ComputerworldUK – Cybersecurity trends 2017…

computerworlduk…malicious machine learning, state-sponsored attacks, ransomware and malware

Businesses and governments are starting to publicly take cybersecurity very seriously – and a range of high-profile attacks and hacks throughout 2016 provided security issues with even more visibility. But what’s in store for 2017, and how should organisations prepare?

…According to the CTO for data protection at security company Gemalto, Jason Hart, ‘data integrity’ will continue to be a serious issue for businesses. The premise behind data integrity is that information can be accessed or modified only by authorised users – so a data integrity attack involves manipulating that data for other ends.

“Data integrity attacks are nothing new,” Hart says. “But they remain under the radar of businesses who have an ever-increasing reliance on data, and make huge business decisions based on its analysis.

“The first generation of cyberattacks focused on stopping access to the data, which quickly moved on to stealing it,” he explains. “Today we’re seeing more evidence that the stolen data is being altered before transition, affecting all elements of operations. Data integrity attacks have the power to bring down an entire company – stock markets could be poisoned and collapsed by faulty data, the power grid and other IoT systems could be severely disrupted, and perhaps the greatest danger is that many of these could go undetected for years before the true damage reveals itself.”…

To read the full article , click here.

SC Media – Cyber-security industry 2017 predictions: reaching the tipping point

scmedia

 

 

 

 

SC’s Roi Perez sifts through a mountain of predictions for cyber-security in 2017 to pick out recurrent trends, specific predictions and warnings as to where we need to prioritise our defences in the year ahead…

…Looking at 2017, many in the security industry are predicting not only more of the same, but new and improved techniques which will take cyber-attacks to the next level. One of the most notable is from Jason Hart, CTO Data Protection, Gemalto, who is predicting that data integrity breaches are set to send shockwaves throughout the world in 2017, with at least one ‘almighty’ breach disclosure of this type expected next year.

Data integrity is a promise or assurance that information can be accessed or modified only by authorised users. Data integrity attacks compromise that promise, with the aim of gaining unauthorised access to modify data for various ulterior motives, such as financial or reputational damage.

Hart said: “Data integrity attacks are, of course, nothing new, yet they remain under the radar of businesses who have an ever increasing reliance on data and make huge business decisions based on its analysis. These types of attacks are what I like to call the ultimate weaponisation of data.”

To read the full article click here.

vmblog.com – 2017 Predictions: The Breach that Breaks the Camel’s Back

2017 Predictions vmblog.com

 

It’s December, the final month of the year where we both reflect and look forward, and it will probably come as no surprise that I want to talk about data breaches again.

In 2014, I predicted we would start taking data breaches more seriously, and last year, I talked about how I expected to see an uptick in targeted attacks on personal and intellectual property data – the types of breaches where attackers are not just targeting data for its immediate value, but for potential future value as well. In 2017, I expect that we’ll see more precise and complex data integrity attacks for both financial gain and/or to embarrass victims, and we’ll see one large attack that demonstrates the true pain of this type of attack. And I expect it will be in the type of industry or organization that shrugs and asks, “why would hackers target us?”

Data integrity attacks are not entirely new, nor do they have to be “big” to cause serious damage, but they do represent the ultimate weaponization of data. Instead of trying to steal large amounts of sensitive data, hackers instead focus on changing specific parts of transactions or information, or strategically leak the information obtained (think of Wikileaks and Hillary Clinton’s emails this past summer), to gain a financial or political foothold. For example, the Stuxnet worm allowed hackers to make very minor changes that had a major impact on Iran’s nuclear program. Similarly, hackers used the same process to attack large banks including JP Morgan, giving them an in-depth understanding of how internal operations worked.  In late 2015, many suspected that the attack on Ukraine’s power grid was the result of ongoing political disagreements with Russia, and the same could said for early 2016 when Israel’s electricity authority was hit by ransomware. Later this year, the World Anti-Doping Agency and Democratic National Committee breaches demonstrated how data can be manipulated to embarrass organizations.

So why do I think data integrity attacks will ramp up during the coming 12 months and continue over the next few years? The proliferation of the Internet of Things (IoT) means that hackers have a seemingly-infinite number of different attack surfaces and personas that they can manipulate. We are also using data that is being generated as an input to make business decisions. Decision-making by senior government officials, corporate executives, investors and average consumers about everything from investment decisions to which traffic signals you should obey will be impacted if they cannot trust the information they are receiving.

Before you pack your doomsday prep kit, there are some positive signs. Over the past few years, my conversations with customers have shifted from how to prevent breaches to how to protect DATA. Organizations have started to understand that breaches are not going away and that attack surfaces are constantly evolving.  When I talk to the businesses we work with, one of the first questions I ask is, “What are you trying to protect?” Without understanding what data you’re trying to protect, there is no point in spending money to protect it.

