Redcar council excludes public from cyber-attack discussion

BBC | March 07, 2020

Redcar and Cleveland Council's systems have been down since 8 February after a ransomware attack.The Local Democracy Reporting Service understands no ransom has been paid. Concerned about "sensitive" information being discussed, council officials requested not to answer councillors' questions in public. Assistant director of governance Steve Newton said: "There is still a criminal investigation ongoing and I'm not quite sure where these questions will lead." At the resources committee meeting Labour councillor Sue Jeffrey wanted to know what business processes were unavailable. "So things like house searches, the planning portal, registration, building and control - all those sorts of things - access to historical files, regeneration projects, financial transactions?" she said.

Spotlight

The world has experienced a massive global ransomware cyber-attack known as “WannaCrypt” or “WannaCry” (Ransom: Win32/WannaCrypt) since Friday, May 12 2017. Hundreds of thousands computers worldwide have been hit and affected more than 150 countries. WannaCry is far more dangerous than other common ransomware types because of its ability to spread itself across an organisation’s network by exploiting a critical vulnerability in Windows computers, which was patched by Microsoft in March 2017 (MS17-010). The exploit, known as “Eternal Blue,” was released online in April in the latest of a series of leaks by a group known as the Shadow Brokers, who claimed that it had stolen the data from the Equation cyber espionage group.

Spotlight

The world has experienced a massive global ransomware cyber-attack known as “WannaCrypt” or “WannaCry” (Ransom: Win32/WannaCrypt) since Friday, May 12 2017. Hundreds of thousands computers worldwide have been hit and affected more than 150 countries. WannaCry is far more dangerous than other common ransomware types because of its ability to spread itself across an organisation’s network by exploiting a critical vulnerability in Windows computers, which was patched by Microsoft in March 2017 (MS17-010). The exploit, known as “Eternal Blue,” was released online in April in the latest of a series of leaks by a group known as the Shadow Brokers, who claimed that it had stolen the data from the Equation cyber espionage group.

Related News

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

ISG Partners With cyberconIQ on Human Side of Cybersecurity

ISG | September 20, 2022

Information Services Group, a leading global technology research and advisory firm, said today it is has formed a partnership with cyberconIQ, a cybersecurity platform and advisory company, to address the human side of cybersecurity. Under the new partnership, ISG Cybersecurity will be able to offer its clients the capabilities of cyberconIQ’s Human Defense Platform, a SaaS-based solution that helps mitigate the human factors that create cyber risk, while cyberconIQ will be able to offer its customers access to the full range of ISG Cybersecurity services. “People are one of the biggest risks to enterprise cybersecurity,” said Doug Saylors, partner and co-leader of ISG Cybersecurity. “Some 85 percent of breaches today involve human error, with breaches caused by phishing attempts up 25 percent in the last year alone. To combat this problem, enterprises need to strengthen their cybersecurity culture and help people become their own—and their employers’—best protection against cyber threats.” Saylors said the partnership with cyberconIQ will enable ISG Cybersecurity to offer its clients a platform-based approach to identify individual risk styles among employees, increase overall security awareness, and actively monitor, measure, model and manage people-related cyber risk. “The solution set of cyberconIQ is a welcome addition to ISG Cybersecurity’s market-leading portfolio of advisory, benchmarking, sourcing, organizational change management and third-party risk management capabilities,” Saylors said. CyberconIQ’s Human Defense Platform is proven to reduce people-related cyber risk by up to 95 percent, said the company’s CEO and Founder Dr. James Norrie. “We are able to substantially reduce cyber risk by leveraging our CYBERology™ approach – the intersection of cybersecurity and psychology,” said Norrie. “We embed behavioral science methods targeting changes in on-the-job behavior into all of our cybersecurity solutions.” The cyberconIQ offering includes the patented myQ Risk-Style Questionnaire, unIQue Security Awareness Education modules, cybermetrIQs Cyber Risk Dashboard, phishFixIQ Phishing Simulation and Remediation solution, and leaderIQ adaptive learning approach to creating a risk-aware and compliant culture. “We are excited to be working with ISG and its blue-chip client roster to bring the benefits of our human-centered approach to cybersecurity to more organizations,” Norrie said. “Working together, our combination of technology and people-based approaches will help companies significantly improve their cyber defenses and risk awareness.” ISG Cybersecurity is a unit of ISG that helps enterprise clients increase their cybersecurity maturity in line with their overall digital transformations. The unit helps clients assess and benchmark their cybersecurity programs, develop a cybersecurity strategy, design and implement their cybersecurity operating model, design overall solutions and select appropriate vendors, manage third-party risk and create and execute cybersecurity awareness and training programs. About cyberconIQ Headquartered in York, Penn., cyberconIQ was founded with the knowledge that technical approaches to cybersecurity alone do not address the prevalent issues we face today. With years of research and development with financial industry leaders, Dr. James Norrie discovered that our foundational CYBERology™ approach – the intersection of cybersecurity and psychology – would improve security outcomes and would advance the risk and compliance culture within organizations world-wide. With proven results that are 8 - 10x more effective than generic training alternatives, cyberconIQ's platform measurably reduces the risk of a human-factors cybersecurity breach or data leak. About ISG ISG is a leading global technology research and advisory firm. A trusted business partner to more than 800 clients, including more than 75 of the world’s top 100 enterprises, ISG is committed to helping corporations, public sector organizations, and service and technology providers achieve operational excellence and faster growth. The firm specializes in digital transformation services, including automation, cloud and data analytics; sourcing advisory; managed governance and risk services; network carrier services; strategy and operations design; change management; market intelligence and technology research and analysis. Founded in 2006, and based in Stamford, Conn., ISG employs more than 1,300 digital-ready professionals operating in more than 20 countries—a global team known for its innovative thinking, market influence, deep industry and technology expertise, and world-class research and analytical capabilities based on the industry’s most comprehensive marketplace data.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

