Enterprise, Internet Security

How do companies protect against a security breach?

It is no secret that any criminal will have his eyes on the biggest piece of cake he can acquire….

It is no secret that any criminal will have his eyes on the biggest piece of cake he can acquire. It is no different when it comes to cybercriminals. And for them, their favorite desserts are the big tech companies. That is why it is so important for every company to do what they can to protect against a security breach.

With huge amounts of sensitive/customer data around, exploiting just one company can give access to information worth millions of dollars!

No matter how protected business databases tend to be, hackers have very often been able to effectively slip through corporate security defense systems.

One recent example is the Petya Ransomware, a cyber attack predominantly targeted on Ukraine that caused havoc all across Europe and various other parts of the world with an estimated damage of more than $300 million to businesses – most of them being government organizations.

While large tech-companies invest millions of dollars on advanced defense systems, they are often defeated by stronger players in the wilds of the internet. It’s events like these that have pushed tech companies in stepping up their cybersecurity game like never before.

 

So, what do companies do to protect against a security breach?

 

Identity and access management (IAM) systems

Traditionally, identity management has been broadly defined as the set of policies, processes, and technologies used for managing access to information systems through the right individuals. It is the core network responsible for safeguarding digital data while effectively tracking system activities.

Even though the system itself is quite complex, the concept is simple – enhancing the privacy of data by limiting the various associated attributes to certain interactions.

 

Restricting use of unnecessary hardware and software

The higher the number of software or hardware connected to the network- the higher the number of possible exploits. Even though, software companies that sell their products to various IT firms make sure they are immune to cyber attacks, using a redundant program just isn’t worth taking the risk.

More often than not, giant tech firms make sure that different departments of their organization have devices connected to different servers, so that, even if one gets breached, the rest stay secured.

 

Background checks and constant monitoring

While IT firms carefully monitor for possible malware trying to attack their systems, there have been a good number of instances of intrusion from inside the network. No matter how high-caliber cybersecurity a company has, nothing can stop sensitive data from being stolen if it is operated by someone having a different purpose.

Lately, tech-firms have started resorting to serious background checks and screenings before giving access to important information to their employees.

 

IT training

Tech-firms and hackers, both, are well aware of each others’ goals! What that means is hackers know that their potential targets have taken the mandatory measures to try to keep them at bay from attacking their servers. Cyber culprits, however, have more than a dozen ways of sneaking into systems which they successfully achieve by capitalizing on human error.

Tech-firms have paid significant attention on developing a corporate culture focusing on security training programs aimed at teaching their employees the risks of negligent use of networks, phishing content, careless password management and improper disposal of information.

 

Encrypting Data

While having sensitive data stolen is a nightmare itself, things get a lot worse when this stolen data can be used for the wrong purposes. One way to keep data safer is by converting it into a code which can be decoded only by the entity with the decryption key. This doesn’t mean hackers might not have a solution of converting encoded information into a readable form. However, it certainly makes things harder for someone trying to obtain unauthorized access.

 

Strong Passwords and Password Managers

Using strong usernames and passwords should be a no-brainer. However, what is more important is properly storing them and that is where a password manager comes to play.

Password managers are software that saves usernames/passwords and keeps them encrypted. However, the risk here is the software itself as it is the master program containing all the passkeys. A security issue with it is enough to create a potential security risk.

 

Having information stolen is the last thing any organization would want to happen, especially if it is that of their clients. Not only it is a matter of reputation, a company might face serious legal issues for not being able to protect their customer’s information.

Be the first to write a comment.

Leave a Reply

Internet Security

‘Real Life Call of Duty’: Tabraiz Shamsi on security arrangement after landing in Pakistan

South African spinner posted on Social Media showing the security arrangement after their team landed in Pakistan for Test and T20I series

South African spinner posted on Social Media showing the security arrangement after their team landed in Pakistan for Test and T20I series
Read More

Continue Reading
Internet Security

Security Officials Face the Possibility of a Threat from the Inside on Inauguration Day

Weapons are distributed to members of the National Guard outside the U.S. Capitol on January 13, 2021 in Washington, DC. Security has been increased throughout Washington following the breach of the U.S. Capitol last Wednesday, and leading up to the Presidential inauguration. Stefani Reynolds—Getty Images By Kimberly Dozier Updated: January 14, 2021 2:50 PM EST…

By Kimberly Dozier
Updated: January 14, 2021 2:50 PM EST | Originally published: January 13, 2021 7:24 PM EST

The deadly siege on the U.S. Capitol on Jan. 6 has prompted U.S. security officials to think the unthinkable as they scramble to secure Washington ahead of next week’s Inauguration: that the enemy is already inside the house.

