Connect with us

Top Stories

How defence in depth can sink cyber attacks

Published

on

How defence in depth can sink cyber attacks 1

By Carolyn Crandall, Chief Deception Officer at Attivo Networks

The cybersecurity of financial institutions is appearing as a top priority for the Bank of England in the coming months. The central bank will focus on stress testing IT defences for online attacks and establishing new standards for how quickly and effectively financial institutions should contain these breaches. The objective is to improve banks’ operational resilience to withstand unforeseen future crises, such as the impact of COVID-19.

The decision comes as organisations adjust to a new wave of threats, in which opportunistic cybercriminals have continued to exploit weaknesses across a larger digital attack surface. While business email compromise (BEC), phishing attacks, and malware are still dangerous weapons in a threat actor’s arsenal, they are increasingly using advanced persistent threat (APT) tactics to circumvent defences and avoid detection. CISOs need to deploy a layered approach to security to prevent their most valuable assets from falling into the wrong hands to defend against these attacks.

Pandemic opportunists  

Threat actors are opportunists that have used the COVID-19 chaos and uncertainty to their advantage. They know that the crisis caught many businesses off guard at the beginning and exploited the rapid shift to remote working en masse to target vulnerabilities in devices and networks and weaker remote worksite security controls. According to figures from the FBI’s Internet Crime Complaint Center, the result has been a 400 percent increase in cyber attacks since the start of the pandemic.

Virtual Private Networks (VPNs) are among the most popular methods for connecting staff to corporate networks remotely. However, these are also a popular entry point for threat actors exploiting unpatched vulnerabilities or using credentials stolen via phishing campaigns. Microsoft recently revealed that COVID-related phishing campaigns rose to more than 30,000 a day, while independent research from industry consortium FS-ISAC found that phishing emails against bank employees rose by a third over the first quarter of 2020.

In regular times, perimeter security often stops such activity. However, with workforces accessing the network at different times and from other locations and systems, spotting unauthorised infiltration has become much harder.

Attackers go low and slow to avoid detection

Threat actors are not only using COVID to their advantage but are also changing tactics to avoid detection and maximise the payout. Gone are the days of the ‘smash and grab’ approach, in which threat actors go in heavy and fast, triggering an immediate alert that attackers had compromised the corporate network.

Instead, they have now switched to a “low and slow” approach, taking their time to move carefully through an IT network looking for the most valuable assets. Attackers are using port scanning or credentials stolen either from the users themselves or via Active Directory, which conventional security tools will struggle to identify. These allow attackers to lurk in the system for several months to gain a foothold in the network and move laterally to more secure areas to access sensitive data. In 2019, attackers  spent, on average, 206 days on a network before detection, a number that is likely to increase in 2020.

Another waiting game tactic is now yielding results as working practices change. Dormant malware infections have compromised vulnerable systems operating outside the perimeter, waiting to activate weeks or months later when staff return to the office. In effect, they are jumping the firewall.

Defence through depth

Attackers will use a range of tactics, techniques, and procedures (TTPs) to achieve their objectives, and once they’ve compromised the network, it’s typically only been a matter of time before they get what they want. However, there are ways for CISOs to get on the front foot and prevent attackers from establishing a foothold.

Carolyn Crandall

Carolyn Crandall

Creating defences that include multiple elements, each designed to detect, triage, and remediate various attacks at different points both outside and inside the network, provides defenders with an advantage. The more defensive layers there are, the harder it is for an attacker to break through.

While endpoint security and even behavioural analytics are commonplace, they can leave gaps in an organisation’s defences. These tools can’t provide the full spectrum of early detection of in-network threats and activities related to credential theft, discovery, lateral movement, and data collection.

One way to fix this is to combine deception and concealment technologies. These protect valuable assets – such as Active Directory objects, files, and folders – by hiding them from attackers and presenting any unauthorised person with fake data designed to derail their attack and steer them into decoy engagement servers for observation. These deceive attackers into thinking that the assets they have found are genuine, when, in fact, they have fallen into a deceptive environment where their every action is monitored and recorded.

