Daily Tech Digest - December 06, 2017

What is a botnet? And why they aren't going away anytime soon

botnet bots
According to an Akamai internet security report released this week, botnets are not only still alive and well, but getting more clever and more difficult to combat. For example, attackers are now using Fast Flux DNS, changing DNS information so rapidly that defenders have a hard time tracking and disrupting them. While Akamai was part of the battle to control last year's Mirai attacks, Mirai itself is still around, with two DDoS attacks exceeding 100 Gbps this past quarter, Akamai reported. Plus, new botnets are popping up. This fall, Check Point researchers say they discovered a new botnet, variously known as "IoTroop" and "Reaper," that's compromising IoT devices at an even faster pace than Mirai did. It has the potential to take down the entire internet once the owners put it to work. Mirai infected vulnerable devices that used default user names and passwords.


When the threats get weird, the security solutions get weirder

20160225 stock mwc ericsson booth security locks
Many of our assumptions around security are being challenged by new facts. Take two-factor authentication, for example. A report last month by Javelin Strategy & Research claimed that current applications of multi-factor authentication are “being undermined.” Two- or multi-factor authentication is also underutilized by enterprises, with just over one-third using “two or more factors to secure access to their data and systems.” So we can’t trust two-factor authentication like we used to, and even if we could it’s wildly underutilized. But surely we can trust Apple devices, right? Apple has a sterling reputation for strong security. Or, I should say, “had” such a reputation. Apple apologized and issued a patch this week for a major security flawthat enabled anyone with physical access to an Apple computer running macOS High Sierra to gain full access without even using a password


Security, vendor choices affect server purchases for IT buyers


An increasing number of systems can detect unauthorized or unexpected changes in system firmware images and firmware configurations, enforcing a system lockdown to prevent such changes and alerting administrators when change attempts occur at the firmware level. Servers frequently include persistent event logging, which includes an indelible record of all activity. And servers benefit from various recovery capabilities. For example, automatic BIOS/firmware recovery can restore firmware to a known goodstate after the system detects any flaw or compromise in the firmware code base. Some systems can apply similar restoration to the OS by detecting possible malicious activity and restoring the OS to a known good state as well.


SMBs have big plans for 2018--but too many ignore the threat of a data breach

sarawootchistock-532728101.jpg
The results from the Microsoft survey show that SMBs are looking forward to 2018 with an optimistic attitude regarding the growth of their businesses. This is great news for Microsoft and other information technology companies, as SMB growth translates into more demand for their products. The next year seems primed for opportunities to provide more cloud services and productivity software—good news for Microsoft. But there is obviously still a need to educate SMB owners about the perils of cyber threats. Every business, regardless of size, must operate as if there will be a data breach at any moment—because that is the current reality. No business, no matter how small and seemingly insignificant, is immune from a cyberattack. All businesses must be prepared with a comprehensive plan for when, NOT IF, a data breach occurs.


How to achieve and maintain PCI DSS compliance

Conduct a PCI DSS gap analysis or pre-audit assessment to determine your organisation’s current level of compliance. ... A gap analysis is often proposed before a formal assessment by a QSA for an Attestation of Compliance (AoC), and can help organisations establish whether they are ready for a formal Report on Compliance (RoC) audit. After the consultant performs the gap analysis, they will send your organisation an assessment report and a roadmap of the steps you need to take to achieve accredited certification to the Standard. A PCI DSS gap analysis is similar to an actual RoC assessment, and includes a detailed review of the organisation’s compliance activities, such as on-site interviews with staff, an assessment of the in-scope system components and configurations, an examination of out-of-scope components and a physical and logical data flow analysis.



3 Areas The IoT Will Impact You Without Your Even Knowing


Connected devices in our homes have traditionally been about making life easier—and maybe even a little more fun. It’s cool to check in on our kids from our connected video cameras; it’s nice to click a button on our phone and watch our favorite movie or TV show. But going forward, these technologies will be about even bigger things: saving energy, time, and money. Your smart home apps will automatically manage your energy usage based on smart sensors and data collected over time. Predictive maintenance sensors will alert you—and even arrange for help—when your appliance is in need of adjustment to maintain optimal efficiency. ... On the business side, savings will be just as huge. The U.S. Department of Energy estimates buildings account for more than 40 percent of electricity use in our country. There’s no telling how much private and public bodies will be able to save in money—and natural resources—by utilizing the IoT.


Connected cars: What happens to your data after you leave your rental car behind?

istock-806930400.jpg
A new report suggests it is not clear who is responsible for protecting the data that can be uploaded from smartphones when they connect to in-car systems. This data can include the location and contents of the smartphone as well as the user's home address, and it is often stored in the connected infotainment system and is not deleted. Privacy International rented a series of internet-connected cars from vehicle hire and car sharing firms and found that not only was information about previous drivers collected and retained in the infotainment system, the system also contained past locations the vehicle had travelled to and could identify previously connected smartphones. "In most of them there were between five and ten different phone identifiers. When you connect to the Bluetooth, it will store your identifier," Millie Graham Wood, solicitor and legal officer at Privacy International, told ZDNet.


Redefining perimeter network security: The future is a hybrid

firewall
“[The perimeter] is a very limited mindset which breaks down in a wifi and cloud world,” Keith Casey says. In addition to serving as adviser to multiple startups, Casey is an API problem solver at Okta, a San Francisco-based identity cloud provider. “Because we can’t count on the borders that we’ve always counted on, things are different,” he explains. “Previously, [IT] could say if you’re on our network — on our physical, hard-wired network — here are the security protocols. If you have physical access to our network, we can trust you.” Pre-cloud, this perimeter was always reinforced by internal defenses such as antivirus scanning or endpoint protection tools. Both then and now, Casey says, “Perimeter by itself isn’t enough. If I get inside, I can run wild. It’s like not using a safe because you keep your front door locked.” In that way, best practices haven’t changed: It’s always a good idea to have a rear guard.


Why Big Data and Data Scientists Are Overrated


The fact is, data scientists spend about three-quarters of their time doing data janitorial work – collecting, transforming, and cleaning data – rather than building the complex predictive models that they were actually hired for. That equals frustration for data scientists who had high hopes of making an impact, and sour grapes for the people who hired them. Organizations should start with the basics, and work up from there. Instead of being lured by the “shiny object” syndrome and thinking you need a big Hadoop data lake or neural networks to solve a problem, seek the simplest answer. “People make a mistake if they jump right to the most sophisticated tool, because they’re wasting a lot of time,” Mintz says. “The reality is a lot of problems are quite tractable with a simple regression. And some problems don’t even need that. You can just look at the data and see what’s happening.”


Can Open Banking fulfil expectations?

Interest Rates Rise For The First Time In Ten Years
The new rules are designed to give banking customers – which include businesses – more control of their financial data, allowing them to share it with organisations other than their banks, therefore opening up opportunity for fintech firms. But the Bank of England governor Mark Carney has suggested lenders aren’t taking the threat of fintech seriously enough, which means they could see the rug pulled out from under them as smaller “underdog” firms start taking more market share. However, research from Accenture in October found that 69 per cent of British consumers wouldn’t want to share their bank account information with third-party providers. In fact, more than half said they will never change their existing banking habits and adopt Open Banking. It is clear that companies are facing an uphill battle, both in terms of implementing the new rules, and building customers’ trust.



Quote for the day:


"It's time to take the innovation out of IT and give it back to the business, with the support of IT." -- Stuart Birrell