unfortunately there seems to be multiple definitions of this depending on which vendor you ask. To help others understand what Zero Trust is, this white paper covers the key aspects of a Zero Trust model. 1.1. What is Zero Trust Zero Trust is a philosophy and a related architecture to implement this way of thinking founded by John Kindervag in 2010. What it isn’t, is a particular technology! There are three key components to a Zero Trust model: 1. User / Application authentication – we must authenticate the user or the application (in cases where applications are requesting automated access) irrefutably to ensure that the entity requesting access is indeed that entity 2. Device authentication – just authenticating the user / application is not enough. We must authenticate the device requesting access as well 3. Trust – access is then granted once the user / application and device is irrefutably authenticated. Essentially, the framework dictates that we cannot trust anything inside or outside your perimeters. The zero trust model operates on the principle of 'never trust, always verify’. It effectively assumes that the perimeter is dead and we can no longer operate on the idea of establishing a perimeter and expecting a lower level of security inside the perimeter as everything inside is trusted. This has unfortunately proven true in multiple attacks as attackers simply enter the perimeter through trusted connections via tactics such as phishing attacks. 1.2. Enforcing the control plane In order to adequately implement Zero Trust, one must enforce and leverage distributed policy enforcement as far toward the network edge as possible. This basically means that granular authentication and authorisation controls are enforced as far away from the data as possible which in most cases tends to be the device the user is using to access the data. So in essence, the user and device are both untrusted until both are authenticated after which very granular role based access controls are enforced. In order to achieve the above, a control plane must be implemented that can coordinate and configure access to data. This control plane is technology agnostic. It simply needs to perform the function described above. Requests for access to protected resources are first made through the control plane, where both the device and user must be authenticated and authorised. Fine-grained policy can be applied at this layer, perhaps based on role in the organization, time of day, or type of device. Access to more secure resources can additionally mandate stronger authentication. Once the control plane has decided that the request will be allowed, it dynamically configures the data plane to accept traffic from that client (and that client only). In addition, it can coordinate the details of an encrypted tunnel between the requestor and the resource to prevent traffic from being ‘sniffed on the wire’. 1.3. Components of Zero Trust and the Control Plane Enforcing a Zero Trust model and the associated control plan that instructs the data plane to accept traffic from that client upon authentication requires some key components for the model to operate. The first and most fundamental is micro-segmentation and granular perimeter enforcement based on: Users Their locations Their devices and its security posture Their Behaviour Their Context and other data The above aspects are used to determine whether to trust a user, machine or application seeking access to a particular part of the enterprise. In this case, the micro-segmentation technology essentially becomes the control plane. Per the above section, encryption on the wire is a key component of Zero Trust. For any micro-segmentation technology to be an effective control plane, it must: Enforce traffic encryption between endpoints Authenticate the user and machine based on their identity and not the network segment they are coming from. 1.4. Zero Trust Technologies As stated earlier, Zero Trust is an architecture. Other than micro-segmentation, the following key technologies and processes are required to implement Zero Trust: Multifactor authentication – to enforce strong authentication Identity and Access Management – to irrefutably authenticate the user / application and the device User and network behaviour analytics – to understand the relative behaviours of the user and the network they are coming from and highlight any unusual behaviour compared to a pre-established baseline which may indicate a compromised identity Endpoint security – to ensure that the endpoint itself is clean and will not act as a conduit for an attacker to gain unauthorised access to data Encryption – to prevent ‘sniffing of traffic on the wire’ Scoring – establishing a ‘score’ based on the perimeters above that will then determine whether access can be granted or not Apart from the above key components, the following are needed as well: File system permissions – needed in order to implement role based access controls Auditing and logging – to provide monitoring capabilities in case unauthorised access is achieved Granular role based access controls – to ensure access is on a ‘need to know basis only’ Supporting processes – all of the above needs to be supported by adequate operational procedures, processes and a conducive security framework so that the model operates as intended Mindset and organisational change management – since Zero Trust is a shift in security thinking, a mindset change managed by robust change management is required to ensure the successful implementation of Zero Trust in an organisation. 1.5. Challenges with Zero Trust So Zero Trust sounds pretty awesome, right? So why haven’t organisations adopted it fully? As with any new technology or philosophy, there are always adoption challenges. Zero Trust is no different. At a high level, the key challenges in my experience are: Change resistance – Zero Trust is a fundamental shift in the way security is implemented. As a result, there is resistance from many who are simply used to the traditional perimeter based security model Technology focus as opposed to strategy focus – since Zero Trust is a model that will impact the entire enterprise, it requires careful planning and a strategy to implement this. Many are still approaching security from the angle that if we throw enough technology at it, it will be fine. Unfortunately, this thinking is what will destroy the key principles of Zero Trust Legacy systems and environments – legacy systems and environments that we still need for a variety of reasons were built around the traditional perimeter based security model. Changing them may not be easy and in some cases may stop these systems from operating Time and cost – Zero Trust is an enterprise wide initiative. As such, it requires time and investment, both of which may be scarce in an organisation. 1.6. Suggested Approach to Zero Trust Having discussed some challenges to adopting a Zero Trust model above, let’s focus on an approach that may allow an organisation to implement a Zero Trust model successfully: 1. Take a multi-year and multi-phased approach – Zero Trust takes time to implement. Take your time and phase the project out to spread the investment over a few financial years 2. Determine an overall strategy and start from there – since Zero Trust impacts the entire enterprise, a well-crafted strategy is critical to ensure success. A suggested, phased approach is: a. Cloud environments, new systems and digital transformation are good places to start – these tend to be greenfield and should be more conducive to a new security model b. Ensure zero trust is built into new systems, and upgrades or changes – build Zero Trust by design, not by retrofit. As legacy systems are changed or retired, a Zero Trust model should be part of the new deployment strategy c. Engage a robust change management program – mindset adjustment through good change management 3. Take a risk and business focus – this will allow you to focus on protecting critical information assets and justify the investments based on ROI and risk mitigation 4. Ensure maintenance and management of the new environment – as with everything, ensure your new Zero Trust deployment is well maintained and managed and does not degrade over time. To summarise, Zero Trust is a security philosophy and architecture that will change the way traditional perimeter based security is deployed. A key component of it is the control plane that instructs the data plane to provide access to data. Zero Trust dictates that access can only be granted once the user / application and device are irrefutably authenticated and even then this access is provided on a ‘need to know’ basis only. Micro-segmentation is a key technology component of Zero Trust implementation and this paper has stated other key technology components and processes that are needed to implement Zero Trust adequately. This paper has discussed some of the challenges with implementing Zero Trust which include change resistance as well as legacy systems. The paper then provided an approach to implementing Zero Trust which included taking a phased approach based on a sound strategy underpinned by a risk and business focused approach.

Read More

Spotlight

Sensefinity

We connect the physical world with your IT, creating the Internet of Things (IoT). Via our simple to use, inexpensive sensor-platform and our scalable cloud-platform we can find fast and easy ways to integrate machine-data into today's IT systems to uncover hidden value. Sensefinity, the Internet of Things.

Events