Convergence Plus
IT/Security
Saturday, June 24, 2017
Companies more prone to cyber attack; 60% software unregulated

Companies more prone to cyber attack; 60% software unregulatedOver 49% of chief information officers identified security threats from malware as a major threat posed by unlicensed software

More than 60 per cent of the software used by companies in India is unregulated which poses a threat of cyber attacks, according to business practices firm EY.

“Many organisations secure their hardware. However, they do not pay attention to the software used, which could be unregulated,” Maya Ramachandran, Partner, Advisory Services Practice, EY told PTI. “More than 60 per cent of software used by companies in India is unregulated, which can pose a threat to cyber security,” she added. As per data of Indian Computer Emergency Response Team (CERT-In), over 50,300 cyber security incidents like phishing, website intrusions and defacements, virus and denial of service attacks were observed in the country during 2016. Last month, over 100 countries were hit by ‘WannaCry’ ransomware in one of the most widespread cyber attacks in history.

According to a recent EY survey, over 49 per cent of chief information officers identified security threats from malware as a major threat posed by unlicensed software, while 26 per cent employees admitted to installing outside software on work computers. “Several large corporations and multinational companies have started setting up software asset management offices that would look into the leading best practices of using software including compliance and licensing terms to the software vendor,” Ramachandran pointed out.

However, middle market companies are more concerned about running the business and may ignore peripheral matters including cyber security, she added. An organisation with stringent software asset management practices can operate a secure and cost effective IT environment, she said.

Software asset management would address inadvertent downloads of malware through unauthorised software, or software of unknown vendors and use of removable media to download software that is not supported in a corporate environment.

It would also address issues like use of older versions of software, unauthorised connection of personal devices to corporate networks, among others.(Source: The Hindu BusinessLine)

Internet on flights likely by August-end

Internet on flights likely by August-endInternet on flights in India could soon be a reality. The Centre is likely to permit it by August-end. "We're awaiting clearance from the Department of Telecommunications," said Lalit Gupta, joint DG, Directorate General of Civil Aviation. "International airlines are in talks with the aviation ministry. Currently, they have to switch off Wi-Fi in the Indian airspace (where inflight internet is banned on security grounds)." Gupta also said that Indian carriers like Jet Airways and SpiceJet are slated to take deliveries of the Wi-Fi-fitted Boeing 737 MAX by mid-2018.

About 70 airlines across the world offer inflight internet letting passengers email, livestream, use social media, download movies and even make calls. These include carriers that fly into India like Air France, Lufthansa, British Airways, Singapore Airlines, Emirates and Etihad.

In India, airlines like Jet Airways and Vistara offer a library of preloaded content downloadable onto electronic devices by linking to the aircraft's non-internet Wi-Fi. SpiceJet will give the facility by June-end. It must be understood that Wi-Fi is wireless local area networking. (Source: Times of India)

Telcos on high alert post global ransomware blitz

Wipro steps up security after receiving ‘threatening’ emailMobile phone companies, network vendors and tower operators are keeping a close watch for any disruption in operations in the aftermath of the deadly ransomware cyber attack that infected millions of computers in about 100 countries, including India, Russia, China and the UK. Top telcos said there was no immediate impact of the attack — caused by a malicious piece of software, or 'malware', known as WannaCry. They are taking steps to keep the country's phone networks secure and insulate them from potential malware attacks in future, they said.

The global cyber attack, which had reportedly leveraged hacking tools believed to have been developed by the US National Security Agency, wreaked havoc in UK’s health system and hit global shipper FedEx.The malware is called ransomware because it first encrypts a victim’s computer files and then demands a payment to decrypt them. Once this malware enters an organsation’s computer systems, it looks for vulnerable machines and clinically infects them.

“Vodafone India has taken measures to protect its systems and continues to monitor the situation closely as it is aware that some corporations and organisations are being targeted by ransomware attacks,” said a company spokesman in an emailed response to ET’s queries. The world’s top networks vendor Ericsson also confirmed that its India unit “is not impacted” by the ransomware, adding it “is taking necessary preventive actions” to secure its business. The Swedish gearmaker, however, declined to elaborate on these measures. Tower firm American Tower Corporation (ATC) also said its India unit “had not been affected”.

