EEPICA's BLOG.sh
A little bit of everything but with emoticons! :)-
Do Your Part, By Cyber Smart: Business
As business owners and c-board members with the responsibility of making decisions that not only affect the company’s revenue, staff income and mental health, but also customers trust. It is of critical importance to understand cyber security, cyber risks and how to mitigate these.
-
Do Your Part, Be Cyber Smart: IT & Sec Teams
Cyber incidents and data breaches have become so normal that its importance and criticality is not hitting the main page on newspapers. However, in terms of regulatory fines and consequences for users, the real damage is impossible to measure.
-
Do Your Part, Be Cyber Smart
Hi there,
October is know to be the Cyber Security Awareness month, and I have decided to contribute a bit with this year's topic: Do Your Part, Be Cyber Smart!
Talking about cyber security has been badly misunderstood and publicised by news and media in general. Let's tart by defining what cyber security IS NOT:
- Cyber security is not all about numbers, computers and "hacks".
- You do not need to be a hacker, engineer, mathematician, geek or nerd to be cyber smart.
- To be cyber smart you do not need to take lessons, specialised courses or degrees.
- Cyber security is not dark magic reserved for wizards and witches.
Cybersecurity is about common sense for the time and place you are currently in. This means, being aware of the fact that you might be surrounded by computers, smartphones, media, fake news, conspiracy theories and people with bad intentions for your data.
You might think, you are not a target and cyber criminals will never be interested in you. However, we are all part of data-monetised society. Your name, phone number, favourite colour and shampoo are constantly used to influence your decisions... and your financial information to make someone else richer and more powerful.
On this post I want to give you a couple of tips on how to be cyber smart and do your part; with your family, friends, colleagues and why not strangers on the street (but remember don't talk to strangers, least of all provide any of your personal information to them!). Let's take a look at some tips:
When using social networks such as Facebook, Instagram, Twitter, TikTok, Snapchat, etc:
- Do not overshare information. for example:
- Not making public and visible to everyone your address, phone number, school you attended to or holiday plans as cyber criminals can use this information to break into your house, your business or even worse; stalk / attack you.
- Do not post cute pictures of naked babies, toddlers and young children, as sadly these are used by criminals to fill up pornographic websites.
- Do not accept connection / friendship requests from people you don't know, not even if you have 50 "friends" in common. Be aware that many cyber criminals use this trick to create a false sense of security and target people you might actually be friends with.
Be aware of "nice people" offering to help you with your credit card, fixing your computer, receiving a lost package. If you happen to receive a phone call from someone offering you something you didn't ask for or which you don't know about; just hang up the phone or delete the email. Optionally you can report a known phone number to your telephone company - most have the ability to fill in a short form on their website.
Be aware of cyber extortion, as cyber criminals could call / email you to tell you they have personal information such as pictures and videos of you, often in incriminating circumstances to bait you. They will use the information you share on social networks to make you think they know who you are, where you live, etc. to then request a ransom. If this happens, ignore the call / email, there is a high chance they don't have any real incriminating information or material on you.
Finally, always lock your devices with strong passwords and where possible cover your computer's web-camera (take a look at this video on Password Security).
Remember, to be cyber smart you just need to apply common sense to the world you are living in. If you don't allow strangers in your home, why would you allow them access to your Facebook profile? The latter is arguably the more risky in many circumstances.
For more information on how to stay safe online, please check: https://staysafeonline.org/sta...
Stay safe,
-
Recent Ransomware observations, Telefonica, NHS and some tips to consider
As you may be aware, the last couple of weeks in cybersecurity have being quite interesting (for non-victims). Big discussions around how Intel have managed their most recent vulnerability, how to protect yourself from being a victim and obviously the frustration a lot of people and companies felt when they noticed there was nothing they could do to fix it! But, Intel was vanished from the scene due to the exploitation of a social engineering attack: Ransomware (WannaCryptor).
Ransomware as many of you may know is a malicious software (malware) that once it's gained a new victim, encrypts all their files and then demands a payment in order to decrypt them again. In most cases victims do not get their files back, even though they are already down hundreds or maybe thousands of dollars.
On the last 12th of May Telefonica (Spain), the NHS (UK) and some other companies/ countries were affected by a Ransomware attack. Disruption of operations and the necessity of reverting to good “old-style” (pen and paper) was the most notorious impact. To date none of the victims have made any announcement regarding data loss.
Since these events have been well covered, I'd like to share a few cybersecurity tips that might just help prevent such devastation in the future for you or the company/ organisation you work for.
Let’s start by saying that Ransomware attacks are a combination of social engineering attacks and the exploitation of a (known) vulnerability. Social engineering attacks can also be a combination of technical and social networking techniques, in which the objective is to gain someone’s trust with a view to obtaining some reward (money, information, access to something). Social engineering attacks are not something to be managed through “technical” components, instead are a combination of education, profiling, detection and prevention techniques. So, here we go:
Security awareness: Educate yourself, your family, friends, colleagues, everyone. Don’t take me wrong, but current scandals and media actions have definitely put the Ransomware’s name on everyone’s head. This is indeed, the best moment to talk about what social engineering attacks are, how much cybersecurity matters and how to protect our data (Link to my presentation and blogpost).
Do not rely on your users: No, it is not the user’s fault and you cannot rely on them. Everyone plays an important role in today’s interconnected world, and apart from knowing the basics of cybersecurity, the only ones obligated to be experts at it… are the “cybersecurity experts” (BTW, such a thing does not exist). So, if you cannot rely on security awareness programs nor trust your users; what’s next?
