Tag Archives: featured1

What Will the CISO of the Future Look Like?

As the cyber landscape evolves, the role of the CISO (Chief Information Security Officer) is transforming. Managers at companies of varying size are more aware of the importance of cybersecurity than ever before, and, therefore, CISOs are increasingly present on the boards of directors. The new business context due to disruptive technological developments (such as the Internet of Things and the rise of the cloud), together with growing threat levels, requires security managers to face various changes, such as aligning with business objectives to respond to security needs. Although the profile of a CISO is still technical, its link to business objectives requires specific capabilities and a broaderbusiness vision.

New Responsibilities for a New CISO

With the increase in cyberattacks and the danger of sensitive data leaks looming over companies, the work of the new CISO takes on a role never before seen. According to a study by the Ponemon Institute, 67% of CISOs are responsible for establishing their company’s security strategies and initiatives. This figure indicates an increasing level of influence, confirming that the CISO goes from being a simple guardian of the IT area to a trusted adviser in the upper echelons of organizations.

In the above mentioned study, 60% of respondents said that their organization considers security as one of their priorities. The ability to prevent and respond to attacks is now of great importance for companies, which begin to value the tasks of the CISO to promote awareness and provide adequate training in cybersecurity among the staff, as well as investments in cybersecurity  tools to detect possible threats.

The integration between business and technology taking place with the digital revolution is creating a more complex ecosystem for companies and their employees dedicated to security. The CISO must now act according to business demands and assuming the same objectives as other executives of the company.  69% of the respondents in the Ponemon study consider that the appointment of a security director with corporate responsibility is fundamental for the company. The CISO of the future must report its activities within the organization, assume budget and compliance challenges, and implement business tactics driven by business objectives.

And let’s not forget their responsibility toward ensuring the availability of IT services at all times, as well as their airtight grip on data. In this way, the new CISO must reduce the imminent risk of data leaks, protecting the privacy of users and consumers, and complying with new regulations, such as the GDPR.

From Technician to Leader

Most security officers have a technical profile related to studies in computer science. It makes sense, taking into account the need to understand programming and work closely with your team on a technical level. However, the CISO of the future must have business vision and be able to influence the direction the company takes, with leadership skills and interpersonal and strategic communication. The CISO of the future must also be able to draw up plans and models of operations that contribute to the brand, including not only the technical side of cybersecurity but also its essential human side.

The CISO has made its way into organizations after years of being considered an afterthought, and this recognition must be welcomed by security experts as an exciting challenge. This evolution, which now requires an amalgam of technical, legal, regulatory and communicative knowledge, demonstrates the shift towards a global ecosystem much more aware of the importance of cybersecurity. It’s time to reinvent yourself and accept that the traditional IT role no longer exists. Are you ready to be the CISO of the future?

The post What Will the CISO of the Future Look Like? appeared first on Panda Security Mediacenter.

Read More

What is a botnet?

Botnets have become one of the biggest threats to security systems today. Their growing popularity among cybercriminals comes from their ability to infiltrate almost any internet-connected device, from DVR players to corporate mainframes.

Botnets are also becoming a larger part of cultural discussions around cyber security. Facebook’s fake ad controversy and the Twitter bot fiasco during the 2016 presidential election worry many politicians and citizens about the disruptive potential of botnets. Recently published studies from MIT have concluded that social media bots and automated accounts play a major role in spreading fake news.

The use of botnets to mine cryptocurrencies like Bitcoin is a growing business for cyber criminals. It’s predicted the trend will continue, resulting in more computers infected with mining software and more digital wallets stolen.

Aside from being tools for influencing elections and mining cryptocurrencies, botnets are also dangerous to corporations and consumers because they’re used to deploy malware, initiate attacks on websites, steal personal information, and defraud advertisers.

It’s clear botnets are bad, but what are they exactly? And how can you protect your personal information and devices? Step one is understanding how bots work. Step two is taking preventative actions.

How Do Botnets Work?

To better understand how botnets function, consider that the name itself is a blending of the words “robot” and “network”. In a broad sense, that’s exactly what botnets are: a network of robots used to commit cyber crime. The cyber criminals controlling them are called botmasters or bot herders.

Size Matters

To build a botnet, botmasters need as many infected online devices or “bots” under their command as possible. The more bots connected, the bigger the botnet. The bigger the botnet, the bigger the impact. So size matters. The criminal’s ultimate goal is often financial gain, malware propagation, or just general disruption of the internet.

Imagine the following: You’ve enlisted ten of your friends to call the Department of Motor Vehicles at the same time on the same day. Aside from the deafening sounds of ringing phones and the scurrying of State employees, not much else would happen. Now, imagine you wrangled 100 of your friends, to do the same thing. The simultaneous influx of such a large number of signals, pings, and requests would overload the DMV’s phone system, likely shutting it down completely.

Cybercriminals use botnets to create a similar disruption on the internet. They command their infected bot army to overload a website to the point that it stops functioning and/or access is denied. Such an attack is called a denial of service or DDoS.

