Posts Tagged Technology

Technology In Cybersecurity

Cybercriminals are using multiple techniques to infiltrate targeted networks. Some of the most common methods used by cybercriminals are:

  • Man-in-the-Middle attacks – To eavesdrop on data conversations across different networks
  • Spying software – To track fingerprint movements on touch screens
  • Memory scraping malware on point-of-sale systems
  • Bespoke attacks that steal specific data

In order to manage these scenarios, firewalls, anti-virus measures and tool-based security approaches are no longer sufficient.

New age cybercrime problems require new age solutions. Some technologies that can help organizations in formulating an effective cybersecurity strategy are:

Context-Aware Behavioral Analytics

  • Problem: Over-whelming number of meaningless security alerts.
  • Solution: Sophisticated context-aware behavioral analytics helps in monitoring and identifying suspicious behavior. Examples of behavioral analytics approach include Bioprinting, Mobile Location Tracking, Behavioral Profiles, Third-Party Big Data, and External Threat Intelligence. The trick is to use data from all these techniques to arrive at informative decision.

Next Generation Breach Detection

  • Problem: Cyber criminals are using “zero day” exploits that allow them to establish a strong base and mine data in networks and systems for a long time (for example, target’s stolen credit card details can be used over a long duration).
  • Solution: A combination of technologies such as Machine Learning and Behavioral Analytics can be used to detect breaches and trace them to the source.

The next generation breach detection focuses on what will happen once the criminal is inside the system. Breach detection operates by identifying strange changes in big data to determine the presence of a criminal inside the network.

Virtual Dispersive Networking (VDN)

  • Problem: MiM attacks are cracking traditional encryption techniques to target intermediate nodes.
  • Solution: Employ Virtual Dispersive Networking to split a message into different parts, encrypt each part separately, and then route these encrypted parts over servers, computers and mobile phones. This helps in randomizing the paths the message will take while taking into account network issues such as congestion. This makes it easier to avoid cyber criminals lurking around to eavesdrop on transmitted data.

Smart Grid Technologies

  • Problem: Smart meters & field devices have increased the vulnerability of critical infrastructure.
  • Solution: Employing a range of new security measures and standards can help in tackling this problem. For example, some tools and strategies that can be implemented to protect energy sector include Padlock, Watchdog, SIEGate, NetApt, etc.

We, at Centex Technologies, assist our clients in formulating effective cybersecurity strategies. To know more about latest in cybersecurity technology, contact Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments

Role Of IoT In eCommerce

PDF Version: Role-Of-IoT-In-eCommerce

, , , , ,

No Comments

Harnessing The Power Of Identity Management In The Cloud

In order to understand the concept of Identity Management, let us consider a simple scenario. If a user locks himself out of a personal email, he can simply reset the password and log in. The only requirement is that the user has to prove his identity by answering some security questions or through other means like providing OTP (One Time Password) sent by the service on user’s email/ mobile. However, the scenario is not so simple for users in a business environment.

To simplify the process for business users, most of the cloud based applications uses an Identity Management Service, commonly known as IDaaS.

What Is IDaaS?

  • IDaaS stands for Identity-as-a-Service. It is an Identity and Access Management (IAM) service that is offered through the cloud.
  • Organizations use IAM to provide secure access to its employees, contractors, customers, and partners. The main purpose of this system is to verify the identity of the person requesting access.
  • The system uses different ways to confirm identity.
  • Once identity is confirmed, IDaaS provides access to resources depending upon permissions granted.
  • Since IDaaS is deployed on the cloud, user can request secure access irrespective of his location or the device being used by him.

Reasons To Adopt IDaaS:

There are three main reasons that support the increasing adaptation of IDaaS by organizations:

New Capabilities: IDaaS facilitates new capabilities such as Single Sign-On (SSO). This allows business users to access multiple resources using a single login. When any user logs in to an application, IDaaS creates a token. This token is then shared with other applications. Thus, users are not required to sign in repeatedly for individual applications. Other capabilities supported by IDaaS include Security Assertion Markup Language (SAML), OAuth, OpenID Connect (OIDC), etc.

Easy Implementation: Another driving factor behind adapting IDaaS is that it is easy and quick to implement. The hardware required to implement is easily provisioned by the provider and it takes a few weeks or months to implement it. Additionally, in case you are reluctant to switch to IDaaS after trying it for some time, it can be easily uninstalled.

Innovation: Some major hurdles that stop organizations from pursuing innovation are understaffed IT teams, lack of technology, complicated IT infrastructure, etc. IDaaS removes these barriers and allows business organizations to innovate their processes, products, and marketing strategies.