Software updates: Vulnerability management processes and good practices are the two winners in this category. An up-to-date system makes us somehow “immune” to known vulnerabilities. It is important to classify the likelihood vs impact of a vulnerability and prioritise them. (Telfonica's case shows how a patch released in March is still causing damage in May).
Tools and policies: Cybersecurity is not a “one-tool” solution, rather it is a combination of policies, good practices and yes, well configured tools. Below is a list of some tips and recommendations for small-medium companies and why not, home:
- Least privilege: This is not a tool, but a policy in which the purpose is to limit user’s actions to their roles, i.e. if a user does not require admin privileges, then they should not have them
- Network segregation: Depending on the size of your network, this may or may not be possible. Anyway, there are some special kinds of malware with a core purpose of spreading themselves in an exponential manner. In the case of internal networks and/ or interconnected networks, segregation is important as it may limit the malware’s area of operation
- Intrusion detection/ prevention systems (IDS/ IPS): Within this category it's possible to find signature and behavioural based IDS/ IPS. Signature-based IDS/ IPS identify intrusions (illegal actions) depending on their signatures contained within the database. Behavioural-based IDS/ IPS create a profile of a host or network, to then identify anomaly activities by comparing them with the expected normal activity. A combination of both is ideal
- Integrity checkers: Tools that allow you to identify when a file/ platform has experienced unexpected changes
- Log management: Combination of tools and processes. The idea is to collect logs from day by day tools (Word processors, browsers, etc) in order to identify unexpected behaviour. Of course, to identify these it is necessary to analyse the logs… there are many log analysis tools readily available on the Internet
- Perimeter tools (firewalls, ACLs, etc): Their main purpose is not to identify vulnerabilities, but to give you the option to apply the least privilege policy to your systems/ platforms. In other words, they sit at the perimeter of your system/ platform allowing or denying traffic depending on certain kinds of rules which should be defined according to business necessities instead of using the default settings
- Antivirus, anti-spam, anti-spyware, anti-everything: Their names speak for themselves. These kind of tools (when kept up to date) help you to identify and prevent the execution of viruses, spam messages, spyware, etc. Note: They are signature based, therefore can only identify previously identified behaviours
I hope you enjoyed reading this post.
Thanks,
eepica
Ps: Microsoft has release a guidance for WannaCrypt attacks, as well as emergency patches for obsolete systems. For more information check their website here.
-
Women Techmakers Belfast
Women Techmaker is a Google initiative that intends to make women's participation in STEM (Science, Technology, Engineering and Mathematics) more visible. Yes, the problem is not just that our numbers in STEM fields are low; part of the problem is that women within them are not being noticed.
My story starts a couple of days after the Woman's International Day (my commemorative post here), when Claire Burn an ex-colleague, friend, master mind of Women Who Code Belfast and organiser of the Women Techmaker Belfast invited me to participate as speaker.
The event had 20 people on the scene, 19 women and 1 male equality defender who spoke eloquently about inclusion. And no, 19 women were not talking about wine (we drank wine), nor dresses, shoes or make-up (we couldn't have looked better!). We were talking about technology... virtual reality, development, business, healthcare, cryptography, cybersecurity and obviously about how to get more women into technology and how to retain the ones we already have. The women I got to meet are researchers, scientists, coders, mothers and fighters! An overview of the schedule is embedded in the tweet below:
Thank you to all our awesome speakers! Such fascinating, technical talks by so many #RoleModels #Shero #inspiration #womenintech pic.twitter.com/zeSbF6r24s
— WTM Belfast (@WTMBelfast) April 29, 2017
Regarding my talk, it was about Privacy and Cybersecurity; and how our incessant need to interact and share information through social networks on the Internet is causing us damage. This might be because of some data breach or we just shared the wrong information needlessly. The Internet is like real life, it is in fact an extension of it in which we have friends, attend events, share memories and sadly, every now and then become victims of some kind of scam/ trap.
The Internet is full of risks. Thousands of websites appear to be something they are not, some others have been hacked and are now unwittingly delivering malicious software, and finally but no less importantly there are also people that use the Internet to gain our trust to then use it against us.
Risk is defined as the likelihood of something bad happening, and just like in real life it depends on how much we are exposing ourselves to it.
Good news is, not everything is about risks and what not to do. The Internet can be a safe, enjoyable place in which meeting with friends and good memories can be revived. Simple tips to improve our Internet presence can be considered:
- Share with care: Do not reveal personal information unnecessarily
- Anonymise Internet use: Don't share your location, use VPNs and stop using third party software just because they have funny emoticons ;)
- End to end encryption: HTTPS everywhere; VPNs; PGP; etc.
- Classification of data: Work/ home; me/ partner/ children; health/ education; private/ public
- Remove/ uninstall unnecessary services/ programs: Default software and extra add-ons may not just be consuming your precious disk space, but also collecting information anonymously while slowing down your devices too!
- Security Awareness: Educate yourself and then everyone around you
If you'd like to see the official presentation you can find it on SlideShare.
If you have any questions or remarks, please don't think twice to get in touch through the Contact me page or by leaving me a comment below. :)
Finally, big thanks to the Women Techmaker organisation for making this possible and Deloitte Ireland for supporting me and helping me to share a little bit of my knowledge with the world.
Big thanks,
eepica
Image credit: Sarah Hannity - @Thatgirlcodes