Category: Guest Blog Post

Cisco’s $28 billion acquisition of Splunk comes at an inflection point of security teams beginning to adopt to working with modern, cloud-native data lakes.

Related: Dasera launches new Snowflake platform

For years, Splunk has been the workhorse SIEM for many enterprise Security Operation Centers (SOCs). However, security teams have challenges with Splunk’s steeply rising costs. And now, early adopters of security data lakes like Snowflake are saving more than two-thirds of what they were paying for their Splunk license.

Splunk’s inability to migrate to a modern cloud-native architecture makes it difficult to take advantage of these cost-saving benefits or implement advanced data science use cases critical for threat detection. The Cisco acquisition shall exacerbate these challenges and speed up the adoption of security data lakes.

While it’s great to see data lakes gaining so much momentum, many security teams struggle to take advantage of them. Ripping and replacing Splunk overnight is unrealistic. Enterprise security teams need a path to incrementally migrate to a modern data lake with minimal impact on their SOC workflows.

SOCs require the ability to manage detections and analyze real-time security threats in a unified manner, regardless of where their data is stored, which is best achieved by separating their analytics layer from their data logging layer.

Here’s how to leverage the power of decoupling to create a distributed data lake architecture where security teams can choose to use multiple data platforms like Splunk and Snowflake, while maintaining a consistent security analytics layer.

Data lake connectors 

From detections written in SQL, KQL, or SIEM-specific languages like Splunk’s SPL, to the utilization of Python notebooks and various data science models for threat hunting, the variety and volume of data in data platforms can pose processing and detection development challenges for detection engineers who are not subject matter experts in multiple query languages. Influxes of data ingestion and the flat architecture of data lakes have led to difficulties in extracting value from repositories.

Gonzalez

Relying on data collection and organization tools like the traditional SIEM to analyze the various log data for threat detection requires constant updating of the analysis methods and, more importantly, puts the onus of observability onto the security engineer. Every new data source becomes a headache for the multiple teams required to collaborate together to get each data source in a usable state.

For detection engineers to efficiently identify and thwart potential threat actors, the data logging and analytics layers need to be decoupled. This provides the flexibility to easily grow and change security to support the organizational/business changes (ex: moving from Splunk to Snowflake over time), reduce costs, and finally start to keep up or even stay ahead of alerts.

Impactful analysis

A decoupled, purpose-built threat detection platform can work across distributed data lake architectures. SOC teams will no longer need to modify detection logic, hunting notebooks, data science models, or wait for IT to prepare data sources.

Each data lake can be connected to the threat detection platform which can analyze and detect threats using a unified set of detection logic and advanced AI, with real-time normalization.

This streamlines security operations, and improves response agility, while also reducing vendor lock-in, giving CISOs flexibility for more cost-effective options. It also alleviates the cost and political implications associated with data migration and enables unified querying and analysis across multiple data lake architectures.

To achieve decoupling, organizations need to implement a unified detection layer and adopt the right AI tooling.

Implementing a unified detection layer simplifies the process of building detection content, even with diverse skill sets among security analysts. It also provides a standardized schema, enhancing the adaptability of security operations to different data storage scenarios. The unified detection layer should act as a hub for all detection content that connects to and processes detections within each data lake, regardless of the query language.

When you decouple the activity of threat detection from tools for which it is not inherently designed, you free up those resources to do what they need to do: address and remediate threats. Detection engineers can now spend more time protecting the business than figuring out how to protect the business.

Agnostic security

Decoupling enables rapid data access and flexibility in a distributed data lake architecture, meeting the demands of modern data management. By minimizing reliance on vendor-specific data logging platforms, data access can be expanded.

SOCs will gain control over their data storage strategy, allowing them to keep the data where it is. At the same time, SOC teams can keep pace with user expectations of more SaaS-ified, agile data management and future-proof security operations.

By leveraging a unified detection layer and AI, organizations can optimize data storage and analysis processes, leading to smarter and faster detection of security threats. Additionally, it promotes interoperability among different data sources and tools, ensuring a more seamless and flexible security infrastructure.

Data duplication and the associated operational costs are reduced, unnecessary logs and the associated costs are reduced, and the dependency on having fully normalized data in your data repository is eliminated in favor of data feeds. Additionally, analysts can be more effective by leveraging low/no-code detection builders, so they neither need to worry about parsing/normalizing the data nor be experts in a specific query language or technology.

With this shift, you can take advantage of modern innovations in storage architectures while simultaneously gaining access to specialized detection and response innovations.

About the essayist: Kevin Gonzalez, is senior director of security and operations at , Anvilogic, a Palo Alto based cybersecurity company founded by veterans from across the security industry building the future of AI in cybersecurity.

Supply chain security grows more crucial daily as cybercriminals attempt to disrupt distribution and transportation. In response, industry professionals must automate their cybersecurity tools to stay ahead.

Why so? The 2020 SolarWinds cybersecurity incident — which industry experts call the supply chain attack of the decade — was an incredibly high-profile breach affecting massive corporations. While it may seem like an outlier, it reveals an alarming trend.

Professionals on the incident response team believe cybersecurity hasn’t improved and no one has learned from the situation. They point out how supply chains rely on software yet lack the security tools to protect them.

