While large business breaches such as those that have plagued Home Depot, Target and Yahoo grab the headlines, these businesses have the financial resources and resiliency to shake off the attacks and continue to grow.
Sadly, when a commensurate attack occurs at small to medium sized businesses (SMBs) they frequently struggle to survive. In fact, according to the U.S. National Cyber Security Alliance, “60% of small companies are unable to sustain their business more than six months following a cyberattack.” This fact and a host of other related information were the subject of a recent post at Security Magazine. In that post the risks SMBs face and possible basic protective measures they should be taking to avoid becoming part of the 60% of post-breach SMBs that fail were examined.
Smaller Target Easier Access
Since the big breaches grab the headlines you might think that huge multi-nationals are the only businesses being targeted by cyber-criminals. The reality is quite the opposite – a fully 58% of all attacks are on smaller organizations according Verizon’s 2018 Data Breach Investigation Report. SMBs make attractive targets because they often have valuable assets such as intellectual property and personal information on their networks with only minimal security protections in place. In the past we have discussed specifically how medical, law and manufacturing businesses are targeted by cyber-criminals exactly because the effort to reward ratios are attractive.
Konsultek Provides Solutions
Fortunately, making your business a less attractive target is something we excel at. Our holistic approach to security emphasizes prevention, detection and response. From BYOD to NAC to helping you create a security culture in your organization, Konsultek has the resources and expertise you need to keep the barbarians at the gate.
Even if the attack begins from within, our approach will minimize the impact regardless of whether the attack was intentional or by accident. One way we do this is by confining the breach through sophisticated user controls and privileges.
Let us help you become a less attractive target. We are currently offering a complimentary Executive Risk Assessment for you organization. It all begins with a conversation, so please give us a call and let’s work together.
It is always heartening to see a respected organization such as Gartner espousing the same security philosophies as we have here at Konsultek. In a recent blog post, Gartner’s Oliver Rochford points out that the most robust security solutions combine both prevention AND detect and respond approaches.
If you’ve been following this blog for any length of time you’ll know that this is exactly how we approach all of our information and network security engagements.
An Ounce of Prevention – Still Worth a Pound of Cure
Despite what some might say, prevention is far from being a dying or dead approach. A properly executed prevention strategy that utilizes advanced firewall and access control technologies can help mitigate the impact of old school hacking. When outsiders who don’t have proper credentials attempt to access your network with a variety of tools and tricks they are simply shut out.
But what if they pierce the protective veil of your prevention strategies? Password theft, cracking weak passwords and social engineering are just 3 ways ne’er do wells can compromise the best developed prevention strategies. And when that happens you better hope that your security provider has also included that latest in detect and respond technologies or your system and your information will be instantly at risk.
Detect and Respond
As the name implies, detect and respond approaches can sense when things in your network are not quite right and take action to contain the unusual activity before significant damage can occur. For example, when the credentials of your summer intern suddenly are used to access the network and attempt to explore portions that he or she has no business even thinking about let alone accessing.
The Konsultek Approach
At Konsultek we approach every client’s security engagement as an opportunity to develop a best fit approach. You’ll never find us espousing one-size-fits-all, cookie cutter approaches to information security. When you call, we’ll listen and when our engineering team develops your security solution you can bet it will be based upon delivering the most security value for the money. So give us a call today. We look forward to hearing from you.
Ultimately, Information Security relies upon the quality of the people you have dedicated to the task. Sure there is a technology component to information and network security but in the end you need to have top performing security professionals to make it all work.
Unless you have been living under a rock you already know that there is a massive security professional shortage. And if you have been in the market for one or more of these folks (who are about as scarce as Unicorns) you also know that in order to get one interested in even having a cup of coffee with you, you’re going to have to pony up some significant amounts of cash.
The Shortage is Even Worse in Chicago
Just when you thought it couldn’t get worse, it turns out it already has. As Cory Scott over at LinkedIn shows, Chicagoland is experiencing a net outflow of security professionals!
With our headquarters in Chicago we can attest to the rare and endangered nature of the security professional in our own back yard.
What’s an Organization to do?
Fortunately, we saw this shortage coming many years ago and positioned ourselves to be able to offer Information Security as a Service. This means that you do not need to worry about finding the right technologies and keeping them up to date. More importantly though, given the super tight market for qualified security professionals, you do not need to locate, attract, train and retain these super expensive assets because we manage the whole function for you!
An example of our outsourced services is KNACMAN. This service, which is based upon Forescout’s CounterACT platform provides world-class NAC without the capital outlay and human capital requirements that can make it cost prohibitive.
To learn more about our outsourced security solutions and how they can help your organization cope with the challenges you are facing please pick up the phone and give us a call!
