Network Security

How Organizations are Helping Networking Hacking?

With the constantly evolving technology, Hacker’s techniques are also advancing. And this is something that puts tremendous pressure on Organizations to constantly update their security measures so as to keep their data secure from network hacking.

 

Hackers can not only expose crucial company information, but sensitive customer data as well, that can lead to potentially devastating effects. Therefore, any Business in any industry must realize that cybersecurity is an important aspect. Without proper prevention, you may fall prey to network hacking in the near future.

 

Most of your employees might be aware of not sending a password via email or opening a strange attachment from someone they don’t know. But do they know that posting photos of their badges on social media or revealing details about internal software in job descriptions can cause a lot of harm. There are many ways Organizations and their employees unknowingly give cybercriminals a helping hand. Here are five ways your Organization may be risking your network’s security:

A Picture or a Video can say a lot

The most common slipup that happens in companies is oversharing online, especially on social media. For instance, Human Resources sharing photos and videos to attract job applicants, interns posting photos of new badges or employees sharing photos of any office celebration.

 

Attackers can use a lot of things from these photos and videos to their advantage, like company badges or information on whiteboards. Office pictures can show an attacker how desks and cubicles are laid out, what type of computers are used by employees, the programs, email clients, and browsers they’re running. Employees accidentally make it easy for hackers to duplicate and impersonate and have knowledge they shouldn’t have.

Overly detailed Job Postings

An innocuous job posting may give attackers the exact information they need. Many Organisations go into very specific detail about the internal software they use, which gives a lot of insight to attackers about the internal structure. An attacker with knowledge of the company’s software will know exactly what he needs to break in. If he doesn’t want to develop malware, he may use this knowledge to create a phishing campaign and lure victims based on the software they’re using.

Your Email Signature

Many employees respond to phishing emails in order to prove that they can’t be fooled, instead they play right into attackers’ hands. It proves to intruders that a legitimate person is at the other end. They understand the company’s email format, which is more like a formula they can use to identify and target other people within the same Organization and they may also target other details like office phone number and extension, mobile phone number, social media handles, and/or website link in a signature, which can be fruitful for future network hacking or phishing attacks.

Out of Office Emails

Automatic replies and out-of-office emails are the most common ways companies make themselves vulnerable. Employees often include a precious amount of detail, which is enough for an intruder to take advantage. For example, “Hi, this is John. I am away for vacation. For project X, contact X person at X email address; for project Y, contact Y person at Y email address.”

Full names, project names, and even contact details in an automatic reply makes it easy for attackers to target people. Using this information, they can email another employee with the company and pretend to be working with John on a project, obtain sensitive data, or request a wire transfer.

Failing to Verify Callers

One of usual pen-testing tactics is caller ID spoofing. If someone calls, people usually don’t question, they are used to seeing that IT is calling or human resources is calling. Security training programs tell employees not to share their passwords, but they do not emphasize the importance of questioning and verifying phone calls. Caller ID spoofing and SMS spoofing are huge and both are fairly easy for an attacker to pull off.

Education is the first step towards preventing employees from accidentally leaking data. Beyond educating employees, companies should also teach them what to do if they spot them. Actionable policies should dictate the steps for employees to take when they fall for a phishing scam.

Cybersecurity Experts at Neumetric suggest that teaching employees not to share information that could be used to assume their identities is the first step. But along with this, employees should adopt multi factor authentication, so that it is harder for attackers to pretend to be someone they’re not.

Neumetric, a cyber security services, consulting & products organization, can help you reduce your security cost without compromising your security posture. Our years of in-depth experience in handling security for organizations of all sizes & in multiple industries make it easier for us to quickly execute cost-cutting activities that do not bring value to you, while you continue focusing on the business objectives of the Organization.

Is Your Firewall Measuring Up?

A robust firewall is the first line of defense in keeping an Organization safe from advanced cybersecurity threats. But in this growing age of digital transformation, how is your firewall measuring up?  

The cost and frequency of data breaches have been skyrocketing ever since the world was ravaged by multiple large-scale ransomware attacks in 2017. NotPetya, Ryuk, SamSam, and their variants are some of the most destructive ransomware attacks that have impacted Organizations and people. WannaCry affected many healthcare Organizations and also expanded the threat attack surface to include the Internet of Medical Devices (IoMT).

How much are data breaches costing us?

With the evolving attack surface and threat landscape, a sophisticated firewall becomes a priority for every organization. The World Economic Forum listed cyberattacks among the top five threats to global economic development in 2019. According to the Poneman Institute, in the same year, the global average cost of a data breach reached $3.92 million. Organizations in the US continue to lead the world with an average cost of $8.19 million per data breach. As per Cybersecurity Ventures, the global impact of cybercrime is forecasted to grow to $6 trillion by 2021 and will double from $3 trillion in 2015.

