Connect with us

News

Key IT security trends that are expected to shape 2021: Sophos

Published

on

NEW DELHI: British security software and hardware company Sophos said that it has published the Sophos 2021 Threat Report, which flags how ransomware and fast-changing attacker behaviors, from advanced to entry level, will shape the threat landscape and IT security in 2021.

The report, written by SophosLabs security researchers, as well as Sophos’ threat hunters, rapid responders, and cloud security and AI experts, provides a three-dimensional perspective on security threats and trends, from their inception to real-world impact.

Three key trends analyzed in the Sophos 2021 Threat Report include:

1. The gap between ransomware operators at different ends of the skills and resource spectrum will increase. At the high end, the big-game hunting ransomware families will continue to refine and change their tactics, techniques and procedures (TTPs) to become more evasive and nation-state-like in sophistication, targeting larger organizations with multimillion-dollar ransom demands. In 2020, such families included Ryuk and RagnarLocker. At the other end of the spectrum, Sophos anticipates an increase in the number of entry level, apprentice-type attackers looking for menu-driven, ransomware-for-rent, such as Dharma, that allows them to target high volumes of smaller prey.

Another ransomware trend is “secondary extortion,” where alongside the data encryption the attackers steal and threaten to publish sensitive or confidential information, if their demands are not met. In 2020, Sophos reported on Maze, RagnarLocker, Netwalker, REvil, and others using this approach.

“The ransomware business model is dynamic and complex. During 2020, Sophos saw a clear trend towards adversaries differentiating themselves in terms of their skills and targets. However, we’ve also seen ransomware families sharing best-of-breed tools and forming self-styled collaborative ‘cartels,’” said Chester Wisniewski, principal research scientist, Sophos. “Some, like Maze, appeared to pack their bags and head for a life of leisure, except that some of their tools and techniques have resurfaced under the guise of a newcomer, Egregor. The cyberthreat landscape abhors a vacuum. If one threat disappears another one will quickly take its place. In many ways, it is almost impossible to predict where ransomware will go next, but the attack trends discussed in Sophos’ threat report this year are likely to continue into 2021.”

2. Everyday threats such as commodity malware, including loaders and botnets, or human-operated Initial Access Brokers, will demand serious security attention. Such threats can seem like low level malware noise, but they are designed to secure a foothold in a target, gather essential data and share data back to a command-and-control network that will provide further instructions. If human operators are behind these types of threats, they’ll review every compromised machine for its geolocation and other signs of high value, and then sell access to the most lucrative targets to the highest bidder, such as a major ransomware operation. For instance, in 2020, Ryuk used Buer Loader to deliver its ransomware.

“Commodity malware can seem like a sandstorm of low-level noise clogging up the security alert system. From what Sophos analyzed, it is clear that defenders need to take these attacks seriously, because of where they might lead. Any infection can lead to every infection. Many security teams will feel that once malware has been blocked or removed and the compromised machine cleaned, the incident has been prevented,” said Wisniewski. “They may not realize that the attack was likely against more than one machine and that seemingly common malware like Emotet and Buer Loader can lead to Ryuk, Netwalker and other advanced attacks, which IT may not notice until the ransomware deploys, possibly in the middle of the night or on the weekend. Underestimating ‘minor’ infections could prove very costly.”

3. All ranks of adversaries will increasingly abuse legitimate tools, well known utilities and common network destinations to evade detection and security measures and thwart analysis and attribution. The abuse of legitimate tools enables adversaries to stay under the radar while they move around the network until they are ready to launch the main part of the attack, such as ransomware. For nation-state-sponsored attackers, there is the additional benefit that using common tools makes attribution harder. In 2020, Sophos reported on the wide range of standard attack tools now being used by adversaries.

“The abuse of everyday tools and techniques to disguise an active attack featured prominently in Sophos’ review of the threat landscape during 2020. This technique challenges traditional security approaches because the appearance of known tools doesn’t automatically trigger a red flag. This is where the rapidly growing field of human-led threat hunting and managed threat response really comes into its own,” said Wisniewski. “Human experts know the subtle anomalies and traces to look for, such as a legitimate tool being used at the wrong time or in the wrong place. To trained threat hunters or IT managers using endpoint detection and response (EDR) features, these signs are valuable tripwires that can alert security teams to a potential intruder and an attack underway.”

