Author: Jane Devry

Threat actors don’t just seek out security weaknesses. They look for situational vulnerabilities. Every holiday season, for instance, they come out of the woodwork to capitalize on the seasonal surge of retail transactions. Just as malicious actors use peak retail activity as a moment to attack, they also use the chaos wrought by natural disasters to their advantage. 

Natural disasters may not just knock out networks, they can also wreak havoc and sow confusion. Bad actors often thrive in the disorder, taking advantage of compromised security systems as well as frazzled leaders and employees more likely to fall for social engineering tactics. Consumers are also at higher risk, more susceptible to phishing scams in emergency scenarios. During these events, emergency infrastructure isn’t just overtaxed, it’s also vulnerable to cyberattacks. Hackers can target individuals, groups, or entire municipalities.  

So what should individuals, businesses and public safety agencies keep in mind with regard to cybersecurity in the event of a natural disaster? 

For businesses, preparation is critical to better prepare themselves from being a victim of a cyber attack during these moments of crisis. Good governance and security posture 24/7/365 is one of the best defense tactics. A few strategies to employ include: 

Have an incident response plan

If you don’t have the right systems and procedures in place, the amount of damage a cyberattack can inflict may be significantly elevated during a disaster. Trying to thwart cyberattacks is always the goal, but you must be prepared for breaches. Systems must be in place to quickly identify security incidents in order to quarantine and prevent larger breaches. 

Train your people now

According to the 2024 Data Breach Investigations Report (DBIR), across all breaches reported the human element was involved in 68% of breaches. In other words, one of the biggest cybersecurity threats organizations face is their own well-meaning employees. 

For consumers it is a different challenge – they are coping with high stress situations and the health and wellness of themselves and their families. They often find themselves susceptible for schemes – but knowing to be on high alert during these moments can mitigate many of these threats.

Beware of vishing and phishing

One way threat actors take advantage of the confusion caused by natural disasters is to masquerade as a trusted person or organization offering assistance, whether that be through calling you – otherwise known as vishing, or through email and text (smishing). If someone is offering services at a cost (that are otherwise supposed to be free services), it is possible that they are attempting to coax sensitive information out of you or gain access to your device or network. 

Require multi-factor authentication 

In an emergency, it can feel counterintuitive to add another hoop to jump through by requiring multi-factor authentication (MFA). But this extra step has proven to be incredibly beneficial, helping to keep threat actors out of systems in a moment when login credentials could be easier to obtain. Requiring MFA across your organization, no matter the level of seniority, can help to prevent an even greater disaster. 

Public Safety agencies should be extra diligent 

The pressure on public safety agencies and emergency services professionals ratchets up during natural disasters. It makes sense. Lives are at stake, after all. One could forgive them for thinking these practices are trivial during life-and-death situations, but strict adherence to cybersecurity best practices like multi-factor authentication is crucial during disaster scenarios. 

A lack of familiarity with social engineering tactics and cybersecurity best practices leaves workforces vulnerable to threat actors, especially during natural disasters that can disorient people. Such scenarios underscore the importance of having a workforce that is fluent in cybersecurity best practices, but educating a workforce takes time. You must communicate your cybersecurity policies and continually reinforce them. You must test your workforce with cyberattack simulations, and share the results along with insights and lessons. If you wait until disaster strikes, however, your workforce might not be ready. 

It’s never too late to start planning 

Threat actors gravitate toward disasters because they know people are often less diligent about adhering to security protocols during crisis situations. They’re distracted with other pressing matters, understandably so. There are measures you can take to counteract opportunistic threat actors, but your preparations should start now. By the time a disaster arrives, it can be too late. Start now, and begin with your people.

 

 

The post Better Protect Your Cybersecurity During Hurricane Season appeared first on Cybersecurity Insiders.

As our reliance on technology continues to grow, so does the sophistication and prevalence of cyber threats. And with each technological advancement, new vulnerabilities and attack vectors emerge, posing significant risks to individuals, and organizations alike. Many organizations have implemented vulnerability management processes to protect against these evolving threats, however, traditional approaches are growing increasingly ineffective. Traditional vulnerability management is reactive, focused narrowly on addressing individual software vulnerabilities and misconfigurations as they are discovered. This creates a relentless cycle of mitigating new issues, while more continually arise, leaving organizations stuck in a never-ending vulnerability spiral.

New research from XM Cyber, has just revealed the limitations of traditional vulnerability management. Based on thousands of attack path assessments, the research found that identity and credential misconfigurations alone account for a staggering 80% of security exposures across organizations, with a third of these exposures putting critical business assets at direct risk of breach. Traditional vulnerability management does not account for these risks but is instead aimed at common vulnerabilities and exposures (CVEs). The same research showed that CVEs account for less than 1% of the exposures that attackers can use to compromise environments, and only 11% of the exposures affecting critical assets. This points to significant blind spots in security programs that rely on traditional vulnerability management.

Identifying Critical Choke Points

Organizations face an overwhelming volume of security exposures, identifying over 15,000 each month on average. This can escalate to over 100,000 if unchecked, overwhelming security teams and making it impossible to address all risks simultaneously. Rather than treating all exposures equally, a far more manageable approach is to identify the specific issues that pose the greatest potential risk and prioritize those for remediation. The research showed that 74% of identified exposures are “dead ends” that do not directly compromise critical assets. However, a small subset of exposures, which affect critical assets and act as choke points for converging attack paths, can be exploited by attackers to escalate and expand their access within the target environment. Further analysis revealed that 2% of exposures are located at key choke points, where threat actors can exploit vulnerabilities to access critical assets. Focusing on lower-risk “dead ends” is an inefficient use of time and budget, which could be better allocated to these exposures that matter most.