According to the LATimes “regulators are warning bankers that hackers have succeeded in changing the controls on automated teller machines to allow thieves to make nearly unlimited withdrawals.” This circumventing of the normal limits, allows the thieves to remove far more cash than people even have in their accounts.
Weekends & Holidays – Good Times for Hackers
To have access to the most cash in ATMs, these crimes are often scheduled on holidays or weekends, when the banks load more money into the machines. Also to the hackers’ benefit, monitoring of banking systems is often lower during these same time periods. “The cash-out phase of the attack involves criminals organizing simultaneous withdrawals of large amounts of cash from multiple ATMs over a short time period, usually four hours to two days,” the warning said.
Who Is Most Vulnerable?
According to the Federal Financial Institutions Examination Council who issued the warning, small and medium-sized banks are most vulnerable. The regulators also stated they expect banks to upgrade their security systems quickly because potential losses are so high. One recent attack of this nature acquired 40 million dollars using only 12 debit card accounts.
We Can Help!
For 20 years, Konsultek has prevented network attacks and improved network performance for financial institutions both large and small. Our managed solutions take the burden of network security up-keep off your organization and onto ours. Not only is this simple and easy, it is cost effective!
Ready for a dialogue? The conversation is free and the value is enormous. Please give us a call! Or sign up below to join our VIP list so you can receive the latest information on events and webinars!
If there is one thing you can count on when you are dealing with cyber-security it’s that cyber-attacks won’t stop and hackers will work around the clock to bypass security systems. In fact, we’ve recently written about the epic Target hacking which led to the personal information of over 70 million customers being compromised. This event has raised questions about how secure corporate IT systems are and what we can be done to prevent such large scale data breaches in the future.
More Retailers Hacked
It’s almost impossible to keep up with the latest viruses and cyber attacks these days using older style firewall and security systems. According to Reuters, the Target hacking may be one of many attacks. A report called Indicators of Network Defenders, “brings to light some of the first information gleaned from the government’s highly secretive probes into the Target breach and other retail hacks, including details useful for detecting malicious programs that elude anti-virus software”. They found that Neiman Marcus faced a similar attack and “at least three other well-known national retailers have been attacked”. The report also stated that “an underground market for malicious software to attack point-of-sale, or POS, terminals has flourished in recent years”, including BlackPOS, Dexter and vSkimmer.
It’s hard to know the exact details of the Target breech but it appears it was a KAPTOXA (Kar-Toe-Sha) attack. But based on the longevity of the attack there is a strong indication that persistent code (files dropped to disk) was present. Below is the snippet that gave me the indication of persistence: “According to iSight, which has seen the government report but would not release it, the attackers also used a variety of other malicious tools to penetrate networks, maintain a persistent foothold on them and extract stolen data. iSight does not identify Target or name any other victims of the KAPTOXA tool, but indicates the investigation into KAPTOXA began on December 18, three days after Target says it discovered malware on its point-of-sale systems.
KAPTOXA monitors memory address spaces used by specific programs, such as payment application programs like pos.exe and PosW32.exe that process the data embossed in the magnetic strip of credit and debit cards data. The tool grabs the data from memory because some companies transmit card data via a secured channel inside their corporate network, which would prevent the attackers from sniffing the data in transit.”
One thing for sure is that a technology like the one Bit9 offers would have prevented this from happening.
We Can Help!
For over 15 years, Konsultek has prevented network attacks and improved network performance for c both corporations both large and small. Our custom solution approach uses the most cutting edge technologies from Bit9, FireEye and ForeScout to meet the exact needs of your organization and your network regardless of industry. Ready for a dialogue? The conversation is free and the value is enormous. Please give us a call!
ForeScout Technologies has been a leader in the network access control space for a long time and is now being honored by SC Magazine by naming them as the their industry innovator of the year for NAC.
ForeScout Honored with Industry Innovator of the Year
According to SCMagazine, “The big new thing from ForeScout this year is API and its new program/ecosystem. The company has written 66 integrations now and expects many other third-party vendors to join”. These integrations create synergies that deliver enhanced security solutions beyond what either Forescout or the integrated third-party can provide on their own. A good example is their integration with FireEye. When there is “an APT-infected host, it tells CounterACT and CounterACT remediates or removes the host from the network”.
Essentially, all of these easy to implement integrations allow customers to apply their own integrations for their own use case. This is super important because rather than a customer having to pay for expensive customizations or settling for a less than ideal out of the box solution they can develop an exact fit use case easily and inexpensively themselves.
Forescout’s flagship product, CounterACT, has truly been an innovator when it comes to securing a BYOD environment and this was also cited by SC Magazine as a reason for them winning the award as well.
Need ForeScout Training?
Konsultek is a Certified ForeScout Training center and we offer CounterACT training multiple times each year. These dynamic and informative training sessions attract participants from all over the globe. Please visit our training page to see which dates fit best into your schedule.