But the question here is, how should next-generation firewalls tackle the 5th generation cyberattacks while facilitating traffic growth with hyper-scale technologies.  

Today, Organizations are moving rapidly to meet digital transformation initiatives. But with technological advances, increased Internet traffic, and corporate network growth, lethal and sophisticated cybercrime has become a huge global challenge. According to Ponemon, to identify and contain a breach it can take as long as 2 years. Sophisticated multi-vector 5th generation cyberattacks that include nation-state-sponsored and malware-as-a-service exploits are increasingly more complex. As evidenced by the evolution of the ubiquitous firewall, they require more time to resolve.

A Firewall

A firewall is a network security device that filters and monitors incoming and outgoing network traffic. A firewall enforces an Organization’s security policy by acting as a barrier between two networks along with fixed predefined security policies. It inspects the incoming traffic and identifies and blocks cyber threats while allowing non-threatening traffic to pass through safely. With a unified management platform, advanced security functions, and robust threat prevention in place, a modern firewall is a mandatory protection that can help stop destructive network attacks.

Next-Generation Firewalls

Next-Generation Firewalls (NGFW) are a powerful defense mechanism that blocks malware and application-layer attacks.

These firewalls can react seamlessly and quickly while detecting and reacting to outside attacks across the network if combined with an integrated intrusion prevention system (IPS). They allow setting policies to better defend the network and quickly assess network status. Next-Generation Firewalls provide protection against an extensive list of malware, including Trojans, viruses, spyware, worms, adware, and even ransomware. They continuously scan the network, detect invasive or suspicious activity, like malware, and shut it down immediately.

Network Firewalls

For many years, Organizations have been implementing Next-Generation Firewalls due to their broad support for multiple critical security functions and application awareness. But with a growing list of security threats, companies are rapidly adopting Network Firewall. This new firewall technology offers expanded security functions across the data center, mobile, endpoint, IoT, and cloud. It also includes real-time threat intelligence to protect you against the latest known and unknown cyber threats.

According to Neumetric, one of the top cybersecurity companies in Bangalore, Network Firewalls can serve as your first line of defense against advanced cyberattacks and are also very critical to your security architecture. However, these are only one part of the solution. Along with the network firewall, people, policies, and procedures are equally essential to build and operate an effective security architecture that can protect your Organization against strategic cybercriminals. This way you can digitally transform your enterprise in a secure and effective manner.  

Neumetric, a cybersecurity services, consulting & product Organization, can help you reduce your security cost without compromising your security posture. Our years of in-depth experience in handling security for Organizations of all sizes & in multiple industries make it easier for us to quickly execute cost-cutting activities that do not bring value to you, while you continue focusing on the Business objectives of the Organization.

Why Cybersecurity Matters the Most During the Coronavirus Pandemic?

The emergence of Information Technology as an ubiquitous aspect of our lives has been one of the defining aspects of technology revolution that has helped in economic and social progression of our country over the years. But the ongoing coronavirus pandemic is an opportunity for Organizations to assess their IT infrastructure and focus at deploying robust and advanced cybersecurity solutions. 

While the Covid-19 situation continues to disrupt global health, political, economic, and social systems, the risk of cyberattacks that prey on our increased reliance on digital tools and the uncertainty of the crisis, has become another unseen threat rising in the digital space. Do you know why cybersecurity matters more than ever during this Covid-19 pandemic? Here’s why.

Dependency on Digital Infrastructure

While coronavirus pandemic has compelled most of the IT people to work from home, dependency on digital communications has multiplied drastically. The Internet has become the channel for effective human interaction and the primary way to contact, work, and support each other.

While businesses and public sectors are enforcing “Work From Home” policies, social interactions have become confined to video calls, social media posts, and chat platforms only. Even the governments of many countries are disseminating information through digital means. For instance, in the UK digital is made the default mode of communication to instruct citizens for any updates in order to avoid flooding of phone-based information services with requests.

Therefore, in this unprecedented context, a cyberattack can be devastating for Organizations and even the families. In a worst-case scenario, a cyberattack can cause widespread infrastructure failure that can take an entire community or a city offline, obstructing public systems, networks, or even healthcare providers. In the past few days, the US Department of Health and Human Services had become the target of cyber attackers with the intention to disrupt operations and information flow.