Simply put, cyberattacks are on the rise. Data breaches exposed over 37 billion records in 2020 alone — a 141% jump from 2019. Businesses must automatically secure their supply chains to protect themselves and comply with consumer-protection laws.

Automation best practices

The best practices for automating supply chain cybersecurity cover each stage of the process, ranging from installation to use.

•Comprehensive Integration. Organizations will only get the full benefits of supply chain cybersecurity automation with thorough integration. What use is automatic threat detection without an immediate response? A single-function tool creates security gaps since it needs to rely on others.

•Scalability. Tools should be scalable to grow with the business and maintain security. For example, automatic threat response software must be able to handle security even during a surge in malicious activity. Supply chain professionals have to ensure their technology can scale to meet demand increases.

•Ongoing monitoring. While automated tools can be beneficial, businesses must track them to ensure success. Ongoing monitoring is one of the best practices for cybersecurity automation because it results in optimal functioning. Supply chain professionals will need to measure performance metrics patiently to see how the technology improves upon previous tools.

•Vendor inclusion. While most supply chains rely on third-party vendors, they increase the chance of cyber attacks. Still, businesses trust them to handle cybersecurity since they’re supposed to be convenient. Even if they’re careful and use quality security measures, they broaden the attack surface.

For example, experts believe the June 2023 MOVEit supply chain cyber attack originated from a third-party employee working with cybercriminals. A single individual’s actions resulted in a data breach reaching over 160 people.

Automatic third-party risk management identifies potential relationship vulnerabilities, improving cybersecurity. Businesses should include this approach in their automation process to minimize security gaps and better protect themselves.

Tools tips

Although automation itself is convenient, its integration can be time consuming and complex. Supply chain professionals should consider implementing these tips to improve their processes. Here’s what to use for supply chain cybersecurity automation:

Quality tools: Better tools have higher performance potential. For example, quality artificial intelligence only needs milliseconds to process millions of data points.

Employee support: Many automated tools need human oversight or maintenance to reach their full potential. Their performance would benefit from employee support.

Modern tools: Companies should overhaul legacy systems to reduce security gaps between them and the new automation technology.

Quality data: Data-driven automation technology is only as good as the information it collects. Professionals must ensure they only use relevant, accurate details.

While many tools can complete tasks independently, only some can do so securely. Cybersecurity automation is most effective when organizations leverage quality technology and manual assistance.

Automation benefits

Amos

Timeliness, efficiency, reduced downtime and improved protection against cyber attacks are the top benefits of supply chain cybersecurity automation. Processes like threat identification and incident response move much more quickly and are often more accurate.

Efficiency is one of the most significant benefits of supply chain cybersecurity automation. Industry leaders need help finding skilled workers, with around 57% of organizations stating labor shortages are their largest obstacle as of 2023.

Businesses should consider adopting cybersecurity automation technology since it’s a cost-effective approach to labor shortages. Additionally, it may produce higher-quality work since many tools leverage massive data sets.

Automatic supply chain cybersecurity is essential for modern-day organizations, considering how cyber attacks continue to become more frequent. They must implement the best practices and consider optimizing their processes to protect themselves.

About the essayist: Zac Amos writes about cybersecurity and the tech industry, and he is the Features Editor at ReHack. Follow him on Twitter or LinkedIn for more articles on emerging cybersecurity trends.

Surrounded by the invisible hum of electromagnetic energy, we’ve harnessed its power to fuel our technological marvels for decades.

Related: MSFT CEO calls for regulating facial recognition tech

Tesla’s visionary insights from 1900 hinted at the potential, and today, we bask in the glow of interconnected networks supporting our digital lives. Yet, as we embrace this wave of connectivity, we often overlook the pressing need for protection.

Since 1984, when Japan’s pioneering 1G network blanketed the nation, we’ve been swept up in the excitement of progress. But let’s pause and consider—how often do we truly contemplate safeguarding ourselves from the very forces that fuel our interconnected world?

Link to identities

Over the past decade, mobile data traffic has surged an astonishing 4,000-fold, while an additional 400 million users have joined the digital realm over the past 15 years. As we venture into the era of 5G and witness the rise of private networks, the surge of electromagnetic charge is palpable, raising questions about the potential consequences.

Beyond the realms of charge, there lies a pivotal concern—the intricate linkage between our data and identities. This burgeoning fusion necessitates a higher level of vigilance, given the expanding ambit of our digital footprints.

The concept of Mobile Phone Penetration concept mentioned in all Mobile economy forecasts unveils an intricate dance between usage and population. Often overlooked, the SIM card—short for Subscriber Identification Module—acts as the nexus between our identity and technology, illuminating the thin line between connection and surveillance.

Arns

Gazing toward the horizon of 2030, an ambitious vision looms—a vision of achieving a 90% average subscriber penetration and smartphone adoption across Europe, China, CIS, and the USA. Such ambition thrusts mobile devices into the hands of nearly everyone over the age of 12, inviting us to reconsider our interaction with these potent tools.

Yet, as we hold these devices close, we’re forced to ponder—why does our understanding of their inner workings remain so limited? How can we fortify ourselves against potential threats? The dichotomy is striking—our dependency on technology has deepened, but our comprehension of its nuances lags.