The Cellular Operators Association of India (COAI), the lobby body representing the country’s top phone companies Bharti AirtelBSE 0.93 %, Vodafone India, Idea CellularBSE -2.87 % and newcomer Reliance Jio Infocomm, said nothing in terms of networks disruption had been reported by any of its members. COAI director general Rajan Mathews said telecom service providers (TSPs) “regularly monitor their networks and take suitable precautionary measures to preclude any cyber attacks.”

The TSPs, he said, “regularly participate in cyber drills conducted by India’s Computer Emergency Response Team (Cert-In) to check the preparedness of their networks for such attacks,” and, based on the results take corrective actions suggested by the agency. Allaying concerns, Mathews said mobile phone companies strictly comply with the security requirements specified by the telecom department and all “network elements along with their softwares are tested before inducting them into the network and a yearly audit of these is carried out by certified agencies,” to maximise network security.

Mathews, however, said the ransomware attack “should be seen as a watershed moment” and the government must invest more in cybersecurity preparedness, especially “as India moves towards strengthening its digital economy where the volume of online transactions will see a quantum leap.” As of press time, Bharti Airtel, Idea, Reliance Jio, Reliance Communcations, Aircel, Nokia India and Huawei India decliened to respond to ET’s queries on whether their businesses have been hit by the ransomware attack. (Source: Economic Times)

Cyberattack hits two lakh in 150 nations, number may rise

Cyberattack hits two lakh in 150 nations, number may riseFriday's "unprecedented" ransomware cyberattack has hit as many as 200,000 victims in over 150 countries, Rob Wainwright, the head of EU police agency Europol said on Sunday. He warned of possible fresh disruptions when workers switch on computers at the start of the working week. Monday was expected to be a busy day, especially in Asia which may not have seen the worst of the impact yet, as companies and organisations turned on their computers. "Expect to hear a lot more about this tomorrow (Monday) morning when users are back in their offices and might fall for phishing emails", or other as yet unconfirmed ways the worm may propagate said Christian Karam, a Singapore-based security researcher. Targets both large and small have been hit.

The countries that were hit included India. Investigators are looking for those behind the hack that affected systems at banks, hospitals and government agencies globally, media reports said. Technical staff scrambled on Sunday to patch computers and restore infected ones. The threat is "escalating" as cyber experts warned that another attack was imminent in coming days. Technical staff scrambled on Sunday to patch computers and restore infected ones.

Experts said the spread of the virus, dubbed WannaCry, which locked up more than 200,000 computers — had slowed, but the respite might only be brief. New versions of the worm are expected. The infected computers are largely out-of-date devices that organisations deemed not worth the price of upgrading or, in some cases, machines involved in manufacturing or hospital functions that proved too difficult to patch without disrupting crucial operations. "The latest count is over 200,000 victims in 150 countries and many of those will be businesses, including large corporations," said Rob Wainwright, the head of EU police agency Europol.

After infecting the computers, the virus displayed messages demanding a payment of $300 in Bitcoin in exchange for the locked files. Account addresses hardcoded into the WannaCry software code showed the attackers received $32,500 in anonymous bitcoin till Sunday, but that amount could rise as more victims rush to pay ransoms of $300 or more just one day before the deadline expires.

Organisations were discouraged from paying the ransom, as it was not guaranteed that access would be restored.The virus exploits a vulnerability in Microsoft Windows XP software, first identified by the US National Security Agency. A security update was released by Microsoft in March to protect against the virus. However, many NHS trusts had not applied it.

The threat receded over the weekend after a British-based researcher, who tweets under @MalwareTechBlog, said he stumbled on a way to limit the worm's spread by registering a web address to which he noticed the malware was trying to connect. However, researchers from three security firms dismissed reports that a new version of WannaCry had emerged. (Source: Times of India)

Wipro steps up security after receiving ‘threatening’ email

Wipro steps up security after receiving ‘threatening’ emailWipro steps up security after receiving an email demanding Rs500 crore in digital currency of bitcoins and threatened to attack its offices on failing to do so

IT major Wipro Ltd on Saturday said it has augmented security measures at all its office locations after receiving a “threatening letter from an unidentified source”.

