9 February 2018
Inevitable change but stuck in the past: Moving to the Cloud
Stuck over migrating to cloud can be daunting for businesses – and as technology continues to grow – the changes are inevitable and soon most business, if not all, will migrate their system, application and architecture over one component at a time. Regrettably, most cybersecurity firms are halt to a fault with what they know and are tuned to dealing with data center environment and technology. As a result, this amounts to security architects being the biggest area of concern when moving to the public cloud. So far, companies boarding on the cloud initiative almost always first attempt to port their data center security tools over to the cloud, rather than working on embracing a different deployment model. To move to the cloud quickly and effectively, companies need to focus on loosely-couple architectures. For example: Forget the past; Focus on your future, adapt to cloud-native tools, deal with licensing Issues.
Air Gaps, Faraday Cages Can't Deter Hackers After All
Conventional wisdom says that if something isn’t connected to the outside, it can’t be hacked. However, research shows that Faraday bags and air-gapped computers that are disconnected from the internet will not deter sophisticated cyber-attackers. Air-gapped computers used for an organization’s most highly sensitive data might also be secluded in a hermetically sealed Faraday bags, which prevents electromagnetic signals from leaking out and being picked up remotely by eavesdropping adversaries. However, researchers utilized malware keystrokes on an air-gapped computer to transfer data to a nearby smartphone via its magnetic sensor. Attackers can intercept this leaked data even when a smartphone is sealed in a Faraday bag or set on airplane mode to prevent incoming and outgoing communications. Attackers can use this covert magnetic channel to intercept sensitive data from virtually any devices.
ShurL0ckr Ransomware Evades Malware Detection in Cloud Services
As organisations have adopted cloud services to increase their productivity and agility, so have hackers who see cloud services as the next big target for distributing malware and stealing sensitive data from businesses and individuals. Google Drive and Microsoft Office 365, both of which have built-in malware protection, failed to identify a new form of Gojdue ransomware called “Shurl0ckr”. ShurL0ckr is a zero-day ransomware that works the same way as the Satan ransomware. Staying safe in the cloud is no easy task and inventive hackers will always find a new way to distribute malware and ransomware. However, now that the ShurL0ckr ransomware has been identified, security and cloud providers can better protect their customers from falling victim to it.
Adobe Flash Player Zero-Day Exploit Spotted in the Wild
Another reason to uninstall Adobe Flash Player—a new zero-day Flash Player exploit has reportedly been spotted in the wild by North Korean hackers. South Korea's Computer Emergency Response Team (KR-CERT) issued an alert for a new Flash Player zero-day vulnerability that's being actively exploited in the wild by North Korean hackers to target Windows users in South Korea. To exploit the vulnerability, all an attacker need to do is trick victims into opening Microsoft Office documents, web pages, or spam messages that contain a maliciously crafted Adobe Flash file.
Crypto-Mining Botnets Could Make £70m Annually
Criminals have progressively turned to crypto-mining malware to generate revenue. Cryptocurrency mining involves a zero-touch approach, once the victim is covertly infected with the mining malware. The Internet of Things (IoT) devices offer a relatively unprotected target without direction victim oversight which is minimal effort and maximum reward. To put this into perspective, an average system would likely generate about £0.2 of Monero per day, meaning that adversary who has enlisted 2,000 victims, could generate £300 per day. Therefore, in theory, botnets consisting of millions of infected system, which using our previous logic means that these systems could be leveraged to generate more than £70 million per year.
No Silver Bullet for GDPR Compliance
Elizabeth Denham, the UK’s information commissioner, has warned that many organisations will not be fully compliant when GDPR comes into effect in May. Denham added that organisations should be more concerned about the cyber threat posed by hackers in their bedrooms than those working on behalf of nation states. “We make a mistake if we throw up our hands and worry about state sponsored attacks – we know those are rare,” she said. “You should be worrying about the malicious kid in his bedroom who hacks into your system because he can. Or the opportunistic thief who understands the value of the data you hold and knows how to get his hands on it. Because you left the door wide open.” Everyone is concerned about GDRP because it includes potentially huge financial penalties – and ignorance will be no defense. Everyone has an opinion, but in truth there is no single certification or qualification that can inform any enterprise on both what the GDPR regulation requires and how-to re-engineer organizations to efficiently meet those demands.
Visit cyber.qa.com for more information on how they can help solve the Cyber Security skills gap.
Take a look at QA's state-of-the-art Cyber Labs, which provides a unique, immersive learning experience.