Campaign Targets Critical Russian Infrastructure

Infosecurity Magazine | December 12, 2018

Campaign Targets Critical Russian Infrastructure
In a campaign that has lasted at least three years, financially motivated attackers have been targeting Rosneft, a state-owned Russian oil company, according to new threat intelligence published by Cylance. In its Threat Intelligence Bulletin, researchers discovered that ordinary criminals – not state-sponsored actors – were behind the attacks on the predominantly Moscow-owned company. Anticipating that researchers would assume that the campaign was a nation-state attack on the critical infrastructure of a company that holds enormous political influence in Russia, these cyber-criminals were well camouflaged, making attribution all the more challenging. Upon investigating the command-and-control (C&C) domains used by the malware authors, researchers learned that “the threat actor had created similar sites to mimic more than two dozen mostly state-owned oil, gas, chemical, agricultural, and other critical infrastructure organizations, in addition to major Russian financial exchanges,” according to the research.

Spotlight

¿Tu sistema ERP antiguo es un freno para tu negocio? Las investigaciones actuales demuestran que más del 60 % de las empresas con al menos una solución ERP implementada siguen confiando principalmente en un sistema on-premise. Descubre cómo la actualización a una solución ERP basada en el cloud con Microsoft Dynamics 365 ayudará a que tu empresa sea más ágil y esté preparada para el futuro.

Un conjunto de soluciones empresariales basadas en el cloud puede impulsar el rendimiento de tu empresa, y el excepcional sistema ERP de Microsoft ocupa una posición única para proporcionar la privacidad y la seguridad de los datos que necesitas, a fin de que tu negocio pueda centrarse en mejorar la experiencia del cliente y la innovación en toda la empresa.

Lee este e-book para conocer las ventajas que obtienes con una solución ERP basada en el cloud, incluidas las siguientes:

  • Menor dependencia de TI y coste total de propiedad
  • Implementación optimizada
  • Actualizaciones sencillas
  • Medidas de seguridad integradas para proteger tus datos
  • Funciones en todo el mundo que te ayudan a adaptar tu empresa a las leyes de cumplimiento allí donde opere

Spotlight

¿Tu sistema ERP antiguo es un freno para tu negocio? Las investigaciones actuales demuestran que más del 60 % de las empresas con al menos una solución ERP implementada siguen confiando principalmente en un sistema on-premise. Descubre cómo la actualización a una solución ERP basada en el cloud con Microsoft Dynamics 365 ayudará a que tu empresa sea más ágil y esté preparada para el futuro.

Un conjunto de soluciones empresariales basadas en el cloud puede impulsar el rendimiento de tu empresa, y el excepcional sistema ERP de Microsoft ocupa una posición única para proporcionar la privacidad y la seguridad de los datos que necesitas, a fin de que tu negocio pueda centrarse en mejorar la experiencia del cliente y la innovación en toda la empresa.

Lee este e-book para conocer las ventajas que obtienes con una solución ERP basada en el cloud, incluidas las siguientes:

  • Menor dependencia de TI y coste total de propiedad
  • Implementación optimizada
  • Actualizaciones sencillas
  • Medidas de seguridad integradas para proteger tus datos
  • Funciones en todo el mundo que te ayudan a adaptar tu empresa a las leyes de cumplimiento allí donde opere

Related News
DATA SECURITY

Synack launches an app store experience for more flexible, smarter cybersecurity solutions

