Daily Tech Digest - March 16, 2021

Lockdown one year on: what did we learn about remote working?

Securing millions of newly remote workers almost overnight was a huge undertaking. Against the need to keep businesses and essential services running (including public sector bodies like councils), security may not have been the primary considerations. Most organisations have now spent time going back to “plug the gaps”, but there’s no doubt that a proliferation of devices and the increased use of cloud services has left companies more vulnerable. McAfee found a 630% increase in attacks on cloud infrastructure since the start of the pandemic, and in just one month between March and April 2020, IBM recorded a 6,000% increase in phishing attempts. As well as ensuring remote/flexible working policies are up to date, there are a host of tactics companies can employ to address security. This includes mobile device management and endpoint security, strict patch management and complete backing up of the Microsoft 365 environment, which many assume is done automatically by Microsoft, but isn’t, which can result in a catastrophic loss of data. Another security approach is to focus on identity and access management (IAM) to enable single sign-on and smart identity management.

How Financial Institutions Can Deal with Unstructured Data Overload

Emerging big data analytics solutions which leverage machine learning (ML) can parse through data to identify important information. These tools allow financial institutions, particularly investment management firms uncover the crucial business insights that lie within the unstructured data, giving them an immediate competitive advantage over their peers that are not leveraging AI in this way. These analytics tools can uncover new market insights, allowing teams at investment management firms to get a deeper understanding of businesses and industries, allowing them to make better investment and trading decisions. For example, even after an investment management firm has holistically narrowed down the number of news articles necessary to review, there still might be thousands of texts to read through over the course of a month. Adding in an ML solution here would help the portfolio manager identify which stories are most relevant based on the language and nuanced phrasing within the text. It would give each article a relevant scoring, and save the PM the countless hours that they’d have otherwise spent reading through the articles.

Proving who you are online is still a mess. And it's not getting better

For the past two decades, the UK government has looked at ways to enable people to easily and reliably identify themselves, with little success. Unlike in other countries, a national ID card to carry around in your pocket now seems to be firmly off the table; but instead, the concept of creating a "digital identity" is gathering pace. Rather than digging through piles of archived paper-based documents, a digital identity would let people instantly prove certified information about themselves, flashing their credentials, for instance, through an app on their phone. Although the concept is not new, the idea is gaining renewed attention. The Department for Digital, Culture, Media and Sports (DCMS), in fact, recently unveiled plans to create what it called a digital identity "trust framework". The idea? To lay down the ground rules surrounding the development of new technologies that will allow people to prove something about themselves digitally. This could take the form of a digital "wallet", which individuals could keep on their devices and fill with any piece of information, or attributes about themselves that they deem useful. The wallet could includes basic information like name, address or age, but also data from other sources, at the user's own convenience.

UK Set to Boost Cybersecurity Operations

Johnson has said in Parliament that the creation of the NCF is designed to strengthen Britain's cybersecurity posture and give the country new defensive and offensive capabilities. "Our enemies are also operating in increasingly sophisticated ways, including in cyberspace," Johnson says. "Rather than being confined to some distant battlefield, those that seek to do harm to our people can reach them through the mobile phones in their pockets or the computers in their homes. To protect our citizens, U.K. defense therefore needs to operate at all times with leading, cutting-edge technology." Currently, the NCF carries out operations such as interfering with a mobile phone to prevent a terrorist being able to communicate with their contacts; helping to prevent cyberspace from being used as a global platform for serious crimes, including the sexual abuse of children; and keeping U.K. military aircraft safe from targeting by weapons systems. In addition to the NCF, last year the Ministry of Defense created the 13th Signals Regiment, the U.K.'s first dedicated cyber regiment, and expanded the Defence Cyber School. While he acknowledged the benefits of a more cyber-capable military, Cracknell pointed out that, "We don’t have a solid security foundation, and until all businesses and CNI entities are at that level, we are wasting resources by going on the offensive."

DDoS's Evolution Doesn't Require a Security Evolution

The idea of monetizing DDoS attacks dates back to the 1990s. But the rise of DDoS-for-hire services and cryptocurrencies has radically changed things. "It's never been easier for non-specialists to become DDoS extortionists," Dobbins explains. This has led to a sharp uptick in well-organized, prolific, and high-profile DDoS extortion campaigns. Today, cybercrime groups deliver ransom demands in emails that threaten targets with DDoS attacks. Most of these are large attacks above 500 gigabytes per second, and a few top out at 2 terabytes per second. Ransom demands may hit 20 Bitcoin (approximately $1 million). Attacks that revolve around ideological conflicts, geopolitical disputes, personal revenge, and other factors haven't disappeared. But the focus on monetization has led attackers to increasingly target Internet service providers, software-as-a-service firms and hosting/virtual private server/infrastructure providers. This includes wireless and broadband companies. "We've seen the DDoS attacker base both broaden and shift toward an even younger demographic," Dobbins says. According to Neustar's Morales, reflection and amplification attacks continue to be the most prominent because of their inherent anonymity and ability to reach very high bandwidth without requiring a lot of attacking hosts.

