Archive for June, 2019

Trump Caves To The Chinese And Allows US Firms To Deal With Huawei

Posted in Commentary with tags on June 30, 2019 by itnerd

It appears that President Donald Trump who was talking a good game about going after Huawei has appeared to cave “big league” to the Chinese at the G20 summit. Here’s the details:

US President Donald Trump has appeared to soften his tone on Chinese communications giant Huawei, suggesting that he would allow the company to once again purchase U.S. technology. Speaking at a press conference in Osaka, Saturday, Trump said that the U.S. sells a “tremendous amount of product” to Huawei. “That’s okay, we will keep selling that product,” said Trump. “The (U.S.) companies were not exactly happy that they couldn’t sell.”

Now it isn’t a lifting of the ban that Trump signed, but it really is going to throw Huawei a lifeline. But more importantly, Trump has really made himself look stupid in his rather desperate attempt to get some sort of trade deal with China which is what I think this is all about. He’s effectively taken Huawei from being the devil incarnate to being perfectly fine to do business with. If he walks back all the security claims too, then his credibility which is already in shambles, will take a hit that he will not recover from with just a year to go before a presidential election.

 

Trump Administration Considering Crackdown On End To End Encryption

Posted in Commentary with tags on June 28, 2019 by itnerd

From the “worst idea ever” file comes a report in Politico that the Trump administration held a National Security Council meeting on Wednesday that weighed the challenges and benefits of encryption. And in said meeting, this happened:

Senior officials debated whether to ask Congress to effectively outlaw end-to-end encryption, which scrambles data so that only its sender and recipient can read it, these people told POLITICO. Tech companies like Apple, Google and Facebook have increasingly built end-to-end encryption into their products and software in recent years — billing it as a privacy and security feature but frustrating authorities investigating terrorism, drug trafficking and child pornography.

“The two paths were to either put out a statement or a general position on encryption, and [say] that they would continue to work on a solution, or to ask Congress for legislation,” said one of the people.

But the previously unreported meeting of the NSC’s so-called Deputies Committee did not produce a decision, the people said.

A decision to press for legislation would have far-reaching consequences for the privacy and security of tens of millions of consumers and effectively force companies such as Apple and Google to water down the security features on their smartphones and other devices.

I honestly don’t know which is worse. The fact that this is being discussed at all, or it’s being discussed behind closed doors. But in any case, Trump isn’t the first president to try this. Obama tried something like this, and before him the second George Bush tried  something like this, and Bill Clinton tried something like this too. None of those went anywhere because they all got epic pushback on various fronts. I expect that to happen here too as Silicon Valley are no fans of the Trump administration. And congress are unlikely to go along with this. Though it does bear watching as this is far from being a trivial exercise.

 

Martello Moves Up 20 Spots on the 2019 Branham300 Rankings

Posted in Commentary with tags on June 27, 2019 by itnerd

Martello Technologies Group Inc. announced today its inclusion in the 2019 edition of the widely respected Branham300 listing of Canada’s top ICT (Information and Communications Technology) companies. The company has moved up the list 20 spots after being ranked number 235 in 2018.

Moving up to position 215, Martello is honored to be among the country’s top performing companies by revenue in the 26th year of the comprehensive listing of publicly traded and privately held ICT companies in Canada. This year’s edition of the Branham300 recognizes year over year revenue growth for the 2017 and 2018 fiscal years.

Branham Group, a global ICT industry analyst and strategic marketing company, tracks thousands of companies throughout the year, and its annual Branham300 ranking is the most well-known and referenced listing of Canada’s ICT leaders. The companies on the Branham 300 Top 250 list generate more than half of the nation’s ICT sector revenue.

Martello’s solutions have been widely acclaimed in the industry. In September 2018, Martello received a Frost & Sullivan Leadership Award for NPM (Network Performance Management) and ranked as Ottawa’s Fastest Growing Company, at No. 28 on the Growth 500 list of Canada’s Fastest Growing Companies. The Company has expanded its solution portfolio with several acquisitions, and recently provided a business update on its market and channel expansion, product innovation, acquisitions and capital market activities.