Synack, the premier crowdsourced platform for on-demand security expertise, today is giving customers the easiest, most flexible and most innovative approach for deploying critical cybersecurity solutions to defend against today's digital threats. Synack Campaigns empowers organizations with on-demand access to a community of 1,500 skilled and trusted ethical hackers to perform a range of tasks, from targeted security checks to cloud configuration assessments. Customers can take advantage of Campaigns through the Synack Catalog, which provides customers with an app store-like experience, to deploy Security Operations activities. These additions complement Synack's market-leading approach to crowdsourced cybersecurity with unparalleled abilities to integrate penetration testing — and other key security tasks — into organizations' security operations. This expansion lets customers extract more value from the Synack Platform and the Synack Red Team (SRT), Synack's network of the world's most skilled and trusted ethical hackers. This is a game changer,Cybersecurity shouldn't ever be a one-size-fits-all solution. We're expanding our platform to make it truly customizable, on-demand and seamless. Some customers need vigorous penetration testing while others may want a hacker to perform an emergency assessment. Now, they can do all of that on one easy-to-use platform. Jay Kaplan, Synack CEO SYNACK CAMPAIGNS Synack Campaigns give customers on-demand access to the SRT to meet specific needs and solve unique security issues. Campaigns deliver actionable security intelligence for application security, compliance, vulnerability management and more. Each Campaign consists of a group of Missions, or security tasks, which researchers perform. These can range from checking for OWASP Top 10 vulnerabilities, to cloud configuration checks, to get a hacker's perspective on an asset. SYNACK CATALOG The Synack Catalog allows customers to browse, launch and track Campaigns directly in the Synack Portal. It also enables organizations to take full advantage of SRT talent through the Synack Platform and gain critical security insights and knowledge to improve security across the entire enterprise. SYNACK CREDITS With Synack Credits, customers will have more flexibility than ever to purchase Campaigns that best suit their testing needs and take advantage of new and existing offerings at any given time. The options built into this approach mean organizations can utilize Synack's integrated and controlled platform as needed to supplement their own teams and technologies. "It's a simple, smarter, more agile and manageable approach to security," said Peter Blanks, Chief Product Officer at Synack. "We looked at what customers needed, and we delivered. This is a better approach to cybersecurity that's the most adaptable and accessible. We'll continuously innovate at the scale and speed our clients require to accommodate the dynamic threat landscape. Ultimately, this will make organizations more secure and, as a result, improve cybersecurity for everyone." ABOUT SYNACK: Synack is the premier crowdsourced platform for on-demand security expertise. The Synack Platform delivers 24/7 penetration testing, vulnerability management, and vulnerability assessment from a global network of trusted researchers, enabled by smart technology, to accelerate global organizations' critical cybersecurity missions. Headquartered in Silicon Valley with regional teams around the world, Synack protects leading global banks, federal agencies, DoD classified assets, and more than $6 trillion in Fortune 500 and Global 2000 revenue. A 4-time CNBC Disruptor 50 company, Synack was founded in 2013 by former NSA security experts Jay Kaplan, CEO, and Dr. Mark Kuhr, CTO.

Read More

ENTERPRISE SECURITY

Coalfire announces HITRUST Accelerator with AWS Security Assurances Services (AWS SAS)