Implementing effective exposure management processes can identify those critical choke points where multiple attack paths converge towards business-critical assets. This involves incorporating contextual attack path modeling and analysis to understand how various vulnerabilities, misconfigurations, user behaviors, and other issues can be linked together by attackers. By mapping out all potential cyber kill chains, organizations can identify choke points and prioritize remediation efforts to address the most significant risks.

The Importance of Proactive and Continuous Exposure Management 

But as was shown in the report, exposure management cannot be a one-time project. It requires constant vigilance and a commitment to continuous improvement. By implementing a Continuous Threat Exposure Management (CTEM) framework, organizations can proactively and continuously identify and mitigate security vulnerabilities and exposures. 

According to Gartner, “By 2026, organizations prioritizing their security investments based on a continuous exposure management program will be three times less likely to suffer from a breach.” This is because CTEM expands upon traditional vulnerability management programs to include misconfigurations, identity issues, unmanaged devices, and more, and allows organizations to address risks faster than attackers can exploit them. CTEM provides organizations with an in-depth understanding of their entire digital ecosystem, pinpointing weaknesses and correlating them to potential attack paths. With this knowledge, security teams can proactively strengthen their defenses and prioritize remediation efforts based on the potential risk level to mission-critical assets. 

Effective exposure management is a multifaceted task that involves more than just addressing vulnerabilities and CVEs. The research clearly demonstrates that organizations should build continuous exposure management programs to stay ahead of emerging threats, reduce their attack surface, and proactively remediate potential vulnerabilities. Implementing a continuous exposure management program requires adopting a mindset of continuous improvement and adaptation. As new threats and vulnerabilities emerge, security teams must be prepared to adjust their strategies and processes, accordingly, ensuring that their defenses remain effective and up to date. Furthermore, continuous exposure management should encompass not only technical controls but also robust policies, procedures, and employee training programs. By fostering a culture of security awareness and enabling employees to recognize and report potential threats, organizations can enhance their overall security posture and reduce the risk of human error or social engineering attacks.

With this approach, organizations can break free from the reactive cycle of traditional vulnerability management and develop a proactive approach to security that significantly reduces their overall risk exposure.

The post Breaking the Cycle of Traditional Vulnerability Management appeared first on Cybersecurity Insiders.

“If it ain’t broke, don’t fix it,” is a well-known saying that applies to many things in life but certainly not to businesses. The business environment is rapidly evolving, and one needs to embrace a culture of constant innovation and change to help reduce production costs, boost margins, discover more agile production methods, improve customer success, find new markets to enter and maintain a competitive edge.

IT teams must also prepare for digital resiliency and be able to recalibrate and evolve their infrastructure because after a certain point legacy infrastructures will break, become inefficient, or irrelevant. Let’s explore the major hurdles IT teams will have to jump in the coming years.

New Demands and Challenges Arise From Technological Evolution

Even if a major IT disaster or a security incident doesn’t occur, the network will face new challenges brought on by cloud migration, remote working, the Internet of Things (IoT), and new cyber threats. Legacy infrastructure will have to be updated to accommodate evolving technologies, future business requirements, and opportunities.

More Applications Migrate To The Cloud

The public internet has become an extension of the conventional network, with more and more applications moving to the cloud. Organizations will need an efficient way to monitor and manage access to these applications and deal with shadow IT risks. Legacy networks will lack native connectivity, so enforcing policy, controlling, and monitoring these cloud applications and services will become increasingly challenging. 

MPLS Bandwidth Costs Continue To Consume IT Budget

As applications generate more traffic and users consume more bandwidth through latency-sensitive applications like video streaming, MPLS costs will continue to rise and consume a significant portion of the corporate IT spend. Moreover, MPLS technology was not originally engineered to offer the direct-to-cloud performance required by SaaS applications or to support connectivity for mobile and home users. As organizations keep adding locations and workers over time, MPLS becomes cost-prohibitive and complex to maintain and secure.

Widespread WFH Makes Connectivity And User Experience Challenging

As the work-from-anywhere (WFA) trend continues to grow, delivering a consistent user experience becomes increasingly challenging. Sustaining WFH and mobile users adds a major burden on IT compared to supporting conventional users at the office.

The New Hybrid Workforce Introduces New Security Challenges

Organizations must provide remote users, including outsourced consultants and contractors, with network access. This requires implementing secure remote access to only necessary applications and resources with only the required level of permissions to ensure productivity.  Additionally, as ransomware and other threats continue to rise, adequate threat prevention tools must protect users and applications from cyber threats. Legacy networking and security approaches will be unable to deliver that granular level of protection.

Expansion Into New Regions Creates Issues

Growing organizations are expected to open offices in new geographical regions in the next few years. With major expansions, mergers and acquisitions taking place, IT teams are under significant pressure to integrate new locations and employees as quickly as possible. MPLS connectivity may not be ideal because it requires months to deploy, and some locations may not support it. 

New Demands Mean New Expenditures

More sites mean more users and more users mean more bandwidth. Eventually, networking and security infrastructures will reach capacity limits, necessitating costly upgrades and replacements. Organizations will also need the additional skills, time and resources to deploy, secure and maintain the incremental infrastructure that will be deployed over the years. This also means training existing staff in new use cases, hiring new staff with the knowledge, or outsourcing tasks to outside partners.

The Telco Headache

Working with major carriers has historically presented challenges, which are unlikely to dissipate anytime soon. Lengthy delays in opening and closing support tickets, the lack of transparency within these large organizations, and the ongoing frustration of holding individuals accountable are issues we’ve experienced. IT departments may encounter mounting frustrations when attempting to have their feature requests fulfilled by telcos prioritizing product reselling over taking ownership of software and hardware design.

