10% of Global Internet Traffic Would be Secured by Lava Lamps

At its headquarters in San Francisco, technology firm Cloudflare chose to assign a different function to lava lamps. This modern Internet giant is a DNS provider that works to manage and secure millions of domain names of websites. Based on information provided by the site analysis W3Tech, an estimated 6 to 10% of global HTTP and HTTPS requests pass through the secure channel technology company, a huge data flows that should definitely be protected, especially against denial of service attacks (DDoS) like the one that knocked down the DNS provider Dyn in 2016.

Cloudflare has, therefore, opted for a proven data security technique: encryption. And that’s where the famous lava lamps in the lobby of his office come in. In a recent blog post, the company has detailed the

Advertisements

At its headquarters in San Francisco, technology firm Cloudflare chose to assign a different function to lava lamps. This modern Internet giant is a DNS provider that works to manage and secure millions of domain names of websites. Based on information provided by the site analysis W3Tech, an estimated 6 to 10% of global HTTP and HTTPS requests pass through the secure channel technology company, a huge data flows that should definitely be protected, especially against denial of service attacks (DDoS) like the one that knocked down the DNS provider Dyn in 2016.

Cloudflare has, therefore, opted for a proven data security technique: encryption. And that’s where the famous lava lamps in the lobby of his office come in. In a recent blog post, the company has detailed the importance of these lamps in the data protection system. Contrary to appearances, its wall of lava lamps is an integral part of an elaborate encryption system that ensures the protection of a significant part of global Internet traffic.

Cryptography techniques are used to generate random and secret series of numbers so that an opponent can never guess them. But according to Cloudflare, the random generation of these numbers would not be enough to guarantee optimal data security. From the point of view of society, what cryptographers would need most is a factor of “unpredictability,” which alone can ensure an optimal level of security encryption.

For unpredictable sequels, computer security firms typically have two options. The first is to use completely unpredictable physical processes that take a long time to measure, for example, accurately measuring the temperature of a processor at a specific time. The second is through the use of pseudorandom number generation algorithms (CSPRNGs). They can generate large numbers of random numbers very quickly if they are “connected” to a truly unpredictable source.

lava-lamps

The ideal would seem to be to set up a system that combines the speed of the second solution with the best security guarantees provided by the first solution. Better still, a system could be created that would provide a CSPRNG with a variety of unpredictable sources.

The system called LavaRand operated by CloudFlare was designed by Silicon Graphics and patented in 1996. The lamps unpredictably produce wax bubbles. In parallel, a camera installed in the corner of the room records the scene, and the images are transformed into “a stream of random and unpredictable bits,” which are then provided to the pseudo-random generator. The latter in turn generates large numbers of numbers to encrypt the data traffic eventually.

CloudFlare has a variety of physical systems to produce tamper-proof keys in offices around the world. Its office in London has a “chaotic clock,” and the Singapore office bases its encryption on a radioactive source. For simplicity, we can say that the company uses in its premises in San Francisco an algorithm, a camera, and a hundred lava lamps to generate random encryption keys.

LavaRand and other Cloudflare DIY systems (Do It Yourself) are currently only used as a last resort, in case, for example, the company’s main server-based encryption system, based on Linux, would be compromised. This initiative at least has the merit of reminding us that it is important to maintain innovation in encryption systems at a time when algorithms alone no longer seem to be sufficient. “Hopefully we’ll never need it,” the company said in its blog post.

Security is Fundamental, But Are We Too Underestimating it?

Do we live in a more risky world than in the past? The answer is yes, according to 72% of top business managers worldwide interviewed by BDO for the Global Risk Landscape 2017 edition, the annual report of the company’s audit firm and business advisory firm investigating business risk factors international.

What is surprising is that there is no security issue out of the top three risk factors, out of concern about compliance with regulations (35%), increasing competition in the market (30%) and the economic crisis ( 29%). If questioned about the company’s uptime about the changes in global business, only 21 percent of European business leaders point to cyber risk as a factor that will surprise their businesses over the next 10 years.

