Security Roundup: Thycotic's Hacker Survey, Kaspersky Lab, Pindrop
Both Windows 10 and Windows 8 have been easily compromised in the past year.
Think Windows 10 and Windows 8 are keeping your organization’s data safe? Think again.
Both have been easily compromised in the past year, and most businesses are falling short when it comes to applying least-privilege policies, according to Thycotic‘s survey of more than 300 hackers at Black Hat. Nearly 70 percent of those help organizations improve security and identify as “white hat hackers.”
The findings reflect hackers’ perspectives on vulnerabilities and attack vectors they find easiest to exploit.
Thycotic’s Joseph Carson
Joseph Carson, Thycotic’s chief security scientist, tells us the survey reveals major opportunities for companies in the channel to extend their security portfolios beyond just Microsoft services and offer extended security solutions such as privileged access management, multifactor authentication and strong application control.
“The most surprising finding was that even fully patched Windows systems are still easily compromised by most hackers and cybercriminals, meaning that a well-patched operating system does not mean it is secure and protected from cyberattacks,” he said.
Operating systems are only as secure as the people using them and the configurations applied. Knowing that compromise of user accounts is probably inevitable, organizations need a “zero trust” strategy that emphasizes least privilege to limit overprivileged accounts that give hackers wide and undetected access, according to Thycotic.
“By combining a least-privilege strategy with other security layers such as multifactor authentication, behavior analytics and privileged account protection, organizations can build and maintain a more effective and dynamic security posture to keep cybercriminals from exploiting their IT environments,” Carson said.
Many companies use group policy objects (GPO) to centralize the management, configuration and security of Windows domain-connected devices; however, GPO policies are dependent on multiple factors and Thycotic says hackers indicate that they can easily bypass these security controls.
Respondents indicated that three in four (74 percent) organizations are not doing a good job of implementing the principle of least privilege. This leads to poor password protection and the theft of credentials, followed by the elevation of privileges that allow cybercriminals to seize administrative controls and conquer the network.
Additional findings from the survey include:
Twenty-six percent of the hackers said they most often infiltrated Windows 10 OS, while 22 percent hacked Windows 8 the most, followed by 18 percent for Linux and less than 5 percent for Mac.
There is clearly a dominant method used by hackers for seizing privileged accounts, as 56 percent of those surveyed said social engineering is the fastest technique.
The top two ways these hackers elevate privilege are through use of default vendor passwords, and the exploitation of application and OS vulnerabilities.
“Education and cyber awareness play a major role in improving a company’s security posture; organizations can no longer rely solely on technology to protect them,” Carson said. “Easy-to-use and easy-to-learn solutions are key to helping organizations adopt a people-centric approach that offers fast implementations and strong value for the business. Organizations need to start choosing cybersecurity solutions that are both good for people and good for the business in order to turn security into a business opportunity.”
Kaspersky Lab Rolls Out Latest Small Business Product
Kaspersky Lab has unveiled the latest version of its Kaspersky Small Office Security, designed to protect small businesses from cybercrime without the need for technical cybersecurity expertise or regular hands-on administration.
The latest version adds: extended protection against ransomware and cryptominers; support for Microsoft Windows protection during computer reboot and application updates; a new alert approach for …
… product notifications that allows for less day-to-day interruptions; and a redesigned and upgraded web console that provides more control and ease of management.
Jason Stein, vice president of channel for Kaspersky Lab North America, tells us any business, regardless of size, can become a victim of a cyberattack, so “cybersecurity protection for all businesses is important.”
Here’s our most recent list of new products and services being offered by agents, VARs, MSPs and other channel partners. |
Kaspersky Lab’s Jason Stein
“In terms of small businesses, most of them do not have IT employees on staff so they need an easy-to-use solution that a business owner, office manager, or regular employee can manage,” he said. “Kaspersky Small Office Security has been on the market for six years and many improvements have been made throughout that time to make it much more intuitive and enhance the functionality. The interesting part about this product is that the solution is designed for anyone to be able to use it – business owners and non-technical staff – making it easier for our channel partners to explain and sell in a way that very small businesses can understand, easily deploy, and not have to give extra attention or time to so they can concentrate on their day-to-day tasks.”
In addition, Kaspersky Small Office Security also supports safe web surfing, with private browsing, anti-phishing, anti-spam and anti-banner components. Meanwhile, the Safe Money feature protects financial transactions by opening payment sites in a protected browser.
Kaspersky Small Office Security is available for companies with five to 50 users.
