Hackers gain access to the systems of various Swiss universities

Attackers gain access to the universities’ networks by sending targeted phishing mails and were thus able to divert six-digit numbers in salary payments. Employees of the universities were asked to enter their access data in the e-mails, which enabled the attackers to change recipient accounts for salary payments.

According to “Sonntagszeitung”, the University of Basel and the University of Zurich are among the universities affected. Both were able to detect the attacks early on and thus kept the damage caused very low.

A successful attack is often only recognized after 200 days. During these 200 days, the attackers have already access to all systems as well as data and can cause huge damage.

Protect your IT infrastructure with a sophisticated security strategy! Starting with the introduction of trainings for employees to make them aware of cyber attacks, to the implementation of complex solutions and tools like ISMS, IAM or multi-factor authentication.

Security reminder for every “new homeoffice” organization

At the beginning of the pandemic priorities were immediately redefined. For the majority of companies it was the most important concern to make homeoffice possible in order to maintain productivity and keep the business alive. Once this huge project was realized many of us jumped back to overdue business projects and forgot about a very important matter that accompanies the new work environment – it´s own IT security needs.

At home we use our personal network (and in some cases even personal equipment / “BYOD”) that is hardly protected, making it quite easy for attackers to intrude the company network through this weakpoint.

According to many cyber experts and research, the biggest risk still is the human factor and this is why most cyber attacks aim at our digital identities, stealing passwords and manipulate us with social engineering techniques.

Covid-19 accelerated digitalization and new work structures for many organizations all over the planet. We now must not forget to take care of our digital safety in rapidly grown remote work structures.

What is your experience – did your network adapt to “new work”´s security needs?
Cyber Security

As per reports from Hiscox Cyber Readiness, 33% of SMEs were victims of a (known) cyber attack last year.

Ole Sviederding – Underwriting Manager Cyber at Hiscox – says according to DATAKONTEXT GmbH (https://lnkd.in/dFMGA2V): “SMEs are particularly attractive targets for hackers, as they are generally worse protected against cyber risks than large companies”.

While in large companies departments or staff units are created to secure the IT infrastructure, in SMEs the IT administrator is responsible for the IT security of the entire company in addition to his or her actual activities.

The economic damage in the case of a successful cyber attack quickly runs into the six-digit range. Often, action is only taken after a successful attack on the infrastructure – and thus too late.

Avoid the risk of a cyber attack and implement the latest IT security solutions such as multi-factor authentication or IAM systems.

Stunning FACT: Did you know, that not every hacker wears a hoody or a mask during his hack?

IT security: public cloud can become a gateway for companies

As more and more companies move to hybrid (or even cloud) infrastructure, they need to be aware of security lacks. Many organizations have a workload in the public cloud, containing credentials, passwords or API-keys. Attackers there have a good chance finding a first point of entry to your company. Even more critical is the fact, that 25% of the companies do not use multifactor authentication for their superadmin cloud-accounts. Nowadays it is very easy for hackers getting their credentials to cause a huge damage in the companies infrastructure. Be aware that moving to cloud without any security components such as MFA or IAM-Tools could cause massive damages and costs by getting hacked or any other cyber attack. Just remember to have a good security environment around giving intruders no chance to have access to your data. #cloud #MFA #IAM

MATA: Multi-platform targeted malware framework

Researchers have uncovered a series of attacks that use the advanced malware framework “MATA” against the operating systems Windows, Linux and MacOS. The framework has been used since spring 2018 and is attributed to the notorious North Korean APT group Lazarus. German companies are also affected by the attacks.

The framework itself gives its controllers the flexibility to target Windows, Linux and macOS, and consists of several components including loader, orchestrator and plugins.

As cyber crime continues to evolve, do not allow your companies’ IT security to become outdated.Researchers have uncovered a series of attacks that use the advanced malware framework “MATA” against the operating systems Windows, Linux and MacOS. The framework has been used since spring 2018 and is attributed to the notorious North Korean APT group Lazarus. German companies are also affected by the attacks.

The framework itself gives its controllers the flexibility to target Windows, Linux and macOS, and consists of several components including loader, orchestrator and plugins.

As cyber crime continues to evolve, do not allow your companies’ IT security to become outdated.

