By Jeff Goldman | Posted May 06, 2016
According to the results of a recent survey of 221 IT practitioners, managers, directors and executives in North America, 50 percent of respondents said their organizations are less vulnerable now than they were a year ago, compared to just 12 percent who said they’re more vulnerable.
When asked why they’re less vulnerable, the top five reasons provided were as follows:
- Adoption of intrusion detection and prevention systems
- Introduction or expanded use of data encryption
- Improved patch management
- Implementation of log analysis, such as SIEM tools
- Improved or increased security training for employees
The survey, conducted by Penton Research for SolarWinds, also found that 30 percent of respondents experienced fewer IT security incidents in 2015, versus 20 percent who experienced more.
Thirty-six percent of respondents said the time it took for them to respond to a threat decreased in 2015, versus 28 percent who said it increased.
Many respondents said it takes just minutes for their organizations to detect threats, including SQL injection attacks (47 percent), exploitation of known vulnerabilities (50 percent), misuse or abuse of credentials (47 percent), rogue network devices (52 percent), and security policy violations (47 percent).
Fully 55 percent of IT professionals surveyed said their organizations didn’t experience any security breaches at all in 2015, compared to 29 percent who did.
“Given the heightened international media attention on IT security breaches, it was a pleasant surprise to see that 55 percent of respondents did not experience any security breaches in 2015, and only 24 percent believe a security breach is likely in 2016,” Dr. Kristin Letourneau, director of research at Penton, said in a statement.
“The survey data seems to reflect a shifting focus from fear of cyberattack to the implementation, maintenance and refinement of established and effective security systems,” Letourneau added.
Still, a separate survey of 209 respondents, conducted by Osterman Research for DB Networks, found that only 19 percent of organizations surveyed have “excellent” visibility into their data and database assets.
Thirty-eight percent don’t have the mechanisms and controls in place to continuously monitor their organization’s databases in real time.
Fully 59 percent of organizations lack a high degree of certainty about which applications, users and clients are accessing their databases, and 47 percent don’t have anyone responsible for overseeing the security of their databases.
Just 20 percent of organizations conduct database activity assessments on a more or less continuous basis. More than half of respondents do so only once per quarter or less, and 6 percent never conduct such assessments.
“We’ve long suspected organizations lack the necessary tools and staff for proper database security,” DB Networks chairman and CEO Brett Helm said in a statement. “This study finally revealed why organizations’ data has become so vulnerable to attack. Simply assigning responsibility for database security and equipping them with continuous and real-time visibility into their databases would be an important first step for any organization.”
DeMarco Morgan, CBS News
Hackers are using ransomware to target everyone, from consumers to businesses big and small, to municipalities, and the payoff is huge.
Plainfield, New Jersey, a town of roughly 50,000 people, fell victim to hackers and is still working to get its files back, reports CBS News correspondent DeMarco Morgan.
Mayor Adrian Mapp said hackers infiltrated their computer systems when an employee clicked on an infected link. City officials scrambled to pull servers offline, but three were compromised, leaving emails and other city files inaccessible.
“We have about 10 years of documents that we are not able to access,” the mayor said.
The hijackers held the files ransom, demanding roughly 650 euros paid in bitcoin. Mapp sought the assistance from law enforcement, but remains helpless in regaining access.
“It’s a very serious problem that cries out for a solution and we don’t have it at the local level,” Mapp said.
“Everyone should be concerned. It’s the number one problem facing the computer security industry and it’s very, very difficult to solve,” said Ryan Naraine, director at cybersecurity firm Kaspersky Lab. Naraine said the malware gets into people’s computers, often with a simple click.
“They prey on people’s willingness to click on the latest viral videos, they prey on people’s willingness to click on Facebook links, they are even sending spam in addition to emails through Twitter,” Naraine said.
Once a computer is infected, it encrypts all files or locks the user out until they pay for the key. Naraine demonstrated how it works.
“I have a music file and like many people, I have photos, often family photos,” Naraine said. “The ransomware is communicating with a server. The server is sending instructions here to start encrypting all these files.”