Botnet Infections

Botnets aren’t typically created to compromise just one individual computer; they’re designed to infect millions of devices. Bot herders often deploy botnets onto computers through a trojan horse virus. The strategy typically requires users to infect their own systems by opening email attachments, clicking on malicious pop up ads, or downloading dangerous software from a website. After infecting devices, botnets are then free to access and modify personal information, attack other computers, and commit other crimes.

More complex botnets can even self-propagate, finding and infecting devices automatically. Such autonomous bots carry out seek-and-infect missions, constantly searching the web for vulnerable internet-connected devices lacking operating system updates or antivirus software.

Botnets are difficult to detect. They use only small amounts of computing power to avoid disrupting normal device functions and alerting the user. More advanced botnets are even designed to update their behavior so as to thwart detection by cybersecurity software. Users are unaware they’re connected device is being controlled by cyber criminals. What’s worse, botnet design continues to evolve, making newer versions harder to find.

Botnets take time to grow. Many will lay dormant within devices waiting for the botmaster to call them to action for a DDoS attack or for spam dissemination.

Vulnerable Devices

Botnets can infect almost any device connected directly or wirelessly to the internet. PCs, laptops, mobile devices, DVR’s, smartwatches, security cameras, and smart kitchen appliances can all fall within the web of a botnet.

Although it seems absurd to think of a refrigerator or coffee maker becoming the unwitting participant in a cyber crime, it happens more often than most people realize. Often appliance manufacturers use unsecure passwords to guard entry into their devices, making them easy for autonomous bots scouring the internet to find and exploit.

As the never-ending growth of the Internet of Things brings more devices online, cyber criminals have greater opportunities to grow their botnets, and with it, the level of impact.

In 2016, a large DDoS attack hit the internet infrastructure company Dyn. The attack used a botnet comprised of security cameras and DVRs. The DDoS disrupted internet service for large sections of the country, creating problems for many popular websites like Twitter and Amazon.

Botnet Attacks

Aside from DDoS attacks, botmasters also employ botnets for other malicious purposes.

Ad Fraud

Cybercriminals can use the combined processing power of botnets to run fraudulent schemes. For example, botmasters build ad fraud schemes by commanding thousands of infected devices to visit fraudulent websites and “click” on ads placed there. For every click, the hacker then gets a percentage of the advertising fees.

Selling and Renting Botnets

Botnets can even be sold or rented on the internet. After infecting and wrangling thousands of devices, botmasters look for other cybercriminals interested in using them to propagate malware. Botnet buyers then carry out cyber attacks, spread ransomware, or steal personal information.

Laws surrounding botnets and cybercrime continue to evolve. As botnets become bigger threats to internet infrastructure, communications systems, and electrical grids, users will be required to ensure their devices are adequately protected from infection. It’s likely cyber laws will begin to hold users more responsible for crimes committed by their own devices.

Botnet Structures

Botnet structures usually take one of two forms, and each structure is designed to give the botmaster as much control as possible.

Client-server model

The client-server botnet structure is set up like a basic network with one main server controlling the transmission of information from each client. The botmaster uses special software to establish command and control (C&C) servers to relay instructions to each client device.

While the client-server model works well for taking and maintaining control over the botnet, it has several downsides: it’s relatively easy for law enforcement official to location of the C&C server, and it has only one control point. Destroy the server, and the botnet is dead.

Peer-to-peer

Rather than relying on one centralized C&C server, newer botnets have evolved to use the more interconnected peer-to-peer (P2P) structure. In a P2P botnet, each infected device functions as a client and a server. Individual bots have a list of other infected devices and will seek them out to update and to transmit information between them.

P2P botnet structures make it harder for law enforcement to locate any centralized source. The lack of a single C&C server also makes P2P botnets harder to disrupt. Like the mythological Hydra, cutting off the head won’t kill the beast. It has many others to keep it alive.

Botnet Prevention

It should be clear by now that preventing botnet infection requires a comprehensive strategy; one that includes good surfing habits and antivirus protection. Now that you’ve armed yourself with the knowledge of how botnets work, here are some ways to keep botnets at bay.

Update your operating system

One of the tips always topping the list of malware preventative measures is keeping your OS updated. Software developers actively combat malware; they know early on when threats arise. Set your OS to update automatically and make sure you’re running the latest version.

Avoid email attachments from suspicious or unknown sources

Email attachments are a favorite source of infection for many types of viruses. Don’t open an attachment from an unknown source. Even scrutinize emails sent from friends and family. Bots regularly use contact lists to compose and send spam and infected emails. That email from your mother may actually be a botnet in disguise.

Avoid downloads from P2P and file sharing networks

Botnets use P2P networks and file sharing services to infect computers. Scan any downloads before executing the files or find safer alternatives for transferring files.

Don’t click on suspicious links

Links to malicious websites are common infection points, so avoid clicking them without a thorough examination. Hover your cursor over the hypertext and check to see where the URL actually goes. Malicious links like to live in message boards, YouTube comments, pop up ads, and the like.

Get Antivirus Software

Getting antivirus software is the best way to avoid and eliminate botnets. Look for antivirus protection that’s designed to cover all of your devices, not just your computer. Remember, botnets sneak into all types of devices, so look software that’s comprehensive in scope.

