Posts Tagged ‘Cyber Attack’

As I read through the news on the Ebay breach, I got to thinking,  it’s not just the Ebay account informationEbay you have to worry about, rather ANY other account that matches.

For instance you can log into Ebay with either your email address, or userID. Now let’s say you are using the same email address and password for PayPal, Amazon, Facebook, YouTube, WordPress, Twitter, or some other fairly popular public site.

Since the hackers stole your information from Ebay, they could simply troll through other sites on the web with your login information, and see if the door opens.

Change All Your Passwords!You do not need to be a brain surgeon to put two and two together.  So after you change your Ebay account password, do the same for your other accounts.

Written by: Francesco Trama, CEO, PacketViper

 

By: Francesco Trama: Co-Founder: PacketViper, LLC

Network Security Driving Me NutsI woke one morning and found this alert in my email:

ON WORLD Press Freedom Day, Saturday May 3, Panama’s TVN channel 2 received another “cyber-attack” on its website (tvn-2.com). The network said that the attacks have gone on continuously for five days leading up to Sunday’s election and a TVN broadcaster has been threatened via Twitter. read http://www.newsroompanama.com/panama/7645-press-freedom-day-marred-by-cyber-attack-on-tvn.html” 

My opinion is this: There needs to be a point when “we” as security sales professionals provide a disclaimer that clearly explains:

Disclaimer: This security device may get you 80% secure at best with hard work, and commitment; This device will need constant attention, managing, and there’s a good possibility if you forget, or ignore something on it your network and all its data will be compromised! 

I’m sure it might say something in twenty paragraphs of the EULA.

There are many factors on why I say this,

1. Complexity

2. Learning curve

3. Commitment to product

4. Lack of firewall and security knowledge

5. Management

6. False sense of security after the sale.

[Read More]

I could not agree more with this Huffington Post blogger.  Small business is the soft under belly of network security and everyone needs to wake up.  Think about it, small business have just as valuable data as the large organization, and their security is weaker.  So it makes them an obvious target to siphon data from.

Its a two front problem.  these smaller businesses contain valuable customer information the attackers salivate over, and should these less secure businesses have secure connections,  username and password to a larger organization, then its a twofer for the attacker. More disturbing is these side doors may not be discovered for 3-6, months,  an estimate many security firms are showing, so its a pretty serious problem.

It’s not necessarily their fault though. The cost for security can be very expensive, which forces them to purchase out of the box solutions that sometimes gives them a false sense of security,  not mentioning their security talent may not be there.

By Francesco Trama

 

“Smaller targets can mean big rewards for cyber criminals
Small and medium-sized businesses are equally susceptible to attacks from hackers as are large entities and even government agencies. According to the National Cyber Security Alliance, an astonishing one in five small businesses falls victim to cyber crime each year. Even more frightening: According to an August 2013 story in PCWorld, of those small businesses whose systems are breached, roughly 60 percent go out of business within six months after the attack.”

http://www.huffingtonpost.com/mike-pugh/no-your-small-business-is_b_4164015.html

The preconception we always run into is that Geo Location filtering is more cumbersome than its worth.  If you would have told me 5 years ago “You should block countries“, I would be the first one to push back.  It was such a nightmare if you turned off a country given the global makeup of business. We had to rip out the pages and start new when building PacketViper, and knew the fight would be more the preconceive thinking of country blocking.

PacketViper solved the problem of filtering countries by allowing customers to drop or allow specific ports.  This started new security layer called the Geo IP filtering layer. Piling on features such as per port Global Network Lists, Custom rules, Triggers, and alerts which can be assigned to countries, and Global Network Lists. This created a new layer of defense that improved current environments with out having to rip or replace the existing security environment.

Here’s a video I created that shows how PacketViper helps.

By Francesco Trama

I read a disturbing alert/article which claimed that

“Thousands of WordPress websites are being used to carry out a huge cyber attack campaign in the form of a distributed denial of service [DDoS] attack.

The Hacker News reports that hackers have targeted “a large number” of sites on the WordPress platform after successfully compromising some 90,000 servers way back in April 2012 and in the process have created a WordPress botnet.

Read more: http://www.itproportal.com/2013/09/27/hackers-launch-huge-ddos-attack-using-wordpress-websites/#ixzz2g7QmIaMQ”

This is obviously concerning to many folks, and our customers.  What we decided to do is create a Global Network List (tm) for our customers which will contain all AUTOMATTIC Inc (WordPress) IP addresses, just over 60,000. Customers will be able to now set triggers to alert, restrict, rate limit, and or block based exclusively on AUTOMATIC Inc networks.

Obviously we do not feel WordPress, their affiliates, or AUTOMATTIC Inc is a bad entity, rather a quality provider of online services to the public. This is simply a stop gap measure for our customers to limit any DDOS potential for compromised systems within, should they need to.

Let me explain what PacketViper Global Network Lists are.  PacketViper aside from per port Geo IP filtering includes our patent pending Global Network Lists.  Our Global Network Lists are a collection of global business (i.e Microsoft, eBay, Amazon, Automattic Inc), collocation providers (i.e. Softlayer, Expedient, Ubiquity), high risk networks (i.e. malware, botnet, C&C), and many other varieties of industries.  Customers can quickly choose to allow or deny any of the thousands of industries based on their value to their business. This gives more granularity to the customer, on top of the per port Geo IP filtering.

For Instance: if a customer is filtering many geo-locations, and wants to insure Microsoft networks like email servers, or some application widgets can always reach the customers network.  They would simply place a check mark next to Microsoft, enter the ports needed to communicate with Microsoft, click on save, and they are done.

Global Network List Screen Shot

Image

 

 

By Francesco Trama