Generate savings in IT Security!

Generate savings in IT sec – what´s happening in the market

Referring to IBM and Ponemon institute Cyber Resilience Report 2020, many organization are about to define an emergency plan in case of attacks (Cyber Security Incident Response Planning, CSIRP). You benefit a lot from a coordinated and structured procedure to localize, isolate and kill the intrusion while not forgetting about aspects like communication with stakeholders. In the end this invest pays off greatly as consequences without it would be devastating.

Looking at the results of the resilience report it could be recommendable to reduce the amount of tools you use: The less the better in terms of security.

Instead of inflating the infrastructure with a lot of different, sometimes interdependent and narrow solutions, companies could benefit from a focus on the most important ones. There also is a trend towards an identity centric security infra. Millions of attacks target the human factor, trying to steal digital identities for access to our digital values and assets.

Concluding, it seems that a focused IT security will in many cases be more effective then a very complex one where you could simply overlook suspicious activities.

What is your opinion about the trend to reduce the tool landscape?

Healthcare institutions and governmental agencies say no to cloud

In the last weeks we had some very interesting talks with healthcare institutions and governmental agencies: One very important learning: No cloud

It´s not a new topic that a move to the cloud comes with a lot of security issues. For organizations with critical data (e.g. hospitals or public agencies) there is no way of using cloud solutions from abroad. Everything needs to remain within the organization, nothing is transferred to external companies.

The main reason is quite simple: You can´t guarantee what is happening to your data as German / European data privacy laws do not apply. Also, you´re depending on the providers services and delivery – in case they are facing issues you will be in serious trouble.

In our opinion the usage of cloud technologies is quite useful and there are a lot of good reasons for it. Just remember to have a good security environment around it as you´re openly connected to the internet, meaning you could have some easy access opportunities for intruders!

Best practice: Experiences with IAM in the German industry

This week we had a very interesting chat on IAM with an experienced architect working with one of the biggest German industries.

Some years ago they started to develop a cloud platform where customers can access heavy machines this company built for them.

This already took place about five years ago and as it was one of the first online/cloud projects it was criticized to be unsecure and meant to fail. All eyes were on this project and the pressure to succeed very high. Imagine a breach taking place when starting to use this platform: Big customers would experience hacks of machines worth millions – this costs lots of money and could even be very dangerous for the employees working with them.

Their advise to all other manufacturers is very easy: Take good care of security as fast as possible when it comes to cloud projects. Until today they never had any problems with cyberattacks on their platform as they are using a professional solution to secure internal and external access.

Just one more thought: They started to use IAM and MFA already five years ago – until today the amount of attacks grew to an alltime high with many millions of identity threats every day from all around the world – are you prepared for them?

The 4 types of computer viruses

Certainly there are too many special and different viruses to know them all, but let us try to get a typification for the most common ones:

1. Perform operations on PC
– e.g. encrypt or delete data
– boot virus (you can´t log in to your OS anymore)
– Execute commands

2. Physical attack: Hardware takes damage from a virus
– Manipulate the hard drive firmware
– USB and other connections are deactivated
– Manipulate temperature controls of CPU, burning the motherboard

3. Hijacking: Hackers use the processing power and storage of your device
– Virus disconnects you from the internet
– PC is used within hacker botnets
– Unwanted applications are installed to show you ads

4. Spying: Probably the most dangerous type
– Hackers spy passwords and logins so they can steal your identity and access company networks and data
– Record and track users´ forbidden or undesirable activities for blackmailing
– Take over control via e.g. remote desktop

Do you miss any important category? Have you been experiencing one of these?

Android

It´s not only about services and servers: Take good care of your mobile devices!

Most companies offer at least some of their employees company smartphones. Today not only sales and management positions need to work with smart devices, but let´s take it from here: Imagine a very well protected IT environment within the company network while managers use smartphones without any specific protection or secured access to applications as outlook.

Referring to yesterday´s news there are some critical weakpoints in Android OS that should be fixed with the patchlevel 2020-07-01 or 2020-07-05 (https://lnkd.in/gZPDNvS)

Consider checking your own version from time to time and if you´re responsible for IT security don´t miss to expand your protection to smart devices.