“Wipro confirms that it has filed a complaint with the local law enforcement authorities after receiving a threatening letter from an unidentified source,” the company said in a statement. Wipro has augmented security measures at all its office locations, it said. “There is no impact on the company’s operations. We have no further comments as the investigation is ongoing,” it added.

The company did not specify the nature of the threat. However, police confirmed reports that someone sent an email demanding Rs500 crore in digital currency of bitcoins, and threatened to attack Wipro offices with Ricin (a natural toxin found in seeds of the castor oil plant) on failing to do so.

Additional commissioner of police (crime) S. Ravi told PTI that a complaint has been registered at the cyber crime police station and investigations are on. According to media reports, in the email sent on Friday, the sender asked the company to make the payment in 20 days and provided a link for the same. (Source:Mint)

Cyber security is a business risk, not tech risk: Kelly Bissell, MD of Global Accenture Security

Cyber security is a business risk, not tech risk: Kelly Bissell, MD of Global Accenture Security With cyber risks burgeoning, companies need to catch up and Accenture Security provides end-to-end security across industries with cyber fusion centres in Tel Aviv, Bangalore, Washington DC and Prague. In an interaction with ETtech, Kelly Bissell, managing director at the 5,000-plus skill force global firm talks about the role of the chief information security officer (CISO), rise of managed security services, up-skilling of cyber talent and importance of biometrics. Edited excerpts:

Why are CISOs still not part of board decisions, despite increasing cyber attacks?
The chief information security officer's role has not evolved fast enough. Some are still trying to catch up and not all companies have made the transition. Their challenge is to make the board cyber-aware. They need to be prepared with the right business language, rather than tech jargon, to articulate the cyber risk coming at the business so the board understands them. Cyber security is not a technology risk, but a business risk.

Where do your managed security services come into play?
We help customers transition in terms of security architecture. For instance, we helped transform a large broadcast company which wanted to be a Netflix type of platform. We made security the base because it is the key that unlocks all business potential. We helped the company go securely online and monetise its content. Customers can also use our identity platform to understand what type of users access content, help them sell more.

Many security vendors use point solutions, a piecemeal approach that isn't good at the enterprise level. What kind of change is needed?
This approach mostly does not work. We need to look at end-to-end issues of security and integrate those functions to serve across the business. We take a holistic view — considering everything from a strategy and risk perspective — wherein the audience is the CEO. We operate certain capabilities on behalf of those companies as a partner through our services. These include strategy risk reporting, implementation of tools such as cyber defence and identity, along with app security.

Then how do you deal with shortage of skilled cyber security personnel?
You have to retain the best. There are very few highly-skilled cyber security personnel.Our clients have a finite resource and that’s why they come to partners like us, who can bring the right skills and be an extension of their team.

At an oil and gas organisation where we are the extension, we run their end-to-end IT security operations and bring in experience that customers can leverage from.

Is biometrics a safe identity platform?
I believe biometrics is much more secure than user ID and passwords because it's super easy to crack passwords. Biometrics has a layer of complexity and unique identification. But then again, no technology will be very secure if you don’t implement it well. It's not the technology's fault; it's how one uses it and deploys it that matters.

How do you look at Internet of Things security?
There are no global standards for security of connected devices. There is a lot of pressure on smaller organisations to get a product to market faster than anyone else. This is enabled by engineers who may not been skilled in cyber security by design. So, we are helping CISOs and product managers with our solutions and research and development labs.

How should companies tackle cyber-attacks if they have a shortage of cyber security funds?
Many a time, tighter budgets do not allow for hiring skilled cyber security talent. These companies face a challenge in retaining talent, which will always be on the lookout for bigger projects.