Fear & Uncertainty open doors for Cybercrime

Cybercrime exploits human weaknesses like fear and uncertainty to penetrate systemic defenses. In an unprecedented situation caused by Covid-19, people might make mistakes they would not have made otherwise. Making a mistake in terms of which link you click on or whom you trust with your data can prove to be devastating.

According to some estimates, 98% of cyberattacks deploy social engineering methods. Attackers are extremely creative in devising new ways to exploit users and technology to access passwords, data, and networks. They often capitalize on popular trends and topics to tempt users into unsafe online behavior.

Stress can be a major reason to provoke users to take actions that may be considered irrational otherwise. For instance, a recent global cyberattack targeted people looking for visuals of the spread of COVID-19. The malware was cloaked in a map displaying coronavirus statistics loaded from a legitimate online source. Users were asked to download and run a malicious application that compromised the computer and allowed hackers to access stored passwords.

More time spent online will lead to more Cybersecurity Risks

With more time spent online, inadvertently risky internet behavior will also increase. For instance, a user may fall for “free” access to obscure websites or pirated shows that may open doors to malware and cyberattacks. Likewise, there can be hidden risks in requests for credit card information or the installation of specialized viewing applications. Therefore, clicking on the wrong links or expanding surfing activities can prove to be extremely dangerous and costly.

The Solution for Cybersecurity

Neumetric, a cybersecurity services, consulting & products Organization recommends that just like addressing the COVID-19 pandemic requires us to change our social habits and routines to fight the virus, small changes in our online behavior can help maintain high levels of cybersecurity. Here are three simple solutions.

Solution 1: Level Up the Cyber Hygiene Standards: A review of your digital hygiene is necessary. You must ensure that you have a long, complex router password for the Wi-Fi. Along with this, your system firewalls must be active on your router and you should not reuse passwords across the web. You can invest your money in a password manager and make sure that you use a reliable VPN for internet access wherever possible.

Solution 2: Extra Vigilance on Verification: You should be extra careful when installing software and giving out your personal information. Clicking on any links from email should be avoided. While signing up for new services, the source of every URL should be verified. You must also ensure that the apps or programs that you install are the original versions from a trusted source. Any potential mistakes online can contaminate others in the Organization or the wider community. So, you must be extra vigilant in verifying sources.

Solution 3: Official Updates: You must update your system software and applications regularly to patch any weaknesses that are vulnerable to exploiting. If at any stage you feel that the advice you are being given sounds unusual, you should search the Internet to see whether others have similar concerns. You can search for a well-known site that can help verify the legitimacy of the information.

Your personal behavior can prove to be instrumental in preventing the spread of dangerous infections in the digital world.

Neumetric can help you reduce your security cost without compromising your security posture. Our years of in-depth experience in handling security for Organizations of all sizes & in multiple industries make it easier for us to quickly execute cost-cutting activities that do not bring value to you, while you continue focusing on the Business objectives of the Organization.

How Can You Be Fluent in Cyber Risk?

Do you know that 91% of businesses say their boards believe that cybersecurity presents some level of business risk? These numbers were released in a recent report by the Advanced Cyber Security Center. The report also highlighted that 64% of those respondents also agreed to the role of their Organization’s board in digital transformation initiatives was a maturing partnership. One thing is quite clear with the report; there is a significant gap and these numbers exhibit just how far many Organizations have to go to reach a full partnership.

This relationship is well-versed in the digital agenda, cyber risks, and priorities, but being informed about the overall IT and related investments need to move to the next level, which is a state of more secure systems and it will also provide valuable feedback in the meetings.

But still, with cyber risk clearly on their minds, why are the companies acting so slow to build a risk-aware culture? Maybe because top executives are not so tech-savvy. Actually, in 2018 almost half of the Organizations reported that their digital transformation initiatives were being led by the board of directors or CEO. Therefore, it’s not a leap to assume that these Organizations understand the cybersecurity impact of digital transformation on their overall security and risk posture. These Organizations need a reminder of the four crucial things that are necessary to close this gap and build a transformative culture that is equipped to proactively manage cyber risk.

A Consistent Cyber Risk Framework

If you think that cyber risk is just contained within the IT realm, then you must be aware that cyber risk can hide anywhere in a digital Organization and can create security vulnerabilities and regulatory compliance problems. A lot of systems and data are scattered across the company to monitor and protect. And, in most cases, there may be different controls in place for different teams, functions, and locations. So, if you can 100% bulletproof one part of the business, your customers won’t care if a breach happens in a different area.

The key to implementing comprehensive and consistent controls across a company doesn’t need a complete renovation or militant deployment of one single tool, as both are impractical. Rather, businesses need to create a standard framework for understanding and managing application and infrastructure risk throughout the Organization. This effort should be about orchestrating controls, maximizing required remediation, and providing visibility into vulnerabilities. A standard cyber risk framework forms a constant language that allows everyone across the Organization to understand, communicate and address security and compliance risks.