With the Internet of Things increasing, so too does the potential for botnet size and power. Laws will eventually change to hold users more responsible for the actions of their devices. Taking preventative action now will protect your identity, data, and devices.

The post What is a botnet? appeared first on Panda Security Mediacenter.

Read More

New Study Shows “Fake News” Part of Parents’ Concerns about Online Activities

Controversies around “fake news” sites aren’t just nightly news fodder or political footballs. As it turns out, they’re new additions to the list of parental fears, sitting alongside computer viruses, social media, and online sexual predators.

Parents today aren’t just worried about their kids watching internet porn. Many are concerned their child will read a Breitbart article or watch a video on CNN.

Panda Security’s exclusive analysis of U.S. parents reveals what they fear the most when it comes to websites, online activities, and apps.

  • More than twice as many parents consider right-wing website Breitbart unsafe for children than CNN.
  • 20 percent of parents think CNN is not safe for their kids.
  • 47.9 percent of parents think Breitbart is unsafe for children.
  • 75.9 percent of parents think anonymous sharing is a danger to kids.
  • More parents block Facebook (5.9 percent), YouTube (5.8 percent), Netflix (4.3 percent), than they do Pornhub (2.5 percent).
  • 54.2 percent of parents are most concerned about sexual predators online.
  • 37.1 percent of parents concerned about sexual predators haven’t spoken to their kids about it.

We surveyed 1,000 U.S. parents to determine the websites, apps, and activities that most concern them when it comes to their children.

Parents Are Worried About Some Of The Web’s Most Popular Sites


Of our total sample of respondents, 90.1 percent ranked Pornhub as “Very Unsafe” or “Somewhat Unsafe”. Our analysis also shows some major social media sites as a source of concern for many parents. 47.0 percent of parents view Facebook as unsafe, while Reddit received the same rating from 46.1 percent of respondents.

Video streaming websites like YouTube and Netflix also ranked as concerning to parents. 36.7 percent of parents said YouTube was a safety concern while 15.5 percent also felt the same about Netflix.

Parents also considered news sites like CNN and Breitbart as a threat to their children. 20.5 percent felt concerned about CNN while 47.9 percent reported Breitbart News as somewhat or very unsafe.

For parents who felt “Very Safe” or “Somewhat Safe” towards specific websites, Amazon ranked first with 71.4 percent. More parents said they felt Netflix (69.9 percent) was safer than Wikipedia (65.5 percent).

More Parents Blocked YouTube than Pornhub

Our analysis showed there was a disconnect between parental concern and parental action. We found more parents reported blocking video websites like YouTube (5.8 percent) and Netflix (4.3 percent) than they did porn sites like Pornhub (2.5 percent).

One reason why parents may be blocking sites like YouTube and Netflix more than Pornhub is that parents may consider excessive screen time more concerning and more likely than specific content like pornography. Parents may feel the chances of their children finding/watching adult content too remote for concern, especially if the children are very young.

However, a University of New Hampshire survey of 1,500 internet-using youth between the ages 10 and 17 showed 42 percent of them had been exposed to online pornography in the past year. Of those, 66 percent reported unwanted exposure.

Parents Overwhelmingly Think Anonymous Online Sharing Is Unsafe for Kids


Of the seven online activities we listed, “anonymous sharing” was the online activity most concerning to parents. 75.9 percent reported feeling “somewhat unsafe” or “very unsafe” when it came to their kids and anonymous sharing.

The data suggests app developers need to include better parental controls for monitoring or stopping anonymous sharing activities of children.

Anonymity could factor into the perceived safety of social media sites. While there’s a good amount of safety concern among parents for a social website like Facebook (47 percent), it’s even more for 4chan (58.4 percent)—a site where anonymity is more prevalent.

Social networking was the second most unsafe online activity with 57.2 percent followed by “video sharing/watching” at 56.6 percent. A larger percentage of parents reported feeling concerned about video sharing than reported being concerned about the video sharing website YouTube.

Parents Are Worried About How Their Kids Get News


Our analysis shows 47.9 percent of the total pool of respondents who had heard of the right-wing website Breitbart rated it “somewhat unsafe” or “very unsafe”. That’s compared to 20.5 percent that responded the same to the more centrist Cable News Network. 8.1 percent said they considered both websites a safety concern when it came to their children.

Wikipedia also ranked as somewhat or very unsafe to 12.2 percent of parents. “Fake news” controversies and growing concerns about biased information are threatening the legitimacy of some online information sources like Wikipedia.

Parents Are Very Concerned About Sexual Predators


Of the six options presented, 52.4 percent of parents chose “sexual predation online” as their top online concern for their children. 14.3 percent chose “Maintaining online privacy” followed by “online bullying” at 11.8 percent.

More Than a Third of Parents Don’t Talk To Their Kids About Online Sexual Predation


While 52 percent of parents reported sexual predation as their primary concern, 37 percent of those said they hadn’t spoken to their children about the topic in the past year. Among parents who reported online bullying as their primary concern, a similar percentage hadn’t spoken to their children about the topic, at 33 percent.