The context outlined by the BDO report seems totally inadequate to the current global scenario, where we are attending world-c

Do we live in a more risky world than in the past? The answer is yes, according to 72% of top business managers worldwide interviewed by BDO for the Global Risk Landscape 2017 edition, the annual report of the company’s audit firm and business advisory firm investigating business risk factors international.

What is surprising is that there is no security issue out of the top three risk factors, out of concern about compliance with regulations (35%), increasing competition in the market (30%) and the economic crisis ( 29%). If questioned about the company’s uptime about the changes in global business, only 21 percent of European business leaders point to cyber risk as a factor that will surprise their businesses over the next 10 years.

The context outlined by the BDO report seems totally inadequate to the current global scenario, where we are attending world-class cyberattacks such as WannaCry and Petya. If this is accompanied by Ponemon and IBM estimates, which account for $4 million in the average economic loss caused by a company by system violations in 2016, with an increase in ransomware attacks by 6,000% a year last, it is clear that the security issue is at least underestimated.

According to BDO, there are eight steps each company should take to be able to be resilient to cyber attacks. The first is to constantly update security information systems with the latest software versions available to avoid the so-called 0-day, publicly known security vulnerabilities.

The second step is to install monitoring systems that timely activate the alarm in case of violation. What’s important is to know what data are contained in their systems and how they are defended. The fourth step is to protect this data with appropriate access control systems. The fifth is the corporate culture: it is necessary to teach all employees how to recognize an ongoing hacker attack and how to take safe behaviors during daily work.

The next step is to look at the business supply chain and ensure that stakeholders and third parties are well prepared for cyber-risk by sharing good practice. Finally, we need to be able to discuss the cybernetic risk at the summit adequately, as we would address any other risk, economic or otherwise.

In the event of an attack, as always stated in the BDO report, the first thing to do is to realize that the attack is ongoing. Then, immediately shut off the parts of the attached system, to avoid contagion propagation. At the reputational and communicative level, it is also necessary for each company to prepare in advance an official standard statement that can promptly send the press and stakeholders.

Singapore Wants to Register Hackers in New Law

Singapore is one of the most advanced and important countries for information security. However, a likely new local law is dividing opinions: any ethical hacker who wants to operate in the country will have to take a license.

Ethical hacking is the term used for the individual who modifies the internal aspects of devices, programs and computer networks for the “common good” without taking any kind of advantage.

The law is not yet implemented, however, if any hacker is caught – or if any individual wants to help some company via penetration tests, for example – acting without the license, will have to pay $114 Thousand and face up to two years in prison.

As noted by <a href="https://qz.com/1026300/singapores-government-wants-to-license-hackers/&quot; target=

Singapore is one of the most advanced and important countries for information security. However, a likely new local law is dividing opinions: any ethical hacker who wants to operate in the country will have to take a license.

Ethical hacking is the term used for the individual who modifies the internal aspects of devices, programs and computer networks for the “common good” without taking any kind of advantage.

The law is not yet implemented, however, if any hacker is caught – or if any individual wants to help some company via penetration tests, for example – acting without the license, will have to pay $114 Thousand and face up to two years in prison.

As noted by Joon Ian Wong of Quartz, the law is likely to be sanctioned. This is because it “is in line with the reputation of extreme order” present in Singapore – Wong lived in the country for a while.

The other side

The law is a real danger even for the local telecommunications market. Usually, teens and youngsters start hacking out of curiosity. They track videos on YouTube, read forum tutorials, chat online, and virtually conduct their studies on the internet. Most of them test the tools as a way of learning. With the law, they can be arrested.

In addition to the arrest of young hackers entering the world, the law preventing young people from testing tools ultimately inhibits their willingness to act in this segment. With that, many young people who wish to work professionally in the areas of technology and telecommunications will be discouraged.