Apart of this skill shortage can be addressed by automation of certain tasks that are repeatable and re-skilling of employees for additional complex problems. (Source: Economic Times)

Aadhaar detail leak in Jharkhand sign of deep cyber security flaws: Experts

Aadhaar detail leak in Jharkhand sign of deep cyber security flaws: ExpertsThe leak of confidential information of more than a million citizens from a Jharkhand government website exposes systemic vulnerabilities in India’s much-touted e-governance framework, experts have said. The warnings come after the Jharkhand Directorate of Social Security published on its website 1.4 million names, addresses, bank account details and Aadhaar numbers. Twenty-four hours after the breach was noticed by media outlets, officials had no idea how the details made it onto the website unsecured, but they had taken the page offline. “User education is not adequate at this point in time to match the rate at which security-related risks are growing,” said Subhashis Banerjee, professor of Computer Science at the Indian Institute of Technology, Delhi.

Banerjee explained that while the Centre and states are gathering more and more data about citizens to ensure government schemes reach intended beneficiaries, departments that hold this information are ill-equipped to maintain and safeguard these sensitive databases. “Even the government is not fully aware of what it is doing,” he said. The introduction of Aadhaar-seeding, to inter-link these discreet databases, has only exacerbated this vulnerability as a leak in one database could leave a citizen’s entire digital life vulnerable to a hack.

“It [Aadhaar] can be used to correlate and find out the identity of an individual very easily,” said Banerjee, “Availability of these databases enables adversaries to keep a tab on individuals unless special precautions are taken to prevent this.”

The Unique Identification Authority of India (UIDAI), which oversees the Aadhaar framework, insists that its servers are impervious to attack, but most leaks are likely to come from an attack on the weakest link of the Aadhaar chain: thousands of insecure computers maintained by rickety block-level government offices across the country.

In Jharkhand, for instance, cyber security experts had long warned that many websites maintained by the state government were insecure.

“We had demonstrated these vulnerabilities to the state government in December,” said Vineet Kumar, a former member of Jharkhand police’s cyber cell, who has since set up the Cyber Peace Foundation, an NGO. Officials at the Jharkhand IT department acknowledged the vulnerabilities of their websites, but pointed out that this particular lapse occurred on a website managed by the National Informatics Centre, India’s premier e-governance provider.

“The NIC has been taking care of all the technical aspects of Aadhaar related issues for us. They have been doing it since 2014, but this is the first time that such a leak has occurred on the website,” said Ram Parvesh, Director for Social Security, adding that his department had called for a meeting with NIC on Monday to solve the problem.

“Jharkhand-type leaks could happen anywhere,” said an official who works closely with the Ministry of Rural Development, “In many states, each department has its own IT vendors who build the software that stores this information. There is no common security standard across states and departments.”

This multiplicity of software solutions and private service providers, the official said, also made it difficult to implement nation-wide fixes once vulnerability had been discovered in one state.

“So even if we fix Jharkhand’s problem, we can’t simply upgrade all systems to ensure a similar problem does not occur in a different department in a different state,” he said. The UIDAI declined comment on this story. An official statement on the Jharkhand leak is expected on Monday. (Source: Hindustan Times)

Spirent Extends Security and Performance Testing Leadership with CyberFlood

Spirent Extends Security and Performance Testing Leadership with CyberFloodIndustry’s First Server-Response Fuzzing Raises Security Standards for Testing Against Malicious Attack Vectors
Spirent Communications, an industry leader in test and measurement, today extended its lead in security and performance testing by introducing the industry’s first server-response fuzzing capability within CyberFlood, its premier security test solution. A breakthrough in security and performance testing, CyberFlood’s server-response fuzzing functionality tests the ability of security devices—firewalls, intrusion prevention systems (IPS), secure web gateways and others—to handle malformed traffic sent from a server on the Internet to a client device using a single test solution. This is achieved without the time, effort and cost of building a complex test environment, allowing the user to get up and running more quickly with better results than ever before.

“We launched CyberFlood last year with SmartMutation™, the first-of-its-kind, true intelligence-driven fuzzing strategy. This set a new benchmark for security testing, allowing testing to go deeper, wider and across more code paths than any other solution in the industry,” said David DeSanto, director, products and threat research at Spirent Communications. “Other fuzzing solutions today only offer users the ability to fuzz the client definition of the network protocol when testing a device.

