The week in security: Would you notice if you were hacked?

Confident you would notice if your systems were being hacked? You’re in the minority: A new survey has found just 16 per cent of organisations hit by a breach last year noticed it before someone else told them about it. That’s hardly surprising given another study that found many of the worst malware offenders are using methods that antivirus software just can’t spot or deal with.

Of course, DDoS attacks can be particularly easy to spot – especially since the motivation for the attacks can often be political, not criminal. The crims have other tactics – which is why the European Union is moving to [[xref: |strengthen its cyber security arm|]], the European Network and Information Security Agency (ENISA). ENISA may have a great task ahead of it after researchers in Germany cracked the encryption algorithms used to protect satellite phone communications. Interestingly enough: by contrast, US cyber security experts were pleading for lighter-touch regulations.

On the malware front, researchers have discovered a piece of malware that’s using a generally available file-sharing service SendSpace to store the fruits of its labour, for easy retrieval by persons unknown. Another one, a Trojan called Infostealer.Offsupload, has already stolen over 20,000 online archives, Symantec warned. And the Kel hos botnet killed by Microsoft last year is still out of action, the company says, but don’t rest on your laurels: a new and similar one is rapidly taking its place, the company admitted.

The prevalence of this sort of attack is making many people assume that overall malware levels are way, way up – but figures from Verizon suggest the actual number of records compromised per year has been on the decline since 2008. That’s unlikely to be much solace for those owners of unsecured WiFi networks who, a US test case will decide, may eventually end up potentially liable if someone uses their networks to illegally download copyrighted content.

One imagines that law would certainly apply to those that download the source code of Symantec’s pcAnywhere, which hackers claim to have posted on BitTorrent; the code was subsequently confirmed by Symantec to be legitimate.

Not that hackers need it: A new study has found that hackers’ favourite way of breaching security systems was already to use third-party remote access applications or VPNs to sneak their way in.

Recognising that this sort of threat requires tighter controls on access, Apple apparently now requires a special digital certificate be acquired by anybody wanting to use mobile device management (MDM) tools to manage iPads, iPod touches and iPhones in the enterprise. Adobe was also tightening its security, releasing a version of [[xref:|Flash that sandboxes its processes|]] to deter security breaches and nastiness instigated by stray processes.

Browser security went both forwards and backwards, with Mozilla contemplating the revocation of Trustwave’s security certificate after it issued a man-in-the-middle security certificate; on the other side, Google shipped a new version of its Chrome browser and decided that Chrome will no longer check for revoked SSL certificates online. That's a significant change that's likely to spur considerable debate around strategies for ensuring quick promulgation of certificate security fixes.

Join the CSO newsletter!

Error: Please check your email address.

More about Adobe SystemsAppleGoogleMicrosoftMozillaSymantecTrustwaveVerizonVerizon

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by David Braue

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place