Going further: the law could lead to better hackers. More applications and tools that hide IPs and identities can be developed. If the license is paid, ethical hackers without pocket money will start working off the government radar – and there are VPNs, Tors, encryption and various technologies to shut down the authorities.

Get Access to the World’s Largest Collection of Cybercrimes

Cybercrime is a problem that has become increasingly dangerous and evolved. With that in mind, the UN has developed the Cybercrime Repository as a way to strengthen international cooperation in the fight against cybercrime.

Currently, the repository is the only tool worldwide available to file laws, cases and cybercrime practices in a database available for research. The information is divided into topics such as global cybernetic investigations, solicitation of stored traffic data, as well as incidents and real-time traffic collections.

According to Loide Lungamenti, head of the United Nations Office on Drugs and Crime (UNODC), the repository facilitates international cooperation by helping authorities to identify applicable crime laws elsewhere.

Lungamenti also claims that more than 80% of cybercrimes work as a form of organized activity, such as creating malware that requires cash val

Cybercrime is a problem that has become increasingly dangerous and evolved. With that in mind, the UN has developed the Cybercrime Repository as a way to strengthen international cooperation in the fight against cybercrime.

Currently, the repository is the only tool worldwide available to file laws, cases and cybercrime practices in a database available for research. The information is divided into topics such as global cybernetic investigations, solicitation of stored traffic data, as well as incidents and real-time traffic collections.

According to Loide Lungamenti, head of the United Nations Office on Drugs and Crime (UNODC), the repository facilitates international cooperation by helping authorities to identify applicable crime laws elsewhere.

Lungamenti also claims that more than 80% of cybercrimes work as a form of organized activity, such as creating malware that requires cash value for the retrieval of personal information. And the danger is not only in computers and mobile devices but also in IoT (Internet of Things) devices, so all care and prevention are not enough.

Guiding the authorities correctly, the repository will allow the identification of future crimes based on those that have already occurred. Thus, it will be easier to know how to act and the right decisions to make when it comes to being prevented.

The Repository can be accessed here.

Cybercrime Will Cost Businesses Nearly $8 Trillion Over Next 5 Years

Jupiter research firm has published a report highlighting the financial impact that cybercrime can have on businesses. In this report, the researcher estimates that computer attacks (piracy, theft of personal data, etc.) will cost businesses around the world close to $8 trillion over the next five years.

The report indicates that this threshold will be reached very quickly because of the significant progress of Internet connectivity which has come to a very high-level today. There is also a lack of security in the companies.

The findings of the study contained in the report “The Future of Cybercrime & Security: Enterprise Threats & Mitigation 2017-2022,” also indicates that the number of stolen and personal data files could reach

Jupiter research firm has published a report highlighting the financial impact that cybercrime can have on businesses. In this report, the researcher estimates that computer attacks (piracy, theft of personal data, etc.) will cost businesses around the world close to $8 trillion over the next five years.

The report indicates that this threshold will be reached very quickly because of the significant progress of Internet connectivity which has come to a very high-level today. There is also a lack of security in the companies.

The findings of the study contained in the report “The Future of Cybercrime & Security: Enterprise Threats & Mitigation 2017-2022,” also indicates that the number of stolen and personal data files could reach 2.8 billion in 2017 alone. According to Jupiter research firm, this figure could reach five billion By the year 2020, almost double what is expected in 2017.

The report’s analysis shows that very often, most major problems occur when organizations try to integrate new innovations, without paying particular attention to safety aspects. That said, it is clear that many companies seek to solve the problem of cybersecurity, by deploying new and innovative solutions. However, according to the report, these attempts failed to produce satisfactory results.

Jupiter’s analysis also highlights the need for businesses to spend more money on cybersecurity (maintenance of their systems, etc.). However, it seems that SMEs (small and medium-sized enterprises) are particularly at risk from cyber attacks, especially since they spend less than $ 4,000 per year on security measures.

Jupiter is not expecting a substantial increase in this amount over the next five years. These SMEs also tend to run old software that ransomware to the like WannaCry operates to commit their packages.