The moment intruders attempt unauthorized access or interact with the deception environment, the CISO and their team receive alerts. In response, they may shut down the attack or study the attackers’ TTPs, enabling the security team to build a threat informed defence where they can identify and remediate any weaknesses in their security controls. Defenders can also use this attack information to update defences for threat hunting other incidents and identifying similar suspicious activities quickly in the future.

Deception and concealment technologies can integrate with a range of other security measures, including Endpoint Detection and Response (EDR), to improve detection coverage and to share threat data quickly for faster response and remediation. In fact, combining EDR with data concealment gives organisations an average 42 percent boost in detection.

Businesses operating in financial services are under greater pressure than ever before to secure their IT networks and build resilience in the face of persistent attacks. Deception and concealment technologies provide a powerful diversion that hides and prevents access to valuable assets whilst gathering new insights for strengthening existing security measures.  As part of a robust, layered cyber defence, it provides a vital deterrent that prevents attackers from achieving their ultimate goal.

Top Stories

Holiday bookings soar as Britons hope for travel restart

Published

on

Holiday bookings soar as Britons hope for travel restart 2

By Sarah Young

LONDON (Reuters) – International holiday bookings surged by as much as 600% after Britain laid out plans to gradually relax coronavirus restrictions, giving battered airlines and tour operators hope that a bumper summer could come to their rescue.

EasyJet said flight bookings from Britain jumped over 300% and holiday bookings surged by more than 600% week on week after the government indicated on Monday that travel could restart from mid-May, while holiday company TUI UK said that its holiday bookings surged 500%.

This summer is make-or-break for many airlines and holiday companies which are struggling to survive with close to a year of almost no revenue due to pandemic restrictions. Without it many will need extra funds after burning through cash reserves.

UK-listed travel stocks were buoyed after new bookings flooded in on Monday evening and Tuesday despite ongoing uncertainty over exactly how and when international routes can reopen.

Shares in easyJet jumped 9%, while British Airways-owner IAG traded up 6%, TUI and Jet2 both jumped 6% and Ryanair was 3% higher.

While British tourists are some of the biggest spenders in Europe, the presence of a more infectious variant of coronavirus in the UK could alarm some countries. France and Spain have shut their borders to most UK travellers due to variants.

UK holidaymakers will know more on April 12 when the government publishes a travel review. It has said that a lockdown ban on most international travel will stay until at least May 17.

That should give airlines time to plan their summer schedule, a process which takes months.

EasyJet said trips from the UK to beach destinations such as Malaga, Alicante and Palma in Spain, Faro in Portugal and Crete, Greece, were the most popular destinations with holidaymakers keenest to travel in August. July and September were the next most popular months.

TUI said destinations in Greece, Spain and Turkey were the most booked overnight, with people opting to go from July onwards.

Britain’s route back to normality is helped by rapid progress with its vaccine plan. Over 17.7 million people, or a quarter of the population, have already had a first dose of the jab. The government is also considering options for vaccine passports.

The airlines and travel companies hope such progress will mean that from May 17 the UK will end its holiday ban and remove a 10-day quarantine requirement, a big deterrent for holidaymakers, and some of its COVID-19 testing rules.

(Reporting by Sarah Young, Editing by Paul Sandle and Susan Fenton)

Continue Reading

Top Stories

Concern over rich-poor divide seen on the increase during pandemic

Published

on

Concern over rich-poor divide seen on the increase during pandemic 3

By Matthew Lavietes

NEW YORK (Thomson Reuters Foundation) – People have become more concerned about the gap between rich and poor during the coronavirus pandemic, especially the young, the authors of a new global study said on Tuesday, urging governments to take steps to redress the balance.

More than 8,700 people in 24 nations were surveyed at the start and end of 2020 by the Glocalities market research agency, with the findings showing an increase in the share of respondents who thought income differences should be reduced.

As the coronavirus pummeled the global economy last year, the survey also found a 10-point rise in the percentage who said decent work and economic growth were the most important means of improving quality of life.

“It has slapped people in the face and made them realize that things are not going well,” Ronald Inglehart, one of the lead authors of the study, told the Thomson Reuters Foundation, referring to the pandemic.