For more information on Identity Management for cloud based solutions, contact Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments

Tips For Disaster Recovery Planning After A Cyber Attack

A well-planned cyber-attack can wreak havoc on any business. Although, it is advisable to take precautionary steps in order to avoid such attacks; still, some cyber-attacks can catch your business off-guard. Thus, it is important to have a Disaster Recovery Plan for dealing with the after-effects of any cyber-attack. A Disaster Recovery Plan (DRP) helps in softening the blow of the attack by minimizing the loss. A successful DRP should conduct a thorough Business Impact Analysis (BIA) and Risk Analysis (RA). This will help in determining the business areas that need to be prioritized for security. Also, this will enable you to establish an estimated Recovery Time Objective (RTO).

For drafting an effective DRP, it is important to consider following tips in addition to BIA and RA:

A DRP needs to include all the aspects of the business to ensure that no aspect is left exposed during a tragic event.

  • To begin with, segregate your data as per priority. This will facilitate you in increasing the security of vital data, resources, devices, and systems. Also, you can draft separate recovery plans for critical data that is of sheer importance to your organization.
  • It is advisable to set up a separate ‘safe house’ or satellite location and keep a backup of your data. This will help you in avoiding the loss of business in face of a cyber-attack. However, weigh the cost of setting up a separate location against the loss that will be incurred if the business becomes inoperative during RTO. Consider the cost-effectiveness to make an effective decision.
  • If your business organization has some mobile devices that are not linked to the main server, then formulate an alternative backup plan for these devices. This will ensure that these devices do not have to depend upon the DRP.
  • Make it a point to encourage the individual users to run regular backups for their own safety.

The 5 W’s Of DRP

The 5 W’s of DRP help in developing an accurate contingency plan to maximize the longevity of your business:

Who? In order to create a risk-free environment, make it a point to educate every single user about the DRP. This is the key to ensure the success of your recovery plan. Thus, if any cyber-attack threatens our organization, every user will be able to play his role in the recovery plan efficiently.

What? An organization’s DRP should address what steps would be taken if the business meets with an unfortunate situation. The steps should be clearly laid out and should address diverse situations ranging from damaging cyber-attacks to regular risks of losing staff/vital data.

Where? DRP needs to look ahead of the geographical business location alone. Some other aspects that should be included in the DRP are company vehicles, remote workforce, etc.

Why? It is important to understand why you need a DRP. It is a contingency plan that would help the business sustain if met with a disastrous cyber-attack.

When? A common question is that when do you need to formulate a DRP. The answer is that you should formulate a DRP well in advance so that you are equipped to handle any situation, whenever it arises.

For more information on Disaster Recovery Planning, call Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments

Understanding New Evasion Techniques Followed By Web Skimmers

Cyber criminals have been stealing the card details of users for years. They have been successful at card skimming, both at server-side and client-side, without attracting much attention. However, some notable breaches in past few years put them under the scrutiny of security researchers. To tackle the situation, the threat actors have employed new evasion techniques to evolve their craft.

In order to safeguard yourself from web skimming attacks, it is important to be aware of following new evasion techniques adopted by the cyber criminals:

  1. Steganography: Steganography is the technique of hiding data directly on the pixel value of an image in such a manner that the effect of data is not visible on the image. First case of using steganography to hide a malicious code was ‘ZeusVM’ in 2014. It was a Zeus banking Trojan that used a beautiful sunset image to hide its configuration data. The technique is now being used by web skimmers to trick the website security and users.A simple example may be of any ecommerce website. An e-commerce website loads numerous images such as logos, product images, offer images, etc. The web skimmers use these images (that attract user clicks such as free shipping banners) to embed their code. On studying the image properties, they may show a ‘Malformed’ message and additional data after normal end of the file. Threat actors use code snippets to load the fake images and parse the website’s JavaScript content via the slice() method.

    It is an easy way to slide past the website security because the web crawlers and scanners tend to focus on HTML and JavaScript while ignoring media files. To protect yourself from skimming acts, scan the source file of any media files downloaded from third party sites.

  2. WebSockets Instead of HTTP: HTTP follows a request and response communication channel to a server and from a client. WebSockets, on the other hand, is a communication protocol that allows streams of data to be exchanged between a client and server over a single TCP connection. It allows a more covert way to exchange data as compared to HTTP. The web skimmers use a skimming code and data exfiltration to launch the attack. The code is obfuscated in the communication in a way that it is concealed from DOM. Once the code is run in the browser, it triggers client handshake request. The request is received by the server controlled by the cyber criminals which responds to it. This establishes the connection between victim client browser and malicious host server. Now the skimming code is downloaded on the victim system and run as JavaScript code.

Centex Technologies provide cyber & network security solutions for businesses.  For more information on new evasion techniques followed by web skimmers, call Centex Technologies at (254) 213 – 4740.

, , , , ,

No Comments