Tag Archive for: time

Op-Ed: Shaving time and complexity off ransomware recovery

/in


We often hear when Australian businesses are ransomwared, but what happens next? The incident response, forensic investigation, and system recovery processes are often never revealed or told.

There are likely multiple reasons why this is the case. One is that recovery from these incidents is often gruelling, with one in four teams needing a month or more to get back to business as usual.

Around-the-clock efforts to get back online are often part and parcel of the post-incident period. It’s an experience security teams are likely to be in no hurry to retell or relive.

It is worth examining why recovery from a ransomware attack takes so long, and in particular, whether architectural changes and/or additional tooling at an infrastructure level might help businesses to get back on their feet faster.

From a local data storage perspective, many businesses have similar infrastructure set-ups, where production servers talk to primary storage, and that data is replicated elsewhere for backup purposes. The backups may be point-in-time snapshots or it may be that data is actively replicated and synchronised between two sites that operate in an active-active configuration.

From a backup perspective, the most important thing is to have an immutable copy with data retention of that copy of the primary storage environment set for a specified period of time such that it cannot be deleted. This is the secure copy of data the business can restore from in the event of a cyber attack. For added safety, it’s also important to put some sort of air gap between the backup and the primary storage environment.

Immutability is an important principle to consider when looking at the cyber resiliency of data infrastructure. The idea is to take a volume of data and make it immutable in such a way that if the business is hit by ransomware, that data cannot be altered by anyone, under any circumstances.

Air gapping is another important security principle. An air gap can be logical or physical; in a traditional infrastructure set-up, point-in-time backups may be stored on tape, which acts as a physical air gap to the primary storage environment. However, tape has its own challenges, and it may be that a…

Source…

It is time to tackle mobile malware head on

/in


Hybrid working has been a game changer for people and businesses across the globe. It has accelerated the adoption of digital technologies, transformed day-to-day operational processes, and shown the world that it could function, no matter the situation.

However, a fragmented workforce adds further complexity to the threat landscape. Security teams have a multitude of new vulnerabilities to deal with and face the near-impossible task of securing multiple networks and IoT devices.

With millions of us now adopting a hybrid working model, smartphones have become a primary tool for day-to-day business transactions. According to App Annie’s State of Mobile 2022 report, users from the world’s top ten mobile markets collectively spent 3.8 trillion hours looking at their mobile devices in 2021. That is an average of 4.8 hours per day, a 30 percent increase compared to the previous two years and while the use of mobile malware is declining, mobile devices still present a significant risk to organizations. According to our Check Point research, there has been a 45 percent increase in cyberattacks since the shift to remote working, which has led to serious strain on IT teams as they look to secure users’ devices.

With such huge usage across a fragmented landscape, it is no wonder cybercriminals view mobiles as the ideal launchpad for a wide-scale attack.

Rise of vishing, smishing cyberattacks

Modern mobile devices are more powerful than ever before, with sophisticated operating systems and a wide range of applications and services. While this complexity could create more opportunities for attackers to find vulnerabilities and exploit them, manufacturers such as Apple, Samsung, and Google have developed handsets with strict security settings. This makes traditional attack methods like malware more difficult in civilian settings. It is still possible to bypass the security measures and we have seen an increase in malicious applications masquerading as legitimate products on app stores, however, many do not make it pass the download phase.

The actions of these…

Source…

The 10 Best Hacker Movies of All Time

/in


Ever since the conception of at-home computers, the modern world has developed a demographic of computer fans fascinated by the many, hard-coded possibilities of the world wide web. All it takes is a few rapid strokes of the keyboard and access to the mainframe is granted, after all. At least that’s how hacking is generally portrayed in modern cinema.

For our list today, the technology at hand ranges from as recent as 2015 all the way back to the early 80s, making the concept of hacking vastly variable in the ways it is presented. As coding is much like learning an entirely new language, it increases the creativity needed to visualize computer coding for the untrained mind. Apart from that, these movies carry their own unique narrative arcs that make them the best hacker movies of all time.

10. Swordfish (2001)

Swordfish is a campy, popcorn movie addition that begs the question, “Who was in charge of makeup and hair for John Travolta’s character?” Pushed to the limit by a rich, powerful, and ruthless crime lord, computer cracker Stanley (Hugh Jackman) joins in on one of the many heists to make billions of dollars from unused government funds. Along with the original concept of this underground cyber-community, Swordfish, the coding in this movie looks fairly authentic and visually appealing.

Read our review of Swordfish.

9. The Fifth Estate (2013)

Based on Julian Assange and his history of international government affairs, The Fifth Estate is a tedious retelling of a story behind this controversial creator of WikiLeaks. Teaming up with a colleague of his named Daniel Domscheit-Berg (Daniel Brühl), Julian (Benedict Cumberbatch) creates a journalist organization to expose government crimes and shady dealings. While it’s not the best example of a hacker movie per se, the very real nature of the story is beyond intriguing and Cumberbatch gives a powerful performance.

Read our review of the Fifth Estate.

8. Live Free or Die Hard (2007)

The most action-packed of the movies on this list, Live Free or Die Hard is a wonderfully fun and exciting addition to the Die Hard franchise that qualifies for this list. Tasked with yet another run-of-the-mill mission, John McClane…

Source…