Attacks on hospital infrastructure show that inadequate security policies can now cost both lives and money. The report adds that companies of all sizes need to find the time and budget to improve and secure their systems against cybercrime.

Artificial Intelligence: Friend or Enemy of Cybersecurity?

Security strategies must undergo a radical revolution. Tomorrow’s security devices will need to see and operate internally among them to recognize changes in the interconnected environments and thus automatically be able to anticipate risks, update and enforce policies.

Devices must have the ability to monitor and share critical information and synchronize their responses to detect threats.

Sounds very futuristic? Not really. A new technology that has recently grabbed attention lays the foundation for such an automation approach. This has been called Intent-Based Network Security (IBNS).

This technology provides extended visibility across the entire distributed network and enables integrated security solutions to automatically adapt to changes in network configurations a

Security strategies must undergo a radical revolution. Tomorrow’s security devices will need to see and operate internally among them to recognize changes in the interconnected environments and thus automatically be able to anticipate risks, update and enforce policies.

Devices must have the ability to monitor and share critical information and synchronize their responses to detect threats.

Sounds very futuristic? Not really. A new technology that has recently grabbed attention lays the foundation for such an automation approach. This has been called Intent-Based Network Security (IBNS).

This technology provides extended visibility across the entire distributed network and enables integrated security solutions to automatically adapt to changes in network configurations and change needs with a synchronized response against threats.

These solutions can also dynamically divide network segments, isolate affected devices, and get rid of malware. Similarly, new security measures and countermeasures can be automatically upgraded as new devices, services, and workloads are moved or deployed to and from anywhere in the network and from devices to the cloud.

The tightly integrated automated security allows for a general response against threats far greater than the total of all individual security solutions that protect the network.

Artificial intelligence and machine learning have become significant allies for cybersecurity. Mechanical learning will be reinforced by devices packed with information from the Internet of Things and by predictive applications that help to safeguard the network. But securing those “things” and information, which are ready targets or entry points for cybercriminals, is a challenge in itself.

The quality of intelligence

One of the greatest challenges of using artificial intelligence and machine learning lies in the caliber of intelligence. Today, Intelligence against cyber threats is highly prone to false positives due to the volatile nature of IoT.

Threats can change in a matter of seconds; one device can be flushed out, infect the next and then re-emptied back into a full low latency cycle.

Improving the quality of intelligence against threats is extremely important as IT teams increasingly transfer control to artificial intelligence to perform work that they otherwise should do. This is an exercise in trust, and this is a unique challenge.

As an industry, we can not transfer total control to an automated device, but we need to balance operational control with essential execution that can be performed by the staff. These work relationships will really make artificial intelligence and machine learning applications for cyber defense really effective.

Because there is still a shortage of talent in cybersecurity, products and services must be developed with greater automation in order to correlate intelligence against threats and thus, determine the level of risk to synchronize a coordinated response automatically.

By the time managers try to tackle a problem on their own, it is too late, even causing a major problem or generating more work. This can be handled automatically, using a direct exchange of intelligence between detection and prevention products or with assisted mitigation, which is a combination of people and technology working together.

Automation also allows security teams to allocate more time to the business goals of the company, rather than spending time in the routine administration of cybersecurity.

In the future, artificial intelligence in cybersecurity will constantly adapt to the growth of the attack surface. Today, we are barely connecting points, sharing information and applying that information to systems.

People are making these complex decisions, which require a correlation of intelligence from humans. It is expected that in the coming years, a mature artificial intelligence system may be able to make complex decisions for itself.

What is not feasible is total automation; That is, transfer 100% of the control to the machines so that they make the decisions all the time. People and machines must work together.

The next generation of “conscious” malware will use artificial intelligence to behave like a human, perform reconnaissance activities, identify targets, choose attack methods, and intelligently evade detection systems.

Just as organizations can use artificial intelligence to improve their security posture, cybercriminals can also start using it to develop smarter malware.