In just minutes, the ransomware takes hold and the computer is compromised.
“The machine is now ransomed — this machine is now part of the ransomware attack,” Naraine said. “If I try to look at all my photos from my last family vacation, you try to open, it’s nothing. It’s garbage. Imagine an average business — not only on this computer but encrypting every computer within this a network at the same time.”
In addition to a string of hospitals hacked, the village of Ilion, New York paid hundreds of dollars in ransom in 2014 and the police department in Melrose, Massachusetts paid nearly $500 to get back online.
“We are seeing an uptick in this type of activity,” said Ari Mahairis, who heads the FBI’s New York cyber division. “One of the reasons that our numbers are growing is because of the idea that people are paying the ransoms.”
In 2014, the FBI received over 1,800 complaints about ransomware, an estimated loss of more than $23 million. In 2015, the bureau received over 2,400 complaints, and victims lost over $24 million.
“These are just the cases that are being reported. We suspect there are many more out there that haven’t,” Mahairis said.
The ransom demands are often relatively small — hundreds to a few thousand dollars — but the loss to an individual or business can be huge. “It’s a very, very helpless feeling to open your computer and you don’t have your computer anymore,” Naraine said.
Naraine urges users to “back up” information for protection.
“Good user habits, common sense, backups and patching. With those basic things in place, I think you can minimize your exposure,” Naraine said.
A type of malware that holds a user’s computer files hostage has claimed at least a million victims, ranging from individuals to small businesses to, in at least one case, a local sheriff’s department. Security expert say hackers have been using CryptoWall, a family of “ransomware” programs that “lock up” files on a computer, to extort money from computer owners. The Dickson County, Tennessee, sheriff’s office recently paid $622 in bitcoin to hackers who encrypted the department’s criminal case files, making them inaccessible to investigators.
The sheriff’s office had no choice but to pay the ransom to get back access to its files, said Detective Jeff McCliss. “It really came down to a choice between losing all of that data and being unable to provide the vital services that that data would’ve assisted us in providing the community versus spending 600-and-some-odd dollars to retrieve the data,” McCliss told NBC Nightly News. The department was lucky; it got back access to its digital data.
McCliss said he has since heard from other branches of city and county governments that have been victimized by CryptoWall. “There are a lot of other law enforcement agencies out there that have been affected by this sort of thing and specifically with this malware, that don’t want their names out there,” he said.
Another CryptoWall victim, psychotherapist Valerie Goss, took a different approach when she suddenly discovered that her computer files, including vital client information and tax documents, had been encrypted by hackers who gave her 24 hours to pay a $500 ransom. “I was frantic, you know. I felt like I had a limited amount of time to make a really tough decision,” she told NBC Nightly News. Afraid she still might not get her files back, Goss ultimately decided not to pay. She instead bought a new computer and spent about a month trying to restore all the information she lost.
“If none of us paid the ransom, these guys would go out of business.”
Experts say Goss did the right thing and that victims should never pay computer hackers’ ransom demands.
“Absolutely not. You are likely never to get your files back,” said Kevin Haley, director of Symantec’s Security Response. “On the positive side, if none of us paid the ransom, these guys would go out of business.”
So what’s a computer user to do to minimize the risk of becoming a victim of ransomware?
- Keep your software security updated.
- Don’t click on unrecognized emails and websites.
- Back up your files, then disconnect the external hard drives.
by Joe Fryer and James Eng
Three U.S. hospitals were hit hard this week by “ransomware” attacks that brought down their systems — the latest providers of medical care to be targeted in this way.
The servers for Chino Valley Medical Center and Desert Valley Hospital, both in California, were running normally again by Wednesday after the attack.
Ransomware is a strain of malware that encrypts data on infected machines, then typically asks users to pay ransoms in hard-to-trace digital currencies to get an electronic key so they can retrieve their data.
“The malware disruption did not impact patient safety or compromise patient records, staff records or patient care,” said Fred Ortega, a spokesperson for Prime Healthcare Management, which represents both Chino Valley and Desert Valley.