Securing a hybrid workforce with log management

When companies shifted to a remote workforce in response to the COVID-19 pandemic, cybercriminals continued to launch attacks. However, they did not target distantly managed corporate networks. Instead, they looked to exploit organizations where workforce members did their jobs on home networks and devices. Because home networks often lack the robust security controls that the enterprise uses, they become attractive gateways for malicious actors. During the COVID-19 lockdowns, cybercriminals increasingly leveraged the Windows Remote Desktop Protocol (RDP) as an attack vector. RDP allows users to connect remotely to servers and workstations via port 3389. However, misconfigured remote access often creates a security risk. There has been a massive increase in RDP attack attempts in 2020. Windows computers with unpatched RDP can be used by malicious actors to move within the network and deposit malicious code (e.g., ransomware). Devices getting infected with malware is a common occurrence when users work outside the corporate network. Since IT departments cannot push software updates through to the devices, security teams need to monitor for potential malware infections. Event logs can detect potentially malicious activity when used correctly.

Cryptophone Service Crackdown: Feds Indict Sky Global CEO

Sky Global's CEO has disputed those allegations and said he has received no direct notice of any charges being filed against him or any extradition request. "Sky Global’s technology works for the good of all. It was not created to prevent the police from monitoring criminal organizations; it exists to prevent anyone from monitoring and spying on the global community," Eap says in a statement released Sunday and posted to the company's website. ... "The unfounded allegations of involvement in criminal activity by me and our company are entirely false. I do not condone illegal activity in any way, shape or form, and nor does our company." Eap has also disputed claims by police that they cracked Sky Global's encryption. Previously, Sky Global had offered a $5 million reward to anyone able to demonstrate that they had cracked the encryption. Following a two-year investigation into Sky Global and its customers, last week, police in Belgium, France and the Netherlands launched numerous house searches, leading to hundreds of arrests of alleged users - including three attorneys in Antwerp, Belgium - as well as the seizure of thousands of kilograms of cocaine and methamphetamine, hundreds of firearms, millions of euros in cash as well as diamonds, jewelry, luxury vehicles and police uniforms, officials say.

Optimize your CloudOps: 8 tricks CSPs don't want you to know

Leveraging security managers that span all your traditional systems and public clouds is three times more effective than following a cloud-native approach. Similar to tip No. 1 above, cloud-native security systems operate best on their native cloud. Eventually you'll have silos of security systems, each solving tactical security problems for their native clouds. What you need is an overarching security ops platform that can manage security from cloud to cloud as well as for traditional systems, and perhaps with emerging technologies such as edge computing. Again, this is about finding something "cross-cloud" that exists today, and to do that you'll have to look for third-party providers. If you don't choose cross-cloud security now, the move from cloud-native to cross-cloud security will happen when your security silos become too complex to maintain and the first breach occurs. At that point, the transformation from cloud-native to cross-cloud security is difficult and costly. While this trick causes some debate from time to time, most experts agree: Abstracting public clouds for performance monitoring is a much better approach than just monitoring a single cloud using its cloud-native system.

AI One Year Later: How the Pandemic Impacted the Future of Technology

Those changing consumer behaviors created an abrupt reality for data science teams: predictive AI and machine learning (ML) models and the data they are derived from were almost instantly outdated, and in many cases reduced to irrelevance. In the past, these models were based on historical data from several years of behavioral patterns. But in a world of tightened spending, limited purchasing options, changing demand patterns, and restricted engagement with customers, that historical data no longer applied. To combat this problem -- at a time when companies could not afford inaccurate predictions or lost revenue -- AI teams turned to such solutions as real-time, ever-changing forecasting. By constantly updating and tuning their predictive models to include incoming data from the new pandemic-driven patterns, organizations were able to reduce data drift and more effectively chart their paths through the crisis and recovery period. With their hand forced, companies needed to make difficult choices during the spring of 2020. Do they put their projects and initiatives on pause and wait for the pandemic to subside, or push forward in applying AI as a competitive differentiator during these challenging times?

What is Agile leadership? How this flexible management style is changing how teams work

As Agile development took hold in IT departments, so tech chiefs started thinking about how the approach could be used – not just to create software products – but to lead teams and projects more generally. As this happened, CIOs started talking about the importance of Agile leadership. Over the past decade, the use of Agile as a technique for leading and completing projects has moved beyond the IT department and across all lines of business. The increased level of collaboration between tech organisations and other functions, particularly marketing and digital, has helped to feed the spread of Agile management. ... Although Agile leadership leans heavily on the principles and techniques of Agile software development, such as iteration, standups and retrospectives, it's probably fair to say that it's a management style that involves a general stance rather than a hard-and-fast set of rules. Mark Evans, managing director of marketing and digital at Direct Line, says the key to effective Agile management is what's known as servant leadership, a leadership philosophy in which the main goal of the leader is to serve.

Quote for the day:

"Integrity is the soul of leadership! Trust is the engine of leadership!" -- Amine A. Ayad

No comments:

Post a Comment