 

Feroot Report Speaks To Vulnerabilities In Web Trackers & The Rise In Cross-border Data Transfers & Access To User Login Credentials

Posted in Commentary with tags on June 27, 2019 by itnerd

User-side security monitoring system Feroot today released its 2019 User Security and Privacy Report examining the hidden behaviors of external third- and fourth-party tools on the user-side for websites and web apps. Of the 13 different industries and government agency websites worldwide reviewed, the report found that:

  • 92% of major news websites across North America, the UK and Germany use ad trackers that are participating in automatic cross-border data transfer and is the only industry consistently sending user behavior data to Russia;
  • An average of 21 web trackers are active on any given website at any time creating a new and increasing surface area for an attack through chatbots, analytics, ad tech tools and others. (News industry hosts an average of 40 trackers per site while the tech industry hosts an average of 25 trackers per site.)
  • 90% of e-commerce login pages are susceptible to attack and can potentially provide external tools with unrestricted visibility of user passwords.

What this means:
The challenges faced by most security professionals is the constant growth of the tech stack: third- and fourth-party vendors, web trackers, and homegrown technology tools are always in flux as new tools and trackers are added daily for marketing and sales purposes. This poses ongoing data security and privacy threats because side-loaded code can be modified by third-parties at any time opening the possibility for a Man-in-the-middle (MITM) attack vector.

Feroot scanned more than 1.1 million unique web pages across 365 organizational websites in 13 different industries focusing on the US, Canada, UK, France, Spain, and Germany, including government agencies, to take a closer look at:

  • Automated personal data collection and cross-border data transfers on public facing websites and web apps;
  • Data collection practices of web tracking tools across industries;
  • The impact of third- and hidden fourth-party tools and behavior tracker activities on GDPR, CCPA, PCI-DSS, HIPAA, and other obligations.

Simulated visits were conducted between April 19 and May 31, 2019, using the Feroot user- (client) side security monitoring system, and were repeated multiple times, limited to approximately 90 pages per website per day. For the full report visit here.

NordVPN Announces NordPass Password Manager

Posted in Commentary with tags on June 27, 2019 by itnerd

NordVPN is creating a new generation password manager NordPass. NordPass will have a full range of features to ensure that passwords are as secure as possible. Its easy-to-use interface makes staying secure effortless.

NordPass will remember and autosave all passwords, autofill online forms, and allow to save private notes. Additionally, the new tool will generate strong passwords on the spot. NordPass will support major operating systems, offering browser extensions as well as native mobile and desktop apps.

NordPass is created using the latest security practices and industry standards. It uses powerful Advanced Encryption Standard (AES-256-GCM) encryption with Argon2 for key derivation, which is virtually unbreakable. Additionally, the new tool will have zero-knowledge encryption process to ensure ultimate security.

At the moment, NordPass is going through internal stress-tests. It is expected that the first beta version will be released this autumn. Signup for early access is now available on NordPass’s official website: nordpass.com.

NordVPN is a trusted online privacy and security solution, used by over 12 million internet users worldwide. It offers military-grade encryption with advanced privacy solutions and is recognized by the most influential tech sites and IT security specialists.

A few weeks ago, NordVPN introduced another cybersecurity tool – NordLocker. NordLocker will secure files stored on a user’s computer or in a cloud with end-to-end encryption. It is expected, that first beta version of this product will be released this July.