Real-time visibility into Cyber Risk

For managing cyber risk, you should be able to see it first. If a standard cyber risk framework is in place, a closed-loop process for discovering, prioritizing, and remediating vulnerabilities in a timely manner is quite crucial.

As IT and development architectures are complex, there should be real-time visibility, especially where microservices are being used in a lightning-fast environment of innovation. Additionally, the visibility should be provided to the right people at the right time. Granular details must be provided to development and IT teams so that they can investigate and address issues within their purview. Risk managers should be able to validate remediations that are made across the board. And executives & boards should have a strategic view of the overall security posture and risk profile of their company.

Integrating security across operations

Many companies have already adopted a DevOps model to increase flexibility and ability while accelerating time to market and both of these are critical for supporting digital transformation. However, security and risk cannot be considered a separate component of the effort. These two factors must be fully integrated across the DevOps process. This secure DevOps approach allows businesses to fuel innovation while still treating cyber risk as a priority. Additionally, orchestration is required to integrate security and risk controls in DevOps workflows without creating additional complexity or any delays.

Automation

Another key component to agile DevSecOps is automation that supports delivery timeframes. Continuous innovation and continuous delivery require continuous application and infrastructure testing, which is quite labor-intensive. The different tools that we employ across different parts of the business work differently and they have their own way to categorize and present results. To collect, consolidate, and correlate that data can add further delay and may introduce errors into the process. But automation combined with orchestration, DevSecOps can scale vulnerability testing across the entire enterprise to speed execution and centralize management of the disparate testing tools, thus reducing complexity.

The top cybersecurity company in Bangalore, Neumetric believes that digital transformation can bring big business rewards, but at the same time, it increases the cyber risk. So, if digital transformation is a strategic, executive, or board-level initiative in your organization, then cyber risk should also be a strategic, executive, and board-level concern, which should be operationalized throughout the company.

Neumetric, a cybersecurity services, consulting & product Organization, can help you reduce your security cost without compromising your security posture. Our years of in-depth experience in handling security for Organizations of all sizes & in multiple industries make it easier for us to quickly execute cost-cutting activities that do not bring value to you, while you continue focusing on the Business objectives of the Organization.

6 Cyber Threat Areas under Target During Covid-19 Pandemic. Stay Vigilant

Covid-19 pandemic has left many organizations and individuals to embrace new practices like remote working, as a precautionary measure. While the world is focused on health and economic threats posed by the deadly virus, cybercriminals are capitalizing on this crisis, leaving the organizations vulnerable to security breaches. This is the time for security and risk teams to remain vigilant and focus on strategic areas to avoid cyber threat.

Cyber Attackers are not taking any time off

In the Czech Republic, a cyberattack froze all emergency surgeries and rerouted critical patients in a busy hospital that was fighting the COVID-19 pandemic. In the United States, multiple workers received phishing emails after the government relief bill was passed. In Germany, one of the food delivery companies fell victim to DDoS attack (Distributed Denial Of Service).

Despite the global pandemic, cyber attackers are not taking any time off from cyber threats. With employees shifted to working remotely and businesses trying to handle the virus, security and risk management teams should be more vigilant than ever.

Many security and risk teams are now operating in completely different environments and mindsets. Therefore, taking pre-emptive steps to ensure the resiliency and security of the business operations is very crucial right now, as cyber attackers are seeking to exploit human nature and nonstandard operating modes. Cybersecurity experts at Neumetric, the top cybersecurity company in Bangalore for consultation & products, believe that with many overwhelming priorities, it is essential for security and risk teams to focus on these 6 areas.

Area 1: Incident Response Protocols

With most of the security and risk teams operating in different environments and mindsets right now, incident response protocols may become obsolete and need to be adjusted. Incidents that can be well-managed risks otherwise can become bigger issues if the team is unable to respond effectively. Therefore, the response team should be reviewed thoroughly.

Organization’s incident response protocols must reflect the altered operating conditions and should be tested at an early stage. The primary, secondary and alternate roles must be filled, and everyone should have access to the equipment they need to be effective. This is a good time to connect with the suppliers and check what hardware they have and if you can get it to the right people when required. All documentation must be reviewed, and a walk-through must be conducted with a careful watch for any problem areas. If the company is not cybersecurity incident response capable, it should consider using the services of a Managed Security Service Provider.