Coalfire, a leading cybersecurity firm, announced HITRUST Accelerator, a new program that allows customers to achieve HITRUST CSF Validation up to 50% faster when compared with conventional methods. This program combines deep technical knowledge of AWS Security Assurance Services, LLC (AWS SAS) with Coalfire, a HITRUST External Assessor Organization, to streamline the entirety of the HITRUST Validation lifecycle. Organizations who attempt to prepare for HITRUST certification internally without the help of an experienced external assessor may have timelines in excess of 2 years to achieve HITRUST Certification. The HITRUST Accelerator program uses a three-step process that provides end-to-end support of an organization's preparation, remediation, and HITRUST Validation. This integrated approach enables Coalfire and AWS SAS to quickly identify compliance gaps, assist with technical remediation, simplify document creation, and expedite the Validated Assessment. By accelerating HITRUST Validation, customers will be able to offer significant assurances over their security and privacy controls, which enables them to focus on innovation and driving adoption. Coalfire and AWS SAS share an obsession in creating innovative solutions that maximize customer success," "This passion and collaboration resulted in a program that helps our mutual customers prepare, remediate, and validate against the HITRUST CSF. By taking industry leaders in cloud security and HITRUST, we aim to revolutionize the way that organizations approach and maintain compliance. This has been a long time coming and we are absolutely thrilled to be launching this program with the AWS SAS team. Jeff Rector, Global Engagement at Coalfire The customer journey is accelerated via three tailored workstreams that are designed to: Prepare the customer for HITRUST Validation by thoroughly defining the technical systems and boundary, conducting a thorough gap assessment, and developing fully customized policies and procedures designed to be HITRUST compliant. Reduce remediation efforts and time to 12 WEEKS in most instances, using automated compliance-as-code packages, 30 days of expert AWS technical guidance and security engineering services, and hands-on AWS support configuring AWS services., and to fast-track the collection of evidence ahead of the Validated Assessment to minimize burden and audit fatigue on compliance teams. Validate the environment with confidence, including end-to-end support during HITRUST QA, Corrective Action Plan creation, and report finalization. About Coalfire Leading technology infrastructure providers, SaaS companies, and enterprises – including the top-five cloud service providers and eight of the top-10 SaaS organizations – rely on Coalfire to strengthen their security posture and secure their digital transformations. As one of the largest firms dedicated to cybersecurity, Coalfire delivers a comprehensive suite of advisory and managed services, spanning cyber strategy and risk, cloud security, threat and vulnerability management, application security, privacy, and compliance management. A proven leader in cybersecurity for the past 20 years, Coalfire combines extensive cloud expertise, advanced technology, and innovative approaches that fuel success.

Read More

PLATFORM SECURITY

BT launches transformational new security platform, Eagle-i, to predict and prevent cyber attacks

Relentless growth and ever-changing nature of the threat landscape dictates a new, proactive approach to cyber security Customers to benefit from advances in AI and automation, combined with BT's networking expertise, in transformational cyber defence platform Eagle-i builds on BT's recent security investment and partner ecosystem to address issues such as a more than 50 per cent increase in malware traffic over the last 6 months Business and public sector bodies continue to face an exponential growth in the volume and complexity of cyber attacks, with new research from BT identifying a more than 50 per cent increase in malware traffic over the last six months. Alongside a global shortage of skilled security professionals, organisations around the world are struggling to keep a lid on evolving cyber threats and maintain their defences. In response, BT is launching its most sophisticated cyber defence platform yet — Eagle-i. It combines BT's industry-leading network insight with advances in AI and automation to predict, detect and neutralise security threats before they get a chance to inflict damage. The platform has been designed to self-learn from the intelligence provided by each intervention, so that it constantly improves its threat knowledge and dynamically refines how it protects customers across a multi-cloud environment. Eagle-i will utilise an AI layer to provide real-time detection of issues and intelligent automated responses, enabling users to significantly speed up their reaction to security issues and outpace their cyber threats. It is also uniquely able to integrate with technologies from across the security ecosystem so that organisations can both optimise their capabilities and spot any holes in their defences without having to replace existing investments. The platform will underpin how BT protects its global operations and provide phased enhancements and increased functionalities for all BT's managed security services. Security is now at the top of the boardroom and government agenda yet many organisations are seeing their cyber risks increase to unmanageable levels. This situation demands a new, proactive approach. Eagle-i leverages the latest advances in AI and automation to continually monitor, learn and evolve so customers can stay a step ahead of cyber criminals. Kevin Brown, managing director, BT Security About BT BT Group is the UK's leading telecommunications and network provider and a leading provider of global communications services and solutions, serving customers in 180 countries. Its principal activities in the UK include the provision of fixed voice, mobile, broadband and TV (including Sport) and a range of products and services over converged fixed and mobile networks to consumer, business and public sector customers. For its global customers, BT provides managed services, security and network and IT infrastructure services to support their operations all over the world. BT consists of four customer-facing units: Consumer, Enterprise, Global and its wholly-owned subsidiary, Openreach, which provides access network services to over 650 communications provider customers who sell phone, broadband and Ethernet services to homes and businesses across the UK.

Read More