Future-proofing Connectivity

The industry is rallying around SASE (Secure Access Service Edge), a cloud-based networking and security approach that converges SD-WAN with Security Service Edge (SSE) functions like secure web gateway (SWG), data leakage prevention (DLP), zero-trust network access (ZTNA), cloud access security broker (CASB) and other security controls, to meet the challenges introduced by the cloud, mobility and shifting network traffic. Here’s why and how SASE helps overcome these challenges:

Meeting Hybrid User Demands: The SASE architecture converges networking and security into a single cloud service for secure, optimized traffic delivery.  It enhances network performance by choosing the most optimum path for the fastest packet delivery. Whether users are on the road, at the office in Japan or Spain, they receive consistent performance and secured access to any enterprise resource, including cloud applications and the internet.

Gaining Visibility and Control Over Cloud: A cloud-native architecture delivers a broad range of security capabilities that work in concert with each other. SASE allows enhanced visibility and control for all WAN and cloud traffic flows, enabling better security and streamlined management.

Although SASE represents a major shift in IT strategy, its implementation should not be disruptive. Adopters can gradually integrate SASE, expanding their deployments as service contracts expire or when new requirements dictate. Whether organizations make the move now or later, cloud computing and WFA have already altered network traffic patterns. Organizations must take a closer look at approaches that can adapt and evolve or risk being left behind. 

The post The ROI of Doing Nothing: What to know as new demands are placed on networks appeared first on Cybersecurity Insiders.

Nothing is better than meeting with customers and prospects who can articulate their issues as a business and security organization, from boardroom and regulatory pressures to deploying resources, including people and the tools that enable them. 

Whether meeting with a large bank CISO or a security leader from a global communications company, each shares their unique focus and different challenges, but when discussing data security challenges, there are often several commonalities. For example, they usually share pressure from the top, be that the C-Suite, the Board, regulators, or all the above. And the strategies they choose all involve trade-offs. They don’t have unlimited budgets to do and try everything. They typically discuss a mash of homegrown solutions, vendor products, and outsourced managed security services. 

Most enterprise security strategies protect networks, endpoints, and identities. Data security is a priority, but it is often not at the heart of security plans. With the aggressive introduction of GenAI into the enterprise, security leaders are re-evaluating their approach to data security, starting with the internal use of GenAI. There is a near-universal focus on Microsoft CoPilot and productivity applications like Slack, which can be difficult to govern when multiple instances are used within the environment. 

After listening to CISOs from various industries, here are five data security challenges that even the most seasoned security leaders face as they construct plans to better protect their data. 

  1. Understanding what data exists in their environment – This is an interesting one. Regarding their on-premises environments, most believe they have a good idea about their data footprint. But, when it comes to SaaS and public clouds, they really struggle. The data security tools they relied on for their data center locations are weak at helping discover and classify data outside their corporate perimeter. With data being so democratized in today’s workplace, they feel they would face significant exposure if data were moved to SaaS or public cloud. 
  2. Knowing the sensitivity of their data – Many acknowledge not all of their data is equal, but they have no easy way to determine what data is most critical to their security operations. Their on-premises solutions use classification engines built solely on regular expressions and pattern matching, leading to false positives and requiring manual intervention for classification. They cannot accurately classify down to the file or object level. This is increasingly important in the age of mandatory breach disclosure rules. 
  3. The infrastructure distribution of data – Many large enterprises have data in all three major public cloud providers (AWS, Azure and Google), SaaS (primarily a Microsoft shop), and on-premises. Most have no clear visibility into how much data exists within those environments and if there are data duplicates within their environment. These insights would unlock the ability to make strategic decisions around their infrastructure and potentially introduce additional data hygiene to remove certain data or migrate to cheaper infrastructure, thereby reducing the attack surface and data storage costs. 
  4. The relationship between identity and data – It’s no surprise that humans, groups of humans, and non-human identities (devices) require access to business data. Many security leaders are concerned about data access. This concern is beginning to extend the discussion about zero trust in the context of secure access, endpoint security, and the identity provider space to data at rest. Zero Trust Data Access is on the horizon.
  5. Privacy Data Incident Response – The ability to detect data anomalies (users randomly accessing PII data), maintain PII compliance, and minimize the impact of a data incident are top-of-mind and clear challenges for security executives. The need to align breach response to relevant regulations is a must. So, too, is the ability to easily determine what PII data is impacted as part of a data incident. The Change Healthcare incident is proof of this necessity. Not knowing what PII data part of their ransomware attack has prevented the company from promptly notifying customers whose PII data was impacted. This was an eye-opening revelation for all security leaders. 

Addressing these challenges requires a comprehensive and adaptive data security strategy. That strategy has to start with what is seemingly the most obvious of all: you have to know where all your data is at all times, and you need to know the risk it represents so the proper controls can be applied. Without this solid foundation, nothing else matters. 

We are still in the early days of the cybersecurity industry, let alone the era of Generative AI. Data governance is now an issue of immense importance to businesses, regulators, and consumers. Much has to change in terms of how we have been protecting data. Security leaders must continue to share insights and collaborate to develop effective solutions for safeguarding their organization’s data in an ever-evolving threat landscape.

 

The post Five Data Security Challenges CISOs Face Today appeared first on Cybersecurity Insiders.