It guided by offensive intelligence set and analysis such as the types of devices deployed in the segment of a network, traffic flow, applications being used, transaction details or the time of day in which they occur.

The longer a threat remains within the network, the greater the ability to operate independently, to blend into the environment, to select tools based on the target platform, and eventually to take countermeasures based on the security tools found in the place.

This is precisely the reason why an approach is needed where security solutions for networks, accesses, devices, applications, data centers and cloud work together as an integrated and collaborative system.

Learn 7 Lessons About WannaCry

In last few days, a new cybercrime gained prominence, WannaCry. It is a type of malicious code classified as ransomware, of those who “hijack” data from computers to demand money in return for giving back access to its owner.

Once the machine is infected, the virus encrypts the files and displays a screen in which it demands a payment of the ransom, usually in electronic money (bitcoins). Bitcoins, like cash, leaves no trace when it moves and allows circular values among criminals.

The most interesting thing about WannaCry is that it explores a vulnerability of the Windows operating system, known for at least two months. The vulnerability allows remote code execution through a vulnerability in the Service Message Block (SMB) service.

What does the episode leave us?

1. Growth of cyber threats

Threats grow in terms of magnitude and aggressiveness. With increasing connectivity, each

In last few days, a new cybercrime gained prominence, WannaCry. It is a type of malicious code classified as ransomware, of those who “hijack” data from computers to demand money in return for giving back access to its owner.

Once the machine is infected, the virus encrypts the files and displays a screen in which it demands a payment of the ransom, usually in electronic money (bitcoins). Bitcoins, like cash, leaves no trace when it moves and allows circular values among criminals.

The most interesting thing about WannaCry is that it explores a vulnerability of the Windows operating system, known for at least two months. The vulnerability allows remote code execution through a vulnerability in the Service Message Block (SMB) service.

What does the episode leave us?

1. Growth of cyber threats

Threats grow in terms of magnitude and aggressiveness. With increasing connectivity, each new threat has the potential to infect more computers.

2. Cyber crime is growing

This new threat also reminds us that cyber crime is increasing, as threats increasingly have a financial motivation. They become more dangerous because the criminal organizations that run them have more and more resources to develop sophisticated “weapons” and act globally with them.

3. Real impact on business

During the last few days have seen news of companies that were contaminated and had to pay for the rescue of their data, and others decided to disconnect their equipment. In both cases, the impact in terms of cost (either by the payment of the ransom or by the loss of productivity) is evident.

4. Prevention is fundamental and starts with small things

The vulnerability is known about two months ago when Microsoft published a bulletin recommending the update of Windows systems to correct it. A Patch Management job, complemented by Vulnerability Management, would have avoided that headache.

5. Microsegment the network

The use of tools for micro-segmentation reduces the damage. By isolating systems by microsegments, the lateral movement performed by the malware is contained, and it does not contaminate a large number of networked computers.

Opting for software micro-segmentation, focusing initially on more critical systems will allow rapid adoption, with no impact on the network architecture. In the medium and long term, this technique will increase security and simplify the network by reducing the complexity of internal firewalls and segmentation via VLANs.

6. Monitoring Malware Behavior

New threats will emerge at all times, which will be unknown to traditional security tools that work with known malware signatures and standards.

The use of event correction tools is a necessary control, but it is not enough. Preparing for new malware requires a smarter SOC that identifies anomalous behaviors even when a new attack with unknown signature is present.

In the case of WannaCry, communication through the SMB gate, the behavior of moving laterally within the network, and the address of its “master” it tries to contact, are typical signs that something strange is happening and will allow a Smart SOC detect the new threat in time.

7. Response to incidents

Once the new threat is detected, a rapid response is required. Automatic or manual responses could block suspicious traffic and remove contaminated equipment from the network.

The use of an Adaptive Security Architecture is recommended to respond dynamically, changing the architecture of subnetworks as the contaminations are identified. One example is to quarantine contaminated equipment and prevent it from polluting others.