Area 2: Remote Access capabilities should be secured

During the Covid-19 pandemic, most of the organizations moved to remote work immediately. Therefore, security teams wouldn’t have performed basic endpoint hygiene and connectivity performance checks on corporate machines. Along with this, employees would also be using their personal devices for work. In such a scenario, it is crucial that all remote access capabilities are properly tested and secured, and the endpoints used by employees should be patched. The corporate laptops should have minimum viable endpoint protection configurations for off-LAN activity. Risk and security teams should be cautious with access to corporate applications where mission-critical or personal information is stored from personally owned devices.

Area 3: Active member of Security Team should be a part of the Crisis Management Team

The organization must ensure that someone from the security team is part of the crisis management team in order to provide guidance on security concerns and business-risk-appropriate advice. They should be able to confirm whether personal devices have adequate anti-malware capabilities installed and enabled. If not, they should work with the employee and their corporate endpoint protection platform vendor so as to ensure the device is protected. Options like software-token based multifactor authentication are also useful in ensuring that only authorized personnel have access to corporate applications and information remotely.

Area 4: Employees working from home must remain Vigilant

While employees are working from home during the coronavirus pandemic, they will have distractions than usual and they might not be as vigilant about security during a time where cybercriminals will exploit the chaos. Therefore, it is necessary that organizations reinforce the need for employees to remain vigilant to socially engineered attacks. The senior leaders should be reached out with examples of target phishing attacks, and the employees should be warned of the escalating cyber threat environment and suspicious activities. Reminders should be sent every two weeks regarding remote and mobile working policies. They can also access security awareness training material in case of freshers and must be aware of whom to communicate if they suspect a cyberattack along with a clear course of action.

Area 5: Complete visibility of expanded Operating Environment

The relocation of the workforce including the security and risk management team to remote locations creates the potential for cybersecurity teams to miss events. Therefore, it is crucial for organizations to ensure that security monitoring capabilities are tuned to have visibility of the expanded operating environment.

The monitoring tools and capabilities should have maximum visibility. Internal security monitoring capabilities and log management rule sets must enable full visibility. In case the organization is using managed security services providers, the monitoring and logs should be adapted in a manner that makes sense for the new operating landscape.

Area 6: Cyber-Physical Systems Security Challenges

With coronavirus pandemic stressing many pieces of the economy, the cybersecurity concerns have extended to cyber-physical challenges, especially given the increase in automated services and systems. For instance, a robot may help in a hospital to reduce the human workload, but at the same time, it should be deployed safely. Many law firms are asking employees to disable voice assistants and smart speakers. Security and risk teams must focus on ensuring foundational CPS/OT security hygiene practices like network segmentation, asset discovery, and evaluating the risk of fixing a vulnerability against the risk, probability, and impact of an attack so as to prioritize scarce resource deployments.



6 Malicious Phishing Campaigns in Action – How COVID-19 is Being Exploited by Cyber Criminals?

Big Tech giants, intelligence agencies, and security firms, everyone is ringing alarm bells over the growing threat from Cybercriminals in the wake of the COVID-19 pandemic panic. Opportunistic Malicious phishing threats, ransomware attacks, and other malicious activities, these criminals are threatening Organizations all around the globe.

Exponentially increasing numbers

According to a recent report by Barracuda Networks, a cloud-enabled security and data protection solution provider, a variety of Malicious phishing campaigns are using Covid-19 situation as a lure to trick distracted users, capitalize on the fear and uncertainty of the intended victims, spread malware, steal credentials, and scam users out of money.

As per the reports, the amount of COVID-19-related email attacks has increased by 667 percent since the end of February, this year. A total of 1,188 coronavirus related email attacks were detected in February, while just 137 were detected in the month of January. The researchers at Barracuda detected 467,825 spear-phishing email attacks, between 1st March and 23rd March, and 9,116 of those detections were related to COVID-19, making it nearly 2% of attacks.

6 Malicious Phishing campaigns & scams in action

There’s no rest for security teams and cyber defenders from protecting their colleagues, friends, and families from threats amid the pandemic. Cybercriminals continue to screw the victims, adding onto their busy slate of attacks a host of new coronavirus driven attacks. Since phishing campaigns and scams are skyrocketing amidst the crisis, here are some examples in action that researchers have dug up over the past several months as the situation persists.