Artificial Intelligence (AI) has ushered in a new era of cyber threats where cybercriminals now use sophisticated AI tools to execute a range of attacks. At the RSA Conference 2024, the FBI San Francisco division warned individuals and businesses to be aware of the burgeoning threat posed by malicious actors using AI tools to execute sophisticated phishing and social engineering attacks and voice/video cloning scams. AI-generated fraudulent material is becoming increasingly “human” and more difficult to identify. In a recent study from Keeper Security, 95% of IT security leaders said that cyber attacks are more sophisticated than ever, with over half (51%) witnessing AI-powered attacks first-hand at their organizations.

The arsenal of AI tools at cybercriminals’ disposal facilitates a seamless convergence for launching cyber attacks. With this increasingly challenging threat landscape to contend with, how can businesses best fortify their defenses?

Prioritize Employee Education and Awareness Training

Employees are the first line of defense, and as cyber threats evolve, so should employee awareness training. Educating staff on emerging cybercriminal tactics, including AI-driven attacks, empowers employees to identify and report suspicious activities. Organizations must complement training initiatives with a comprehensive cybersecurity framework that goes beyond user education alone.

Leverage a Privileged Access Management Solution

Robust privileged access management ensures tight control over sensitive accounts and systems, such as IT admin accounts. Restricting access to these accounts mitigates the risk of unauthorized entry and potential data breaches, thwarting cybercriminals’ attempts to exploit vulnerabilities and limiting the impact if a successful attack does occur.

Organizations must carefully consider who can access which networks and accounts, especially the ones providing the proverbial “keys to the kingdom,” as well as those that contain the most sensitive business information. For instance, a convincing deepfake impersonating a C-suite executive would be far less effective in targeting a mid-level employee if that employee didn’t have access to sensitive data or systems.

Conduct Regular Software Updates and Uphold Secure Account Practices

Consistently updating software and devices bolsters security by promptly addressing vulnerabilities. Timely patching reduces the window of opportunity for hackers to exploit weaknesses and implementing secure backup protocols safeguards data integrity, offering protection against the potential for data loss resulting from cyber attacks.

Exercise Caution with Personal Information

With AI-enabled phishing emails, impersonation and deepfakes on the rise, vigilance is paramount when sharing personal or sensitive information online – particularly as cybercriminals leverage AI to make scams more believable. For example, scammers can use AI algorithms to analyze large amounts of data, generating a fake persona and utilizing a technique referred to as “synthesis,” which can realistically mimic someone’s voice. With these techniques helping cybercriminals look and act more legitimate than ever, verifying the authenticity of requests, using encrypted communication channels and exercising discernment, can all help mitigate the risk of falling victim to AI-driven scams. 

One good practice here is asking for a second form of identification or verification before sharing any sensitive information and using an encrypted service to ensure information sent is only viewable by the intended recipient. 

Enforce Strong Password Policies

AI-password cracking poses a significant threat to cybersecurity, as it can make this process faster and easier for cybercriminals. Purpose-built password cracking software has the ability to run through reams of known passwords and variations quickly. This is why implementing stringent password practices, including the use of complex and unique passwords, coupled with a secure password management solution, will reduce the likelihood of successful brute force attacks.

While the threat landscape continues to evolve, the core principles of cybersecurity remain steadfast in defending against both traditional and emerging threats like AI-powered cyber attacks. Basic measures such as upholding robust password management, enforcing the use of Multi-Factor Authentication (MFA), conducting ongoing employee training and maintaining software updates, are indispensable defenses against AI-fueled attacks. By prioritizing these fundamental practices, businesses can significantly bolster their resilience in the face of AI-powered cyber threats without the need for radical reinvention.

 

The post Five Strategies for IT and Security Leaders to Defend Against AI-Powered Threats appeared first on Cybersecurity Insiders.

In my nearly five decades in the cybersecurity industry, I have seen countless security and risk situations. Many security practitioners believe we know what makes systems, security, and availability happen, and that’s true in many cases. However, there’s always more beneath the surface that we encounter daily.

Where are we?

As digital transformation accelerates, organizations face increasing challenges in protecting digital identities. For example, Zero Trust Architecture (ZTA) has been around for a while, yet most organizations have not implemented it. The Cybersecurity and Infrastructure Security Agency (CISA) has defined its Zero Trust Maturity Model with five pillars, the first being Identity.

At the Identity Defined Security Alliance (IDSA), we recently released our 2024 Trends in Identity Security report. The report confirms some expected trends and also new attention-grabbing data. Notably, 73% of respondents said that effectively managing and securing digital identities was among their top three priorities, up from 61% in 2023. This raises the question of what should be done to the remaining organizations not in that 73%.

One contributing factor to making this difficult to manage is identity sprawl. Think about the different ways you access systems and information at work and home. How many different accounts do you use at work? Is there one for your computer, another for your email system, your accounting system, and your HR system? Every access account that exists is an expansion of your attack surface, increasing the risk to you and your organization. Our research also revealed that over half (57%) of the respondents consider managing identity sprawl a major focus, yet roughly one-third track any costs associated with identity sprawl. There is a savings opportunity here.

Incidents are not free

We cannot ignore the direct and indirect costs associated with identity-related incidents. Almost every organization (90%) has encountered one or more identity-related incidents in the past year. These range from one compromised password to a full-blown ransomware incident that can disable an organization. Social Engineering still wins the day in this space, with phishing being the number one method. It’s alarmingly easy for anyone to click on an image or link in an email and introduce malware into their system. No other incident cause comes close to the more than two-thirds of them caused by phishing.

Notably, 84% of organizations say identity-related incidents directly impacted their business. These are not petty attempts at disruption; they affect everyone. Almost half had three or more incidents in the past year that required using their incident response plans.

Is the new technology helping?