“We need government intervention on a larger scale. We don’t want a state-run economy, but some of the resources need to be reallocated to balance off this powerful trend.”

Policies that will create “good-paying jobs” in the fields of child care, environmental protection and infrastructure would help address mounting frustration over income inequality Inglehart added.

Young people are particularly concerned about income disparities, the study found.

A third of respondents aged between 18 and 34 said they were more concerned about income inequality than unemployment or economic growth at the end of 2020, up from 29% at the start of the year – before the coronavirus had spread around the world.

“Feelings of being upset, being afraid, feeling let down, feeling like ‘I have no prospective anymore’ are on the rise,” said Martijn Lampert, who also co-authored the study.

“So this requires very wise and just government interventions to channel this unrest in a positive way.”

Inglehart said he sees evidence of such sentiments among the students he teaches at the University of Michigan.

“The job market is dismal … My best students, the stars, they’re finding jobs at a lower level than they’re anticipating. And the ones who aren’t stars are getting nothing,” he said.

The global economy is seen shrinking 3.5% last year, according to the latest estimates by the International Monetary Fund, and numerous studies have shown how the global health crisis has exacerbated economic inequalities.

As a result of the pandemic, the number of people living in poverty has doubled to more than 500 million, according to a report issued last month by the charity Oxfam.

Meanwhile, the collective wealth of the world’s billionaires rose $3.9 trillion between March and December 2020 to reach $11.95 trillion, the report said.

(Reporting by Matthew Lavietes; Editing by Helen Popper; Please credit the Thomson Reuters Foundation, the charitable arm of Thomson Reuters, that covers the lives of people around the world who struggle to live freely or fairly. Visit http://news.trust.org)

Continue Reading

Top Stories

Boon or bane? Malaysian island reclamation plan divides residents

Published

on

Boon or bane? Malaysian island reclamation plan divides residents 4

By Rina Chandran

(Thomson Reuters Foundation) – The island of Penang on the northwest coast of Malaysia is known for its sandy beaches, the colourful wall murals of its capital Georgetown, and its fiery street food.

In time, it will also be known for three man-made islands that state authorities say are needed to provide housing and economic opportunities for an expanding population, while also generating funds for a modern transport network.

But the Penang South Reclamation (PSR) project, dubbed BiodiverCity, has pitted the government and businesses against fishermen and environmentalists who say it will wreck the lives of residents, and damage the coast.

“The area is rich in prawns and fish. If you build islands, what we will see is permanent environmental degradation,” said Mahadi Md Rodzi, chairman of the Penang Fishermen’s Association that represents about 6,000 fisherman.

“Fishermen have been told to upskill or get another job, but many of us are born fishermen and depend on the sea to live. The proposed compensation from the state is too insufficient for something that will affect our livelihoods forever,” he said.

Many fishermen have rejected the 20,000-ringitt ($4,950) compensation offered, as well as the Environmental Impact Assessment report, which conservationists say does not reflect the potential damage or propose adequate mitigation measures.

Authorities say BiodiverCity, which is a part of the Penang 2030 vision of improving liveability and sustainability, will be a “socially and economically inclusive development” with an emphasis on green spaces, clean energy and car-free transport.

The 4,500-acre (1,821 hectares) project comprising three lilypad-shaped islands will house about 15,000 people each, and use natural and recycled materials such as bamboo and timber for construction of homes and offices, according to the plan.

But the scale of the dredging and reclamation work over more than a decade will cause “massive and long-term environmental destruction”, said Evelyn Teh, an environmental researcher in Penang.

“Fifteen years of land reclamation is a long onslaught to any marine ecology and the fishery industry that depends on it. The reclaimed islands will bury existing fishing areas while deteriorating the surrounding marine water quality,” she said.

“Coastal communities who rely on the marine and coastal area for their livelihood will experience an irreversible negative impact,” she told the Thomson Reuters Foundation.

‘COLOSSAL MISAPPROPRIATION’

From Denmark to Singapore, planners have reclaimed land from the sea for decades for offices, apartments and tourism.