  1. Government relief fund scams: With government representatives enacting legislation to provide relief funds for those left unemployed or monetarily impacted by COVID-19, cybercriminals are ramping up phishing ploys that imitate government correspondence for funds to trick people into giving up their credentials. These scams have targeted people from all around the world.
  1. Imitation of Health Organizations: Savvy criminals have been aiming to piggyback off of the legitimacy of several health Organizations like the World Health Organization (WHO) and Centers for Disease Control (CDC), to design a range of phishing lures. In the month of February, Sophos researchers reported fake advisory emails that used the urgency of the pandemic situation to trick users into exposing credential information.
  1. Coronavirus tracking app ransomware: Researchers at DomainTools found that in mid-March, attackers created bogus COVID-19 tracking apps trapped with ransomware. For instance, Dubbed CovidLock was ransomware that was found working by using a screen-lock attack against Android phones. It forced a change in password governing the device’s screen-lock capabilities.
  1. COVID-19 Testing Kit scams: COVID-19 testing kits are also being targeted to run a variety of scams. These are spanning across emails, robocalls and there were also text message phishing attempts, according to the Federal Communications Commission (FCC) and Better Business Bureau (BBB). This has run across a range of other robocall scam lures tied to Covid-19, including work-from-home opportunities, debt consolidation, and student repayment plans. Many of these aren’t just targeted toward consumers, but also small Businesses.
  1. Face masks and medical supplies: Similar to Covid-19 testing kits, face masks, and other hard-to-find medical supplies are also being used for phishing attempts. According to Bitdefender researchers, in March they ran through a range of new websites that were cropping up with promises of great discounts on masks and other supplies. While some promised limited time offers, others asked for Bitcoin payment to set the hook for desperate victims. 
  1. DNS Hijacking nudging to phishing sites: Researchers at Bitdefender also discovered targeted DNS hijacking attacks against the home routers that new work-from-home employees depend on for connectivity. The attacks redirected users to coronavirus themed pages that were loaded with malicious info-stealer payloads concealed as COVID-19 informational apps.

Experts at Neumetric, a cybersecurity services, consulting & products Organization, believe that phishing campaigns and scams are a widespread problem that poses a huge risk to individuals and Organizations, especially during the Covid-19 crisis. Needless to say, this is something that everyone needs to be aware of, because these attacks are not going to go away anytime soon. But a little awareness can help keep these cybercriminals at bay.

How Cyberattackers Target Studio Owners & Wedding Photos for Ransom?

There has been a sharp increase in the number of ransomware attacks on many organizations since the pandemic began and with this, the ransomware kitty has also witnessed a spike. These days, Cyberattackers seem to be more focused on their targets. Moving away from ‘spray and pray’ (generalized attacks), they are aiming at lucrative targets to earn more coin.

Today, it may seem to be a slice out of a new age, where hapless wedding photographers and videographers are also at the receiving end of malicious and concerted malware attacks.

The new target for Cyberattackers 

In Kerala, India, studio owners got the shock of their life when they could not open the files saved in their systems. One of the studio owners lost videos of four recent weddings which he had recorded for clients and he was scared of the prospect of telling his clients, who were eagerly waiting to get their wedding videos.

Many studio owners faced the malware attack and most of them were unaware that it was a cyberattack until they received demands for ransom. They had difficulty in accessing the files and there was an unknown extension of ‘.kasp’ in every file. Usually, decryption is not possible as the files are locked using mathematical keys known only to the attackers.

Ransomware Attacks

A photographer’s skills lie in capturing great moments that can last forever, rather than data security. While IT firms, airports, hospitals, etc are the usual targets of ransomware attacks, studios have become a new target for the hackers. The studios have already been facing huge losses due to the cyberattacks and trust is the last thing they can compromise.

The number of ransomware attacks has been on the higher side, during COVID-19. However, the common investigation has been going on against such ransomware attacks, but the cyber wing of the police department has been unable to retrieve the data and files of these studio owners.

The Cyberattackers target institutions like hospitals or airports that require decryption of files. They send malware everywhere using bots and studios might be unintended targets, which the hackers might not be interested in.

Precautions & Safety Measures

The experts at Neumetric, a cybersecurity services, consulting & products Organization, believe that lack of due care on part of users makes them vulnerable to such attacks. Delay in updating operating systems, downloading unnecessary files, or lack of anti-virus software are reasons that make a system vulnerable. It is important to keep a backup of all documents. Although some malware can be decrypted, but not before the nature of malware is deciphered. With the recent wave of attacks, studio-owners need to gear up to ensure requisite protection from cyberattacks in the future.

Neumetric can help you reduce your security cost without compromising your security posture. Our years of in-depth experience in handling security for Organizations of all sizes & in multiple industries make it easier for us to quickly execute cost-cutting activities that do not bring value to you, while you continue focusing on the Business objectives of the Organization.

Protecting Yourself from Cyber Attacks While Working From Home During Covid-19 Pandemic

With Coronavirus Pandemic affecting our lives, more and more Companies are adopting Work-from-Home Policies. The age of remote work is upon us and most of us have settled into a routine of working from home. But at the same time, Cybersecurity has become a growing issue.