Companies need to start with a data centric approach to security, because it is the data hackers are often targeting. While data mapping is important to help create a better understanding of threats, another concern is users and devices. We have found this year that personal and workplace identities are converging at an alarming rate. A recent survey revealed that 90% of enterprise IT professionals are concerned that employee reuse of personal credentials for work purposes could compromise security, but two thirds (68%) still say they would be comfortable allowing employees to use their social media credentials on company resources. It is an interesting juxtaposition for companies to be concerned about the reuse of personal credentials, yet allow access to company resources with third-party social sites.

All of these factors, IoT, lack of two factor authentication, third-party security risks and unencrypted data, compound the risk of large scale data integrity attacks. We are just seeing the beginnings of these types of attacks. Take for example during this year’s U.S. election and the government and media debate around Russia’s state-sponsored attacks to manipulate political decisions. Protecting the integrity of the data we consume will become even more crucial as more of our information takes to the digital channels.

 

This article originally appeared as a contributed blog post on the VMBlog.com here

Network World: 2017 breach predictions

In 2017, we’ll see more intricate, complex and undetected data integrity attacks and for two main reasons: financial gain and/or political manipulation

 

data-integrity-attacks-have-the-power-to-bring-down-an-entire-company-and-beyond

We’ve reached that time of year where everyone in the security industry is pulling together predictions for what we expect to see over the next year, and/or slowly backing away from any imperfect predictions we might have put forth the year before.

Last year, I offered up a number of predictions, but the one continuing to make huge waves in 2017 is around data integrity attacks. Quite simply, I expect that we’ll see more intricate, complex and undetected data integrity attacks and for two main reasons: financial gain and/or political manipulation.

Data integrity attacks are, of course, not entirely new. Data integrity is a promise or assurance that information can be accessed or modified only by authorised users. Data integrity attacks compromise that promise with the aim of gaining unauthorised access to modify data for a number of ulterior motives. It is the ultimate weaponisation of data.

A few classic examples include the 2008 case of Brazilian logging companies that accessed government systems to inflate logging quotas and the famous 2010 story on how the Stuxnet worm used very minor changes to attempt to destroy Iran’s nuclear program. In 2013, a Syrian group hacked into the Associated Press’ Twitter account and tweeted that President Obama had been injured in explosions at the White House. (That single tweet caused a 147-point drop in the Dow.)

Fast forward to 2015 when Anonymous began releasing financial reports exposing firms in the U.S. and China trying to cheat the stock market, in one case, damaging the brand reputation of REXLot Holdings, a games developer that had inflated its revenues. The same year, there was the JP Morgan Chase breach and subsequent attempt at market manipulation. Which leads us, of course, to 2016, with the World Anti-Doping Agency and Democratic National Committee breaches, both examples of how hackers are using data integrity attacks to embarrass organisations.

How will cyber attacks get worse?

What’s different now from last year’s prediction? Why will these attacks get worse? The first generation of cyber attacks were about cutting access to data, and then we moved on to data theft. Now, we’re starting to see evidence of that stolen data being altered before transition from one machine to another, effecting all elements of operations.

The proliferation of the Internet of Things (IoT) means hackers have a seemingly infinite number of different attack surfaces and personas that they can manipulate. Use your Fitbit as an example, and look at the number of people who touch it—the user, the manufacturer, the cloud provider hosting the IT infrastructure, the third parties accessing it via an API, etc. This creates a cross-pollination of risk that the security industry has not seen before, and that’s just one person’s “thing.”

Today’s connected world constantly generates mounds of data that businesses, industry pros and analysts use to drive decisions, make projections, issue forecasts and more.

Data integrity attacks have the power to bring down an entire company and beyond. Entire stock markets could be poisoned and collapsed by faulty data. The power grid and other IoT systems from traffic lights to the water supply could be severely disrupted if the data they run on were to be altered. And perhaps the greatest danger is that many of these could go undetected for years before the true damage reveals itself. What’s at stake is trust. Decision-making by senior government officials, corporate executives, investors and average consumers will be impacted if they cannot trust the information they receive.

What you can do to protect data

At this point, you’re probably terrified—or morbidly depressed. Is there anything we can do? And the answer to that is yes. When I talk to the businesses we work with, one of the first questions I ask is, “What are you trying to protect?” If you don’t know what data you’re trying to protect, there is no point in spending money to protect it. It’s a straightforward enough question perhaps, but it isn’t very easy to answer. Despite this, working out an answer is one of the most fundamental things an organisation can do towards making itself secure. Last month’s blog, Securing the breach trumps breach prevention, detailed some additional tangible steps you can take.

Breaches will continue to happen—to expect otherwise would be unrealistic. But as their scale and complexity grows, focusing on them first would take up all of an organisation’s IT security bandwidth. A better starting point is to know what you are trying to protect.

This blog post also appears here in my regular blog for Network World.