Thursday 27 October 2016

How to Protect Against Mobile Malware

IBM Security recently released a white paper on the mobile malware threat, which included general guidance on managing the mobile threat and an overview of IBM’s MaaS360 Mobile Threat Management tool, I thought it was good advice and well worth sharing.

According to Arxan Technologies. 97% and 87%t of the top paid Android and iOS apps, respectively, have been hacked and posted to third-party app stores.
Mobile Security Guidance (by IBM Security)
  • Educate Employees about Application Security: Educate employees about the dangers of downloading third-party applications and the potential dangers that can result from weak device permissioning.
  • Protect BYOD devices: Apply enterprise mobility management capabilities to enable employees to use their own devices while maintaining organisational security.
  • Permit Employees to download from Authorised App Stores Only: Allow employees to download applications solely from authorised application stores, such as Google Play, the Apple App Store and your organisation’s app store, if applicable.
  • Act Quickly when a Device is Compromised: Set automated policies on SmartPhones and tablets that take automatic action if a device is found compromised or malicious apps are discovered. This approach protects your organisation’s data while the issue is remediated.

Sunday 2 October 2016

Cyber Security Roundup for September 2016

The theft of over half a billion Yahoo user accounts by hackers has dominated the news headlines in the last couple of weeks. Since announcing the largest hack in history, Yahoo has come in for heavy criticism, given it took two years for Yahoo to notice the massive data theft, talk of lacklustre security behind the scenes at the company, and doubts over Yahoo’s claims the cyber attack was state-sponsored. Lawyers representing users, the US Senate and the UK ICO have all lined up to take pop-shots at Yahoo and are threatening action.  I posted known Yahoo hack information and advice, and Yahoo hack industry analysis

Interesting example of Hacktivism after a Russian group called "Fancy Bears" hacked and released the World Anti-Doping Agency medical records of prominent British and American Olympic athletes. The motivate appears to be a revenge protest aimed at causing embarrassment to medal winning Western athletes following the banning of several Russian athletes at the recent Rio Olympic games for banned sport enhancing drug use. The posted stolen records showed western athletes had taken a variety of banned drugs for legitimate reasons and conditions, which all were approved by the Anti-Doping Agency. Fascinating case for both athletics and data protection worlds, as even athletes in the public eye still have a right to privacy, especially when it concerns information about any medical conditions they have.

UK payment card fraud has risen by 53% over the last 12 months. The shock increase was blamed on scammers using more sophisticated attack methods. This spike in payment card fraud certainly would have been noted by the UK National Cyber Security Centre (NCSC), as it gears up to launching next month. The NCSC is part of the UK government’s £1.9 billion investment plan to beef up the UK’s cyber security capabilities over the next 5 years.

There is an interesting video webinar posted this month, which reviews the $81 million SWIFT Bank Hack by the company that investigated it. It concludes with the SWIFT Bank investigators firmly pointing the finger of blame at weak endpoint security at the bank. Elsewhere the Locky Ransomware continues to be evolved by hackers seeking to make their fortune out of the nefarious tool.

On Tuesday 27th September I spoke at the R3 Summit (Resilience, Response and Recovery) in London, and summarised my advised approach with cyber incident management in a blog post the following day - Cyber Security Incident Management, Response and Recovery Guidance

Awareness, Education and Intelligence