Tag: cybersecurity

The Necessity of Multi-Scanning

Last Friday, the WannaCry cyberattack effected more than 300,000 computers, impacting thousands of businesses, hospitals and enterprises, across 153 countries by taking advantage of outdated versions of Windows that never had updated Microsoft’s crucial security upgrades.

 

With the increasing amounts of advance threats by attackers and the overall skyrocketing growth of malware, relying on a single anti-malware engine is no longer sufficient for high-security networks.

 

Anti-malware, multi-scanning softwares are essential for improving security because they significantly increase the intensification of malware detection rates and consequently, reduce the susceptibilities created by a specific anti-malaware engine’s shortcomings.  Multiscanning refers to the process of running multiple anti-malware or antivirus engines concurrently. Multi-Scanning anti-malaware tools also have the added features of meaningfully reducing the number of days of exposure to new malware outbreaks and often can protect systems from malware targeting a variety of system at once, including Windows, Mac, Linux, iOS, and Android operating systems.

 

No single anti-virus software is perfect. Each product will have it’s own strength and weaknesses when it comes to detecting some threats. Likewise, every emerging threat that has the possibility to be detected, will be detected at a different rate by different engines Studies have found that no single engine detects every possible threat. Thus, it is only by combining multiple engines in a multi-scanning type of solution will all possible threats be detected quickly. One downfall of ‘multi-scanning incorrectly’, is that running multiple engines instantaneously can result in conflicts to your servers that lead to system freezes and application failures. Another downfall is that it increases the amount of false positives you can receive. Lastly, multi-scanning can be very costly, especially for smaller-scale enterprises.

 

Fortunately, many vendors have come up with technology that is able to conduct a multi-scan, and detect all types of malware in a single tool, without the hassle of licensing and maintaining multiple antivirus engines. Such vendors allow you to improve your malware detection, decrease the detection time of an outbreak and increase resiliency to antivirus engines’ vulnerability. However, determining the right number of tools or which one to select depends on the volume of the data being protected, the value of this data and the severity and frequency of potential attacks.

 

Security experts are predicting that malware attacks are expected to increase in frequency and severity, multi-scanning anti-malaware solutions can be our best line of defense.  Using anti-malware in a multi-scanning process, or tools that automatically multi-scan can be  used to ensure the safety of your organization’s servers, the email attachments you open, web searches, sending confidential files securely and much more. Multi-scanning allows users and enterprises to control their early detecting engines to detect spear phishing and other specific types of targeted malware attacks. This in turn, will allow them to take action as quickly as possible.

 

 

Political Cyber Security

The daily life and economics of the global citizen depend each time more on a stable, secure, and resilient cyberspace. Even before was elected president, Donald Trump promised to make cybersecurity “an immediate and top priority for [his] administration.” Yet, months into his presidency, Trump and global leaders worldwide have struggled to deal with how policies should use their personal technology.

Cybersecurity has gotten sucked into the inevitable vortex of politicization.

Perhaps things first came into media attention when it was discovered that Hillary Clinton was using a private email server when she was Secretary of State. In response, Clinton has said that her use of personal email was in compliance with federal laws and State Department regulations, and that former secretaries of state had also maintained personal email accounts, though not their own private email servers. In a summary of its investigation into Clinton’s use of private email, the FBI concluded that a username and password for an email account on the server was compromised by an unknown entity, which had logged into the compromised email, read messages, and browsed attachments using a service called Tor. Unique to Hillary’s case is that the FBI had repeatedly noted that if a breach did occur that its agents might not be able to tell, but that there was no evidence previously to indicate that Hillary Clinton’s personal email account was hacked.

More recently, the campaign of the French presidential candidate Emmanuel Macron was hit on May 5th, 2017 with leaked emails and other documents on a file-sharing website. Security analysts are under the impression that the huge leak of emails Macron’s campaign team might have been coordinated by the same group of individuals behind the Democratic National Committee leak that effected Clinton.  In fact, the Macron campaign directly compared the hacking directly to the hacker targeting of Clinton campaign, in a statement that read: “Intervening in the last hour of an official campaign, this operation clearly seeks to destabilize democracy, as already seen in the United States’ last president campaign. We cannot tolerate that the vital interests of democracy are thus endangered.”

However, with the ‘Macron-hack’ emerged as an anonymous poster provided links to documents on Pastebin with the message: “This was passed on to me today so now I am giving it to you, the people.” This serves as an example of how authentic documents can easily be mixed on social media with fakes to perpetuate fake messages that can harm political campaigns. While France’s electoral commission aimed to prevent this hack from influencing the election by warning local media that sanctions can be placed on them if they spread this information, the overall effect this link will have on Macron is unknown.

While we acknowledge that it is difficult to assess the impact of breaches done to a single account on a server, these incidences raise fresh questions about the security of other electronic accounts of politicians.

Politicians are particularly vulnerable to cybersecurity threats for the following reasons:

  • All politicians use different or even multiple platforms (windows, mobile, app, etc.), different email systems (gmail, Hotmail, corporate exchange, yahoo) and different file sharing systems (dropbox, box, icloud) that makes it harder to employ the strictest security standards on each one
  • Politicians work with a lot of individuals for temporary amounts of time, such a volunteers. As such, it is hard to know who you’re working with sometimes.
  • There is also a lack of centralized administration. Cybersecurity tends to ascent traditional political fault lines, making it at best confusing territory for politicians.

Despite which side of the political aisle your ideas land on, there is little debate that cybersecurity continues to be a hot issue.  Nowadays, for politicians, ignoring cyber issues could derail their career. Whether it be governments, individuals, or even campaign trails – the political cybersecurity world has experienced resurgence of threats.