Cybercriminals are seeking every opportunity to exploit Coronavirus and target companies and individuals. They are using COVID-19 themed phishing emails that intend on delivering official information on the virus in order to lure users to click malicious links that download Remote Administration Tools (RATs) on their devices. There have been many reported cases of malicious COVID 19 related Android applications, where cybercriminals have accessed smartphone data or encrypted devices for ransom. Additionally, the pandemic has resulted in the creation of more than a lakh new COVID-19 web domain, which should be treated with suspicion, however not all of them may be malicious.

Cyber attackers have been taking advantage of the fact that not many people working from home have applied the same security on their networks that would have been in place in a corporate environment otherwise. They are looking for gaps where enterprises have not deployed the right technologies or corporate security policies to secure all corporate-owned or managed devices with the same security protections, regardless of whether they are connected to an enterprise network or an open home Wi-Fi network. Therefore, it is the responsibility of both employees and business leaders to secure their Organization and make sure that cyberattacks do not further compound the already disrupted work environment.

How Businesses should respond?

In this critical time of the pandemic, business leaders must set clear expectations about how their Organizations should empower their employees, leverage new policies and technologies, and manage security risk in the new work environments. It is crucial that these messages on security come from the very top management and good examples are set from the beginning. Here are three recommendations for businesses to respond.

  1. Understanding the threats: With more and more employees working from home, business leaders should work with their security teams to identify the possibility of attack vectors. They should prioritize the protection of their business-critical applications and the most sensitive information.
  2. Encouraging communication & providing clear guidance: Right now, it is crucial that employees are clear about the home-working policies that include easy-to-follow steps that empower people to make their home-working environment as secure as possible. Employees should also know how to communicate with internal security teams regarding any suspicious activities.
  3. Providing right security capabilities: All the corporate-owned or managed devices should be equipped with essential security capabilities. This will help extend the same network security best practices that exist within the Organization to all remote environments. The critical capabilities may include:
    • The ability to securely connect users to their business-critical cloud and on-premise applications. For instance, video teleconferencing applications that are increasingly relevant for remote work environments.
    • Multi-Factor Authentication (MFA) should become a regular practice.
    • The Organization should be able to block exploits, malware, and command-and-control (C2) traffic using real-time, automated threat intelligence.
    • There should be endpoint protection on all mobiles and laptops, including VPN tools with encryption.
    • The enterprise should be able to filter malicious domain URLs and perform DNS sink-holing to thwart common phishing attacks.

How Employees should respond?

Employees should be encouraged to follow the guidelines provided to them by the Organization and take preventative measures.

  • Good Password Hygiene: Employees should use complex passwords and multifactor authentication wherever possible. They should keep changing these passwords frequently.
  • Updated Software & Systems: Updates and patches should be installed in a timely manner. This must include installs on mobile devices and other non-corporate devices that are used for work.
  • Secured Wi-Fi Access Point: Users should change the default settings and passwords so that the potential impact of an attack on the work via other connected devices can be reduced.
  • Using Virtual Private Network (VPN): VPNs create trusted connections between employees and Organizations. It ensures ongoing access to corporate tools and provides additional protection against phishing and malware attacks, similar to corporate firewalls.
  • Personal & Work Shouldn’t Be Mixed: Employees should keep their work devices and personal devices separate. If they wouldn’t install or use a service while they are at office, they should not do it while at home on the work device.

Neumetric, one of the top Cybersecurity companies in Bangalore, suggests that these straightforward steps at both individual and enterprise level can help address some of the most common security risks. Additionally, our threat environment is not static, especially during this pandemic. Phishing emails, malicious domains, and fake apps are out in the wild already and cybercriminals love to exploit real-world tragedies. COVID-19 is no different, which means you need to have a close eye on evolving threats to avoid unnecessary additional costs and disruptions in a time when we can least afford them.

Neumetric, a cybersecurity services, consulting & products Organization, can help you reduce your security cost without compromising your security posture. Our years of in-depth experience in handling security for Organizations of all sizes & in multiple industries make it easier for us to quickly execute cost-cutting activities that do not bring value to you, while you continue focusing on the Business objectives of the Organization.

Are You Preparing Your Business To Adopt Security Standards?

With ever-increasing cyber-attacks and constant changes to data privacy integration, IT security has become a major concern for companies these days. If you are also preparing your Organization for adopting security standards compliance, here is what to think through.