On the upside, over two-thirds of respondents feel positive about passwordless authentication, and almost all respondents expressed their desire to implement phishing-resistant Multi-Factor Authentication (MFA).

On the subject of learning, the majority of respondents see Artificial Intelligence (AI) or Machine Learning (ML) playing a role in identifying outlier behavior and evaluating alert severity in their Security Operations Center (SOC). Movement in these areas is expected within the coming year.

What are we learning?

When asked, in retrospect, what could have avoided or reduced the impact of an identity-related incident, the top three responses were:

  1. Implemented MFA for all users
  2. More timely reviews of access to sensitive data
  3. More timely reviews of privileged access

Implementing these measures will not solve all problems, but they will eliminate or reduce many of them. They have become basic housekeeping. Having an incident without having implemented them increases the risk and puts the burden on you.

We can all work together to raise the tide of identity protection. Look at your digital environment and see what you can do to eliminate some of the multitude of identity-related incidents happening right now. 

The post Inside Identity 2024 appeared first on Cybersecurity Insiders.

Break free from online restrictions and enjoy a safer browsing experience! VPNs encrypt your data and bypass limitations, empowering you to explore the internet with confidence. The future of VPN technology looks promising. It will improve security, performance, and user experience. So, this article will discuss how VPNs are addressing these threats and what it means for users. Read on to learn more.

The Evolution of VPN Security

Advanced Encryption Methods

Encryption is key for VPN security, keeping your data private. As cyber threats advance, VPN providers enhance encryption. They’re preparing for quantum-safe encryption. This will shield data from quantum computers, which can break current standards.

AI and Machine Learning Integration

AI and ML are transforming industries, including VPN technology. They boost security. For example, they quickly detect threats and automatically react to breaches. This allows a VPN to stop cyber threats and protect without human oversight.

Zero Trust Architecture

The zero-trust security model is simple. It doesn’t trust any device, even those inside the network. First, it verifies every device. VPNs are now adopting zero-trust principles. These include allowlisting, which only allows trusted devices, and microsegmentation. Microsegmentation limits network areas to stop breaches from spreading. This strategy adds more security. It makes it difficult for unauthorized users to access your data.

Enhancing User Experience

Mobile-First Design

VPN services are evolving to meet the growing use of mobile devices. Soon, they will offer designs specifically for phones and tablets. These designs will be easy to use and include improved security for mobile use. Users will get the same protection on their mobile devices as on their computers, ensuring full security across all devices.

User-Friendly Interfaces

VPNs now offer simpler interfaces, making them easy for all users. This focus on ease ensures more people can enjoy VPN security. It doesn’t matter if you’re tech-savvy or not. Using a VPN is now straightforward and hassle-free.

Optimized Streaming Experience

Future VPNs will improve performance for streaming services. They’ll offer faster server switching, lower latency, and servers just for streaming. These upgrades aim to let users enjoy buffering-free, high-definition streaming.

Performance Improvements

Speed and Reliability

Using a VPN to stream can slow your internet. Yet, upcoming VPNs will focus on streaming. They will tweak server networks and cut down on delays. So, you can watch high-quality content easily. Importantly, these changes won’t harm security. Enhanced encryption and secure protocols will guard your data. This way, your online activities stay private and safe.

Decentralized VPNs (dVPNs)

Decentralized VPNs (dVPNs) bypass geographic restrictions! Access content from anywhere in the world with the security and privacy benefits of distributed networks. This decentralized structure does two things. It enhances anonymity and reduces the risks of centralized control, such as single points of failure and data breaches.

Securing the Internet of Things (IoT)

Protecting Connected Devices

The Internet of Things (IoT) is growing fast, with more devices joining daily. Yet, this growth poses new security challenges. Each connected device becomes a potential entry point for cyber threats. VPNs are key. They secure IoT devices by encrypting connections and protecting data. This way, your smart home and other devices stay safe from cybercriminals.

VPNs not only secure IoT devices but also protect streaming devices like smart TVs and sticks. They encrypt data and secure connections. Thus, users can stream content safely on all their devices.

Edge Computing Integration

Edge computing is on the rise. It processes data near its source, not in centralized centers. VPN technology is adjusting. It now securely processes data at the network edge. This helps IoT devices process data faster and more securely.

Future-Ready Features

Quantum-Safe Encryption

Quantum computing is a threat to current encryption. Future VPNs will use quantum-safe algorithms. This will secure your data against quantum advances. It’s a proactive step to protect your sensitive information.

Geo-Fencing and Geo-Shifting

Future VPNs will enhance their geo-fencing and geo-shifting. Geo-fencing will create virtual boundaries, blocking certain areas. Meanwhile, geo-shifting will bypass regional restrictions, accessing content from anywhere. These upgrades promise more digital freedom and flexibility, letting users browse the internet without constraints.

Ephemeral VPNs

Ephemeral VPNs, also called disposable VPNs, are for one-time, temporary connections. After use, the server and data are deleted. They suit those who need full privacy and want to avoid a digital trail. With these VPNs, users can keep their online activities private and untraceable.

The Future of VPN Hardware

x86 Computing Systems

VPN technology has advanced. It now uses x86 systems, making it more adaptable. Growth in users’ needs is met with this flexibility. Moreover, VPNs offer strong performance and security. They no longer need specialized hardware.

Robust and Flexible Hardware

Even with software improvements, dedicated hardware is vital for fast, stable connections. Future VPN hardware will advance, offering secure, reliable, and flexible connections. This progress helps VPNs tackle growing cyber threats and maintain performance.