For less emotionally and physically dangerous concerns like “Computer Viruses” and “Hidden Fees in Online Apps”, the percentage of all parents who expressed concern, but hadn’t spoken with their children, was even higher (54 percent and 43 percent, respectively).

Among parents most concerned about maintaining online privacy, 44 percent of parents overall hadn’t discussed the topic. The numbers suggest the threat of online privacy and identity theft is being perceived as a similar to hidden app fees.

Cyberbullying Is Being Underrated By Parents As A Concern


Our analysis shows parents biggest fears aren’t reflective of actual prevalence rates. Of the total group, 54.2 percent of parents said sexual predation online was their biggest concern while 11.8 percent said the same for online bullying. Sexual predation is defined as any person using the internet for the express purpose of targeting a minor to perform non-consensual sex acts.

Compared to sexual predation, cyberbullying occurs much more frequently for children. The prevalence rate for sexual predation online is only 13.0 percent. In contrast, a 2016 study commissioned by the Cyberbullying Research Center found 33.8 percent of U.S. high school students between the ages of 12 and 17 said they had experienced cyberbullying. Examples of cyberbullying can include sending threatening or hurtful texts, posting embarrassing photos or video, and/or spreading rumors.

Methodology

Panda Security conducted an online survey of 1,000 U.S. parents.
Our survey was designed to gather from parents four different types of data:

  • Demographic
  • Level of concern for specific websites, online activities, and apps
  • Actions they’ve taken to address their concerns.
  • Their knowledge level of their child’s online activities, friends, and passwords.

We wanted to discover what parents were the most concerned about and what they were doing to address those concerns, either directly (e.g. blocking content) or indirectly (e.g. discussing issues with their children).

Our approach to analyzing the data was to determine if there was a correlation between the level of concern and amount of reported activity.

The post New Study Shows “Fake News” Part of Parents’ Concerns about Online Activities appeared first on Panda Security Mediacenter.

Read More

Computer Security Day 2017: The Current State of Cybersecurity

Thursday 30th November marks the 29th Computer Security Day – an unofficial “holiday” used to raise awareness of cybersecurity issues that affect us all. At the most basic level, people across the world are encouraged to take the opportunity to create new strong passwords.

The annual Computer Security Day is also a useful chance to assess wider cybersecurity implications, and how well industry and individuals are protecting themselves.

So, what is the current state of IT security?

Security is more complex than ever

Every day new devices are added to home networks, most of which also connect to the Internet. From smart heating thermostats to remote controlled blinds and games consoles, technology is becoming part of the very fabric of our homes. And if smart speakers like Amazon’s Alexa and Apple’s HomePod sell as well as expected this Christmas, the home network is going to become busier (and more complicated) than ever.

The only drawback to all these devices is that they increase the number of potential attack points for cybercriminals. In the past, hackers would only have the option of breaking into your home PC. But with so many network connected devices to choose from, hacking in has actually become easier.

Security is not being prioritised by manufacturers

In the rush to sell their products as quickly as possible, some manufacturers are cutting corners. The software powering these devices often contains bugs and security holes that can be used by hackers to gain access. Once connected to the device, they can then attack other more important devices, like your laptop or PC.

Where there are decent security provisions on the device, owners are making basic mistakes that place their network at risk. As always, poor passwords are the biggest problem, making the hacker’s job even easier. If you have network connected devices at home, use this Computer Security Day to update all of those passwords too.

We are getting better at cybersecurity

Networks may be more complex than ever, but our security options are also improving. Most home routers used to connect to the Internet now include firewall functions to keep hackers out for instance. And the tools used to detect and remove malware are also improving daily.

In fact, anti-malware is the last line of defence when it comes to protecting your personal data. If hackers do manage to break through defences and compromise network-connected devices like webcams and smart speakers, anti-malware will stop them accessing your computers where the really valuable personal information is held.

If you do nothing else this Computer Security Day, please take a few minutes to download and install a free copy of Panda Antivirus for your PC. You should also take the opportunity to protect your smartphone too – download a free copy of Panda Mobile Security today.

The post Computer Security Day 2017: The Current State of Cybersecurity appeared first on Panda Security Mediacenter.

Read More

3 Poor IT Practices that Endanger Companies

An attack perpetrated by a criminal, a malicious or negligent action taken by an employee… The causes of security incidents can be very diverse. And, according to a recent study by Ponemon Institute, 28% are caused by poor IT practices. In many cases, these failures are due to limited security policies that do not cover all possible risks. By overlooking certain tasks and processes, IT teams are exposing the vulnerabilities of their companies. In this post, we will highlight three key aspects that should be adequately monitored by the security officers of any company.

Neglecting printers is dangerous

This seemingly harmless device can endanger your corporate network. It is worth remembering that printers are also sophisticated storage devices, and that they usually have a longer lifespan than any of our connected devices. According to a study by Spiceworks, only 16% of IT managers believe that printers are vulnerable to security breaches, a figure significantly lower than that corresponding to computers and mobile phones.

