Verisign is pleased to announce that we qualified for the Online Trust Alliance’s (OTA) 2016 Honor Roll for showing a commitment to best practices in security, privacy and consumer protection. This is the fourth consecutive year that Verisign has received this honor.
Every year, Verisign iDefense Security Intelligence Services produces its Cyberthreats and Trends Report, which provides an overview of the key cybersecurity trends of the previous year and insight into how Verisign believes those trends will evolve. This report is designed to assist in informing cybersecurity and business operations teams of the critical cyberthreats and trends impacting their enterprises, helping them to anticipate key developments and more effectively triage attacks and allocate their limited resources.
Throughout the course of my career I’ve been blessed to work with some of the most talented folks in the security and cyberthreat intelligence (CTI) mission space to create a variety of different capabilities in the public, private and commercial sectors. Before I came to lead the Verisign iDefense Security Intelligence Services team about five years ago, I had to evaluate external cyber-intelligence vendors to complement and expand the enterprise capabilities of my former organization.
Securing a financial organization’s applications, networks and data is more challenging today than ever before. Almost daily, you hear of a breach that exposes customer data, damages or otherwise compromises back-end systems, or simply makes an organization’s online presence unavailable. Regardless of the cause of these breaches—be it a distributed denial of service (DDoS) attack, data theft, information disclosure or something else altogether—the victims almost always incur a significant loss to brand, customer confidence or even revenue itself. Bottom line is, if your business is responsible for keeping people’s money safe, your business can’t afford to fall victim to cyber-attacks.
But how can financial organizations stay ahead of increasingly diverse and effective cyber threats and actors?
Security professionals agree that a strong security posture is one that is implemented in a layered approach. This layered approach is also referred to as “defense-in-depth.” A defense-in-depth strategy consists of applying security mechanisms across your organization to ensure sufficient coverage against the wide variety of cyber threats.
A comprehensive defense-in-depth strategy requires security mechanisms to be applied through the implementation of hardware, software and security policies. Hardware protection includes, but is not limited to, the implementation of next generation firewalls (NGFW), intrusion prevention systems/intrusion detection systems (IPS/IDS) and secure Web gateways (SWG). Software-based protection is done through anti-virus software deployments, automated patch management or tools for Internet monitoring. Finally, no defense-in-depth strategy would be complete without the implementation of strong security policies that prescribe processes for incident reporting, service and system audits, and security awareness training.
Cybersecurity is no longer a concern for just IT and security professionals. Recent breaches at organizations like Sony, Target, JP Morgan Chase, and numerous U.S. government entities have brought the issue of cyber-attacks very close to home. If you bank online, use your debit card at a local store or engage in any activity that relies on an Internet-connected system, you are at risk.
As part of National Cyber Security Awareness Month (NCSAM), Verisign is joining with organizations and companies around the country to promote online safety and champion a safer, more secure and trusted Internet. Every week in October, we’ll share research and online safety tips from our resident cybersecurity experts via our blog and LinkedIn, Facebook and Twitter posts.
At Verisign we take our Internet stewardship mission very seriously, so when details emerged over the past week concerning the XcodeGhost infection, researchers at Verisign iDefense wanted to help advance community research efforts related to the XcodeGhost issue, and leveraging our unique capabilities, offer a level of public service to help readers determine their current and historical level of exposure to the infection.
First identified in recent days on the Chinese microblog site Sina Weibo, XcodeGhost is an infection of Xcode, the framework developers use to create apps for Apple’s iOS and OS X operating systems. Most developers download secure Xcode from Apple. However, some acquire unofficial versions from sites with faster download speeds.
Apps created with XcodeGhost contain instructions, unknown to both the app developers and the end users, that collect potentially sensitive information from the user’s device and send it to command-and-control (C2) servers managed by the XcodeGhost operator. This way, the XcodeGhost operators circumvented the security of Apple’s official Xcode distribution, and the security of Apple’s App Store.
The infection had widespread impact. As of September 25th, Palo Alto Networks and Fox-IT had identified more than 87 infected apps by name, and FireEye claimed to have identified more than 4,000 infected apps. This activity impacts millions of users both in China and elsewhere in the world. To understand key aspects of the infection, iDefense researchers leveraged authoritative DNS traffic patterns to the C2 domains.
There are two types of information that can be found online about you: the information you intentionally post and the information that is automatically collected.
The information that you intentionally post is what you want everyone to know about you. Your professional life is documented on LinkedIn. Your social activities with friends and family are chronicled on Facebook. You alert the world of your immediate thoughts on Twitter. You even choose to provide your address and credit card information when buying things online. All of this personal information about you is deliberately posted and collected with your consent.
Black Hat USA 2015 is behind us. Through all of the presentations, celebrations and meetings, one thing was very clear to me and the iDefense Security Intelligence Services crew in attendance: online security practitioners and their constituents face a more complex threat landscape than ever before. From some pretty intense software vulnerabilities to even scarier remote-control hacking of automobiles, the “bad guys” have some pretty serious tools at their disposal.
Even though summer is just heating up, Internet retailers already have visions of dollar signs dancing in their heads as they prepare for the onslaught of holiday Web traffic that will soon ring in the 2015 holiday season. However, much of their focus is on marketing, and not the critical security measures they need to have in place to help keep their customers safe and satisfied as they shop online during the holidays.
As we have seen from the numerous security breaches and cyberattacks reported during last year’s holiday season, understanding the threat landscape and putting appropriate mitigation plans in place is critical to a business’s revenue and reputation. Just one hour of network downtime due to an outage or malicious attack can have far reaching consequences for a retailer, especially during the holidays.