Unmanaged Virtual Private Server: Keeping It Secure

| December 21, 2018

article image
Virtual Private Servers (VPS) is undoubtedly the future of web hosting. A VPS refers to a virtual machine or virtual server, installed on a computer that is simultaneously accessed by many end users or websites seems to be a dedicated server. Also referred to as a virtual dedicated server (VDS), the VPS technology employs powerful virtualization techniques to create several partitions on one physical server. Each part runs its own Operating Systems hosting different resources for different users. Unmanaged VPS hosting Typically, a customer chooses a self-managed (unmanaged) VPS hosting if they want complete control of the VPS hosting service solution, free from the influence of a service provider. To learn more about VPS hosting and how it works, see this tutorial. A user needs enough skills to establish and manage a web server without external help.

Spotlight

FusionX

FusionX was founded to address a critical market demand for objective and integrated risk management services and products. The FusionX team has been working together for over 15 years to provide the highest quality technical, intelligence, and security consulting services to international corporations and governments. We’ve worked in every critical infrastructure sector and for the top commercial and government customers in the world.

OTHER ARTICLES

Protecting against Cybersecurity Threats when Working from Home

Article | March 11, 2020

With the spread of the novel coronavirus (COVID-19), many organizations are requiring or permitting employees to work remotely. This post is intended to remind employers and employees that in the haste to implement widespread work-from-home strategies, data security concerns cannot be forgotten.Employers and employees alike should remain vigilant of increased cybersecurity threats, some of which specifically target remote access strategies. Unfortunately, as noted in a prior blog post, cybercriminals will not be curtailing their efforts to access valuable data during the outbreak, and in fact, will likely take advantage of some of the confusion and communication issues that might arise under the circumstances to perpetrate their schemes. Employees working from home may be accessing or transmitting company trade secrets as well as personal information of individuals. Inappropriate exposure of either type of data can lead to significant adverse consequences for a company.

Read More

Ryuk: Defending Against This Increasingly Busy Ransomware Family

Article | March 11, 2020

On December 16, 2019, the U.S. Coast Guard disclosed a security incident at a facility regulated by the Maritime Transportation Security Act (MTSA). Forensic analysis suggests that the incident might have begun when an employee clicked on a link embedded in a phishing email.This action enabled a threat actor to set Ryuk ransomware loose on the facility’s network. Ultimately, the infection spread to all IT network files, leading Ryuk to disrupt the corporate IT network and prevent critical process control monitoring systems from functioning properly. Phishing is one of the primary infection vectors for most ransomware families, but there’s an interesting twist with this particular family. As noted by Malwarebytes, a typical Ryuk attack begins when a user opens a weaponized Microsoft Office document attached to a phishing email. Opening the document causes a malicious macro to execute a PowerShell command that attempts to download the banking trojan Emotet. This has the ability to download additional malware onto an infected machine that retrieves and executes Trickbot.