Paradox challenge

Beyond the realm of sensitivity, consider our data—the intrepid voyager navigating electromagnetic currents. Recent revelations, such as the TechCrunch exposé on “Spyhide stalkerware,” unmask the vulnerability of our devices. The exposé recounts the stealthy exfiltration of private phone data from a staggering 60,000 compromised Android devices dating back to 2016[6]

Herein lies the paradox—data centers, government strongholds, and even spacecraft are fortified with Faraday technology against electromagnetic threats, while individuals who champion this cause are often typecast as cinematic caricatures. Think Gene Hackman’s paranoia in “Enemy of the State,” or the intrigue-laden worlds of “Mr. Robot” and “Mission Impossible.” These portrayals obscure the reality that personal data protection is far from a fanciful notion.

This paradox further extends to our interaction with technology. Despite our daily reliance on devices, our grasp of their mechanics remains tenuous, mirroring our limited understanding of complex economic systems.

In this unfolding narrative, education emerges as the harbinger of change. An evolution beckons—the “New Normal.” This new era demands selective signal blocking, conscious data guardianship, and a resolute commitment to digital privacy. In this paradigm, devices transform from mere instruments to instruments of empowerment, propelling human interaction to the forefront.

The clarion call is clear—craft new rituals, where data holds sacred value, shared purposefully. Let devices augment human connection, not replace it. Cultivate an awareness of their ability to listen, and use it as an impetus to seize control. Dance to the tune of empowerment, where trust is fortified.

Even in our material realm, simplicity prevails. The solution lies not in elaborate (and illegal)  jamming tech installations, but in the subtle elegance of Faraday Signal Blocking Products — guardians of privacy.

An imperative emerges—knowledge and data, potent instruments, should not rest in the hands of the few. For, as history has shown, the wielders of knowledge possess power. The moment to reclaim control over devices is now. Let’s create new Habits and embrace the New Normal.

About the essayist: Nikoline Arns creates projects that prioritize privacy and freedom of expression, particularly in the context of social impact. Since 2018, she has been aligned with Web3 values. In her latest venture, she has joined forces with SignalBlockerProducts.com to introduce privacy solutions for both office spaces and households.

If you’re a small business looking for the secret sauce to cybersecurity, the secret is out: start with a cybersecurity policy and make the commitment to security a business-wide priority.

Related: SMBs too often pay ransom

Small businesses, including nonprofit organizations, are not immune to cyberattacks. The average cost of a cybersecurity breach was $4.45 million in 2023, according to IBM’s Cost of a Data Breach Report, and over 700,000 small businesses were targeted in cybersecurity attacks in 2020, according to the Small Business Association.

Nonprofits are equally at risk, and often lack cybersecurity measures. According to Board Effect, 80% of nonprofits do not have a cybersecurity plan in place.

Given the risk involved, small businesses and nonprofits must consider prioritizing cybersecurity policies and practices to stay protected, retain customers, and remain successful. Financial information is one of the most frequently targeted areas, so it’s crucial your cybersecurity policies start with your finance team.

Taking an active role

Your cybersecurity policy should address your employees and technology systems.

Employee training is crucial. According to Verizon’s 2023 Data Breach Investigations Report, 74% of breaches were caused by human error, with phishing and text message phishing scams being some of the leading causes.

Training team members regularly with real-life scenarios will help them spot potential threats and protect them from exposing your business.

Taurins

It’s also essential your business evaluates its technology and keeps it regularly updated to the latest security standards. For example, your accounting technology should have features that work to protect your data, like internal controls, multi-factor authentication, or an audit trail that documents change to your data.

Consider these four best practices as the core of your finance team and business’ cybersecurity plan:

•Regularly update and back-up your data systems. Security places a crucial role in your technology. In the era of cloud computing, where programs and your information can be accessed anywhere, your business needs to keep its software up-to-date and back up critical systems. Cloud vendors often handle the security and backup processes automatically, so examine your technology and see if that is the case. If not, implement a plan to back up your information regularly and update your technology to the latest versions. These back-ups can also be used to form a disaster recovery plan in the event of a natural disaster.

•Set access privileges and internal controls. Best practice is to require teams to use enhanced security measures like strong passwords that are changed regularly and multi-factor authentication to ensure your team is the only one accessing financial information.

Also consider creating a policy for which employees can access which types of data. When multiple members of your team can easily access a wide range of data without internal controls, it creates vulnerability. Your team’s information is crucial, especially regarding financial information. Your technology should feature internal controls. Internal controls segment your company’s information by title or role and grant access to only the data they need.

•Monitor team member access through audit trails. Your accounting technology should be equipped with an audit trail that logs every change made to your data, including user data and the workstation from which the user has made the change. Monitoring who has made what changes protects your business and holds team members accountable for safe IT practices.

•Adequate IT compliance. Every business has a standard of IT compliance that team members are accountable for upholding. First, it is crucial to have systems that adhere to regulations, laws, and general industry standards. If you have concerns about protecting your financial data, consider hiring a data protection officer or an outside firm to help you maintain compliance.

No one person can prevent cyberattacks alone. The secret sauce is that it takes a thorough cybersecurity policy and a team committed to keeping your business finance and accounting teams safe. Stay proactive. Stay educated. Stay safe.