“Leveraging CyberFlood’s unique technology, users can now fuzz the server definition of the network protocol, confirming that a device can handle malformed responses from a server on the Internet targeting a client device, one of the most common and malicious attack vectors leveraged by hackers today. This gives enterprises, service providers and equipment manufacturers a fast and easy way to test security devices with no test environment to set up, and with no false positives during testing”.

The latest CyberFlood update includes several new features while enhancing CyberFlood’s ease of use:
New Attacks-Only and Client-Only DDoS attack modes add greater flexibility to DDoS attack emulation and enable customers to quickly go from the login screen of CyberFlood to a large-scale DDoS attack emulation in a few clicks.

New Network Resiliency tests cover the full range of RFC 2544 verification, including measuring maximum throughput, latency, jitter and burstability. Tests can be organized in groups focused around a specific goal, such as an upcoming software release or enterprise product evaluation, enhancing collaboration within teams.

Additional fuzzing protocols allow CyberFlood to test devices across the entire Layers 2 through 7 stack and across multiple industry verticals, including industrial control, healthcare, finance, IoT and automotive. CyberFlood continues to set the industry standard for malware testing with the only near-zero-day malware offering available in the industry, allowing enterprises to find the holes in their threat landscape, service providers to validate their SLAs and equipment manufacturers to confirm and extend their signature as well as heuristic detection functionality. (Source: Convergence Plus)

Kratikal Tech raises close to $500,000 in seed funding

Kratikal Tech raises close to $500,000 in seed fundingKratikal aims to use the funds for product development and building training modules
Cybersecurity start-up Kratikal Tech Pvt. Ltd. on Monday said it has raised seed funding from former director of Microsoft India Praveen Dubey, along with Amajit Gupta, former managing director Juniper Networks India and J.P. Bhatt, chief executive of ImpactQA.
Kratikal has raised close to $500,000, said a company executive, who did not want to be identified. The company will use the funds for product development and building training modules.

The company was founded in 2013 by five alumni of National Institute of Technology, Allahabad—Pavan Kushwaha, Paratosh Bansal, Dip Jung Thapa, Prashant Pandey and Ankit Singh—after Kushwaha’s email account was hacked. Kratikal provides cyber security services such as vulnerability assessment, security auditing, among others.

“We aim to provide world class cybersecurity solutions globally and work on building the environment and train the IT (information technology) professionals and digital community in India about how to build secure systems,” Kratikal said in a statement. Kratikal claims to provide training sessions to corporates, law enforcement agencies and education institutes. It claims to have trained over 5,000 candidates from over 131 countries through its online modules.

With a team of 15 employees, Kratikal services over 20 clients across corporate houses, police departments, law enforcement agencies and individuals in India, US, Australia, New Zealand and South Africa. The Delhi-based company is also developing a software-as-a-service (Saas) tool to automate its security testing services with the help of built-in artificial technology. “This automated tool will bring down the high cost of security testing and make it economically feasible for all the SMEs (small and medium enterprises) to be secure,” said the company.

The company competes with Chandigarh-based TAC InfoSec Pvt. Ltd and Delhi-based Lucideus Tech Pvt. Ltd. In 2016, TAC raised an undisclosed amount of pre-series A funding in August, while Lucideus had received an undisclosed angel funding from Amit Choudhary, director of Motilal Oswal Private Equity Advisors Pvt. Ltd. A report published by MarketsandMarkets in July 2016 forecasts the global cybersecurity market to grow from $122.45 billion in 2016 to $202.36 billion by 2021, growing at a compound annual growth rate of 10.6%. (Source: Mint)

Taiwan Excellance
Elemental
Digital Wallet
Seagate
Ultra
Conax
Irdeto
Gospell
Cineom
Nabshow
Rahul Commerce
CII
Dataminer
4th IoT
BFSI
Sign up for Newsletter

Gadget Reviews

Xite
Interview

Satya Kalyan Yerramsetti
Satya Kalyan Yerramsetti
Founder & CEO
SMS Country Networks


Strip
cp
Convergence India 2017
cp

Strip
cp
Internet of things  India expo 2017
cp

Strip
cp
Mehta Group
cp
convergence plus