Read More

Cybersecurity: Five Key Questions The CEO Must Ask

Article | March 11, 2020

Just about every single day, somewhere in the world, a company falls victim to cyber attackers, even with millions spent on cybersecurity. Every company is a target because they have data and there are too many doors, windows and entryways for cyber attackers to get in, whether on-premise or in the cloud. It is not a question of if, but when, the attackers will get in. Prevention efforts are of course important, but since attackers will get in, equal attention must be on detection going forward. And the focus must be on early detection, otherwise, it will be too late. My book, Next Level Cybersecurity, is based on intensive reviews of the world’s largest hacks and uncovers the signals of the attackers that companies are either missing or don’t know how to detect early, apart from all of the noise. So, the attackers are slipping by the cybersecurity, staying undetected and stealing data or committing other harm. In the book I explain the Cyber Attack Chain. It is a simplified model that shows the steps that cyber attackers tend to follow in just about every single hack. There are five steps: external reconnaissance; intrusion; lateral movement; command and control; and execution. At each step, there will be signals of the attackers’ behavior and activity. But the signals in the intrusion, lateral movement and command and control steps provide the greatest value because they are timely. The external reconnaissance step is very early and the signals may not materialize into an attack, while detecting signals in the execution step is too late because by this time the data theft or harm will have already occurred. My research uncovered 15 major signals in the intrusion, lateral movement and command and control steps that should be the focus of detection. My research of the world’s largest hacks reveals that if the company had detected signals of the attackers early, in the intrusion, lateral movement or command and control steps, they would have been able to stop the hack and prevent the loss or damage. My book shows how to detect the signals in time, using a seven-step early detection method. One of the key steps in this method is to map relevant signals to the Crown Jewels (crucial data, IP or other assets). It is a great use case for machine learning and AI. There is a lot of noise, so machine learning and AI can help eliminate false positives and expose the attackers’ signals early to stop the hack. There are two blind spots that just about every single company world-wide faces that cyber attackers will exploit, beginning in 2019, that companies must get on top of. One blind spot is the cloud. There is a false sense of comfort and lack of attention to detection, thinking the cloud is safer because of the cloud provider’s cybersecurity or because the cloud provider has an out-of-the-box monitoring system. However, if the company fails to identify all Crown Jewels and map all relevant cyber attacker signals for the monitoring, the attackers will get in, remain undetected and steal data or commit other harm in the cloud. The other blind spot is Internet of Things (IoT). IoT devices (e.g. smart TVs, webcams, routers, sensors, etc.), with 5G on the way, will be ubiquitous in companies world-wide. While IoT devices provide many benefits, they are a weak link in the chain due to poor built-in security and lack of monitoring. Cyber attackers will focus on IoT devices to make the intrusion, then pivot to get to the Crown Jewels. Detecting early signals of cyber attackers trying to exploit IoT devices will be critical. Companies world-wide need to make cybersecurity a priority, starting in the board room and with the CEO. It all starts at the top. My intensive reviews of the world’s largest hacks reveal in each case a common theme: inadequate or missing CEO and board cybersecurity oversight. Here are five key questions from my book that the CEO must take the lead on and together with the board ask of the management team to make sure the company will not become the next victim of cyber attackers and suffer significant financial and reputational harm: Have we identified all of our Crown Jewels and are not missing any? Do we know where all of the Crown Jewels are located? Have we identified all of the ways cyber attackers could get to the Crown Jewels? Have we mapped high probability signals of cyber attackers trying to get to the Crown Jewels with each Crown Jewel? Are we sifting through all of the noise to detect signals early and reporting to the CEO and the board in a dashboard report for timely oversight? If your answer is No to any of the questions or you are unsure, you have a gap or blind spot and are at risk, and you must follow up to get to a high confidence Yes answer. In my book, Next Level Cybersecurity, I provide other key questions to ask and a practical seven-step method to take cybersecurity to the next level to stay one step ahead of the attackers. It is written in plain language for boards, executives and management, so everyone can get on the same page and together mitigate one of the most significant and disruptive risks faced today, cybersecurity.

Read More

What You Need to Know About the Cybersecurity Solarium Commission Report

Article | March 11, 2020

The Cybersecurity Solarium Commission's recently released report outlines a strategy to fundamentally reshape the U.S.’s approach to cybersecurity and prepare for resiliency and response before a major cyber incident occurs, not after. Unlike the original Solarium Commission, which operated in a classified environment, the Cybersecurity Solarium Commission chose to release its report publicly out of recognition that cybersecurity involves everyone. “In studying this issue,” begins the letter from Sen. Angus King and Rep. Mike Gallagher, the chairmen of the commission, “it is easy to descend into a morass of classification, acronyms, jargon, and obscure government organization charts. To avoid that, we tried something different: an unclassified report that we hope will be found readable by the very people who are affected by the very people who are affected by cyber insecurity – everyone. This report is also aimed squarely at action; it has numerous recommendations addressing organizational, policy, and technical issues, and we included an appendix with draft bills that Congress can rapidly act upon to put these ideas into practice and make America more secure.”

Read More

Spotlight

FusionX

FusionX was founded to address a critical market demand for objective and integrated risk management services and products. The FusionX team has been working together for over 15 years to provide the highest quality technical, intelligence, and security consulting services to international corporations and governments. We’ve worked in every critical infrastructure sector and for the top commercial and government customers in the world.

Events