About the essayist: Neil Taurins is the General Manager of Nonprofit Solutions at MIP Fund Accounting by Community Brands. He has been with the company for over 12 years and is passionate about working with government organizations and municipalities to provide them with solutions to improve efficiency.

Ransomware is a significant threat to businesses worldwide. There are many gangs that work together to orchestrate increasingly damaging attacks. However, some of these groups follow codes of conduct that prevent them from purposefully targeting hospitals.

Related: How Putin has weaponized ransomware

In mid-March 2020, representatives from the cybersecurity website BleepingComputer contacted numerous ransomware gangs to ask if they’d continue targeting hospitals during the unprecedented COVID-19 public health threat.

Many responded by saying they already avoid hospitals and emergency services infrastructure. Others promised to cease attacking health care facilities until the pandemic eased.

An April 2020 study from VMware Carbon Black revealed a 148% ransomware increase between March and April 2020. However, it’s worth noting that health care was the seventh-most targeted industry during that time, when it was usually in the top three.

Less lucrative targets

The reduction in ransomware attacks against health care organizations was relatively short-lived. John Riggi, national advisor for cybersecurity and risk for the American Hospital Association, said in a July 2023 interview that he noticed a spike in large, high-profile ransomware attacks in the previous six weeks.

Amos

However, another topic brought up in the discussion was that Riggi increasingly hears representatives from targeted facilities agree not to pay the ransom. Some ransomware gangs demand payments of $1 million or more. However, IT teams at health care facilities are becoming more proactive about protecting data, so there’s no need to engage with hackers.

Creating a strategic and all-encompassing backup plan is a great way to prevent data loss. If ransomware gangs increasingly hear that health care facilities won’t pay, they’ll turn their attention to other industries.

Hackers shun limelight

There are certainly ulterior motives behind ransomware gangs’ pledges to avoid attacking hospitals. For example, the continual targeting of the facilities could compel those in power to pass laws and devote resources related to catching and punishing the gangs. Virginia’s Senator Mark Warner has prioritized health care ransomware reductions in some of his recent efforts.

If enough lawmakers consider this cybersecurity issue a top-of-mind concern, it would spell trouble for ransomware gangs. During the COVID-19 pandemic, the U.S. and other countries mobilized incredible resources to get vaccines created, tested and distributed in record time. That example shows that when enough people see a threat as significant, they’ll work together to get things done.

Trustworthy morality?

Another consideration is that it’s one thing for a ransomware gang to promise not to attack hospitals. What matters is that they’re telling the truth. The whole concept behind ransomware attacks is that victims should get their data back if they pay the demanded amount. However, a 2023 survey showed that doesn’t always happen. More specifically, 21% of respondents paid the ransom and didn’t recover their data.

If people see news that specific ransomware gangs consider hospitals off-limits, some may think these cybercriminals operate with some sense of morality after all. However, a public statement is no guarantee of truth.

Evidence also suggests ransomware increasingly spans beyond data loss and financial demands. Many organizations — including hospitals — report ransomware-driven extortion as an emerging risk. If the IT teams at health care facilities believe some hacker gangs won’t target them, they could become complacent against emerging threats.

Even if some ransomware gangs steer clear of hospitals, not all will. Ransomware targets and tactics keep evolving, meaning cybersecurity professionals and enthusiasts must stay aware and respond accordingly.

About the essayist: Zac Amos writes about cybersecurity and the tech industry, and he is the Features Editor at ReHack. Follow him on Twitter or LinkedIn for more articles on emerging cybersecurity trends.

In an era of global economic uncertainty, fraud levels tend to surge, bringing to light the critical issue of intellectual property (IP) theft.

Related: Neutralizing insider threats

This pervasive problem extends beyond traditional notions of fraud, encompassing both insider threats and external risks arising from partnerships, competitors, and poor IP management. Organizations dedicate substantial resources to detecting and preventing fraudulent activity in customer accounts.

Yet, the rise of internal fraud presents a unique challenge. Perpetrated by insiders who already possess unrestricted access to highly sensitive data and systems, internal fraud not only defies easy prevention but also imposes substantial costs.

Annually, American businesses suffer losses exceeding $50 billion, underscoring the impact on competitiveness in today’s fiercely competitive landscape. To navigate this complex landscape, business leaders must strike a delicate balance between fostering open research environments and securing their valuable IP, safeguarding both their business and innovative endeavors.

Remote work factor

The growing trend of remote or hybrid working has particularly intensified the issue, enabling trusted insiders to mask fraudulent activity by operating outside the conventional security perimeter. And while many instances of this type of fraudulent activity may start out as an accidental mistake, the longer the fraudster goes unnoticed, the greater the risk of an easy payout snowballing into more malicious actions becomes.

In some cases, insiders with malintent attempt to circumvent internal processes and policies by stealing innovation through a variety of methods, including gathering human intelligence from other employees and contractors, conducting digital and even physical surveillance operations, among other strategies.

Frogley

Some insiders may borrow tactics from more traditional state sponsored intelligence organizations such as confidential information collection through practices like “ratting” — where cybercriminals utilize malware to access sensitive information. Another example of on-the-ground tactics includes Intelligence agencies exploiting graduate students at research universities to access sensitive materials and coercing professionals working on sensitive technologies to engage in activities like IP theft.