Since printers store sensitive document data, it is convenient to delete and review their content periodically. Also, if you stop updating the printers’ firmware, they can become an attack vector (especially if they are connected to the central corporate network). Different types of attacks could allow cybercriminals access to insecure printers, obtaining the documents that have been printed, analyzing network traffic, and even obtaining user information and passwords.

Do you know what applications your employees are using?

Another risk is not knowing what cloud services employees are using. It is important to perform a Shadow IT study and evaluate the dangers implied by applications and services not expressly authorized by security teams. According to an EMC study, annual losses that can be traced back to Shadow IT have reached up to 1.7 trillion dollars. Many organizations are unaware that their employees use services and applications outside of those put at their disposal by the company itself, increasing the blind spots and, therefore, the attack surface of the company.

To stave off malicious behavior, it is essential to monitor corporate network activity and have complete visibility of the software and applications employees are using.  These are crucial characteristics of a security system that is able to act against apps that could endanger the company’s sensitive information or intellectual property. It is very important to educate employees, but also to design policies that can satisfy their needs and prevent them from authorizing services in an insecure way, or by “taking the back door”. Likewise, IT professionals must evaluate each and every service and application, preventing access to those that are dangerous with infrastructural protocols (such as firewalls and proxies).

What if an employee loses their company phone?

The loss of corporate devices, whether mobile phones, computers, tablets, etc., should be extremely disconcerting for any IT professional. In a Tech Pro Research survey, when asked about the company’s weakest link in terms of cybersecurity, 45% answered that the most vulnerable point was mobile devices. To protect against collateral damage from loss or theft, ideally all corporate devices would be encrypted. IT administrators must ensure that contained on them is not compromising, and that these devices can only access corporate information through a VPN. And, in case of loss, administrators should have the ability to block it remotely.

By permitting mobile devices to install applications, even versions authorized by the operating system, you are, figuratively speaking, placing a door where there used to be a wall. It is important to ensure that the IT team has an identifiable base of all mobile systems connected to the corporate network and that, if possible, vulnerability tests and remote control may be performed to analyze penetration levels.

These are just three examples of areas that IT teams must take care to address. Ignoring these good practices can open the door to security incidents that cause considerable economic impact. In a context in which external threats are growing in number and complexity, avoiding risks by implementing basic protocols should be an obligation for every IT professional.

The post 3 Poor IT Practices that Endanger Companies appeared first on Panda Security Mediacenter.

Read More

Worms vs. Viruses: What’s the difference?

Worms, viruses, bots, oh my! Such names sound less like monikers for malicious software than characters in a sci-fi novel. Despite their fictional-sounding names, the monetary damage these types of malware can cause to computers and data is very real. Studies put the global cost of ransomware attacks for 2017 between 1 and 3 billion dollars.

Most types of malicious software (aka malware) work differently, but all have the same function: to install unwanted software on your computer or network for malicious purposes ranging from simple annoyance to corporate espionage.

Two of the most common forms of malware are worms and viruses. Knowing how they work can limit the damage of a malware attack sooner and help avoid infection altogether.

Spreading the Word Doc

Worms and viruses differ in two main ways: how they spread or “replicate” and their level of autonomy. To function, viruses need a host file (e.g., a Word document) or a host program (e.g., that free PDF splitter you downloaded). To replicate, viruses need humans to send them through emails, messages, attachments, etc. They can’t do this on their own.

Worms are viruses that can replicate themselves, emailing themselves to other computers and networks without help from pesky humans. A worm’s autonomy tends to make it more aggressive or contagious, while a virus may lay dormant for years waiting for a user to open an infected file. To use a cinematic analogy, worms are more like predators, viruses are more like aliens.

How viruses replicate

Computer viruses are transmitted like biological ones. For example, the common cold spreads through person-to-person contact. We pass our cold germs to other people through coughs and sneezes. Unsuspecting victims breath in our virus spray and presto! We’ve just replicated the virus to them. The point: It takes a human action (i.e., coughing and sneezing) to replicate a virus.

We replicate computer viruses by sending (sneezing) infected attachments through emails, instant messages, etc., to other users. Like us, they unknowingly download and open the attached file. Most recipients will open these attachments because they trust us. Replication of the virus took a human action and a little gullibility.

Social engineering

Social engineering is a way of tricking people into spreading malware to others. Hackers use our own assumptions and confirmation bias to fool us.

For example, when we visit our bank’s website, we usually first look for the most recognizable features: company name, logo and the familiar layout of the page. All of these features tip us off that we’re in the right place. Instead of applying a more critical eye, we quickly compare what we see to what we expect. When those basic expectations are confirmed, we click ahead.

Everyday, hackers create malicious copies of legitimate websites and emails to steal our private credentials. These digital fakes don’t need to be perfect copies either, just close enough to match our expectations. That’s why it’s best to avoid clicking email links to common websites and instead use a browser bookmark so you always know you’re in the right place.

Even a worm will turn

Worms are actually a subclass of virus, so they share characteristics. They also are passed through files like attachments or website links, but have the ability to self-replicate. Worms can clone and transmit themselves to thousands of other computers without any help from humans. Consequently, worms tend to spread exponentially faster than viruses.