Cities Pwned By Hackers Pay Out Massive Sums To Save Themselves

Posted in Commentary with tags on June 27, 2019 by itnerd

In the last week, not one but two Florida cities have been pwned by hackers who used ransomware to cripple their networks. And in both cases, the hackers got paid. And I do mean paid. First up on the list was Riviera City Florida who paid $600,000 USD in Bitcoin to get their data back:

The city’s decision, as reported by CBS News, came after officials came to the conclusion that there was no other way to recover the city’s files. Access to Riviera City data has been locked since May 29, this year, when a Riviera Beach police department employee opened an email and unleashed ransomware on the city’s network. The ransomware locked files and shut down all the city’s services. Operations have been down ever since, with the exception of 911 services, which were able to continue to operate, although limited. The city’s website, email server, billing system, and everything else has been down ever since, with all city communications being done in person, over the telephone, or via posters. The city has been having a hard time recovering from the incident ever since.

Then less than a week later, Lake City, a small Florida city with a population of 65,000, voted to pay a ransom demand of 42 bitcoins, worth nearly $500,000 after they got pwned:

The decision to pay the ransom demand was made after the city suffered a catastrophic malware infection earlier this month, on June 10, which the city described as a “triple threat.” Despite the city’s IT staff disconnecting impacted systems within ten minutes of detecting the attack, a ransomware strain infected almost all its computer systems, with the exception of the police and fire departments, which ran on a separate network.

A ransom demand was made a week after the infection, with hackers reaching out to the city’s insurance provider — the League of Cities, which negotiated a ransom payment of 42 bitcoins last week. City officials agreed to pay the ransom demand on Monday, and the insurer made the payment yesterday, on Tuesday, June 25, local media reported. The payment is estimated to have been worth between $480,000 to $500,000, depending on Bitcoin’s price at the time of the payment. The city’s IT staff is now working to recover their data after receiving a decryption key.

I have some random thoughts on this.

  • You have to take steps to protect yourself. Such as using advanced threat protection from companies such as Darktrace or Microsoft as the latter has advanced threat protection for Office 365. And it goes without saying that you need up to date AV software on every device on your network.
  • You also have to make sure your data is backed up. And that at least some of those backups are off site. That way you have a fighting chance of getting back up and running if you get pwned.
  • You have to limit what users do because they are the weakest link. By that I mean that they cannot be allow to simply do whatever they want with computers like install their own software. Because you’re just asking for trouble when you allow that.
  • You have to make sure that you’re on top of every patch that comes out for whatever OS you are using and install them as quickly as possible. Ditto for applications. That way you limit the attack vectors that this sort of threat leverages, and you also limit how broad it could spread if it got onto your network.

But the big random thought that I have is that the more that these hackers get paid, the more that they will do this. And the bigger the ransoms will be. So if this is to stop, companies have to take away the incentive to do this by doing the above and perhaps more. By doing that there is no incentive to pay the hackers and the hackers in question will go away and find something else to do.

Huawei Gear Is Open To Pwnage By Hackers Says Report

Posted in Commentary with tags on June 26, 2019 by itnerd

In an ironic twist, telco gear made by China’s Huawei is far more likely to contain flaws that could be leveraged by hackers for malicious use than equipment from rival companies, according to new research by cybersecurity experts that top U.S. officials said appeared credible.

Over half of the nearly 10,000 firmware images encoded into more than 500 variations of enterprise network-equipment devices tested by the researchers contained at least one such exploitable vulnerability, the researchers found. Firmware is the software that powers the hardware components of a computer. The tests were compiled in a new report that has been submitted in recent weeks to senior officials in multiple government agencies in the U.S. and the U.K., as well as to lawmakers. The report is notable both for its findings and because it is circulating widely among Trump administration officials who said it further validated their policy decisions toward Huawei.

“This report supports our assessment that since 2009, Huawei has maintained covert access to some of the systems it has installed for international customers,” said a White House official who reviewed the findings. “Huawei does not disclose this covert access to customers nor local governments. This covert access enables Huawei to record information and modify databases on those local systems.” The report, reviewed by The Wall Street Journal, was prepared by Finite State, a Columbus, Ohio-based cybersecurity firm.

If you buy into this report, you don’t have to worry about getting pwned by Huawei if you use their gear. Instead, the pwnage will come from others and the Huawei gear is just the vehicle for the pwnage. Lovely. Assuming that this is true. We’ll have to see if this report is fact of fiction and hopefully the clarity will come via a third party that can be trusted.

