Posts

Ransomware: How cybercriminals hold data hostage… and why the best solution is often paying a ransom – 60 Minutes

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.


We’re seeing just how defenseless our food and fuel supplies can be to hackers. This month, the largest meat producer in America was forced to close for several days. And that was only three weeks after hackers shut down the main source of gasoline for the East Coast. Both were ransomware, attacks by hackers who break into a computer network and lock it until ransom is paid. Colonial pipeline paid more than $4 million, in May, to get fuel flowing in the East again. As we first told you in 2019, critical public service networks are also targets. Twenty-six percent of cities and counties, for example, report that they fend off network attacks every hour. Perhaps even worse, dozens of hospitals have been held hostage all across the country.

In January 2018, the night shift at Hancock Regional Hospital watched its computers crash with deepest apologies. The 100-bed facility in the suburbs of Indianapolis got its CEO, Steve Long, out of bed.

Steve Long: We had never been through this before. And it’s something that I read in the journals. And I say, “Oh, those poor folks. I’m glad that’s never going to happen to us.” But when you come in and you see that the files on your computer have been renamed and all of the files were renamed either “we apologize for files” or “we’re sorry.” And there was a moment when I thought, “Well, maybe they’re not so bad. They said they were sorry.” But, in fact, they had encrypted every file that we had on our computers and on the network.

steve-long-1.jpg
Steve Long

Long told 911 to divert emergency patients to a hospital 20 miles away. His staff turned to pen and paper. Nothing electronic could be trusted.

Steve Long: This is a ransomware, so this is a virus that has gotten into the computer system. “Would it have the ability to jump to a piece of clinical equipment? Could it jump to an IV pump? Could it jump to a ventilator? We needed a little time just to make sure about that.”

But time was a luxury not offered in the ransom demand.

Steve Long: “Your network has been encrypted. If you would like to purchase the decryption keys, you have seven days to do so or your network files will be permanently deleted.” And then it gave us the…

Source…

Dotline’s CTO Eftekhar builds the first-ever DIY productivity and security solution, Audra




ANI |
Updated:
Apr 05, 2021 12:27 IST

New Delhi [India], April 5 (ANI/SRV Media): Back at the start of his career ten years ago, working in the fast-growing internet services companies, Eftekhar knew deep in his mind that dependence on the internet will only rise exponentially and the millions of connected homes and businesses will be needing a practical and robust tool to get the best of internet, minus the threats and dangers it brings along.
With a deep understanding of IP networking, coupled with his sparkling talent in application networking, Eftekhar U Chy started building the 1st-ever do-it-yourself or DIY internet control and security solution — Audra (www.audra.io). The rising tech-titan and his AI/ML-powered cloud solution bring new hope for SMEs in their fearless growth.
With an on-prem appliance, tagged with machine learning backed robust AI-cloud application, which is also conveniently controlled by a mobile app, Audra is definitely THE answer to many homes and small businesses across Asia and beyond. When it comes to internet security, Audra aims to be the right fit for them.
Eftekhar now spearheads the Singapore-based technology entity Dotlines as its CTO. The group continues to bag spectacular growth across continents, with the innovations Eftekhar and his vigorous technology organization bring for the group. The group does business in more than 12 verticals, all powered by its state-of-the-art technology platforms.
“Audra is a key vertical in our group, and it offers a complete suite of solutions across the internet pyramid. It gives efficient protection for ISPs, iron-clad security for enterprises, productivity and safeguarding for small-medium businesses, parental control and threat-prevention for homes, and finally easily-done protection for personal devices”, said Eftekhar.

He informed that 80 per cent of hackers choose Asian SMEs as an easy target because they are well-unprotected. Not only that, 60 per cent of employees spend one-third of their time doing personal stuff, and thus SMEs lose a lot on the productivity side.
He then added, “Asia is…

Source…

Airlock Allowlisting Solution Blocks Ransomware And Reduces Operational Overhead For IT And Cybersecurity Teams


Auckland, New Zealand – 24 March 2021:
Australian cybersecurity pioneer Airlock Digital
continues to enhance its industry-leading allowlisting
solution to more effectively block malware, ransomware and
zero-day attacks, help comply with cybersecurity standards,
and reduce the allowlisting operational effort for IT and
cybersecurity teams.

Allowlisting – also referred to
as application whitelisting or application control – is
documented in a number of government cybersecurity standards
and/or regulations worldwide, including the ACSC Essential
Eight Strategies to Mitigate Cyber Security Incidents, U.S.
Top 10 Mitigations, NIST 800-171, CMMC, Center for Internet
Security Basic Six, Canadian Top 10 IT Security Actions, and
New Zealand Critical Controls.

Many cybersecurity
solutions exist today that can block the execution of files
on endpoint systems. Almost none offer the granular
centralised control, the workflow support, or the
operational flexibility required to cost-effectively support
allowlisting in dynamic, enterprise computing
environments.

“There are many security products that
can allow or block files. That isn’t the challenge,”
says Airlock Digital Co-Founder, David Cottingham. “The
challenge is how you instrument the allowlisting process to
operationalise pro-active security
controls.”

Airlock reduces the support burden of
allowlisting, utilising easy-to-use workflows that prevent
disruption to users. If a required application is blocked,
IT teams, including non-cybersecurity staff, can simply and
easily grant permissions to users with a range of one-time
password (OTP) options.

In addition to one-time use
and mobile OTP, the latest Airlock version 4.7 release
provides a new codeless self-service capability, helping to
maintain user productivity without compromising on security.
Codeless self-service allows privileged users to
self-administer temporary access to applications and scripts
restricted to the general user base.

“Codeless
self-service aims to reduce friction and enables users to
handle exceptions as quickly as possible, reducing…

Source…

Y Soft adds to identity verification solution portfolio

Opt-in to Cyber Safety. Multiple layers of protection for your devices, online privacy and more.


Y Soft is adding to its portfolio of identity verification solutions with the release of a new secure identity verification for networked printers.

The Y Soft MFX Mobile Reader joins the portfolio of USB readers designed to provide identity verification in what the company describes as a ‘secure, accurate, and convenient’ way.

This is particularly important following COVID-19 and a refreshed interest from businesses that focuses on keeping employees safe at the office.

Y Soft chief of products Wouter Koelewijn says the reader “addresses the need for better physical safety by letting their employees use their mobile devices to identify themselves instead of physically touching the networked printer.”

Furthermore, employees’ biometric data is only stored on their smartphones and not on corporate networks, which means there is no need to comply with data protection regulations such as the GDPR.

“Unlike an identity card, a misplaced or stolen smartphone can’t be used to access users’ print jobs since the phone’s native security features (PIN, fingerprint, facial recognition) act as the second-factor authentication,” the company explains.

The USB reader comprises the reader, digital credentials, and a mobile app.  

YSoft MFX Mobile Reader accurately reads the user’s credentials from the user’s mobile phone. Employees only need to touch their own mobile phones to print all the jobs in their print queue, eliminating the need to touch the networked printer and reducing the number of times the multifunction device (MFD) must be wiped down per day. MFX Mobile Reader also supports the use of identity cards supporting over 100 access card technologies.

YSoft Connect ID provides an enrolment process, and the credentials can be sent electronically to each user. The YSoft Mobile Connect app stores the digital credentials and uses those credentials to securely authenticate the user on any printer equipped with the MFX Mobile Reader. This provides secure two-factor authentication, and the user’s private data is stored only on their personal device.

With the YSoft Mobile Connect mobile app (Android or iOS), users can authenticate access to print management…

Source…