X

Vous n'êtes pas connecté

Rubriques :

Maroc Maroc - NEWSDAY.CO.TT - A la Une - 16/Dec 04:27

What keeps regional cybersecurity experts awake at night

BitDepth#1489 Mark Lyndersay THE PANEL discussion that comprised the second half of the ISC2 Scam Defence seminar on November 30 made clear some of the challenges that regional cybersecurity experts face. Those hurdles include a reluctance to retire ageing, vulnerable equipment, fundamental misunderstandings by C-Suite management about areas of digital weakness and poorly implemented network security regimes. Dark web researcher and penetration tester Shiva Parasram explained the history of the EternalBlue exploit, created by the National Security Agency (NSA) of the US government. The NSA engineered the exploit in 2012 to access computers running then current versions of Microsoft Windows but didn't tell the company anything about it until 2017, when the Shadow Brokers, a hacker group, got hold of the code and released it widely. Microsoft quickly engineered and released a patch, but unpatched systems remained vulnerable and the WannaCry virus used the exploit to spread, causing millions in damage and downtime. If the vulnerability remains unpatched on a modern system, the likelihood of a successful breach is close to 100 per cent. "It's a bit worrying because there are a lot of systems that still run (older) applications and you can't upgrade them," said dark web researcher and penetration tester Shiva Parasram. "If I were to jump on a Kali Linux system and I found one of those older systems on Windows 7 or Server 2000 it would take two to five minutes to fully compromise the system. There are hundreds of thousands of exploits out there and it's pretty tough to defend against them all." "In a network, there are a lot of vulnerabilities and they can happen at different levels of your technology," said Ajmal Nazim, cybersecurity consultant and systems auditor. "The firewall is your perimeter, it's your first line of defence. But once you get inside of the network, then you need defences and a proper segmentation of the network. So if they do breach the perimeter, then it shouldn't be that it's a free-for-all on your internal network, no matter how big it is. The infrastructure should be properly segmented so if anything they'll only get into one segment." Whether the attack comes from a successful external attempt, exploiting a vulnerability or from inside, perhaps a disgruntled employee, an exploit needs just one vulnerability. The attack can then move laterally throughout the network and, through an escalation of privileges, can compromise the entire network. They will encrypt your entire network, they will exfiltrate data. They will demand a ransom. "Companies will think that once they have a firewall in, then they have done what's needed," Nazim said. Scofield Thomas, managing director of 800-TECH, offered examples of worrying real-world experiences. In one instance, he found a client running the business without a firewall. "It was giving trouble, it was blocking things, so we took it out," was the response. "I recently spoke with a new client who is running Microsoft Server 2003," Thomas said. "It's a critical industry that they're in and this server is vulnerable. The issue is about two things, supporting this core, legacy application that they feel the need to hold on to that they can't upgrade. Then there is the cost. "You have this critical information on a server that is unpatched. These are the small mistakes that you make. You think you're being budget-conscious, but in the end the reputational damage and expense can be immense." Parasram noted the increased presence of information stealers like Lumma, which target cryptocurrency wallets and two-factor authentication browser extensions to steal sensitive personal information from a victim's machine. "Ever notice that every single time you try to log back in, you're not asked to provide (authentication credentials)? It's stored in a session, and information stealers capture your username, your password, they steal the actual session that you're working on. "There were around 32 big leaks in the Caribbean for 2023. Terabytes of information are definitely out there." "The thing that keeps us awake is just the potential of the threat actor to just blend in with the regular traffic on the network," said Keisha Langley, cybersecurity specialist, CBTT. "In our ongoing monitoring, things that fall outside of what is normal for our operations are key things we have to keep our eye on because we know that they can really just blend in very easily. The good guys (white hat penetration testers) show us so that we can get better. But I just think it's important for us just to look at a number of different things and number of different potential indicators for us when we're monitoring our environments." Mark Lyndersay is the editor of technewstt.com. An expanded version of this column can be found there The post What keeps regional cybersecurity experts awake at night appeared first on Trinidad and Tobago Newsday.

Articles similaires

"Don't compare me to Drogba, I haven't reached his level yet- Senegalese-born Chelsea striker Nicolas Jackson

mockinbird.com.ng - 21/Dec 17:36

 Can Chelsea keep up the pace at the top and continue their charge for the title this weekend? Well, it won’t be easy, that’s for sureAhead of...

"Don't compare me to Drogba, I haven't reached his level yet- Senegalese-born Chelsea striker Nicolas Jackson

mockinbird.com.ng - 21/Dec 17:36

 Can Chelsea keep up the pace at the top and continue their charge for the title this weekend? Well, it won’t be easy, that’s for sureAhead of...

100% Full Mark Internet Only From Time – 100% Fiber Network, 100% Fast & Stable

thecekodok.com - 13/Dec 20:32

What is your 2025 resolution? Get a new job? Buy a new computer? Want to be healthier? Want to get promoted? Want to meet your soulmate? Move to a...

Gaslighting and the price good people pay for confronting the latest American tragedy

rawstory.com - 10:57

I’d be lying if I didn’t admit to being at least mildly jealous of the people who refuse to give modern-day politics, and the sorry state of our...

Bitcoiners’ Guide To Austrian Economics – Analysis

eurasiareview.com - 19/Dec 01:13

By Per Bylund Austrian economics is a scholarly tradition that consists of a body of theory that explains how an economy works. Austrian...

Where hackers begin

newsday.co.tt - 09/Dec 06:39

[audio m4a="https://newsday.co.tt/wp-content/uploads/2024/12/BitDepth1488_Narration_09-12-2024.m4a"][/audio] BitDepth#1488 Mark Lyndersay “WE...

The New ‘Nonprofit Killer’ Bill And The Problem Of Government Certification – OpEd

eurasiareview.com - 15/Dec 00:04

By Peter Jacobsen The US House of Representatives just passed H.R. 9495, the Stop Terror-Financing and Tax Penalties on American Hostages...

Sorry! Image not available at this time

Nismo Super Coppermix Twin and R33 GTR transmission replacement

sau.com.au - 19/Dec 11:15

Now that the break-in period for both clutch and transmission is nearly over I'd like to give some tips before I forget about everything that...

To arms and to Xmas

newsday.co.tt - 22/Dec 04:56

Not a word of a lie here: I’ve grown into Christmas ambivalence. This is a significant step – neither up nor down, simply away – a departure...

FireOne CEO: Tolerance key to fireworks use

newsday.co.tt - 05:40

FireOne CEO Andre Abraham has said tolerance and respect are the key for bridging the gap between people who love fireworks and those who love their...

Les derniers communiqués

  • Aucun élément