The state’s Department of Public Health as well as federal law enforcement agencies are coordinating an investigation into the malware attack. As of Wednesday, most systems had been brought back online, Ortega said.
A third hospital, Methodist Hospital in Kentucky, also fell victim to a ransomware attack this week, reported cybersecurity journalist Brian Krebs. The hospital’s information systems director told Krebs that a type of ransomware called “Locky” was to blame. The hospital did not immediate return calls from NBC News.
According to Symantec Security, the ransomware program Locky spreads through spam email campaigns, many of which are disguised as invoices.
“Word documents containing a malicious macro are attached to these emails. If this macro is allowed to run, it will install Locky onto the victim’s computer,” according to Symantec.
In February, a Los Angeles hospital forked over $17,000 to hackers that took out its computer network.
by Connor Mannion
Image Posted on Updated on
This is the time of year that we all tend to clean things out, spruce things up and get ready for the months ahead. While we all concentrate on our closets, garages, and gardens, are you looking at your computers?
There’s an annual check-up for your automobile’s health, one for your physical health, and one for your pet’s health. Why don’t we schedule a check-up for the item that we probably spend more time with than we do our cars or our pets (very sad to say!).
Your home and work computers, tablet, and smartphones are probably the first things you turn on every day and the last thing you turn off. We just assume that they will be there when we need them. But can you remember the last time you had an issue with one of these devices and didn’t have access for hours, or maybe a day? It seems like our entire life is thrown off balance. In a work setting, hours of time are lost, most often resulting in lost revenue
Scheduling an annual review of your business computer systems just makes sense. For those of you not using an automated managed services platform, are you certain that all of your employees are performing updates as they should, or are you on top of those for your servers? When did you actually buy that server that runs your company everyday—might it be time for an upgrade before it dies in the middle of a work-day?
You’ve probably been using the same technology to manage your emails and your spam for some time now, but are you aware of more efficient and perhaps more cost effective ways to handle these? Are your employees accessing your work computers from home or on a tablet or smartphone? Are you aware of the new file sync and share services which are not only easy to use but increase productivity and security?
So, as we jump ahead to Spring you may want to meet with your business technology provider to review exactly what is running your business every day! Such a meeting can save time down the road, prevent lost productivity, and perhaps reduce your costs due to more efficiency.
Millennials are often believed to be the most tech-savvy employees within an organization, but a recent survey from Symantec actually shows that users under 35 are actually less concerned with security than previous generations.
These “digital natives” are sharing information online at an unprecedented rate, but without some of the safeguards used by their older counterparts. With this in mind, could your younger staff members pose a risk to your company’s online security? The Facts Symantec surveyed 1000 people, 500 of which were under the age of 35.
The results of the survey show that among millennials:
72% don’t use security software on their devices (compared to 55% for those over the age of 55)
52% don’t protect their home Wi-Fi password (40% for 55+)
58% don’t run regular security updates (29% for 55+)
48% of millennials don’t use complex passwords
Given that a striking 95 percent of cyberattacks are the result of human error, these figures should be concerning for employers. More and more millennials are accessing secure work files from their personal devices, or reusing passwords across a variety of platforms. These bad habits can be an easy way in for an attacker, seriously compromising your company’s online security.
Fixing the Problem–
This mindset comes from a generation that has seen technological innovation at its finest, and as a result, millennials often incorrectly assume that their devices are protected. Employers must challenge this notion to correct the security problem among millennials.
To ensure that lax attitudes towards security don’t threaten your organization, you should thoroughly train each staff member that joins your team. You might cover: What’s appropriate to share on social media and with others online Which devices they can access work files from Correct password protocols Awareness of current scams and viruses You should set up mandatory password requirements and automatic security updates for each workstation in your office, as well as for company-owned devices that your employees take home with them.
Keep these important policies front of mind with routine reminders and regular training sessions to update them on the ever-changing world of online security. Digital natives are confident in their technical abilities, as well as the built-in security of the devices they use. However, this confidence is often misplaced, and it can actually be harmful in a professional environment. Keep your company safe by reminding millennial employees of the importance of online security, both on social media and internally.
Article from Strategic Staffing/February 5, 2016