Cyberis is an innovative information security consultancy which was formed in 2011. Cyberis' founders have 30 years of experience between them working in the information security industry and are able to call upon a wide range of skills and abilities.
Mark Crowther, Associate Director at Cyberis looks at the latest breach at Yahoo and the serious questions it raises about the company's historical and ongoing security programme.
The latest reports say that Yahoo lost data for more than one billion users back in August 2013 and that the data is suspected to contain names, email addresses, hashed passwords, security questions and associated answers. In addition, Yahoo has stated that the attackers have accessed Yahoo proprietary code used to generate cookies for user access without credentials.
Behind every high-profile data-breach headline, there are 100s of other similar stories of cyber attacks that cause major financial pain and reputational loss to their victims. The fact is that cyber crime is no longer a backroom activity but a growing business, driven by hacktivist groups, organised criminal gangs and state-sponsored cyber terrorists. And attacks are no longer directed only at government organisations, large financial institutions and corporations. Companies of all types and sizes are now facing increasing internal and external threats.
The threat landscape is constantly evolving. The skillsets and techniques used by adversaries constantly evolve in terms of sophistication and efficacy. There's an arms race going on, and offensive capabilities tend to be outstripping defensive controls.
Some ubiquitous threat actors, such as those criminal gangs running ransomware operations, may not care too much about what data you have within your network. Most organisations are targeted by a range of threat actors, however, and some may be highly driven to gain access to your assets.
There is some confusion surrounding Cyber Essentials; what it is, why people need it and often there is a misinterpretation that Certifying Bodies are responsible for the schemes rules. Cyber Essentials is a relatively new certification. It has been mandated since October 2014 for UK government suppliers, although it is not limited to them, non-government organisations are encouraged to seek to obtain the certification.
There's no such thing as infallible security, and preventing every single security breach is impossible.
But when a breach does happen, the steps an organization takes next will largely determine the damage they suffer, and how the business recovers. A security team's first reaction is often to move to eject the attackers. But is that always the right strategy? Especially when it comes to advanced threats, there is a case for biding your time, and gathering intelligence.
In 2012, HM Government launched the 10 Steps to Cyber Security in an effort to make clear that risks to information should be taken as seriously as financial, regulatory, legal or operational risk. The 10 steps to Cyber Security programme provided guidance on how an organisation might approach the task of making security an integral part of their business.
NetAlerts is Cyberis’ new service which provides a concise, consistent overview of changes to your internet exposure. Understanding your exposure is a key factor in understanding the risk to your network; by detecting changes in TCP/IP port states and highlighting dangerous ports, NetAlerts can aid in the identification of insecure or misconfigured services as well as potentially malicious software.
Cyberis is sponsoring an ISSA-UK Regional Networking Event, on Wednesday 1 June 2016, from 19:00 – 23:00, in Cheltenham.
The event is an evening of networking and a security-themed pub quiz – hosted at the current CAMRA National Pub of the Year – Sandford Park Ale House (http://www.spalehouse.co.uk). As such, no CPEs are available, but we have a free buffet and round of drinks!
To register for the event and full details (you do not need to be an ISSA member), please follow the link below:
Over the last 12 months, ransomware has rapidly become one of the most prevalent information security threats to a vast number of organisations of any size, as well as the individual consumer. It is a highly lucrative opportunity for criminals and is claiming a growing list of victims. Indeed, at Cyberis, we have experienced a significant upward trend in incident response services and requests for our advice due to ransomware events.