Organizations must prioritize data and decision intelligence to tackle these threats effectively. However, fragmented and siloed data pose a significant hurdle for businesses in mitigating these risks, hindering their comprehensive understanding of the risk landscape. The combination of mounting pressures, accelerated decision-making, and the rapid availability and volume of data has intensified the difficulty of maintaining an efficient and resilient IP protection environment.

Role of AI

One technology businesses are looking to detect and prevent fraud, waste, and abuse is Decision Intelligence (DI), which allows companies to connect data and identify patterns or anomalies that potentially indicate the kind of behavior that may probe an investigation. By leveraging advanced analytics and AI, it offers enhanced scrutiny of individuals and organizations, monitoring their vulnerability to risks from sanctioned or risky entities that jeopardize intellectual property.

To accomplish this, the broader Decision Intelligence strategy should encompass the integration of techniques like graph analytics and entity resolution.

Organizations have access to ample data; the key lies in adopting suitable technology to extract its value. Gartner predicts that by 2026, organizations that prioritize AI transparency, trust, and security will witness a 50% boost in adoption, business goals, and user acceptance of their models. This emphasizes the transformative potential of Decision Intelligence (DI) for organizations that aim to be prepared for disruptions and resilient in the face of challenges. One example of where this impact can come from is entity resolution.

Entity resolution, powered by advanced AI and machine learning models, efficiently connects, organizes, and analyzes data to accurately identify similar entities. It groups related records, establishing a collection of characteristics and labeled connections for each entity. Unlike traditional record-to-record matching in MDM systems, entity resolution enables organizations to introduce new entity nodes that play a crucial role in linking real-world data.

Reusable resource 

With a strong data foundation, businesses can leverage a dependable and reusable resource to automate and enhance decision-making organization-wide, addressing diverse challenges beyond IP theft detection.

A strong data management strategy is vital for companies to monitor illicit and unlawful activities, safeguard intellectual property, and stay competitive. It is crucial to have visibility into networks across different environments, whether it’s an advanced persistent threat, cyber threat, or supply chain issue. The key lies in connecting data to gain a comprehensive understanding and effectively address complex challenges.

Tackling IP theft is an ongoing and intricate challenge that necessitates sustained cooperation between businesses leaders, workers and stakeholders. Ultimately, to drive global technology innovation, businesses must turn to Decision Intelligence to reduce manual work and make quick, well-informed decisions to protect their intellectual property.

About the essayist: Clark Frogley is Head of Financial Crime Solutions at Quantexa. He began his career with the FBI investigating organized and financial crime and served as the Assistant Legal Attaché in the US Embassy in Japan. Previously, Frogley worked as an executive at IBM in positions as the global head of AML and Counter Fraud Services in Banking, the Financial Crime Practice Leader for IBM in Japan, and the Financial Crime Solution leader for AML, Sanctions and KYC.

Over time, Bitcoin has become the most widely used cryptocurrency in the world. Strong security measures become increasingly important as more people use this digital currency.

Related: Currency exchange security issues

For managing and keeping your Bitcoin assets, you must need a bitcoin wallet, which is a digital version of a conventional wallet. The protection of your priceless digital assets will be guaranteed by this article’s discussion of the best techniques for protecting your Bitcoin wallet.Bu

A Bitcoin wallet is a piece of software that enables users to transmit, receive, and store bitcoins securely. While it performs similarly to a regular wallet, it stores digital assets in the form of cryptographic keys rather than actual cash or credit cards. These wallets are available in a variety of formats, including hardware wallets, online wallets, mobile wallets, and desktop wallets. Users can select depending on their unique needs since each type offers a varied ratio of ease to security.

Select a reliable wallet. The first step to protecting your digital assets is choosing a trustworthy Bitcoin wallet. It’s critical to select wallets with a solid track record and reputation in the bitcoin industry. Consider things like security features, user-friendliness, and community reviews when you compare various wallet solutions.

Use strong passwords, 2FA. The security of your Bitcoin wallet is mostly dependent on the strength of your passwords. Use uppercase, lowercase, digits, special characters, and a combination of them to create strong, one-of-a-kind passwords. Keep your name and birthday away from utilizing information that might be easily guessed. Also, whenever it is possible, activate two-factor authentication (2FA). By requiring a verification code in addition to your password, 2FA adds an extra layer of protection and drastically reduces the possibility of illegal access to your wallet.

Update frequently. Bitcoin wallet providers are always making software improvements to address possible security flaws. It’s critical to maintain your wallet software updated in order to stay one step ahead of criminal actors. Patches for security holes are frequently included in wallet upgrades, ensuring that your wallet is protected against new threats. To keep secure, set up automatic updates whenever feasible or often check for new software versions.

Backup, backup, backup. To guard against data loss, it’s crucial to regularly create backups of your Bitcoin wallet. Wallet backups provide a safety net in the event that your device breaks down, is misplaced, or is stolen. Backups should be kept safely in several places, such as encrypted cloud storage or external hard drives. Test the restoration procedure as well to make sure your backups are operational and available when needed.