Worms have this viral superpower in part because they don’t rely on a host file like a virus. While viruses use these files and programs to run, worms only need them as disguises to sneakily wiggle into your computer. After that, the worm runs the show. No more host files or social engineering required.

How to protect yourself

Even though worms and viruses are different, you take similar precautions to avoid them.

Avoid opening unfamiliar messages and attachments

Social engineering is powerful and preys on our assumptions and familiarity, but you can fight it by paying more attention to your online interactions. Inspect emails closely. Phishing emails usually have telltale signs they’re scams. Most importantly, never open an email attachment from an unknown source. If you can’t confirm the source, delete the attachment. One moment of satisfying your curiosity isn’t worth the risk.

Avoid non-secure web pages

Non-secure websites don’t encrypt how they talk to your browser like secure ones do. It’s easy to identify websites that are non-secure. They start with HTTP in their URL address. Try to visit only secure sites that start with HTTPS. The ‘s’ stands for ‘secure’. Browser plugins like HTTPS Everywhere can make searching only HTTPS sites easier.

Update your operating systems

Hackers love to find security holes in operating systems like Windows. It’s a game of cat and mouse played with software engineers who constantly test, identify and patch ways of infiltrating their own software. The result of their efforts is the security update. Updating your OS applies those patches as soon as they’re released, increasing your protection level. Set your system to auto-update.

Be picky about your programs

Like operating systems, individual apps on your devices also need updating – and for the same reason. Aside from updating them, you should also decide whether you even need them at all. Remember, viruses need host files and programs for execution and disguise. Decide whether you actually need the app, or if you already have it, how often you use it. The more apps you have, the more updates. The more updates, the more opportunities for a security breach or infection.

A couple of programs you will want to give special attention to are Adobe Flash and Acrobat Reader. Both are popular targets for cyber criminals. If you don’t use them, uninstall them.

Get antivirus protection

The easiest and most effective action you can take to protect yourself from worms and viruses is to get a total antivirus protection plan. Antivirus software can’t be manipulated by social engineering tricks. It never assumes anything. It scans every file you open and every program you run for viruses and worms. Good ones do this in real time.

Every worm and virus discovered gets assigned a ‘signature’, a unique indicator that says “this is a virus!” Antivirus software keeps a list of those signatures and compares them to all of the data coming through your system.

You now understand the differences between worms and viruses, how they spread and where they hide. Be more critical the next time you open an unfamiliar email or visit a familiar website. Following these tips and getting antivirus software is the best way to avoid malware.

Antivirus protection against ransomware

The post Worms vs. Viruses: What’s the difference? appeared first on Panda Security Mediacenter.

Read More

Did Your Childhood Monsters Dwelling Under the Bed Grow to Be Real?

Remember when you were a youngster, and lived in nightly fear of the monsters dwelling under your bed, or those hiding in the closet? That made it an act of foolishness to swing your legs over the side of the bed and expose munch-able ankles to the demons. Even worse would be to risk opening the closet door at night, to provide a portal for their crossover into the human world.
The only way to safely make it through the night was to stay motionless in bed, fully covered by your charmed-against-monsters favorite blanket, and await the safety of morning sunlight.

Krack

The demons of the night have probably long since retreated from your bedroom – but for adult internet users, they have re-emerged from the shadows, in the form of hackers and cyber attackers, still lurking, still waiting for their opportunity. And sadly, this time they are real – lately, the internet has been buzzing with the recently discovered WPA2 vulnerabilities known as KRACK.

Everyone who listens to the news occasionally, or checks their morning news feed before heading off to work, should be aware of some of the spectacular network breaches against major corporations. In fact, one or more of those violations may even have affected you personally, since several of them have resulted in massive amounts of sensitive personal information being hijacked by criminals. But such headline-grabbing attacks are far from the only depredations being carried out these days on the Internet, nor are the big corporations the only targets.

Small businesses the target of cybercriminals

Cybercriminals are starting to realize that attacks against lots of small businesses can be just as lucrative as a single attack against a major player. Ransomware attacks and other forms of malware breaches can yield significant profits when carried out in volume against small businesses, and now hackers have upped the ante to include attacks against individuals, in the form of breaching devices which are tied to the Internet of Things (IoT). It was recently demonstrated that even using an ordinary Wi-Fi connection can expose you to attack by a smart attacker, in physical proximity.

Wi-Fi Protected Access 2 (WPA2)

Wi-Fi Protected Access 2 (WPA2) is the second, and theoretically stronger, incarnation of security protocols for wireless networks, but it was recently shown to have a vulnerability which allows attackers to modify how the protocol works so that that network traffic can be intercepted. Depending on how a specific network is configured, it would have even been possible for malware to be inserted, without the attacker ever owning or disturbing standard password security, thus evading detection.

This capability makes wireless devices, including all those connected to the IoT, vulnerable to Key Reinstallation Attacks (KRACK), which compromise the encryption component of the WPA2 protocol. Without getting into the technical weaknesses which make this possible, you should know that such attacks are likely whenever a cybercriminal is physically positioned close enough to a device on a Wi-Fi network so that the signal can be intercepted and manipulated. What all this means for devices connected to the IoT, is that they would need to have software or firmware updates which close up the vulnerability to KRACK attacks. The affected manufacturers have begun issuing patches to address the problem but remember that you don’t have to only rely on patches – there are other ways to protect yourself.