Cloud Compatibility

Secure Cloud-Based Applications

As cloud usage grows, VPNs must evolve for secure, smooth data transfer. Future VPNs will be tailored for cloud apps, ensuring strong security and high performance. This adaptation will allow users to securely access cloud services and safeguard their data from threats.

Policy-Based Access Control

Future VPNs will offer policy-based access control. This lets admins decide who can access specific resources. Thus, only authorized users can view sensitive data, lowering the risk of unauthorized access. Additionally, policy-based controls make the VPN experience more secure and tailored for users.

Preparing for the Future

Embracing Cutting-Edge Technologies

VPN providers need the latest tech to beat new threats. This means using AI, quantum-safe encryption, and decentralized networks. By leading in tech, VPNs can offer strong security. This protects users from evolving cyber threats.

Focus on User Needs

The future of VPNs will be user-centered. It will prioritize user needs over just network concerns. This shift means focusing on user security and data privacy. By doing so, VPN providers can offer more personalized and secure services. 

Practical Steps for Today

The future will bring many advancements. However, users can already take steps to boost their online security for streaming. Here are some tips:

Optimizing VPN for Streaming Devices

VPNs are not just for your phone, computer, or just online browsing. With the growing trend of streaming devices like Fire Stick, Roku, and Apple TV, using a VPN has become increasingly important. It’s crucial to set up your VPN on all smart devices for optimal security and performance.

For detailed guidance on setting up a VPN, you can find step-by-step instructions on how to install Surfshark on your Firestick in this tutorial. This ensures that your streaming activities remain private and secure.

You can also improve your streaming by tweaking VPN settings. First, pick the fastest server. Then, use split tunneling to direct streaming through the VPN while other traffic goes through your normal connection. Finally, choose fast and stable protocols, like WireGuard. Moreover, update the VPN app often to get the newest speed and security upgrades.

Securing Your Devices

Protect all home network devices with the VPN. These include smartphones, tablets, laptops,TVs, smart speakers, and security cameras. Use VPN-compatible routers to secure all devices, even those without VPN support. Installing a VPN on your router boosts security for all devices in your home.

Review and tweak your VPN’s security settings. Kill switches, split tunneling, and custom DNS settings can boost your online safety. Use the kill switch feature to disconnect your internet if the VPN drops. This prevents data leaks.

Streaming uses a lot of bandwidth. So, regularly check your internet’s speed and data use. This ensures you don’t exceed your ISP’s or VPN’s data limits. Some VPNs offer data usage stats and alerts. They can help you manage your data well.

The Importance of Staying Informed

As cyber threats evolve, staying informed about the latest security practices is essential. Regularly updating your VPN software and understanding new features can significantly enhance your online protection. Subscribing to security blogs is a great option as well. Also, participating in forums and following updates from your VPN provider are excellent ways to stay ahead of threats. 

Ongoing education about cybersecurity best practices empowers users to make informed decisions. It helps them adapt to emerging threats effectively. By staying watchful and proactive, individuals can better protect their digital assets. They can keep a safe online environment amid changing cybersecurity landscapes.

Conclusion

In the digital future, VPNs will protect our online activities. They will focus on innovation and user needs. This effort will keep our data private, our connections secure, and our rights protected. The goal is not just to beat cyber threats but also to improve our online experiences. The next VPNs will cater to those who want more privacy, security, or better performance.

 

 

The post How VPNs Will Adapt to Evolving Threats in the Future appeared first on Cybersecurity Insiders.

The anticipated advent of quantum computing will have a devastating impact on existing modes of asymmetric data encryption. It’s likely that within the next few years, quantum-capable entities will gain the ability to decrypt virtually every secret possessed by individuals, governments and private industry where asymmetric encryption algorithms such as RSA, Finite Field Diffie-Hellman, and Elliptic Curve Diffie-Hellman have been used for protection.

The looming failure of today’s encryption is an alarming prospect and yet the government and various standards bodies require a greater sense of urgency which an existential event like this demands. With the steal-now-decrypt-later (SNDL) threat from quantum, there is a compelling need for solutions that can be deployed today. If history is any indicator, the critical problem we currently face is that the cycle time for migrating to new post-quantum resistant encryption algorithms and related standards will be too long to mitigate the danger posed by the oncoming quantum threat. Quantum computers, which are expected to become viable in the next few years, use subatomic particles and quantum mechanics to perform calculations faster than today’s fastest conventional supercomputers. With this computing power comes the ability to crack encryption methods that are based on factoring large prime numbers. An algorithm introduced by Peter Shor back in 1994 provides a method for the factorization of these large prime numbers in polynomial time instead of exponential time with the use of a quantum computer. What this means to us is that while a conventional computer might take trillions of years to break a 2,048-bit asymmetric encryption key, a quantum computer powered by 4,099 quantum bits, or “qubits,” using Shor’s algorithm would need approximately 10 seconds to accomplish the task. We don’t have a decade for 30 revisions on the standard to get this right, as we have seen from previous standardization efforts.

It may be comforting to think that because quantum computers of a crypto-logically significant scale don’t exist yet, there is nothing to worry about today. However, this idea is a mistake for two reasons. First, quantum computing is advancing at a faster pace than anyone previously contemplated. Second, malicious actors can steal encrypted data today and decrypt it with a quantum computer when quantum computers become available. This is the SNDL threat highlighted above. Banks use quantum-vulnerable public key exchange to validate your account access, as do health providers transmitting digital health records, as well as the IRS when e-filing your taxes. Even VPNs and the core infrastructure (routers and network switches) implement quantum-vulnerable key exchanges when using IPSec and MacSec protocols. Once quantum computing comes on-line, a bad actor can discover the private keys associated with these public keys and the contents of wallets, records and accounts  will become available to the attacker.