Cities and island states that are running out of space are reclaiming land, expanding vertically or going underground.

A United Nations-backed partnership is studying the prospect of floating cities that can help coastal cities at risk of flooding from worsening climate-change impacts.

In Asia, land reclamation has become a contentious issue, with Cambodia and Malaysia banning sand exports, while Jakarta has suspended its reclamation project, and a plan to build an artificial island in Hong Kong has drawn fierce criticism.

Malaysia has two other major reclamation projects underway: Melaka Gateway, a deep-sea-port and cruise terminal that is part of China’s massive Belt and Road infrastructure plan, and Forest City in Johor near Singapore, aimed at foreign investors.

Large-scale reclamation allows more flexibility in city planning, but also lets governments engage “more ambitiously and aggressively with the business of land-banking,” said Keng-Khoon Ng, a lecturer at UCSI University Kuala Lumpur.

“These island-making projects are designed to boost state coffers. They represent a colossal misappropriation of resources at a time of intensifying housing unaffordability and social injustice,” he said.

But the PSR is needed as Penang has “run out of land”, resulting in ad-hoc developments, fewer economic opportunities, and a shortage of affordable housing, said Eddie Chan, executive director of SRS Consortium, the project developer.

A quarter of residential units will be earmarked for affordable housing in the average price range of 350,000 ringgit, and a fishermen’s taskforce set up by the state government is addressing any social impacts, he said.

“With proper design and construction methods applied to dredging and reclamation, and pollution prevention and mitigation measures to minimise environmental impact, we are confident that reclamation can be done sustainably,” Chan said.

RADICAL RETHINK

The PSR project, designed by Copenhagen-based Bjarke Ingels Group (BIG), is scheduled to break ground in March after approvals.

Reclamation has hugely benefited Penang, with parts of the Bayan Lepas industrial zone, as well as heritage clan jetties built on reclaimed land, said Joshua Woo, a former local councillor.

“There are fancy land reclamation projects for the wealthy, but there are also land reclamation projects for a city’s survival. PSR belongs to the latter group,” he said.

“The project will open up new economic opportunities and social spaces for us,” he added.

In fact, PSR is a “feasible solution” to address urgent environmental issues such as climate change and sea-level rises, said Farizan Darus, chief executive of government agency Penang Infrastructure Corporation that is overseeing the project.

“More than half of Penang island is hilly terrain, therefore the next best approach is land reclamation,” he said.

“Without strategic land, Penang’s growth will be stunted. Now is the best time to implement PSR to provide a much-needed economic boost to Penang, and prepare the state for the post-pandemic economy,” he added.

Meanwhile, an online petition by a local heritage advocate against the project, has garnered more than 115,000 signatures, while a group of residents have held several protests under the Penang Tolak Tambak (Penang Rejects Reclamation) banner.

In building PSR and using it to fund the 46-billion ringgit ($11.4 billion) transport network, the state is taking on a huge financial risk during an economic slowdown, and putting commercial interests above the environment and people, said Teh.

Particularly now, when the coronavirus pandemic has revealed deep-rooted inequalities in urbanisation, authorities should instead favour a “radical rethink on building back better”, she said, including low-carbon public transport networks.

“The government risks putting too much focus on a massively expensive and environmentally destructive project that will only benefit a small group of people at the expense of the wider population during an unprecedented economic crisis,” Teh said.

“Penang may be biting off more than it can chew.”

($1 = 4.03691 Malaysian ringgit)

(Reporting by Rina Chandran in Bangkok, with additional reporting by Beh Lih Yi in Kuala Lumpur; Editing by Astrid Zweynert. Please credit the Thomson Reuters Foundation, the charitable arm of Thomson Reuters, that covers the lives of people around the world who struggle to live freely or fairly. Visit http://news.trust.org)

Continue Reading
Editorial & Advertiser disclosureOur website provides you with information, news, press releases, Opinion and advertorials on various financial products and services. This is not to be considered as financial advice and should be considered only for information purposes. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third party websites, affiliate sales networks, and may link to our advertising partners websites. Though we are tied up with various advertising and affiliate networks, this does not affect our analysis or opinion. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you, or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish sponsored articles or links, you may consider all articles or links hosted on our site as a partner endorsed link.