Secure your network, device. It’s critical to protect the device you use to access your Bitcoin wallet. To avoid potential vulnerabilities, keep your operating system, antivirus software, and other security tools up to date. Refrain from installing illegal or dubious software, and only download wallets from reliable sources. Be careful while connecting to public Wi-Fi networks as well, as they may not be safe. A virtual private network (VPN) can offer an additional layer of encryption and security.

Use multisignature wallets. Multisig wallets, sometimes referred to as multi sigs, provide better protection for your Bitcoin holdings. Transactions in this kind of wallet must have approval from numerous cryptographic signatures, lowering the possibility of unwanted access. You may share keys across several devices or people using multisig wallets, adding an extra layer of security against key loss or theft.

Ashford

Be wary of fraud. As the use of Bitcoin has grown, so have the number of phishing and malware attempts that prey on naïve users. Use caution while downloading files or clicking on websites connected to your Bitcoin wallet. Be wary of dubious emails, texts, or websites that ask for your wallet credentials in an effort to deceive you. Before acting, make sure the source is legitimate to avoid falling for con artists.

In conclusion, protecting your digital assets in an increasingly linked world requires you to secure your Bitcoin wallet. You can greatly improve the security of your Bitcoin holdings by adhering to these best practices, such as choosing a trustworthy wallet, implementing strong passwords and 2FA, regularly updating your software, backing up your wallet, securing your device and network, using multi signature wallets, and being watchful against phishing and malware attacks.

It’s crucial to keep up with the most recent security procedures in the constantly changing field of cybersecurity and to adjust as necessary.  You may have peace of mind and confidently traverse the world of cryptocurrencies while securing your priceless digital assets by prioritizing the security of your Bitcoin wallet, periodically educating yourself on emerging dangers, and adhering to suggestions from reliable sources.

About the essayist: Ronin Ashford is a passionate tech enthusiast and a dedicated cryptocurrency investor. With a firm belief in the potential of blockchain technology, he is determined to contribute to the transformation of the payments industry landscape.

The threat of bad actors hacking into airplane systems mid-flight has become a major concern for airlines and operators worldwide.

Related: Pushing the fly-by-wire envelope

This is especially true because systems are more interconnected and use more complex commercial software than ever before, meaning a vulnerability in one system could lead to a malicious actor gaining access to more important systems.

Here’s what you should know about the risks, what aviation is doing to address those risks, and how to overcome them.

It is difficult to deny that cyberthreats are a risk to planes. Back in 2015, a security researcher decided to make that very point when he claimed to have hacked a plane, accessed the thrust system, and made it fly higher than intended.

Thankfully, the incident ended safely (or perhaps was unproven), but it clearly highlighted a need for stiffer security measures, particularly as all experts agree avionics system complexity and growing use of onboard software updates increases cyber-security risks .

Risks delineated

Still, there have been many other incidents since. In 2019, a cybersecurity firm demonstrated security risks that could allow an attacker to disrupt engine readings and altitude on an aircraft. There was another warning from the U.S. Government Accountability Office in 2020 about increasing risk due to connected aircraft technology developments.

More recently, there were seven noteworthy attacks on airlines in just one month last year. And those incidents may only be increasing. This is why aviation has recently mandated all new aviation systems comply with DO-326A (called ED-202A in Europe), which is a required standard all new aircraft and systems follow.

There are three factors that I could see presenting an even greater risk going forward. Number one is increasingly connected systems; number two is onboard Wi-Fi; and number three is the use of commercial software, including artificial intelligence in aircraft.

Hilderman

Many components and systems within an aircraft can exchange data and communicate with each other or with the external internet. Unfortunately, the interconnectivity of systems creates potential entry points for cyber threats, as a vulnerability in one component could provide an avenue for unauthorized access or malicious activities throughout the aircraft’s network.

One increasingly common measure, which is partially effective at mitigating connected system risk is “AFDX” (Aviation Full Duplex Ethernet), which is specialized hardware/software communication hardware and software protocols that minimize vulnerabilities. AFDX improves security through compliance with the aforementioned DO-326A and also DO-178C.

Software gaps

Similarly, the availability of onboard Wi-Fi services has become increasingly common in commercial aircraft so passengers can stay connected to the internet even during a long flight. However, onboard Wi-Fi networks, if not adequately secured, can provide a gateway for cyber attackers.

So watch out for weak encryption protocols, insufficient network segregation, or insecure user authentication mechanisms. Measures like network segmentation, intrusion detection systems, and frequent security updates can help airlines ensure Wi-Fi doesn’t put the flight at risk.

And finally, just imagine how much more dangerous a hack becomes once a plane uses regular consumer software for entertainment, scheduling, tracking maintenance records, or is controlled through artificial intelligence and there’s limited or no oversight from a human pilot in the cockpit.

While this isn’t necessarily a big issue today since completely pilotless aircraft won’t be taking flight for a good while yet, such a hack could enable bad actors to control or potentially even bring down a plane.

Fortunately, there are ways to address the risks. You may have noticed that you haven’t heard of a plane that’s been taken over during flight by a successful hack in the past few years, despite the fact that airlines are common targets of attacks.

Level of mitigation

It is safe to say you won’t hear of a plane crashing due to a cyber attack in the near future either. That doesn’t mean there aren’t cyberthreats out there. It just means that, up to now, cybersecurity engineers and safety regulations have been remarkably successful at staying ahead of threats.