Users need a simple control plane that enables them to select any crypto library they desire to defend against these evolving quantum threats. Additionally, many nations are developing post-quantum resistant algorithms and may not want to wait on NIST to standardize an algorithm or certify an implementation and need a solution that provides them with the agility to employ the post-quantum cryptographic algorithms of their choice – in effect, a bring your own algorithms (BYOA) approach.  

Agility allows us to future-proof systems against both novel cryptanalysis and implementation errors.  It shortens the time between the demonstration of a vulnerability in an algorithm, implementation, or protocol, and the patching or upgrading of all applications and services affected by the vulnerability. Agility enables the transition to more efficient algorithms or implementations. Quickly eliminating vulnerable algorithm implementations calls for the capability to access different implementation libraries for the same algorithm and enable “fall back” and switching to other algorithms. For example, a software library may implement an algorithm in a way which is vulnerable to attack. KyberSlash1 and KyberSlash2 impacted the implementation of the Kyber algorithm in all but six of 22 popular crypto libraries. It took more than 90 days to patch the vulnerable implementations on most of the affected libraries. A crypto-agile solution should enable an organization to move easily and rapidly between implementations – otherwise the entire security posture and data of the enterprise is compromised.

New quantum secure encryption methods with crypto-agility functionality have been developed and can be deployed immediately. The challenge is to make them work with existing encryption algorithms and protocols while enabling crypto-agility to stay ahead of the pacing threat without having to rip-and-replace the existing infrastructure. After all, it is impossible for every system to upgrade its encryption algorithms all at once.

The post A Bring Your Own Algorithms (BYOA) Approach to Crypto-Agility Addressing Quantum Threats appeared first on Cybersecurity Insiders.

TL;DR — do not deploy smart contract code that you do not understand, and do not send tokens or ETH to contracts that are not managed by an entity that you trust.

I can’t believe that trading bot scams on Ethereum and Ethereum-like chains are still going on. But they are. Today I had to deliver the bad news to someone that they had lost a significant amount of ETH to such a trading bot scam. And unfortunately, YouTube, Telegram or Discord, and Remix aren’t doing much to prevent them.

These scams have been going on for years now, and people are still falling for them.

The core of the scam consists of:

1. some Solidity code that the scammer claims is a trading bot smart contract that will make you money while you sleep, and

2. a tutorial video showing you how to deploy the smart contract using Remix

The reason the scam works is because in crypto there are people who don’t have enough underlying technical knowledge to determine that what it promises is nonsense or assess the code competently to see that it is designed to steal your crypto-assets, but they do have enough technical knowledge and confidence to follow the instructions given.

They also often made significant profits by buying crypto earlier on, making them excellent targets.

What part does Remix play?

Remix is an online tool provided by the Ethereum Foundation, which allows you to write, debug, and deploy smart contracts from your browser.

Remix warns you about trading bot scams on its front page, but the warning is easily overlooked, as the main screen is full of moving adverts for projects, templates for contracts, and other distracting information.

 
The warning should be in a large pop-up that you have to dismiss before you get to use Remix, and it should list all the possible names the scammers may be using for the scam.
 
The scammers call their contract a “trading bot”, or an “MEV bot”, or a “liquidity front runner bot” or something else that sounds intriguing, but in reality it is just obfuscated code that transfers any ETH the mark deposited into the contract to the scammer’s address.
 
There is a second warning when you paste code into Remix.
 
Ultimately, the fact that there are warnings doesn’t matter. The scammers often use the open-source repository for Remix to deploy their own copy at their own URL, and remove the warnings.
 
It doesn’t help to have a message saying “Only use Remix at https://remix.ethereum.org” on the genuine site if people are being directed straight to something like https://remixscript.pro/ by the tutorial video.
 
(Note: do not use the remixscript.pro site!)
 
What part does YouTube play?
The scammers post tutorial videos on YouTube.
 
The tutorial videos are pretty slick. They often have an articulate gentle-spoken person with an ASMR-type voice walking you through the process of deploying the contract, together with a lot of nonsense that sounds plausible about how the trading bot works and what features of Ethereum, Binance Smart Chain, Polygon, or some other Ethereum compatible blockchain the smart contract exploits.
 
The instruction part of these videos is remarkably clear. It just goes to show you that when there is sufficient motivation (unfortunately evil motivation in this case) people can create really simple, clear instructions for the most complicated of things.
 
The videos have lots and lots of comments from people claiming that they’ve made small fortunes using these scammy contracts. The people are fake — the scammers have registered many accounts leaving these glowing testimonials to create a sense that the bot really does work.
 
YouTube is not very diligent in removing the videos, even if notified.
 
What part does Discord or Telegram play?
If the scammers are doing particularly well, they may even pay for a “support person” to moderate a Telegram or Discord channel, for that extra touch of legitimacy.
 
Furthermore, if someone reaches out for support because their bot isn’t making them any Ether or Matic, the support person can examine their address, see how much native cryptocurrency they are holding, and recommend that more be added to the contract because it needs X ETH or Y Matic to kick in and work.
 
As part of stringing along the mark, they may even refund a small amount to give the impression that the code isn’t locking up or stealing the assets. This is the crypto equivalent of a pool hustler or card sharp allowing the victim to win small amounts early on, only to clean them out on the big final con.
 
If you can even get Discord or Telegram to do something about closing down the channel (which they won’t), the scammers can immediately open another one.
 
How does the code work?
A link to the code is always provided in the video and the description for the video, and the code is supplied using a public file-sharing service like Pastebin, Github, or Ghostbin.
 