Call For Entries

Global Banking and Finance Review Awards Nominations 2021
2021 Awards now open. Click Here to Nominate

Latest Articles

Holiday bookings soar as Britons hope for travel restart 5 Holiday bookings soar as Britons hope for travel restart 6
Top Stories53 mins ago

Holiday bookings soar as Britons hope for travel restart

By Sarah Young LONDON (Reuters) – International holiday bookings surged by as much as 600% after Britain laid out plans...

Commodities rally, stocks steady, yields off highs 7 Commodities rally, stocks steady, yields off highs 8
Trading57 mins ago

Commodities rally, stocks steady, yields off highs

By Danilo Masoni and Anshuman Daga MILAN/SINGAPORE (Reuters) – Optimism about the economic outlook pushed commodity prices to new highs...

Concern over rich-poor divide seen on the increase during pandemic 9 Concern over rich-poor divide seen on the increase during pandemic 10
Top Stories1 hour ago

Concern over rich-poor divide seen on the increase during pandemic

By Matthew Lavietes NEW YORK (Thomson Reuters Foundation) – People have become more concerned about the gap between rich and...

Bitcoin tumbles 17% as doubts grow over valuations 11 Bitcoin tumbles 17% as doubts grow over valuations 12
Finance1 hour ago

Bitcoin tumbles 17% as doubts grow over valuations

By Tom Wilson and Tom Westbrook LONDON/SINGAPORE (Reuters) – Bitcoin tumbled 17% on Tuesday, sparking a sell-off across cryptocurrency markets...

Sterling climbs towards $1.41 as PM sets roadmap to easing lockdown 13 Sterling climbs towards $1.41 as PM sets roadmap to easing lockdown 14
Trading1 hour ago

Sterling climbs towards $1.41 as PM sets roadmap to easing lockdown

By Joice Alves LONDON (Reuters) – Sterling edged higher on Tuesday against both the dollar and the euro after Prime...

H&M, IKEA and Stora Enso backed TreeToTextile builds sustainable fibre demo plant 15 H&M, IKEA and Stora Enso backed TreeToTextile builds sustainable fibre demo plant 16
Business1 hour ago

H&M, IKEA and Stora Enso backed TreeToTextile builds sustainable fibre demo plant

STOCKHOLM (Reuters) – A venture part-owned by Finnish forestry group Stora Enso, Sweden’s H&M and IKEA said on Tuesday it...

IHG books $153 million loss, Holiday Inn softens coronavirus blow 17 IHG books $153 million loss, Holiday Inn softens coronavirus blow 18
Business1 hour ago

IHG books $153 million loss, Holiday Inn softens coronavirus blow

By Tanishaa Nadkar (Reuters) – InterContinental Hotels booked an annual loss of $153 million on Tuesday, pummelled by repeated COVID-19...

Boon or bane? Malaysian island reclamation plan divides residents 19 Boon or bane? Malaysian island reclamation plan divides residents 20
Top Stories1 hour ago

Boon or bane? Malaysian island reclamation plan divides residents

By Rina Chandran (Thomson Reuters Foundation) – The island of Penang on the northwest coast of Malaysia is known for...

Aviva sells French business to Macif's Aéma Groupe for $3.9 billion 21 Aviva sells French business to Macif's Aéma Groupe for $3.9 billion 22
Business1 hour ago

Aviva sells French business to Macif’s Aéma Groupe for $3.9 billion

LONDON (Reuters) – Aviva has agreed the sale of its operations in France for 3.2 billion euros ($3.89 billion) to...

The future of cryptocurrency in the eCommerce industry 23 The future of cryptocurrency in the eCommerce industry 24
Finance1 hour ago

The future of cryptocurrency in the eCommerce industry

By Josh Brooks, Head of Marketing at OnBuy.co With some of the biggest names in the business turning to cryptocurrencies,...

Newsletters with Secrets & Analysis. Subscribe Now