Month: June 2016
By Jeff Goldman | Posted May 06, 2016
According to the results of a recent survey of 221 IT practitioners, managers, directors and executives in North America, 50 percent of respondents said their organizations are less vulnerable now than they were a year ago, compared to just 12 percent who said they’re more vulnerable.
When asked why they’re less vulnerable, the top five reasons provided were as follows:
- Adoption of intrusion detection and prevention systems
- Introduction or expanded use of data encryption
- Improved patch management
- Implementation of log analysis, such as SIEM tools
- Improved or increased security training for employees
The survey, conducted by Penton Research for SolarWinds, also found that 30 percent of respondents experienced fewer IT security incidents in 2015, versus 20 percent who experienced more.
Thirty-six percent of respondents said the time it took for them to respond to a threat decreased in 2015, versus 28 percent who said it increased.
Many respondents said it takes just minutes for their organizations to detect threats, including SQL injection attacks (47 percent), exploitation of known vulnerabilities (50 percent), misuse or abuse of credentials (47 percent), rogue network devices (52 percent), and security policy violations (47 percent).
Fully 55 percent of IT professionals surveyed said their organizations didn’t experience any security breaches at all in 2015, compared to 29 percent who did.
“Given the heightened international media attention on IT security breaches, it was a pleasant surprise to see that 55 percent of respondents did not experience any security breaches in 2015, and only 24 percent believe a security breach is likely in 2016,” Dr. Kristin Letourneau, director of research at Penton, said in a statement.
“The survey data seems to reflect a shifting focus from fear of cyberattack to the implementation, maintenance and refinement of established and effective security systems,” Letourneau added.
Still, a separate survey of 209 respondents, conducted by Osterman Research for DB Networks, found that only 19 percent of organizations surveyed have “excellent” visibility into their data and database assets.
Thirty-eight percent don’t have the mechanisms and controls in place to continuously monitor their organization’s databases in real time.
Fully 59 percent of organizations lack a high degree of certainty about which applications, users and clients are accessing their databases, and 47 percent don’t have anyone responsible for overseeing the security of their databases.
Just 20 percent of organizations conduct database activity assessments on a more or less continuous basis. More than half of respondents do so only once per quarter or less, and 6 percent never conduct such assessments.
“We’ve long suspected organizations lack the necessary tools and staff for proper database security,” DB Networks chairman and CEO Brett Helm said in a statement. “This study finally revealed why organizations’ data has become so vulnerable to attack. Simply assigning responsibility for database security and equipping them with continuous and real-time visibility into their databases would be an important first step for any organization.”
DeMarco Morgan, CBS News
Hackers are using ransomware to target everyone, from consumers to businesses big and small, to municipalities, and the payoff is huge.
Plainfield, New Jersey, a town of roughly 50,000 people, fell victim to hackers and is still working to get its files back, reports CBS News correspondent DeMarco Morgan.
Mayor Adrian Mapp said hackers infiltrated their computer systems when an employee clicked on an infected link. City officials scrambled to pull servers offline, but three were compromised, leaving emails and other city files inaccessible.
“We have about 10 years of documents that we are not able to access,” the mayor said.
The hijackers held the files ransom, demanding roughly 650 euros paid in bitcoin. Mapp sought the assistance from law enforcement, but remains helpless in regaining access.
“It’s a very serious problem that cries out for a solution and we don’t have it at the local level,” Mapp said.
“Everyone should be concerned. It’s the number one problem facing the computer security industry and it’s very, very difficult to solve,” said Ryan Naraine, director at cybersecurity firm Kaspersky Lab. Naraine said the malware gets into people’s computers, often with a simple click.
“They prey on people’s willingness to click on the latest viral videos, they prey on people’s willingness to click on Facebook links, they are even sending spam in addition to emails through Twitter,” Naraine said.
Once a computer is infected, it encrypts all files or locks the user out until they pay for the key. Naraine demonstrated how it works.
“I have a music file and like many people, I have photos, often family photos,” Naraine said. “The ransomware is communicating with a server. The server is sending instructions here to start encrypting all these files.”
In just minutes, the ransomware takes hold and the computer is compromised.
“The machine is now ransomed — this machine is now part of the ransomware attack,” Naraine said. “If I try to look at all my photos from my last family vacation, you try to open, it’s nothing. It’s garbage. Imagine an average business — not only on this computer but encrypting every computer within this a network at the same time.”
In addition to a string of hospitals hacked, the village of Ilion, New York paid hundreds of dollars in ransom in 2014 and the police department in Melrose, Massachusetts paid nearly $500 to get back online.
“We are seeing an uptick in this type of activity,” said Ari Mahairis, who heads the FBI’s New York cyber division. “One of the reasons that our numbers are growing is because of the idea that people are paying the ransoms.”
In 2014, the FBI received over 1,800 complaints about ransomware, an estimated loss of more than $23 million. In 2015, the bureau received over 2,400 complaints, and victims lost over $24 million.
“These are just the cases that are being reported. We suspect there are many more out there that haven’t,” Mahairis said.
The ransom demands are often relatively small — hundreds to a few thousand dollars — but the loss to an individual or business can be huge. “It’s a very, very helpless feeling to open your computer and you don’t have your computer anymore,” Naraine said.
Naraine urges users to “back up” information for protection.
“Good user habits, common sense, backups and patching. With those basic things in place, I think you can minimize your exposure,” Naraine said.