Additional trends analyzed in the Sophos 2021 Threat Report include:

· Attacks on servers: adversaries have targeted server platforms running both Windows and Linux, and leveraged these platforms to attack organizations from within

· The impact of the COVID 19 pandemic on IT security, such as the security challenges of working from home using personal networks protected by widely varying levels of security

· The security challenges facing cloud environments: cloud computing has successfully borne the brunt of a lot of the enterprise needs for secure computing environments, but faces challenges different to those of a traditional enterprise network

· Common services like RDP and VPN concentrators, which remain a focus for attacks on the network perimeter. Attackers also use RDP to move laterally within breached networks

· Software applications traditionally flagged as “potentially unwanted” because they delivered a plethora of advertisements, but engaged in tactics that are increasingly indistinguishable from overt malware

· The surprising reappearance of an old bug, VelvetSweatshop – a default password feature for earlier versions of Microsoft Excel – used to conceal macros or other malicious content in documents and evade advanced threat detection

· The need to apply approaches from epidemiology to quantify unseen, undetected and unknown cyberthreats in order to better bridge gaps in detection, assess risk and define priorities

Continue Reading
Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

5g

Ericsson signs $8.3 billion 5G deal with Verizon

Published

on

NEW DELHI:Ericsson said that it has signed $8.3 billion agreement with Verizon to provide its industry-leading 5G solutions to accelerate the deployment of Verizon’s world-class next-generation 5G network in the U.S.

Niklas Heuveldop, President and Head of Ericsson North America, says: “This is a significant strategic partnership for both companies and what we’re most excited about is bringing the benefits of 5G to U.S. consumers, enterprises and the public sector. We’re looking forward to working with Verizon to leverage solutions like Cloud RAN and our Street Macro, adding depth and versatility to 5G network rollouts across the U.S.”

“With this new agreement, we will be able to continue driving innovation and widespread adoption of 5G,” said Kyle Malady, Chief Technology Officer for Verizon. “We are pleased to continue this work through our long-standing relationship with Ericsson.”

Under this $8.3 billion USD agreement, Verizon will deploy Ericsson’s 5G MIMO C-band, low-band and millimeter wave (mmWave) solutions to enhance and expand Verizon’s 5G Ultra Wideband coverage, network performance and user experience. Ericsson’s technology solutions, including Massive MIMO, Ericsson Spectrum Sharing and Ericsson Cloud RAN, complement the high-performing Ericsson Radio System portfolio to support 5G services. Ericsson’s industry-leading software functionality provides end-users with the speed and performance they expect from 5G networks.

In 2020, Verizon was the first communications service provider to receive a commercial 5G mmWave Street Macro base station from Ericsson’s award-winning new state-of-the-art U.S. smart factory in Lewisville, Texas. Ericsson is committed to building and accelerating the nationwide build-out of 5G across the country.

Continue Reading

Mobile Services

Comviva launches next gen digital wallet and payment platform-mobiquity Pay X

Published

on

NEW DELHI: Comviva, the global leader in mobility solutions, today announced the launch of mobiquity Pay X, its next generation digital wallet and payment platform.

Mobiquity Pay is amongst the world’s largest digital financial services platforms, powering over 70 digital wallets and payment services for 130+ million consumers and processing over 7 billion transactions exceeding USD 130 billion annually in more than 50 countries.

With its new next generation mobiquity Pay X platform, Comviva has enhanced all aspects of digital financial solution, including scalability, faster deployment and time to market, simpler user lifecycle management & experience and enhanced security.

This new platform is completely built on microservices based architecture with fully independent and reusable components. The enhanced modularity facilitates faster time to market and greater scalability.