Are More IoT devices Driving More Cyber Attacks?

The short answer to this is – yes. Cybercriminals are notoriously opportunistic, and the potential ubiquity of IoT devices provides merely endless possibilities for security breaches. Just “listening in” on such network traffic can provide useful, sensitive information about accounts and other data that can be converted into profits.

The monsters under your bed have grown up with you, and they have now moved into the shadows of cyberspace, waiting to nip at your ankles or to have you barge brazenly into their closet stronghold. And unfortunately, this time they are real – make sure you have a chance to fight them off by arming yourself with a protective blanket.

The post Did Your Childhood Monsters Dwelling Under the Bed Grow to Be Real? appeared first on Panda Security Mediacenter.

Read More

Alberto Yépez: “Businesses Are More Willing to Invest in Cybersecurity”

In this guest collaboration, Alberto Yépez shares his expert vision innovation in the security sector. Alberto is co-founder and Managing Director of Trident Capital Cybersecurity, the largest global venture capital firm focused on cybersecurity startups. Alberto has extensive experience as an investor in companies such as Alien Vault, Mocana or Bluecat. In addition, he has served as a consultant for the US Department of Defense, is a member of the Board of Advisors of SINET (Security Innovation Network) and actively participates in global initiatives such as the World Economic Forum Partnership for Cyber ​​Resilience.

Panda Security: How has the cybersecurity landscape evolved over the 30 years that you have been in the sector?

Alberto Yépez: I think that cybersecurity has evolved from being a very technical and isolated issue to becoming something that is important for executives and boards of directors. I think that’s the biggest shift from a business perspective. We live in a digital age. Information is a premium, and information comes from data and is produced by applications that provide the context of the data for it to become information. And given that we are trying to protect that information, you see businesses that can succeed or fail just because that information gets compromised.

Alberto Yépez

From a technical point of view, given the complexity and the multiple platforms of computing that we use today, it has become complicated to protect. So every time there is a shift in a computing platform, there are new attack vectors that appear. And in order to defend them, you have to invest a lot of money to protect our mobile devices, our applications in the cloud, our data centers, privacy information for individuals, IoT… now you have this whole interconnected world.

The third thing that has happened, besides business and technical, is that now that we live in a digital age, to rob a bank you don’t need to go in there with a gun to steal the money. You can sit in your living room or your basement, and attack a bank and get the money. Therefore, the threat is real, the cybercriminals have changed, and these are more sophisticated individuals, very technical, that basically do it for different motives — because they are activists, or hacktivists, or they do it because they are really criminals and they want to enrich themselves and use the money or information for ransom. Or, more importantly, as we’ve seen as of late, there are a lot of state-sponsored cyberattacks, where they’re trying to destabilize democracies and governments. They’re trying to attack the national grid, or the critical infrastructure of a government, etc. So the frequency and sophistication of attacks has increased exponentially. Therefore, it is becoming harder to defend, and it all comes back to if it’s becoming harder, then the amount of money that needs to be invested is increasing, and not just by choice. The whole industry is really in a huge inflection point, where cybersecurity has become a fact of everyday life, both for the individual, the business, and for the government.

PS: What would you say are the most relevant trends in the cybersecurity industry right now?

There’s a shortage of cybersecurity professionals. Therefore the suppliers are trying to build products that are easier to deploy, easier to consume, and they’re using new technologies like the cloud and mobility to make sure that it becomes easier to protect information. In summary, it’s mobile security, cloud security, IoT security, and privacy. Especially in Europe, as you know, there’s a big push for some of the privacy directives, including the GDPR, which are at the front of the mind for business.

PS: How can security benefit from AI and Machine Learning, and what are the risks?

That’s an excellent question. So how do you solve the problem of the shortage of cybersecurity professionals? You bring in automation. Not to replace, so much but to help the humans. The role of AI is basically to automate tasks of mature segments of the security industry, using human knowledge.

PS: You’ve invested in many successful cybersecurity companies. How do you decide that a company is right for investment? What catches your eye?

We look at five different areas — so this is a good note for entrepreneurs!

Number one, we’re really market driven. We like to get a sense of what the areas are where no commercial technologies exist so emerging solutions can be funded. So we look at, how big is the market?

Number two, we look at the intellectual property — how hard it is to replicate the solution.

Number three we look at the go-to-market strategy — how the company can scale not just by selling one at a time, but by creating alliances. Which is one of the basics to reach a global audience.

Number four we look at the team — whether the people have the experience, the context, the knowledge, and the relationships to be successful.

And number five, we often look at the co-investors. The investor group is important, because companies go through several iterations and several fund-raisings, so you need investors that are committed to support a company through all this.

The post Alberto Yépez: “Businesses Are More Willing to Invest in Cybersecurity” appeared first on Panda Security Mediacenter.