More than a dozen law enforcement officers and current and former military officials are reported to have taken part in the violent Jan. 6 insurrection that killed a U.S. Capitol Police officer and cost four supporters of President Donald Trump their lives. One Navy and two Air Force veterans are among those being investigated by law enforcement for the attack, as is a junior Army officer by her superiors, while several U.S. Capitol Police officers have been suspended after video showed them appearing to assist some of the rioters who were spurred to action by Trump’s refusal to accept defeat.

Now the FBI is warning of planned armed protests at the Jan. 20 Inauguration in Washington, D.C., and in all 50 state capitals, current senior U.S. officials tell TIME. Current and former security officials say they are concerned that serving U.S. troops or law enforcement officers could pose a clear and present danger to the President- and Vice President-elect and other senior U.S. lawmakers on Inauguration Day. Federal investigators are also trying to track down military and law enforcement members or veterans who took part on Jan. 6, and trace their wider network of associates who may be plotting to turn next week into the mayhem being called for on far-right forums.

But there are too many people to look at, and too little time to do it, says Mitch Silber, former Director of Intelligence Analysis at the New York City Police Department. In Washington alone, up to 20,000 National Guardsmen and hundreds of city, federal and neighboring state police will be on patrol.

“We might be talking one or two bad apples here, not anything systematic,” Silber says. Rooting them out would take an internal affairs-style investigation, possibly of entire agencies that are involved in Inauguration security. “We just don’t know, and there’s just no time to conduct that type of investigation.”

The growing sense of urgency and anxiety was reflected in an unprecedented letter from the Chairman of the Joint Chiefs Gen. Mark Milley and all the service chiefs to military members on Tuesday. They wrote that the “violent riot in Washington, D.C.” was a “direct assault…on our Constitutional process.” The chiefs added that the “rights of freedom of speech and assembly do not give anyone the right to resort to violence, sedition and insurrection.”

Their concern is shared by lawmakers who are incensed over the events of Jan. 6 and worried about security preparations underway for Jan. 20. After an FBI briefing on Tuesday, the Democratic chairmen of the Judiciary, Intelligence, Armed Services and Oversight committees released a statement that it’s “clear that more must be done to preempt, penetrate, and prevent deadly and seditious assaults by domestic violent extremists in the days ahead.”

“There is a crisis issue: the rise of extremism and white supremacy in the ranks,” retired Army officer Rep. Jason Crow (D-Colo.) told Politico on Monday. That rise, he said, has been “fueled by President Trump, unfortunately. So that has to be dealt with right away and unequivocally.”

Extremist experts and former law enforcement officials can only guess at how many of the nation’s police and military are members of militia or other extremist groups, or even hold extremist views they might be willing to act on. Of the nation’s roughly 800,000 police, it’s probably far less than one percent, says Mark Pitcavage of the Anti-Defamation League’s Center on Extremism. “When you have a body that huge, you’re gonna find some people with ties to extremism in it. That’s just a given.”

Nevertheless, that tiny fraction could still mean a sizable number of trained professionals could have the means and intent to cause serious harm or damage to express their anger over Trump’s defeat and the loss of life among rioters at the U.S. Capitol, including military-veteran-turned-martyr Ashli Babbit. More worryingly, many troops seasoned from fighting terrorists overseas know insurgent tactics, such as communicating via encrypted apps rather than expressing their plots over the now-at-least-temporarily-defunct Parler app, says terrorism expert Mia Bloom of Georgia State University.