Pindrop Survey: Voice Fraud on Rapid Upward Trajectory
The rate of voice fraud exploded more than 350 percent from 2013-2017 with no signs of slowing down, according to Pindrop‘s annual report on the state of voice fraud. It surveyed 500 business and IT leaders across enterprises of all sizes located in the United States, the United Kingdom, France and Germany.
Between 2016 and 2017, overall voice-channel fraud increased by 47 percent, or one in every 638 calls. The year-over-year increase can be attributed to several causes, including the development of new voice technology, the steady uptick in significant data breaches, and acts of fraud across multiple channels.
Pindrop’s Ben Cunningham
Ben Cunningham, lead researcher on the report, tells us the adoption of voice-enabled channels such as chatbots and home assistants are moving faster than companies can create safe policies and procedures around them.
“As we move into an increasingly voice-enabled world, IT leaders can help fortify their businesses through becoming educated on the risks associated with voice channel adoption and the techniques fraudsters use to exploit the channel in order to strategically advise business leaders on the solutions to keep their customers and their data safe,” he said.
Advancements in voice technology, Pindrop has found, are not without consequence. The average fraudster’s toolbox is more advanced than ever, thanks to developments in machine learning and artificial intelligence (AI) technology.
Pindrop found fraudsters are increasingly leveraging techniques like imitation, replay attack, voice modification software and voice synthesis, often with great success.
“Businesses that use voice technology will need to explore solutions that crack down on fraudulent tactics like caller ID spoofing, voice distortion and social engineering while ensuring a seamless customer experience,” Cunningham said.
While fraudsters attack call centers across industries, the increase year over year was most dramatic in the insurance industry, with a 36 percent increase, followed by banking, with a 20 percent increase.
Despite annual increases, the threat of fraud is unlikely to deter businesses from …
… integrating voice technology in their solutions.
According to a survey of business and technology leaders, 88 percent believe that voice technology will give them a competitive advantage in improving their customer experience. Twenty-eight percent of those surveyed have already adopted voice technology to improve customer experience, with 57 percent more planning to deploy in the next year. As voice technology continues to advance and become a part of daily interactions, business leaders will need to explore how they’re keeping customers and their data safe.
“With physical and online information security always growing stronger and harder to crack, fraudsters gravitate toward the weakest link in your security — your contact center and voice,” Cunningham said.
Exabeam, SecureAuth + Core Security Collaborate to Fight Credential-Based Threats
Exabeam and SecureAuth + Core Security are collaborating to secure enterprise identities against increasingly sophisticated credential-based threats.
The integration allows security teams to gain unified, real-time visibility across the organization and identify critical identity threats. Prebuilt incident timelines help analysts quickly understand the scope and nature of detected attacks by automating what was previously a manual investigation process.
Working together, SecureAuth + Core Security and Exabeam can restrict access to application and data for accounts displaying risky or abnormal behavior — stepping up with multi-factor authentication for additional verification or denying access altogether.
Exabeam’s Chris Stewart
Chris Stewart, Exabeam‘s senior director of business development and global alliances, tells us partners that are selling his company’s security management platform can “now pull from this integration that provides identity solutions, single sign-on, authentication, network security and penetration testing, as well as security information and event management (SIEM), and user and entity behavior analytics (UEBA), and offer even more critical security hygiene elements to their customers.”
“This is a major improvement from working with siloed technologies,” he said. “A VAR or solution provider can now sell this is as a more-rounded security journey to their customers through a seamless, elegant integration.
SMBs Still Not Prepared for Phishing Scams
Phishing scams are the top threat to SMBs, according to the 2018 Webroot SMB Pulse Report. Some 500 SMBs were polled in the United States.
Despite the high threat of phishing, 66 percent of businesses with one to 19 employees surveyed don’t have any kind of employee cybersecurity training. The statistics are better for larger companies, but still not ideal, according to Webroot.
Small businesses often don’t have the resources or expertise to handle IT security needs; in fact, 41 percent of respondents don’t have dedicated resources to address IT security.
While it may seem costly to outsource security, Webroot research found a data breach would cost a U.S. business an average of $527,256. Trusting a MSP to provide preemptive, preventive security services is significantly less costly, it said.
Gary Hayslip, Webroot’s chief information security officer, said phishing is a “tried-and-true tactic for bad actors.”
“Employees are likely to click on things they shouldn’t, despite what businesses try to do to prevent it,” he said. “But humans get taken in by phishing scams out of simple curiosity or lack of security awareness, which underscores the need for continuous awareness training. For SMBs [that] feel overwhelmed by all the new cybersecurity challenges they face, partnering with an MSP is a great option to provide security expertise and management.”
Read more about:
AgentsAbout the Author
You May Also Like