​​GuidePoint Security Names Deepwatch as a New Partner in the Company’s Federal Emerging Cyber Vendor Program

GuidePoint Security | September 21, 2022

GuidePoint Security, a cybersecurity solutions leader enabling organizations to make smarter decisions and minimize risk, announced today that Deepwatch, the leader in advanced managed detection and response (MDR) security, has joined the Emerging Cyber Vendor Program. This GuidePoint Security Program is specifically designed to help emerging cybersecurity vendors expand their federal footprint. As part of this program, the Deepwatch MDR solution is now available under GuidePoint’s GSA Multiple Award Schedule Contract #GS-35F-508CA. Through this partnership, Deepwatch’s MDR solution will be brought to the public sector through GuidePoint Security, which has 40+ years of collective federal expertise across sales and marketing, operations, engineering and procurement. "We are thrilled to be partnering with Deepwatch to support its expansion into the public sector market. “Through its advanced security operations platform and dedicated squads of security experts, Deepwatch will help government agencies better detect and respond to threats.” Jim Quarantillo, Federal Partner, GuidePoint Security "This important partnership ultimately provides federal agencies with enhanced on-going situational awareness of their attack surface and the ability to rapidly detect and contain threats,'' said Carl Helle, chief revenue officer at Deepwatch. “We are proud to partner with GuidePoint Security, leveraging their deep cybersecurity consulting and federal expertise, to help government agencies protect against cyber threats." Deepwatch delivers the industry’s most advanced managed detection and response security, protecting organizations from cyber threats 24/7/365. With Deepwatch, customers get a team of always-on cybersecurity experts who work with them as an extension of their team, powered by an advanced security operations platform that delivers high-fidelity alerting and automated response capabilities for rapidly containing threats. About GuidePoint Security GuidePoint Security provides trusted cybersecurity expertise, solutions, and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint’s unmatched expertise has enabled a third of Fortune 500 companies and more than half of the U.S. government cabinet-level agencies to improve their security posture and reduce risk. About Deepwatch Deepwatch is the leader in managed security services, protecting organizations from ever-increasing cyber threats 24/7/365. Powered by Deepwatch’s cloud security operations platform, Deepwatch provides the industry’s fastest, most comprehensive detection and automated response to cyber threats together with tailored guidance from dedicated experts to mitigate risk and measurably improve security posture. Hundreds of organizations, from Fortune 100 to mid-sized enterprises, trust Deepwatch to protect their business.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