Mobiquity Pay X has enabled Open APIs to easily integrate with third party systems and extended financial ecosystem. To enhance user experience, the platform now offers a revamped slicker mobile app for consumers, agents, merchants and other business users and provides an advanced User Management System (UMS) that allows back-office users to easily manage the complete lifecycle of consumers, agents, merchants, and other business users seamlessly. Its intuitive user-interface, predefined templates and real-time feedback help quickly perform operations.

The new platform significantly strengthens security with robust authentication and authorization modules. It provides complete flexibility to easily configure various PIN, password and access rules as per the requirements. Its advanced session management capabilities help identify all active sessions and logins from a user through multiple devices and takes corrective action to prevent frauds.

Speaking on the launch, Srinivas Nidugondi, EVP and Chief Growth and Transformation Officer at Comviva, said, “COVID has significantly accelerated the growth of digital financial services and the entire financial ecosystem is growing at its fastest pace ever. Customer demand and public health priorities are pushing contactless payment adoption and our next generation mobiquity Pay X platform shall help financial service providers scale their digital wallet and payment services faster and seamlessly. With this new platform, Comviva has completely automated the software delivery process. The time to market has improved significantly with continuous product development, integration, testing, release and deployment.”

Mobiquity Pay X offers Order and Payment System that provides consumers a unified view of transactions performed by various payment instruments. It provides end-to-end tracking of entire payment transaction across all stages. It also enables back-office users to view status of payment transactions and identify failed and ambiguous transactions to take corrective actions like refund to complete the order-payment cycle.

The new mobile app is built using best-in-class design practices and has rich features including self-registration, biometric login, profile personalization, payment through multiple instruments (prepaid wallet, card, bank account), favourite transactions, multi-currency support, currency conversion, real time transaction tracking, referral bonus, merchant/agent locator, dynamic QR Code and many more.

With an enhanced monitoring and alerting system, mobiquity Pay X quickly aggregates system logs and key performance indicator data and provides a real-time bird’s eye view of critical operational parameters through visual dashboards. mobiquity Pay X has capability of proactive disaster management by identifying threshold breaches for critical application and system parameters in advance and providing real-time notifications for corrective actions.

Comviva has pre-integrated best-in-class technology in the areas of digital KYC and Personal Financial Management (PFM) to offer unparalleled value to consumers. These pre-integrated solutions in addition to offering enhanced experience to consumers, also significantly cut down cost and time to market while launching a digital wallet service. The platform also offers a document management system that provides flexibility to back-office users to quickly retrieve KYC documents a centralized repository for regulatory and business purpose.

 

Continue Reading

News

IT rules 2021 empowering, protecting users, asserts Ashwini Vaishnaw

Published

on

NEW DELHI: IT and communications minister Ashwini Vaishnaw on Sunday said the new information technology rules are empowering and protecting users.

He added that the new IT rules will ensure a safer and more responsible social media ecosystem in India.

“Reviewed the implementation and compliance of Information Technology Rules, 2021 along with my colleague Shri Rajeev Chandrasekhar ji. These guidelines are empowering and protecting users and will ensure a safer and responsible social media ecosystem in India,” Vaishnaw said on a social media account.

The new rules which came into effect from May 25 mandate social media companies to establish a grievance redressal mechanism for resolving complaints from the users or victims.

All significant social media companies, with over 5 million user base shall appoint a grievance officer to deal with such complaints and share the name and contact details of such officers.

The big social media companies are mandated to appoint a chief compliance officer, a Nodal Contact Person and a resident grievance officer. All of them should be a resident in India.

Twitter, which had been in the eye of the storm over its alleged failure to comply with the new IT rules in India, has named Vinay Prakash as its Resident Grievance Officer for India, according to the company’s website.

However, Facebook-owned Whatsapp has challenged the new IT rules for social media intermediaries requiring the messaging app to trace chats and make provisions to identify the first originator of information, saying they violate the right to privacy and are unconstitutional.

Whatsapp further alleged the requirement of intermediaries enabling the identification of the first originator of information in India upon government or court order puts end-to-end encryption and its benefits at risk.

Some of the media houses have also challenged the new IT rules and the matter is sub-judice.

Source: Press Trust of India

Continue Reading

Trending