Taming the Internet of Threats

Taming the Internet of Threats

Internet Security continues to plague us with relevations of expanding Malware introduced through advertising on the internet

The "Malvertising" Report

If you want to read the report from Cyphort Labs that shows a dramatic rise in the amount of malware sent through advertising, known as ‘malvertising’  

Having spent a majority of my career working with and supporting the Corporate CIO Function, I now seek to provide a forum whereby CIOs or IT Directors can learn from the experience of others to address burning Change or Transformation challenges.

Craig Ashmole

Founding Director CCServe

The shocking truth of an unbelievable 325% rise in malware-infected advertising hitting our email, PCs, Smartphones and Tablets.

In a recent report by security firm Cyphort Labs it has revealed a dramatic rise in the amount of malware sent through advertising, known as ‘malvertising’. It is fast becoming one of the most popular types of drive-by attack for cyber criminals, who can easily corrupt the legitimate ad supply chain, targeting consumers directly and infecting their machines with malware.

Malvertising works by hackers placing seemingly legitimate or ‘clean’ ads on sites, and then altering or executing secretly embedded codes that can force a computer to load malicious software. According to Cyphort, cyber criminals are choosing this method because it offers little or no resistance when attacking networks.

Some of these infected ads need to be clicked on in order to release the malware, but an increasing number of cases are appearing where the ads are instead covertly embedded with code that can exploit browser vulnerabilities, thus not even requiring the victim to click on anything before falling under attack.

per centThere is even an element of sophistication in the development of malvertising, as cyber criminals are able to conduct attacks with some degree of selective targeting – much in the same way that legitimate ads can.
During 2014 alone, it saw a colossal 325% rise in malvertising, with cybercriminals costing global advertisers an estimated $6.3 billion this year through the use of automated programs and click-through ads on third party sites.

With the continued increase of websites using cookies to produce targeted ads as well as our own growing online habits, malvertising looks set to rise further still. The challenge then is for ad networks to keep a hold of their ability to control and monitor each and every ad that is being cast out into the cyber-sphere.

So as we move rapidly into the IoT (Internet of Things) as many devices, and even toys we now buy have WIFI, Bluetooth or USB connectivity.

“As the world connects more and more smart devices to the internet, the number of potential vulnerabilities will increase in linear fashion.” Comments Craig Ashmole, founding Partner at London based IT Consulting CCServe. “I’m not one to give ammunition to the doomsayers about the Internet of Things, as I believe that on the whole it’s going to be a major change in what we do and see, but someone recently describe the IoT as the ‘Internet-of-Threats’ ! ”

There has been a period where many smart devices have already been installed with no security protocols. They were originally expected to be used only in a closed, secure loop but now regularly connecting to networks both home, in the office or on the factory floor.

Open by default?

Many smart devices that are ubiquitous throughout the manufacturing and processing industries have in fact turned out to have been installed with no security protocols. They were originally commissioned with the expectation that they would only be used in a closed, secure loop. Recent cyber security breaches have taught us that even the humble industrial (and even office) equipment devices could be subverted for malicious purposes.

Therefore, it’s only fair to suggest that we should certainly be looking to protect the corporate data centre from generic attacks, and the best way of doing that is not to leave the security door wide open.

Internet security advice is so often aimed at IT but we should also be considering other areas. So, for data centre and facility professionals, here are five basic things that will help protect your company and its reputation. Other than time and employee costs, many of these actions are “free”.

Basic fixes

  1. Simplify: Complexity increases the number of attack surfaces. An easy way to reduce this is to turn off default functionality that is not being used, and disconnect equipment that is not in use.
  2. Strengthen: Adopt the view that published default usernames and passwords are 100 percent compromised and should be changed. Eliminate default credentials (passwords, SNMP community strings, etc). Replace them with strong passwords and, wherever possible, use different usernames and passwords for different people.
  3. Partition: Isolate the facility network from the enterprise network. If possible build a separate physical network for the data centre and hide it behind a physical firewall to keep hackers away from mission-critical equipment.
  4. Update: Ensure that all devices have the latest firmware, and revisit this regularly to keep up with security patches. Do not make it easy to exploit known vulnerabilities.
  5. Lock down: Physically secure critical equipment, create an access control plan and be sure to use it. Some protocols used on equipment are 30 years old, developed at a time when we didn’t have security concerns. Putting equipment behind closed doors with access control goes a long way to making them secure.

It is assumed that active scanning tools (network scans, intrusion-detection and penetration logs, email scanners and antivirus software) will have been implemented by IT as part of sensible enterprise protection measures, but if you work in the data centre and are unsure about this, one should definitely be checking.

To read the report from Cyphort Labs that shows the dramatic rise in the amount of malware sent through advertising, known as ‘malvertising’ fill in the form on the left to access it.

Comments also from: Soeren Jensen - VP Schneider Electric.