For example, as noted previously there’s the ED-202A guidelines in Europe and DO-326A in the U.S., collectively known as the “Airworthiness Security Process Specification.” While these standards were first published in 2010, they have since been updated for newer threats and became the only Acceptable Means of Compliance (AMC) for airborne avionics systems in 2018 and now mandatory since 2022.

This means that all avionics engineers had to ensure software on board planes was compliant and carefully tested for vulnerabilities and safety risks per DO-326A or ED-202A, no excuses, no alternatives.

In addition, the International Civil Aviation Organization published the Aviation Cybersecurity Strategy in 2019, offering recommended cyber attack prevention and response procedures. And to this day, authorities continue to update cybersecurity regulations and safety testing.

So regulatory authorities are doing their part, and airlines have been working to follow suit. Some companies have been known to reward anyone who can discover and report a possible vulnerability in certain ground systems, websites, or scheduling systems. American Airlines also has a cybersecurity and data security training program for all team members.

There are plenty of good examples to follow for beefing up security, and thanks to the strong regulatory guidelines, you can be reasonably confident that your plane won’t get taken over by a hacker during your next flight.

About the essayist: Vance Hilderman, CEO of AFuzion, is a renowned aviation expert with extensive experience in engineering reports and safety-critical compliance. Vance would be happy to provide a non-promotional article on the cyber security risks facing airlines today and strategies to ensure safety in commercial aircraft.

Phone number spoofing involves manipulating caller ID displays to mimic legitimate phone numbers, giving scammers a deceptive veil of authenticity.

Related: The rise of ‘SMS toll fraud’

The Bank of America scam serves as a prime example of how criminals exploit this technique. These scammers impersonate Bank of America representatives, using the genuine bank’s phone number (+18004321000) to gain trust and deceive their targets.

Victims of the Bank of America scam have shared their experiences, shedding light on the deceptive tactics employed by these fraudsters. One common approach involves a caller with an Indian accent posing as a Bank of America representative. They may claim that a new credit card or checking account has been opened in the victim’s name, providing specific details such as addresses and alleged deposits to sound convincing.

Scam tactic exposed

Nicolas Girard shared his experience with the Bank of America scam. He received a call claiming a new checking account was opened in his name, complete with his correct address and a $5,000 deposit. To verify their authenticity, Nicolas asked for proof, but the scammers insisted he Google the Bank of America number.

Suspicious, he trusted his instincts and called the bank directly. Genuine representatives confirmed it was a scam, with no new accounts linked to his social security number. Research unveiled the widespread practice of spoofing the Bank of America number.

Nicolas took immediate action, freezing his credit accounts to protect himself. His story serves as a reminder to stay vigilant against phone scams, ensuring our financial well-being and personal security.

Scope of the threat

Grant

Based on monthly search requests and statistics from 2023, it is evident that a significant number of individuals, almost 600 views per month with an estimate of over 6,000 searches in 2023 alone, have encountered the spoofed Bank of America phone number, +18004321000. This statistic alone highlights the alarming and widespread nature of this scam. It serves as a stark reminder of the importance of raising awareness about phone number spoofing and its potential risks.

It is crucial to be aware of the red flags associated with phone scams like the Bank of America scam. Victims have reported several warning signs, such as unsolicited calls, requests for sensitive information, and high-pressure tactics. Recognizing these indicators can help individuals protect themselves from falling victim to such scams.

To combat phone harassment and protect against scams like the Bank of America scam, the tellows caller ID app offers valuable features. This app provides reverse phone number lookup, allowing users to identify potential scammers or suspicious callers. With a vast database of reported numbers and user feedback, the app provides essential information to help individuals make informed decisions about answering or blocking calls.

Practical protection

To safeguard yourself from falling victim to phone number spoofing scams, consider the following preventive measures:

•Verify Caller Authenticity: Independently contact your bank using official contact information to verify the legitimacy of any calls claiming to be from financial institutions.

•Be Wary of Sharing Personal Information: Never share sensitive information, such as account numbers or Social Security numbers, over the phone unless you initiated the call and are confident in the caller’s identity.

•Install tellows Caller ID App: Use the tellows caller ID app to identify potential scam calls and protect yourself from phone harassment. The app’s reverse phone number lookup feature provides insights into caller reputation and user-reported experiences.

By using the tellows app, users can identify and block unwanted and potentially scam calls. With its extensive global database and user-generated ratings, tellows provides insights into caller identities and their reputation. This empowers users to make informed decisions about answering or blocking calls, saving them time and frustration.

Phone number spoofing poses a growing threat. Stay vigilant and informed to protect against such fraud.

About the essayist: Richard Grant is a country content manager at tellows. He is responsible for overseeing the content strategy, user-generated ratings and data management for a specific country. Richard’s expertise in call identification and spam detection contributes to tellows’ mission of empowering individuals to avoid annoying and potentially fraudulent calls.

Social media giants have long held too much power over our digital identities.

Related: Google, Facebook promote third-party snooping

Today, no one is immune to these giants’ vicious cycle of collecting personal data, selling it to advertisers, and manipulating users with data metrics. By making people feel like mere products- this exploitative digital environment further encourages a bubble of distrust amongst social media users.