Read More

PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018

Today, more malware samples are created in just a few hours than in the entire twentieth century. The targets have changed, the techniques have become more sophisticated, the attack vectors have multiplied, and the tools are more precisely designed. Attackers are meticulously studying their victims to adapt their strategy and achieve the greatest possible impact.

 
Their efficiency, effectiveness, and profitability are proven time and again, with up to 75 million distinct malware files created between the beginning of the year and October, which translates to 285,000 new samples detected every day by PandaLabs.

2017 Cybersecurity Trends

More than half of attacks are motivated by financial targets, while espionage is the second greatest motivating factor.

Stealth attacks with adaptive lateral movements are becoming all too common.

Malwareless attacks are increasingly favored by attackers. They prefer to remain invisible to traditional protection models, and do not require the victim’s interaction. These attacks can double profitability when optimally executed.

Tools for exploiting vulnerabilities have given rise to new attack vectors that require no human interaction.

The endpoint is the target. The perimeter has become blurred, mobility is the norm in any company, and corporate networks are therefore much more exposed.

Ex-employees attempted to extort their previous companies, initiating attacks from within the company.

There was a larger presence of organized cybercriminal groups, such as the Lazarus Group, attacking the media, the aerospace and financial sectors, as well as critical infrastructures in the US and elsewhere.

Cyberwarfare and cyber-armies: in a full on arms race in cyberspace, nations are creating cyber command centers to bolster defenses against attacks on companies and infrastructures.

Figures

In 2017, PandaLabs analyzed and neutralized a total of 75 million malware files, about 285,000 new samples a day.

One thing is clear: there are many more malware samples, and each of them is infecting fewer devices individually. Each malware sample will attack a minimum number of devices in order to lower the risk of being detected and thereby achieve its goal.

This is supported by the fact that of all the new malware (PE files) never seen before this year (15,107,232), only 99.10% have been seen only once; in other words, in 14,972,010 samples. If we look at the figures from the other end, we see that indeed an insignificant part of all the malware is truly widespread. We have only seen 989 malware files on more than 1,000 computers — 0.01%.

This confirms what we already knew: with a few exceptions — such as WannaCry or HackCCleaner — most malware changes every time it infects, so each copy has a very limited distribution.

Cybersecurity Predictions for 2018

Cyberwarefare and its consequences: Instead of an open war where the opposing sides are clearly identifiable, we are facing a guerrilla strategy with isolated attacks whose authors are never clear. Freelancers at the service of the highest bidder, false flag operations, and an increase in collateral victims of these attacks is what’s in store for 2018.

Malwareless hacking attacks: attacks that abuse non-malicious tools or compromised applications to carry out their efforts will increase.

Malware for mobile devices and the Internet of Things will continue to rise. In general, IoT devices are not targeted by cybercriminals as the ultimate goal. But when compromised, these devices increase the attack surface and are used as a gateway to the company’s network.

More advanced attacks and more ransomware can be expected in the coming year. These attacks promise a high return on their investment at a low level of risk.

Companies will spearhead awareness-building initiatives for attacks: for the first time in history, the public will be aware of attacks that happen and are in many cases subsequently covered up, thanks to the new GDPR legislation.

Social networks and propaganda: there will be an increase in fake news due to the ability of these platforms to influence public opinion. Facebook, the largest social network in the world, is already taking action on the matter. If it is discovered that a Facebook page repeatedly distributes false news, it will prohibit it from being publicized on the social network.

Cryptocurrency: the use of cryptocurrencies will continue to grow, and all the cybercrime that surrounds it, such as infecting computers with cryptocurrency mining software or the theft of user wallets, will follow suit.

Conclusions

Security update protocols should be a priority at all companies. Cases such as WannaCry or Equifax reaffirm this, as every day that passes without patching a vulnerable system puts the company at risk, as well as the integrity of its data, including that of customers and suppliers. Production can be endangered and incur millions in losses.

Countries are investing more and more in defensive and offensive capabilities, with a focus on critical infrastructures.

2018 augurs a more dangerous situation. For many professionals, a change of mentality (and strategy) will be necessary to achieve the highest levels of security and protect the assets of their companies’ networks.

Both in business and at home, training and awareness are key. It follows that cybersecurity, often forgotten by management, will require a greater investment.

Having in-depth knowledge of attacks and what they consist of should be the basis for a good defensive strategy. Machine Learning tools and the investigations of Threat Hunting teams are essential to avoid future intrusions.

Signature files no longer work and the figures speak for themselves: more than 99% of all malware never appears again anywhere else.

There is a problem of focus: solutions that remain focused on fighting against malware (the majority of those available on the market) are doomed to become extinct if they do not change their strategy.

And of course, we can’t forget international cooperation and the creation of common legislative frameworks such as the GDPR. Having political and economic support and a plan of action will make it possible to benefit from the latest technological advances in the safest manner.

In the PandaLabs Annual Report, you can learn about real cases, review the most discussed attacks of 2017, and read more about what lies ahead in 2018.

The post PandaLabs Reveals its Predictions for Cybersecurity Trends in 2018 appeared first on Panda Security Mediacenter.

Read More