Fortunately, the Blockchain’s alternative approach to storing and sharing information provides a way out of this security mess for four very important reasons:

  1. The decentralized consensus nature of Blockchains makes it almost impossible to break into it.
  2. Its platform agnostic, so it runs on any combination of operating system and underlying processor architecture.
  3. Once configured, it does not need an administrator
  4. Malware cannot break into it

A Blockchain is a register of records prepared in data batches called blocks that use cryptographic validation to link themselves together. Publishing keys on a Blockchain instead would eliminate the risk of false key propagation and enable applications to verify the identity of the people you are communicating with. Similarly, using a public Blockchain like Bitcoin would mean your entire system is decentralized with no single point of failure for attackers to target. As of right now, Estonia is one of the first countries to use Blockchain this way, although other governments are slowly warming up to Blockchain technology.

Moreover, there’s a rising tide for big data analytics to help combat cyber-threats and attackers. Social analytics tools can help be the first line of defense for politicians by combining machine learning, text mining modeling to provide an all-inclusive and amalgamated approach to security threat prediction, detection, and deterrence.
The cyberspace is the underlying infrastructure that holds the key to the modernity in technology. These types of threats are real and actively happening. The types of threats that have impacted politicians in the USA and Europe are real and actively happening. Blockchains and analytic tools will not be the golden ticket to fix everything that’s wrong with cybersecurity for politicians, but they can be a place to start. The Blockchain provides innovations that current systems and politicians could embrace.

For more information on how to protect yourself as a politician, please contact Waël Hassan, PhD.

Cyber Review Consultations Report

“The digital economy increasingly shapes and drives the broader economy. For Canadians to prosper and be confident digital innovators, they need to know that the networks that enable their efforts and safeguard their assets and information are secure. I am committed to making Canada a global centre for innovation – one that creates jobs, drives growth across all industries and improves the lives of Canadians. That’s why I am pleased to support Public Safety Canada in this important cyber security consultation.”- The Honourable Navdeep Bains, Minister of Innovation, Science and Economic Development

The number, complexity, and severity of cyber-attacks on companies and individuals in Canada are each on the rise.

On January 17, 2017, Public Safety Canada posted a report on the views of Canadians on the Canadian cyber security environment. The report was based off the findings 2095 submissions that contained 2,399 responses to individual questions across four main topics, as follows:

  • Evolution of the Cyber Threat: 1,728 responses
  • Increasing Economic Significance of Cyber Security: 364 responses
  • Expanding Frontiers of Cyber Security: 190 responses
  • Canada’s Way Forward on Cyber Security: 117 responses

The results established that cyber security in Canada is an extremely multifaceted issue with multiple challenges and a rising range of opportunities. Throughout the consultation, three ideas were consistently raised as being important and relevant to cyber security in Canada: privacycollaboration, and using skilled cyber security personnel.

The report concluded that it is the shared responsibility of governments, the private sector, law enforcement and the public, to address these challenges and seize new opportunities.

This is part of the Government’s commitment to keep Canadians safe in cyberspace and position Canada as an innovative leader in cyber security. This report is just one example of how the Canadian government is striving to take full advantage of the digital economy, while protecting the safety and security of all Canadians.

Quick Facts

  • Canada has more computers per capita than any other country (129 devices per 100 people) and Canadians are the heaviest Internet users in the world, spending more than 40 hours online per person, per month.
  • About 70 per cent of Canadian businesses have been victims of cyber attacks with an average cost of $15,000 per incident.
  • The current global market for cyber security products and services is expected to grow to over $170 billion by 2020, and the job market for cyber professionals is expected to rise by six million in the next four years.

Source: https://www.publicsafety.gc.ca/cnt/rsrcs/pblctns/2017-cybr-rvw-cnslttns-rprt/index-en.aspx

Cyberwarefare & National Security

It is the digital age, and there is a new type of warfare. Cyberwarfare refers to the utilization of modern technologies and software to mount politically-motivated attacks against information systems; in the past, it has successfully brought down websites, networks, services, financial systems, data warehouses, and more. It is increasingly used by nation states, terrorists, extremist groups, “hacktivists,” and other criminal organizations as a method to create disruption or damage.

Politics and geopolitics has moved online. Many of the revolts and international headlines we read today involve some aspect of the web, whether directly or indirectly. Digital mediums can be used by the government to repress citizens in countries such as China and Saudi Arabia; it can organize and raise awareness for national or political uprisings, such as the case in the Arab Spring; it can be used to access and release confidential information, such as the case during the US presidential election. Cyberterrorism, cyberwarfare, and cyber espionage has become one of the most pressing national and international issues.

 

Motivating Examples

  • Sochi Olympics, 2014: Athletes’ cell phones were compromised within minutes of landing at the airport
  • Viber, WhatsApp, Twitter, and other apps are commonly used to locate terrorist targets in Syria. As a counterpoint, recruitment for terrorist groups such as ISIS is largely done online as well.
  • Use of bots/humans to broadcast government agenda in Saudi Arabia, religious or government dissent has led to bloggers being flogged and sentenced to prison
  • Kuwait enacted mandatory DNA collection from citizen to build a national genetic database
  • China and Russia are actively working on their private internet

 

Trying to control the cyber landscape is near impossible. For instance, the sheer number of mobile applications designed for everything from communications to social media to fitness tracking make up a global marketplace that isn’t ready for innumerable threats. Individuals disclose their personal information across multiple platforms and apps that provide vastly different levels of privacy and security.