With numerous incidents to cite, tech behemoths have time and again proven their inadequacy to securely handle their user’s digital identity and data.

In recent years, Meta (previously Facebook) has faced a number of fines for violating user privacy. In 2019, the company was ordered to pay a record-breaking $5 billion penalty by the Federal Trade Commission (FTC) for violating consumers’ privacy rights.

The fine was the largest ever imposed on a social media company for privacy violations. Last month, again, Meta was penalized for more than €1.2bn (£1bn) and ordered to suspend data transfers to the US by an Irish regulator for its handling of user information. This hefty penalty set a record for a breach of the EU’s general data protection regulations (GDPR).

But these incidents aren’t limited to only the giants like Facebook. Even newer social networking sites like Clubhouse have allegedly had trouble protecting data of millions of users in recent times.

That’s why there is a need for more comprehensive solutions addressing challenges of user control, privacy, and data security at their core.

Decentralizing identities

Decentralized identities are a newer approach that can help solve the issues at hand. A user can create their own decentralized identity that is controlled by a secret seed phrase and not reliant on a centralized platform for that identity to exist.

A user can then connect this decentralized identity to encrypted decentralized storage to store their personal data. The data gets distributed across multiple nodes as opposed to getting stored in a central database. This direct shift of centralized authority to a decentralized landscape has several unique and necessary advantages.

Were

Firstly, it enables individuals to take complete control over their data. Users can choose where their personal information should be used and rightfully have the power to revoke that access at any time. Secondly, it adds two critical layers of security, making it comparatively tricky for hackers to steal.

For instance, to hack decentralized end-to-end encrypted data, a hacker must compromise multiple nodes on the storage network to gain access to the data. They must also compromise the user’s mobile device to access their seed phrase or perform some other type of sophisticated social engineering hack to obtain the secret seed phrase directly from the users. These steps are incredibly labor-intensive and extremely difficult and at great cost.

This radically changes the “economics” of hacking to all but eliminate the likelihoodof stealing user data. A hacker must go through the time and effort to hack multiple systems and devices to obtain the secret data of one person, rather than compromising a single system to obtain the data of millions of users.

Thirdly, it can drastically enhance and improve the user experience. Take into account the tedious tasks of creating and managing usernames and passwords for different services across all platforms. This often tempts users to reuse their old credentials.

Decentralized identity allows users to use their decentralized ID for signing in across multiple platforms, providing a better user experience. Future enhancements to decentralized single sign on will provide cryptographic proofs relating to the application being connected to, eliminating many “phishing” type of attacks.

To power all this, interoperability plays a critical role in decentralized identity systems built on open standards, such as the DID-Core standard. It promotes cross-functionality between diverse systems and platforms, meaning users get to use their decentralized identities to access a wide range of applications without going through the trouble of creating a new account for each service. Building on this idea, decentralized social identities have a massive potential to reshape the social media landscape

Social media use case

By prioritizing user ownership, privacy, and interoperability – decentralized social identities change the way we interact online. Take, for instance, a scenario where a self-owned cryptographic identity puts the control back in the users’ hands, as opposed to being controlled by a centralized entity like Facebook or Twitter. Or think of a system where your social media accounts and email are certified by a blockchain-based decentralized social identity service for secure identity verification.

This transformation is driven by self-sovereignty and interoperability, which give users control over their data and allow them to own, manage, and use it across all web platforms – Users have a single, trusted source of digital identity, which changes how they build trust, establish themselves, and cultivate their reputation on social media.

With time, more and more user-centric initiatives like Verida are smartly pushing the boundaries of decentralized social media by adopting a privacy-by-design approach and offering a full-stack development framework to help create privacy-focused applications. With the user being an important link, it fundamentally changes the power dynamics seen in traditional social media platforms.

The good news is – these efforts are not just limited to decentralized social identities concerning social media. They work as a part of a broader vision of Web3-enabled applications, striving to make messaging, personal data storage, and single sign-in a commonplace occurrence.

Web2 to Web3

Notably, Web2 and Web3’s current landscape has stark fundamental differences. While Web2 is associated with sharing, Web3 emphasizes ownership. In the current iteration, Web2 users have tools (non-data-privacy compliant ) allowing them to display where they are sharing their activities and identity, but Web3, however, is yet to provide a robust solution to simply aggregate, share, and prove these existing social identities.

Solutions like Verida One allow users to import, verify, and link their Web2 identities and metadata to Web3 dApps. This bridge now paves the way for a user-controlled, privacy-focused social media landscape.

With the bitter experiences of history and promising technology of the future, changing the current social media landscape is a critical step to enhance the trust and security of our online interactions. However, it can only be achieved if you start reclaiming control over data and demanding better from companies that profit off users’ private information.

The time has come to reject the status quo and push for a future where privacy is considered a right and not a privilege. Every social media user’s agenda should be a revolution to hold tech giants accountable for their actions.

With newer transparent technologies hitting the market, users should feel more empowered to see an alternative way out.

About the essayist: Chris Were is CEO of Verida. The Australian based tech entrepreneur has spent more than 20 years developing innovative software solutions – most recently Verida, a decentralised, self-sovereign data network.