Computer and Online Cyber Security
Computer Security No 13: Security Deep or Dark?
Corporate Computer Security
Deep or Dark?
- Healthcare databases for sale - price tag under $1m
- Ransomware v 2.0 is around the corner and a massive threat to the enterprise
- Are vendors putting your network at risk?
Deep or Dark?
There is a difference between the "Deep Web" and "Dark Web." While the "Clear Web" is the surface area which is indexed by search engines such as Google and Yahoo, the Deep Web is an area search engines can't crawl for or index.
Plunging in further, the Dark Web is a small area within the Deep Web which is intentionally hidden from discovery. The Deep web despite not being indexed is still accessible with your normal web browser if you know where to go; the Dark web however requires special software which lets you access sites that have been deliberately hidden.
Healthcare databases (655,000 records of patients) for sale - price under $1m?
At the end of June, a hacker in the US listed 655,000 medical records for sale from 3 databases on TheRealDeal black market:
* 48,000 from Farmington Missouri
* 210,000 from Central/Midwest US
* 397,000 from Georgia US
All were retrieved due to severely misconfigured networks using available usernames and passwords in plain text.
To read more about this:
Ransomware-as-a-service (RaaS) is exploding. A study in US shows that it grew from $400,000 in 2012 to nearly $18m in 2015. Authors of Ransomware are moving to 'Affiliate models'. The authors of Ransomware and their affiliates use the TOR network, dark web and Bitcoins to cash in without having their identify disclosed.
The only traces left are the initial node (Entry node into TOR) and the exit node. Despite the FBI trying to offer and create booby trap nodes, the dark web changes shape and moves at a far higher speed.
Cisco's recommendations for companies wanting to improve security are:
* Improve network hygiene - Improve aging infrastructure to limit vulnerabilities.
* Integrate defenses - Use machine learning techniques combined with novel data views.
* Measure time to detection - Find out how long an attacker can live in your network before they are found.
* Protect your users everywhere they are - Protect users whether they're on a laptop, a smartphone, or another device.
Don't just protect networks but protect users. They are the target.
Are vendors putting your network at risk?
Growing numbers of organisations started to recognize their information security is heavily dependent on their vendors' security practices and defences.
In a survey done by IDG Research of more than 260 IT managers, 70% of them felt they don't have proper visibility into the data risks posed by third parties.
VRM stands for Vendor Risk Management; the study shows the progressive steps on the maturity curve when building an effective VRM program (and the responses categorised by these levels). Ideally, every company should aim towards level 4.
To download the study, please go to:
Moderated by Monica Schlesinger: www.advisoryboardsgroup.com.au
© 2011 - 2016 Advisory Boards Group website by aml websites