TP-Link Combines Two Wireless Technologies in One Device: Whole Home Wi-Fi and Powerline

Posted in Commentary with tags on June 26, 2019 by itnerd

TP-Link Canada has announced the availability of Deco P7, a whole home hybrid Mesh wireless system in Canada. The Deco P7 supports powerline connection, aimed at providing stable Wi-Fi everywhere in the building.

Dual-band AC1300 Wi-Fi and AV600 powerline connections combine to create a seamless, fast whole home network. Powerline backhaul allows data to move through walls and other structures without losing transmission strength, thus eliminating weak signal areas. Users can enjoy fast, secure Wi-Fi for over 100 connected devices with Deco P7. The Deco P7 comes with TP-Link HomeCare which includes robust Parental Controls, dynamic Antivirus and traffic-optimizing Quality of Service (QoS) features, helping homeowners create a personalized and secure family network. The Deco P7 solves many wireless issues in the home.

Spotty Wi-Fi

The Deco units connect to each other to create a network system for the entire home. Having a network system eliminates weak signal areas and dead zones by placing units near hard-to-reach areas or by providing multiple access units for wireless devices to connect to. The Deco P7 operates on the IEEE 802.11r/k/v specifications for a truly seamless roaming experience.

Powerline Connection

Powerline technology uses the building’s electrical wiring to create stronger connections between Deco units. Wi-Fi integrated with powerline allows for link aggregation and gives the ability to boost bandwidth effectively. Backhaul bandwidth is improved by up to 60% more in the hybrid Wi-Fi system compared to a standard system without Powerline capability. No restrictions from thick walls or long distances, the Deco P7 can even reach as far as the mudroom or backyard.

Cyberthreat Protection

With advanced HomeCareTM in partnership with Trend Micro, the Deco P7 is one of the most secure Mesh Wi-Fi systems in the market. In addition to parental controls and QoS, HomeCare protects every connected device on the network from outside malware and hackers. Malicious site blocking takes the extra step of preventing users from accessing malicious websites. Live cyberthreat preventions are updated regularly with HomeCare.

Connects More Devices

Beneath the stylish exterior is a Qualcomm Quad-core CPU, giving Deco P7 the processing power to support over 100 devices. 802.11ac Wave 2 MU-MIMO technology and AC1300 dual-band speed provide lag-free connections, ensuring a smooth gaming and 4K streaming experience simultaneously. Multiple applications are handled with ease to deliver smooth and stable Wi-Fi for every device in the home.

Simple Onboarding

The Deco app provides clear onboarding instructions with visual aids, making setup fast and easy. Remote network management is also available through the Deco app such as limiting and monitoring internet use, pausing internet and setting up a guest network.

Key Features:

  • 400 Mbps on 2.4 GHz; 867 Mbps on 5 GHz; HomePlug AV 600 Mbps.
  • Effectively boost bandwidth
  • No limits to data transmission distance or wall restrictions
  • Each unit covers up to 2000 sq. ft.
  • Add any Deco units to expand Wi-Fi coverage
  • Qualcomm Quad-core CPU:
  • Supports over 100 wireless devices
  • Deco App simplifies network setup and management
  • TP-Link HomeCareTM (parental controls, QoS and built-in antivirus software)
  • IPv6: supports the latest Internet Protocol Version 6.
  • Compatible with Amazon Alexa, IFTTT and other Deco models

Price & Availability The Deco P7 (3-pack) is currently available at all retail and e-tail partners for MSRP of $299.99 (CAD).

Lack of SecOps Maturity In 4 Out Of 5 Businesses: Siemplify

Posted in Commentary with tags on June 26, 2019 by itnerd

Siemplify today released the 2019 Security Operations Maturity Report, revealing critical insights and trends into the state of SecOps, from size and structure of programs to key challenges and growth initiatives.