BeyondTrust Releases Cybersecurity Predictions for 2023 and Beyond

BeyondTrust | November 04, 2022

BeyondTrust, the leader in intelligent identity and access security today released its annual forecast of cybersecurity trends emerging for the New Year and beyond. These projections, authored by BeyondTrust experts Morey J. Haber, Chief Security Officer and Brian Chappell, Chief Security Strategist, EMEA/APAC, are based on shifts in technology, threat actor habits, culture, and decades of combined experience. Prediction #1: Negative, Zero, and Positive Trust -- Next year, expect products to actually be “zero trust-ready", satisfy all seven tenants of the NIST 800-207 model, and support an architecture referenced by NIST 1800-35b. Zero trust product vendors will create marketing messages that may imply positive and/or negative intent (maybe not using such simple puns on the number zero). Some will provide positive zero trust authentication and behavioral monitoring, while others will work using a closed security model to demonstrate what should happen when a negative zero trust event occurs. Prediction #2: Camera-Based Malware is here. Say “Cheese”! -- In 2023, expect to see the first of many exploits that challenge smart cameras and the technology embedded within to leverage vulnerabilities. While there have been timeless discussions on the risks of using QR codes, we’re only now beginning to understand the risks from our smart cameras. As cameras become more complex, the risk surface is expanding for novel approaches that could lead to their exploitation. Prediction #3: Reputation for Ransom—The rise of Ransom-Vaporware – We will see a rise in the extortion of monies based purely on the threat of publicizing a fictional breach. Society so willingly accepts the veracity of breaches reported in the news—and without evidence. For a threat actor, this could mean the need to perpetrate an actual breach is reduced and a threat alone, that is not even verifiable, becomes an attack vector all in itself. Prediction #4: The Foundation of Multi-Factor Authentication (MFA) Invincibility Fails -- Expect a new round of attack vectors that target and successfully bypass multifactor authentication strategies. In the next year, push notifications, and other techniques for MFA will be exploited, just like SMS. Organizations should expect to see the foundation of MFA eroded by exploit techniques that compromise MFA integrity and require a push to MFA solutions that use biometrics or FIDO2-compliant technologies. Prediction #5: Cyber Un-insurability is the New Normal -- In 2023, more businesses will face the stark realization that they are not cyber-insurable. As of the second quarter of 2022, U.S. cyber-insurance prices already increased 79% over the prior year. The truth is, it’s becoming downright difficult to obtain quality cyber insurance at a reasonable rate. Prediction #6: The Latest Concert Hack: Wearable Risk Surfaces and Hackable E-Waste -- If you have recently attended a large concert, you may have received a disposable LED bracelet that can receive RF transmissions during the event. The device is meant to be low cost, disposable, and have potentially only single use. In 2023, expect threat actors to easily decode the RF transmissions using tools like Flipper Zero to wreak havoc on venues that use these enhancements. Some, may be to form a protest for some other purpose. Prediction #7: Compliance Conflicts are Brewing -- Significant compliance standards, best practices, and even security frameworks, are starting to see a diverging in requirements. In 2023, expect more regulatory compliance conflicts, especially for organizations embracing modern technology, zero trust, and digital transformation initiatives. Prediction #8: The Death of the Personal Password -- The growth of non-password-based primary authentication will finally spell the end of the personal password. More applications, not just the operating system itself, will start using advanced non-password technologies, such as biometrics, either to authenticate directly or leverage biometric technology, like Microsoft Hello or Apple FaceID or TouchID, to authorize access. Prediction #9: De-Funding of Cyber Terrorists Becomes Law -- Governments all over the world will entertain a new approach to protect organizations from ransomware and stop the funding of terrorists: ban ransomware payouts outright. Granted, threat actors may move on to a new form of cyber crime to fund their operations, but ransomware as we know it will fade away. Prediction #10: Cloud Camouflage is Confronted -- To mitigate cloud security risks, expect a push for transparency and visibility into the security operations of SaaS solutions, cloud providers and their services. The push to ensure transparency of the architecture, foundational components, and even discovered vulnerabilities, will extend beyond SOC and ISO certifications. Prediction #11: Social Engineering in the Cloud -- Attackers will turn from their software toolkits to their powers of persuasion as they increase the number of social engineering attacks leveled at employers and organizations across the cloud. Prediction #12: Unfederated Identities to Infinity and Beyond -- Expect a push into unfederated identities to help provide a new level of services and potentially physical products that will become a mild access control and management nightmare. The size and scope will feel truly infinite—unless it is well-defined for identity management teams to provide access beyond what typically is available today. Prediction #13: OT Gets Smarter, Converges with IT -- Expect attack vectors for basic Operational Technology (OT) to expand based on similar exploits that target IT. OT which once had a single function and purpose is now becoming smarter, leveraging commercial operating systems and applications to perform expanded missions. As these devices expand in scope, their design is susceptible to vulnerabilities and exploitation. Predictions #14: Headline Breaches Move to Second-Page News -- Expect news of breaches to be buried deeper—whether in print or online format based on audience fatigue, lack of interest, or just because it is no longer exciting. With that said, legal, regulatory, and compliance responses will become front-page news should an organization fail to follow the proper steps for public disclosure and risk mitigation. Prediction #15: A Record-“Breaching” Year -- Expect a record-breaking year of cyber security breach notifications, not only because of the sophistication of threat actors, but also due to the larger changes in the world that will impact an organization's ability to mitigate, remediate, or prevent a problem. About BeyondTrust BeyondTrust is the worldwide leader in intelligent identity and access security, empowering organizations to protect identities, stop threats, and deliver dynamic access to empower and secure a work-from-anywhere world. Our integrated products and platform offer the industry's most advanced privileged access management (PAM) solution, enabling organizations to quickly shrink their attack surface across traditional, cloud and hybrid environments. BeyondTrust protects all privileged identities, access, and endpoints across your IT environment from security threats, while creating a superior user experience and operational efficiencies. With a heritage of innovation and a staunch commitment to customers, BeyondTrust solutions are easy to deploy, manage, and scale as businesses evolve. We are trusted by 20,000 customers, including 75 of the Fortune 100, and a global partner network.

Read More