Understanding why the Organization needs the Standard: The foremost thing to do even before you decide on adopting security standards is to understand why the Organization wants to use the standards. You must think about which aspect of the standards you are going to tackle and how it can help your Business. Is it for multi-factor authentication, email encryption or to better understand security and risk in the Business? For instance, if you are a banking contractor you may want to focus on encryption, while someone in the medical practices would want to focus on stronger authentication for patient portals.

Finalize the scope of the project: While adopting the standards, some companies try to take on too much. Therefore, it is advisable to define the scope early and determine which employees and departments these standards are targeted for. Finalizing the scope at initial steps helps save significant costs and time. You can also control the costs by just tightening the scope of the standards project.

Certification programs: When your security system clings to all the standards and regulations, it is known as compliance. But this is not enough. Your customers may require your system to be certified by a governing body. Certification provides physical proof of a compliance claim. Therefore, it is of utmost importance to know if your customers and company’s stakeholders are asking for certification. And if they are, certification programs require buy-in from top management. You should also take extra resources for maintaining documents and paying consultants.

Determine how the new Standard makes you stronger as a company: Another crucial thing that you need to ask yourself is how the standards will make you stronger as an Organization and help your Business thrive. For instance, security teams should communicate to top management about opportunities that will present themselves with the new certification. Regulatory frameworks also help Businesses improve the compliance process every time they prepare for a review or an audit. Over a period of time, your Organization can automate by using outside tools that are designed to streamline the manual process for a compliance audit. These tools are quite helpful, as they come loaded with internal auditing features that can help you ensure that your company maintains continuous compliance and can avoid the rush to make changes at the time of the audit.

Maintenance regimen: Security certification audits are an annual routine and therefore you must think about keeping the certificate valid. This is a continuous process that includes the improvement of security practices and learning from past experiences.

Neumetric, a cyber security services, consulting & products Organization, can help you reduce your security cost without compromising your security posture. Our years of in-depth experience in handling security for Organizations of all sizes & in multiple industries make it easier for us to quickly execute cost-cutting activities that do not bring value to you, while you continue focusing on the business objectives of the Organization.

With years of in-depth experience in assisting Organizations irrespective of their sizes and or industry for their security requirements; it has helped us in quick assessment in regards to cost-cutting activities that do not bring value to you. Thus, your concentration is on the Business objectives of the Organization. 

Wiper Malware & Its Variants Part 2 – All That You Need to Know

The wiper is typically used for extortion and many ransomware attacks include a wiper component. Recently, cybersecurity researchers have discovered a new malware strain called Ordinypt that includes both wiper and ransomware capabilities. This malware overwrites the data and renders it permanently irrecoverable. This destructive nature of malware clearly signifies that there’s no incentive for victims to pay the ransomware’s actors. This was used to infect German-speaking users, thereby leaving them with no options to retrieve their files.

Variants of Wiper Malware

But Ordinypt is not the only one that has caused havoc by masquerading as ransomware. In August 2019, another ransomware named GermanWiper caused headaches for German companies by permanently destroying user data, while demanding ransom payments.

According to the latest report from IBM X-Force, it has been highlighted that there has been a 200% increase in destructive malware cases during the 2nd half of 2018 and the 1st half of 2019. But what is the point behind disguising a wiper as ransomware? Let’s have a look.

Financial Gain

While most of the ransomware attacks include a wiper component, the wiper is mainly used for extortion. The hazard of permanent data destruction acts as a strong incentive for Businesses to cough up the ransom. By the time ransom is paid to the attackers, Businesses realize the truth of wiper-cum-ransomware and are left with little or no chance to recover their lost data.

Economic Disruption

Sometimes the purpose of hiding Wiper as ransomware is to achieve large-scale economic disruption. For instance, in 2017, after a series of high-profile ransomware attacks, NotPetya was released to the world.

This Cyberattack seemed like conventional ransomware that was designed to generate as much money as possible. However, cybersecurity experts quickly realized that the ransomware was a destructive malware. NotPetya generated about $10,000 in ransom payments but caused havoc of more than $1 billion in the economic disruption.

Dealing With Malware

Neumetric, cybersecurity services, consulting & product Organizations, can help you reduce your security cost without compromising your security posture. Our years of in-depth experience in handling security for Organizations of all sizes & in multiple industries make it easier for us to quickly execute cost-cutting activities that do not bring value to you, while you continue focusing on the business objectives of the Organization

We suggest Businesses adopt a comprehensive disaster recovery strategy to mitigate the effects of malware in the future because wipers-disguised-as-ransomware attacks pose a serious threat. Organizations should implement a robust antivirus solution and frequent staff training about the importance of basic cyber hygiene. 

Scroll to top