I have looked at about four different versions, and they all follow the same structure:
 
  1. Make it look like the contract has something to do with a token-swapping contract like Uniswap or Pancakeswap by including imports of one of those contracts at the top of the code. Clue #1: the functions in these imports are never called.
  2. Include lots of comments that make it look like the functions are for finding instances of the swapping contracts. Many of these functions aren’t even called anywhere in the code. Clue #2: the comments are technobabble.
  3. Use obfuscated code blocks in nested misleadingly named functions to construct the scammer’s address. Clue #3: running these functions always returns the same value.
  4. All publicly callable functions in the contract contain a transfer of the ETH (or chain native cryptocurrency) balance of the contract to the scammer’s address. Clue #4: the transfer code has no comments.

Lessons learned

The aphorism, “If it seems too good to be true, it probably is” holds everywhere, even for crypto. The problem with crypto is that many people have made a lot of money by buying low in a way that seems too good to be true, and that softens them up for scammers to come along and relieve them of what to many seems like not-so-hard-earned cash.

I’ve personally lost 0.1 BTC and about 3 ETH to scams over the last decade. It’s nothing to be ashamed of, but it is something to be angry about. And it does teach you to be more careful.

The key thing is to avoid acting on that irrational initial impulse that combines the emotions of fear and greed — fear that you’re going to miss out if you don’t strike while the digital iron is hot, and greed for the possibility of making easy money.

Instead, look at the offer being made rationally.

Does it make sense that someone who has invented a trading bot that can turn 3 ETH into a perpetual stream of 6 ETH every week would spend a fortune making a video explaining to total strangers how they can do it too? What would they gain from that? Is it even possible to have a system where, no matter how many people join, magical internet money will flow to all of the participants?

No, of course it doesn’t make sense.

It’s as crazy as believing a tweet that if you send Bill Gates one bitcoin or Vitalik Buterin one ETH, he will send you two back. And here’s his Bitcoin or Ethereum address.

Except … people have fallen for that scam too.

The post Beware of Trading Bot Scams appeared first on Cybersecurity Insiders.

In the modern world of business, there’s seemingly an unlimited number of uses for artificial intelligence (AI). From automating repetitive tasks to shaping high-level decision-making processes, the technology has a foothold in the corporate landscape and its influence is only growing stronger. 

Despite all the obvious benefits and opportunities of leveraging AI, there remains some concerns around its application in different fields. One of the most pressing worries is around security and privacy, especially when it comes to data – but could AI actually have a part to play in helping to keep information safe?

It’s imperative that customers feel comfortable trusting a business with their personal information, and companies have a huge responsibility not to abuse that trust. So, is AI the problem or the solution in the realm of data security? 

In this guide, we explore three key applications of AI when it comes to customer service and safeguarding confidential information.

Anomaly detection

First and foremost, by using algorithms to analyze vast amounts of data, AI excels at identifying patterns and detecting anomalies. In the context of data security, AI-powered systems can monitor login attempts, network activity, and other user behaviors to spot unusual patterns. When deviations from normal behaviors occur, the AI system flags them as anomalies, which could indicate potential security breaches, fraud, or other malicious activities. 

For instance, if an AI system detects an unusual login attempt from an unfamiliar location or a sudden spike in data access at odd hours, it can immediately alert security teams to investigate further. This proactive approach allows businesses to address threats in real-time, significantly reducing the risk of data compromise and enhancing overall data integrity. By continuously learning from new data, AI systems can adapt and improve their detection capabilities, making them increasingly effective at identifying subtle, sophisticated attempts to exploit customer information.

Encryption and decryption

AI also has transformative potential in the area of encryption and decryption, playing a vital role in securing customer data. Traditionally, encryption involves converting data into a coded format that can only be deciphered with a specific key, ensuring that sensitive information remains protected both during transmission and while at rest. AI can enhance this process by automating and optimizing encryption algorithms for greater efficiency and security. AI-powered encryption systems can dynamically generate complex keys that are far more resistant to attacks, constantly adapting to evolving threats. 

Moreover, AI can streamline the decryption process, ensuring that legitimate users can quickly and securely access the data they need, without compromising security. This level of automation not only reduces the risk of human error but also ensures that data protection measures are consistently applied across all customer interactions. By leveraging AI in this area, businesses can significantly bolster their defenses against cyber threats, safeguarding customer data with state-of-the-art security protocols.

Data minimization

Data minimization is a principle that determines businesses should limit the amount of data they collect from customers to only the amount that’s needed to help them achieve the given purpose. In addition, data shouldn’t be stored on their systems for any longer than necessary. By leveraging AI algorithms, businesses can automatically identify and categorize data, ensuring that only relevant and necessary information is stored while redundant or superfluous data is discarded. 

This not only enhances data security by reducing the volume of sensitive information that could potentially be compromised, but also helps in compliance with data protection regulations like GDPR and CCPA, which mandate the minimization of data collection. Additionally, AI can enforce strict data retention policies, automatically archiving or deleting data that’s no longer needed, thereby limiting exposure risks. Through smart data minimization, AI helps businesses maintain a lean data footprint, significantly lowering the chances of breaches while ensuring that they handle customer information responsibly and ethically.

Safeguarding customer data with AI

It’s clear that AI systems can facilitate enhanced security of customer data to increase trust and safeguard from reputational damage or legal punishment. Through its many applications, AI is making it increasingly difficult for unauthorized individuals to gain access to secure data. Taking a dynamic approach to protecting sensitive customer data helps to secure the safety of both companies and their customers. 

 

 

The post How can AI be used to keep customer data secure? appeared first on Cybersecurity Insiders.