Based on a survey of more than 250 security operations practitioners working at enterprises and managed security service providers (MSSPs), who were asked to assess a litany of subjects related to their responsibilities, impediments and needs, the report presents a comprehensive portrait into the nexus of cybersecurity infrastructure – the operations – and the personnel responsible for ensuring their efficiency and effectiveness.

Arguably most notable is that the study includes perspective into where respondents see their SecOps programs – and the individual functions that constitute them – stacking up in terms of maturity, as well as what defines success and how to forge a path forward.

Of the respondents surveyed, only 20% indicated that their SecOps programs have reached the highest maturity level. The majority reported that they are just starting their maturity journey or only midway through it. Of verticals, MSSPs expectedly ranked highest in terms of SecOps maturity, while not-so-predictably the traditionally regulated industries of healthcare and finance rated near the bottom.

Other key security operations trends revealed in the report include:

Not all SecOps programs are created equal: For example, over half of financial firms report having 10 or more SecOps staff, but only 14% in the health care sector have that level of resources.

Tiered structure tapering: A little over half of respondents work in traditional ‘tiered’ security operations centers (SOCs), which are comprised of different analyst levels. The rest form teams of mixed roles and experience.

Structure influences strategy: Programs with a ‘tiered’ structure stress optimizing and managing tools. Those organized by ‘teams’ emphasize improving people and processes.

Teams are busy and broadly tasked: The average SecOps staff member handles 3.5 major functions, with some taking on as many as 12. Counterintuitively, those in larger firms wear more hats than their SMB counterparts.

Coding matters: 25% of staff in lower-maturity SecOps programs possess coding or scripting skills compared to 40% in higher-maturity programs.

Functions not evenly distributed: SecOps use cases like event monitoring, vulnerability management and incident response are experiencing the widest adoption among functions. Meanwhile, specializations such as threat hunting are four-times less common in SMBs.

Challenges span people, processes and technology: The most common SecOps challenge experienced by respondents was lack of trained staff. Poor correlation and orchestration among processes and technologies was a close second.

Overall, the responses yielded one clear message: SecOps maturity is about robust, documented, repeatable processes that tie technology, teams and their respective functions together to drive success.

The complete report is now available for download. Siemplify and Cyentia will also be hosting a webinar on July 23 discuss key takeaways from the report.

CIK Telecom Launches CIK Home Security

Posted in Commentary with tags on June 26, 2019 by itnerd

Toronto based Telecommunication Company CIK Telecom recently added a Home Security Service to their suite of products and services. CIK Home Security assures customer protection and safety 24×7 from anywhere. The monitoring service includes an ULC (Underwriters laboratories of Canada) listed alarm monitoring facility with reliable and reputable security professionals to monitor homes. The security system allows customers to control and monitor the access to their home even when they are away or sleeping and even detect water leaks in the basement.

The CIK home security system was developed by the CIK Research & Development department and are also working on more innovative products which will be added to the current Home Security system. The whole security system is designed to take into account different aspects of households such as an SOS emergency button for the elderly living alone or special pet immune infrared detectors to avoid false alarms. Even for big houses or buildings, CIK will provide a single treble alarm device to choose from, which can be installed anywhere to scare off intruders.

Furthermore, customers will also be able to enjoy the following:

  • Insurance certificates to reduce home insurance costs
  • Customers can also provide paid guards for themselves when needed
  • 24 hour multi-language customer support including English, Mandarin and Cantonese
  • Free basic hardware including 1 central control panel, 2 infrared sensors and door triggers
  • Email and SMS for notifications
  • No contract required

Besides all these services, customers will also be given options for a third party requests in case of an incident. After the launch of the CIK home security system, cameras will be also added to make the system more secure.

The CIK home security has two plans and currently both have a promotion of $10 off, where the basic plan is available for only $19.99 per month and the premium plan is $29.99 per month with one time installation fee of $99 and $199 respectively installed by professionals.