“I don’t think it’s hyperbole to say that it’s extremely dangerous when you’re talking about people that have actual training in the military, or in law enforcement,” adds Colin Clarke, head of research for the Soufan Group. In reviewing video clips of the assault on the Capitol, he noticed rioters using specialized military tactics. “People were being commanded to move through a broken window in twos,” he noted, reminiscent of how U.S. troops in Iraq or Afghanistan to enter a building.

Frank Figliuzzi, former FBI Assistant Director for Counterintelligence, has also watched the videos, and says while the vast majority of those inside the building really have no idea of what they’re doing,” there were a handful of people that seemed “very personal purposeful and seemed to know where to go and what to do, and came equipped with flexi ties and other, and other kinds of tactical gear.”

Some who entered the building wore the militia patch of the Oath Keepers, a group he says brags about having a number of military and law enforcement members in its ranks. “When you have a President who holds campaign rallies called ‘Cops for Trump,’ and they are heavily attended…all of this makes the challenge of securing Washington, securing the inauguration, even more difficult than it already is.”

A disappearing target

Ironically, the Jan. 6 insurrection has handed the FBI the best possible blueprint to find future plotters, giving them legal cause to investigate not just those caught on camera storming the Capitol but associates who cheered them on and say they want to take part in up to four days of further, possibly armed insurrection before and on Inauguration Day. The Justice Department has already opened 170 case files with more on the way, officials said Tuesday.

One problem in their investigation, however, is that many of the would-be anarchists are erasing themselves online, according to Army veteran Jeff Bardin of private intelligence firm Treadstone 71.

Military members have always been careful not to use real identities online, but are becoming even harder to spot in the immediate wake of the Jan. 6 attack, he says. In the last week, he has tracked well-known neo-Nazis and other extremists deleting social media posts and taking their conversations “private” on encrypted apps like Telegram or moving to encrypted app Signal or GAB, a site popular with the alt-right, now that Parler has been taken offline.

“Everybody’s scrubbing their sites and trying to remove things if they participated in the insurrection last week,” Bardin says. “They’re

!–>!–>!–>

Read More

Continue Reading
Internet Security

WARNING! Scammers are using Facebook targeting tool to steal accounts

The large scale phishing campaign by cybercriminals amid the pandemic was a huge success, it harvested more than six hundred thousand Facebook credentials from Nepal, Egypt, the Philippines, and other countries. Early this month, ThreatNix, a group of security professionals that provides cybersecurity solutions published a report that shows more than fifteen thousand compromised Facebook…

The large scale phishing campaign by cybercriminals amid the pandemic was a huge success, it harvested more than six hundred thousand Facebook credentials from Nepal, Egypt, the Philippines, and other countries. Early this month, ThreatNix, a group of security professionals that provides cybersecurity solutions published a report that shows more than fifteen thousand compromised Facebook PH accounts in this phishing campaign.

ThreatNix published a report that shows more than fifteen thousand compromised Facebook PH accounts in this phishing campaign. (Photo from threatnix.io)

Ad sales are the primary source of Facebook’s revenue and because of the sudden shift to online commerce by many retailers due to the Covid-19 pandemic, the increase in demands for ad placements on Facebook has also tremendously increased. But even before the health crisis, Facebook has made it a point to make things convenient and productive to advertisers by providing tools with a wide range of targeting options to get maximum results on their placements. One of these tools is called Facebook Audience. With more than one billion daily active users, the social media giant recognizes that it is critical that advertisers only show paid posts to those who are more likely to engage with them. Any user where the ad is shown who is not likely to engage with the ad is a waste of advertising money. Using the Audience Manager Tool advertisers could easily identify Facebook users who would potentially click the ads or engage with them. This same tool that assures reach and engagement for ads placed on the FB platform was exploited by cybercriminals to get the same results, this time for clicks on the phishing links and tricking gullible users to engage with the FB paid posts. Once

Read More

Continue Reading
Internet Security

You should install antivirus on your Android smartphone, but which one?

If your Android device isn’t getting updates, then the very least you can do is download and install a security app. But which one should you install?

If your Android device isn’t getting updates, then the very least you can do is download and install a security app. But which one should you install?
Read More

Continue Reading